TLA+ Proofs

TLA+ is a specification language based on standard set theory and temporal logic that has constructs for hierarchical proofs. We describe how to write TLA+ proofs and check them with TLAPS, the TLA+ Proof System. We use Peterson's mutual exclusion algorithm as a simple example to describe the features of TLAPS and show how it and the Toolbox (an IDE for TLA+) help users to manage large, complex proofs.Comment: A shorter version of this article appeared in the proceedings of the conference Formal Methods 2012 (FM 2012, Paris, France, Springer LNCS 7436, pp. 147-154

A discussion of higher order software concepts as they apply to functional requirements and specifications

The entry guidance software functional requirements (requirements design phase), its architectural requirements (specifications design phase), and the entry guidance software verified code are discussed. It was found that the proper integration of designs at both the requirements and specifications levels are of high priority consideration

Gaining assurance in a voter-verifiable voting system

The literature on e-voting systems has many examples of discussion of the correctness of the computer and communication algorithms of such systems, as well as discussions of their vulnerabilities. However, a gap in the literature concerns the practical need (before adoption of a specific e-voting system) for a complete case demonstrating that the system as a whole has sufficiently high probability of exhibiting the desired properties when in use in an actual election. This paper discusses the problem of producing such a case, with reference to a specific system: a version of the Prêt à Voter scheme for voter-verifiable e-voting. We show a possible organisation of a case in terms of four main requirements – accuracy, privacy, termination and ‘trustedness’– and show some of the detailed organisation that such a case should have, the diverse kinds of evidence that needs to be gathered and some of the interesting difficulties that arise

On the engineering of crucial software

The various aspects of the conventional software development cycle are examined. This cycle was the basis of the augmented approach contained in the original grant proposal. This cycle was found inadequate for crucial software development, and the justification for this opinion is presented. Several possible enhancements to the conventional software cycle are discussed. Software fault tolerance, a possible enhancement of major importance, is discussed separately. Formal verification using mathematical proof is considered. Automatic programming is a radical alternative to the conventional cycle and is discussed. Recommendations for a comprehensive approach are presented, and various experiments which could be conducted in AIRLAB are described

A Note on Node Coloring in the SINR Model

A $\xi$-coloring of a graph $G$ is a coloring of the nodes of $G$ with $\xi$ colors in such a way any two neighboring nodes have different colors. We prove that there exists a $O(\Delta \log n)$ time distributed algorithm computing a $O(\Delta)$-colroing for unit disc graphs under the signal-to-interference-plus-noise ratio (SINR)-based physical model ($\Delta$ is the maximum degree of the graph). We also show that, for a well defined constant $d$, a $d$-hop $O(\Delta)$-coloring allows us to schedule an interference free MAC protocol under the physical SINR constraints. For instance this allows us to prove that any point-to-point message passing algorithm with running time $\tau$ can be simulated in the SINR model in $O(\Delta (\log n + \tau))$ time using messages of well chosen size. All our algorithms are proved to be correct with high probability

Inspection of bottles crates in the beer industry through computer vision

This article presents a system developed for the industry of bottling beer. The system has to perform the inspection of various items in the final stage, meaning after the production phase where the bottles are already in the crate. The items to inspect are the following: whether the crate is correct (with the correct color), whether the crate is broken, whether the crate is fully populated, i.e., all bottles are present, to check for bottles without caps and whether the capsule is the correct one. The work uses techniques of computer vision for these verifications and also principal components analysis (PCAs) for the recognition of the capsules. This system is currently installed in the assembly line and the results indicate high efficiency and confidence in the obtained solution