Twenty years of rewriting logic

AbstractRewriting logic is a simple computational logic that can naturally express both concurrent computation and logical deduction with great generality. This paper provides a gentle, intuitive introduction to its main ideas, as well as a survey of the work that many researchers have carried out over the last twenty years in advancing: (i) its foundations; (ii) its semantic framework and logical framework uses; (iii) its language implementations and its formal tools; and (iv) its many applications to automated deduction, software and hardware specification and verification, security, real-time and cyber-physical systems, probabilistic systems, bioinformatics and chemical systems

GUESSING, MODEL CHECKING AND THEOREM PROVING OF STATE MACHINE PROPERTIES – A CASE STUDY ON QLOCK

It is worth understanding state machines better because various kinds of systems can be formalized as state machines and therefore understanding state machines has something to do with comprehension of systems. Understanding state machines can be interpreted as knowing properties they enjoy and comprehension of systems is interpreted as knowing whether they satisfy requirements. We (mainly the second author) have developed a tool called SMGA that basically takes a finite sequence of states from a state machine and generates a graphical animation of the finite sequence or the state machine. Observing such a graphical animation helps us guess properties of the state machine. We should confirm whether the state machine enjoys the guessed properties because such guessed properties may not be true properties of the state machine. Model checking is one possible technique to do so. If the state machine has a fixed small number of reachable states, model checking is enough. Otherwise, however, it is not. If that is the case, we should use some other techniques to make sure that the system enjoys the guessed properties. Interactive theorem proving is one such technique. The paper reports on a case study in which a mutual exclusion protocol called Qlock is used as an example to exemplify the abovementioned idea or methodology

Algebraic specifications and refinement for component-based development using RAISE

There are two main activities in Component-Based Development: component development, where we build libraries for general use, and component integration, where we assemble an application from existing components. In this work, we analyze how to apply algebraic specifications with refinement to component development. So we restrict our research to the use of modules that are described as class expressions in a formal specification language, and we present several refinement steps for component development, introducing in each one design decisions and implementation details. This evolution starts from the initial specification of a component as an abstract module, and finishes with the final deployment as fully implemented code. The usage of formal tools helps to assure the correctness of each step, and provides the ground to introduce complementarytechniques, such as bisimulations, for the process of component integration.Facultad de Informátic

Research on Highly Reliable Agile Formal Engineering Methods

研究成果の概要 (和文) : 本研究では、既存のソフトウェア開発手法の短所を大幅に改善して、生産性と信頼性を共に確保する最新のソフトウェア開発技術とした「SOFLアジャイル形式工学手法」を確立して、次の具体的な成果を達成した。（１）SOFLアジャイル形式工学手法のフレームワーク、（２）SOFL仕様のアニメーション化手法、（３）仕様アニメーションとプログラムのテスト用のテストデータの自動生成手法とアルゴリズム、（４）定理証明とモデル検査の融合技術とアニメーション化手法,（５）仕様アニメーションの可視化表現手法、（６）仕様アニメーションの支援ツールとテストデータの自動生成の支援ツールのプロトタイプの開発。研究成果の概要 (英文) : In this research, we have established a new technology known as SOFL Agile Formal Engineering Method that significantly improves the existing software development methods in terms of offering a great capability of enhancing both software productivity and reliability. Specifically, the technology includes the following aspects:(1) a framework of the SOFL Agile Formal Engineering Method, (2) a new method for carrying out the animation of hybrid specifications, (3) a new method and the related algorithms for automatically generating test data for both specification animation and specification-based program testing, (4) a method for combining theorem proving with model checking and a tool support for model checking process animation, (5) prototypes of software tools to support the automatic test data generation for both specification animation and specification-based program testing

Matching Logic

This paper presents matching logic, a first-order logic (FOL) variant for specifying and reasoning about structure by means of patterns and pattern matching. Its sentences, the patterns, are constructed using variables, symbols, connectives and quantifiers, but no difference is made between function and predicate symbols. In models, a pattern evaluates into a power-set domain (the set of values that match it), in contrast to FOL where functions and predicates map into a regular domain. Matching logic uniformly generalizes several logical frameworks important for program analysis, such as: propositional logic, algebraic specification, FOL with equality, modal logic, and separation logic. Patterns can specify separation requirements at any level in any program configuration, not only in the heaps or stores, without any special logical constructs for that: the very nature of pattern matching is that if two structures are matched as part of a pattern, then they can only be spatially separated. Like FOL, matching logic can also be translated into pure predicate logic with equality, at the same time admitting its own sound and complete proof system. A practical aspect of matching logic is that FOL reasoning with equality remains sound, so off-the-shelf provers and SMT solvers can be used for matching logic reasoning. Matching logic is particularly well-suited for reasoning about programs in programming languages that have an operational semantics, but it is not limited to this

An Experiment with Algebraic Specifications of Software Components

A long lasting myth of formal methods is that they are difficult to learn and expensive to apply. This paper reports a controlled experiment to test if this myth is true or false in the context of writing algebraic formal specifications. The experiment shows that writing algebraic specifications for software components can be learnt by ordinary university students. It does not heavily depend on mathematical knowledge and skills. Moreover, it is not time consuming to write algebraic specifications for software components

Event-B in the Institutional Framework: Defining a Semantics, Modularisation Constructs and Interoperability for a Specification Language

Event-B is an industrial-strength specification language for verifying the properties of a given system’s specification. It is supported by its Eclipse-based IDE, Rodin, and uses the process of refinement to model systems at different levels of abstraction. Although a mature formalism, Event-B has a number of limitations. In this thesis, we demonstrate that Event-B lacks formally defined modularisation constructs. Additionally, interoperability between Event-B and other formalisms has been achieved in an ad hoc manner. Moreover, although a formal language, Event-B does not have a formal semantics. We address each of these limitations in this thesis using the theory of institutions. The theory of institutions provides a category-theoretic way of representing a formalism. Formalisms that have been represented as institutions gain access to an array of generic specification-building operators that can be used to modularise specifications in a formalismindependent manner. In the theory of institutions, there are constructs (known as institution (co)morphisms) that provide us with the facility to create interoperability between formalisms in a mathematically sound way. The main contribution of this thesis is the definition of an institution for Event-B, EVT, which allows us to address its identified limitations. To this end, we formally define a translational semantics from Event- B to EVT. We show how specification-building operators can provide a unified set of modularisation constructs for Event-B. In fact, the institutional framework that we have incorporated Event-B into is more accommodating to modularisation than the current state-of-the-art for Rodin. Furthermore, we present institution morphisms that facilitate interoperability between the respective institutions for Event-B and UML. This approach is more generic than the current approach to interoperability for Event-B and in fact, allows access to any formalism or logic that has already been defined as an institution. Finally, by defining EVT, we have outlined the steps required in order to include similar formalisms into the institutional framework. Hence, this thesis acts as a template for defining an institution for a specification language

Inferencia de especificaciones para programas C

[EN] Despite its many unquestionable benefits, formal specifications are not widely used in industrial software development. In order to reduce the time and effort required to write formal specifications, in this Master Thesis we propose a technique for automatically discovering specifications from real code. The proposed methodology relies on the symbolic execution capabilities recently provided by the K framework that we exploit to automatically infer formal specifications from programs that are written in a non-trivial fragment of C, called KernelC. Roughly speaking, our symbolic analysis of KernelC programs explains the execution of a (modifier) function by using other (observer) routines in the program. We implemented our technique in the automated tool KindSpec 2.0, which generates axioms that describe the precise input/output behavior of C routines that handle pointer-based structures (i.e., result values and state change). We describe the implementation of our system and discuss the differences w.r.t. previous work on inferring specifications from C code.[ES] A pesar de los abundantes beneficios que ofrecen, las especificaciones formales no acostumbran a emplearse en el desarrollo industrial de software. Con la finalidad de reducir el tiempo y el esfuerzo requerido para escribir especificaciones formales, en la presente Tesis de Máster se propone una técnica que obtiene de manera automática especificaciones a partir de código real. La metodología propuesta se basa en explotar las capacidades de ejecución simbólica recientemente proporcionadas por el marco K para inferir automáticamente especificaciones formales de programas escritos en un fragmento no trivial de C, denominado KernelC. En términos generales, el análisis simbólico de programas KernelC explica la ejecución de una función (modificadora) a través de otras rutinas (observadoras) del programa. Esta técnica ha sido implementada en la herramienta automática KindSpec 2.0, la cual genera axiomas que describen el comportamiento de entrada/salida de rutinas C que gestionan estructuras basadas en punteros (es decir, valores resultado y cambios de estado). En esta disertación se describe la implementación de dicho sistema y se analizan las diferencias respecto de trabajos previos relacionados con la inferencia de especificaciones sobre código C.Pardo Pont, D. (2015). Inferencia de especificaciones para programas C. http://hdl.handle.net/10251/67889Archivo delegad

Mathematics in Software Reliability and Quality Assurance

This monograph concerns the mathematical aspects of software reliability and quality assurance and consists of 11 technical papers in this emerging area. Included are the latest research results related to formal methods and design, automatic software testing, software verification and validation, coalgebra theory, automata theory, hybrid system and software reliability modeling and assessment