Analogical transfer of verification proofs for state-based specifications

The amount of user interaction is the prime cause of costs in interactive program verification. This paper describes an internal analogy technique that reuses subproofs in the verification of state-based specifications. It identifies common patterns of subproofs and their justifications in order reuse these subproofs; thus significant savings on the number of user interactions in a verification proof are achievable

Case studies of non-freely generated data types

In this report we shall present case studies of different data type specifications for natural numbers, for integers, for finite lists, for finite lists with an additional error element, for finite sets, for binary words, for commutative trees, and for arrays. Furthermore, this report contains a collection of constructive function and predicate specifications, whose recursion orderings are shown to be well-founded

Analogical Transfer of Verification Proofs for State-Based Specifications

The amount of user interaction is the prime cause of costs in interactive program verification. This paper describes an internal analogy technique that reuses subproofs in the verification of state-based specifications. It identifies common patterns of subproofs and their justifications in order reuse these subproofs; thus significant savings on the number of user interactions in a verification proof are achievable. 1 Introduction Software verification is the job of taming complexity: in order to verify, say one hundred thousand lines of source code, several ten thousands of proof obligations have to be shown, some of which may require formal proofs of up to eight or ten thousand steps. Usually these long proofs consist of a considerable number of relatively simple subproofs to be established. Even for a small percentage of interactive steps, i.e., those steps the user has to supply as opposed to those steps that are generated automatically by the system (in the VSE system [3] curre..

Termination of Algorithms over Non-Freely Generated Data Types

. Termination proofs for recursively defined operations serve several purposes: On the one hand, of course, they ensure the termination of the respective algorithms which is an essential topic in software verification. On the other hand, a successful termination proof allows to use the termination ordering as an induction ordering for future inductive proofs. So far, in the area of explicit inductive theorem proving only data types were admitted whose objects possess a unique syntactical representation. These data types include nat 1 , lists, and trees. However, there are data types that do not possess this property, as, for instance, finite sets and finite arrays, which are frequently used for specifications in software verification. In this paper we are concerned with these data types. We admit them to explicit inductive theorem proving and, furthermore, we present an approach for an automated termination analysis of recursively defined algorithms over these data types. 1 Motivatio..

Analogy in verification of state-based specifications

The amount of user interaction is the prime cause of costs in interactiveprogram verification. This paper describes an internal analogy techniquethat reuses subproofs in the verification of state-based specifications. Itidentifies common patterns of subproofs and their justifications in orderto reuse these subproofs; thus significant savings on the number of userinteractions in a verification proof are achievable

Analogy in verification of state-based specifications

The amount of user interaction is the prime cause of costs in interactiveprogram verification. This paper describes an internal analogy techniquethat reuses subproofs in the verification of state-based specifications. Itidentifies common patterns of subproofs and their justifications in orderto reuse these subproofs; thus significant savings on the number of userinteractions in a verification proof are achievable

Deduction in the Verification Support Environment (VSE)

The reliability of complex software systems is becoming increasingly important for the technical systems they are embedded in. In order to assure the highest levels of trustworthiness of software formal methods for the development of software are required. The VSE-tool was developed by a consortium of German universities and industry to make a tool available which supports this formal development process. VSE is based on a particular method for programming in the large. This method is embodied in an administration system to edit and maintain formal developments. A deduction component is integrated into this administration system in order to provide proof support for the formal concepts. In parallel to the development of the system itself, two large case studies were conducted in close collaboration with an industrial partner. In both cases components of systems previously developed by the industry were redeveloped from scratch, starting with a formal specification derived..