Transition system specifications with negative premises

AbstractIn this article the general approach to Plotkin-style operational semantics of Groote and Vaandrager (1989) is extended to transition system specifications (TSSs) with rules that may contain negative premises. Two problems arise: firstly the rules may be inconsistent, and secondly it is not obvious how a TSS determines a transition relation. We present a general method, based on the stratification technique in logic programming, to prove consistency of a set of rules and we show how a specific transition relation can be associated with a TSS in a natural way. Then a special format for the rules, the ntyft/ntyxt format, is defined. It is shown that for this format three important theorems hold. The first theorem says that bisimulation is a congruence if all operators are defined using this format. The second theorem states that, under certain restrictions, a TSS in ntyft format can be added conservatively to a TSS in pure ntyft/ntyxt format. Finally, it is shown that the trace congruence for image-finite processes induced by the pure ntyft/ntyxt format is precisely bisimulation equivalence

Verification of temporal properties of processes in a setting with data

We define a value-based modal mu-calculus, built from first-order formulas, modalities, and fixed point operators parameterized by data variables, which allows to express temporal properties involving data. We interpret this logic over muCRL terms defined by linear process equations. The satisfaction of a temporal formula by a muCRL term is translated to the satisfaction of a first-order formula containing parameterized fixed point operators. We provide proof rules for these fixed point operators and show their applicability on various examples

Focus points and convergent process operators

We present a strategy for finding algebraic correctness proofs for communication systems. It is described in the setting of $mu$CRL (Groote and Ponse 93) which is, roughly, ACP (Baeten and Weijland 90, Bergstra and Klop 84) extended with a formal treatment of the interaction between data and processes. The strategy has already been applied successfully in non-trivial case studies (e.g., Bezem and Groote 94, and Fredlund, Groote, and Korver 95), but was not explicitly identified as such. Moreover, the protocols that were verified in these papers were rather complex, so that the general picture was obscured by the amount of details. In this paper, the proof strategy is materialised in the form of definitions and theorems. These results reduce a large part of protocol verification to a number of trivial facts concerning data parameters occurring in implementation and specification. This greatly simplifies protocol verifications and makes our approach amenable to mechanical assistance; experiments in this direction seem promising. The strategy is illustrated by several small examples and one larger example, the Concurrent Alternating Bit Protocol (CABP). Although simple, this protocol contains a large amount of internal parallelism, so that all relevant issues make their appearance

Verification of parallel systems via decomposition

Recently, Milner and Moller have presented several decomposition results for processes. Inspired by these, we investigate decomposition techniques for the verification of parallel systems. In particular, we consider those of the form q j (I) where p i and q j are (finite) state systems. We provide a decomposition procedure for all p i and q j and give criteria that must be checked on the decomposed processes to see whether (I) does or does not hold. We analyse the complexity of our procedure and show that it is polynomial in n, m and the sizes of p i and q j if there is no communication. We also show that with communication the verification of (I) is co-NP hard, which makes it very unlikely that a polynomial complexity bound exists. But by applying our decomposition technique to Milner's cyclic scheduler we show that verification can become polynomial in space and time for practical examples, where standard techniques are exponential. Note: The authors are supported by the European Communities under ESPRIT Basic Research Action 3006 (CONCUR)

A correctness proof of the bakery protocol in mu mu CRL

A specification of a bakery protocol is given in $mu$CRL. We provide a simple correctness criterion for the protocol. Then the protocol is proven correct using a proof system that has been developed for $mu$CRL. The proof primarily consists of algebraic manipulations based on specifications of abstract data types and elementary rules and axioms from process algebra

Resolution and binary decision diagrams cannot simulate each other polynomially

There are many different ways of proving formulas in proposition logic. Many of these can easily be characterized as forms of resolution. Others use so-called binary decision diagrams (BDDs). Experimental evidence suggests that BDDs and resolution based techniques are fundamentally different, in the sense that their performance can differ very much on benchmarks. In this paper we confirm these findings by mathematical proof. We provide examples that are easy for BDDS and exponentially hard for any form of resolution, and vice versa, examples that ar easy for resolution and exponentially hard for BDDs

Basic theorems for parallel processes in timed mu mu CRL

Timed $mucrl$ is a process algebra-based formalism for the specification and verification of parallel, communicating systems with explicit time cite{Gr97. In this paper various basic results are derived, such as theorems for {it basic forms/, the expansion of terms with operators for parallelism, elimination of parallelism, and commutativity and associativity of the merge and communication merge (the operators $|$ and $|$). The interpretation of the operators, in particular the left merge, is far from trivial, and more in general, it has to be stated that working with a time-based formalism such as timed $mucrl$ can be fairly complicated. Therefore we pay a lot of attention to all kinds of proof details that could enhance the understanding -- and thus facilitate the use -- of the formalism. Many basic lemmas are included, and examples are used to illustrate the intuition behind the various results