S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. K. Srivas. PVS: Combining speci cation, proof checking and model checking. In R. Alur and T. A. Henzinger, editors, Computer Aided Veri cation, volume 1102 of Lecture Notes in Computer Science, pages 411-414. Springer, 1996.  Home/Search   Document Not in Database   Summary   Related Articles   Check

..... When ae is given as union of individual transition relations, this can be done individually for each of them. Notice that since the concrete system in general is infinite state the condition 1 ) can not always be checked algorithmiquely. In our tool, we use the theorem prover PVS [SRSS96] to discharge this kind of verification conditions. Notice also that if we eliminate all the pairs (s 1 ) for which this condition is satisfied, we obtain as result the smallest abstract system ff(S ) The elimination method in its rough form is not feasible since it requires too many ....

S.Owre, J. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model-checking. In CAV'96, volume 1102 of LNCS, 1196.

.... a very restricted problem space [Beer96, EET94, Goer97, Hard96, Kuel97, McMi93] Methods at the opposite end, such as theorem proving, use formalisms to address a richer class of problems, and have mechanisms to use hierarchy and abstraction, but require a great amount of expertise to apply them [Cohn87, Cohn89, Owre96, Wind95]. Simulation based design verification tries to uncover design errors by detecting a circuit s faulty behavior when deterministic or pseudo random tests (simulation vectors) are applied. All of the microprocessor manufacturers mentioned in the beginning of Section 1.2 report that they still rely ....

S. Owre, S. Rajan, J.M. Rushby, N. Shankar, M. Srivas, R. Alur, and T.A. Henzinger. PVS: Combining specification, proof checking and model checking. In Proc. Int. Conf. on Computer-Aided Verification, pages 411--414, 1996.

....systems. Section 3 presents our syntax directed translation rules, along with an important optimization called request reply. Section 4 presents an informal argument that the refinement rules we present always produce correct result, and also points to a formal proof of correctness done using PVS [16]. Section 5 presents an example protocol developed using the refinement rules, and the efficiency of model checking the rendezvous protocol compared to the efficiency of modelchecking the asynchronous protocol. Finally, Section 6 presents a discussion of buffering requirements and concludes the ....

....above, and h generates an ack nack accordingly; hence if an ack is generated it would be allowed by the rendezvous protocol. An ack is generated only in case 2, and in this case the rendezvous is allowed by the rendezvous protocol. The above informal argument is formalized with the help of PVS [16] and proved that the refinement rules are safety preserving; i.e. we showed that if the a transition is taken in the refined protocol, then it is allowed in the original rendezvous protocol. The PVS theory files and proofs can be obtained from the first authors WWW home page. Proof of forward ....

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In CAV, pages 411--414, New Brunswick, NJ, USA, 1996.

....hand, if the counterexample program finitely succeeds, not only do we have a disproof, but an exact scenario when the formula is false: an invaluable tool for debugging safety critical systems. Moreover, tabulation based induction is completely automatic, in contrast to systems such as PVS [10] which supply a suite of tools to assist the user derive induction proofs. We have thus far used our method to verify safety and liveness properties of infinite families of systems using model checking, including the liveness of an n bit shift register (fed with an infinite supply of input bits) ....

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining Specification, Proof checking and Model checking. In Proceedings of the Seventh International Conference on Computer Aided Verification (CAV '96), Vol. 1102 of Lecture Notes in Computer Science, pages 411--414. Springer-Verlag, 1996.

....hence if an ack is generated it would be allowed by the rendezvous protocol. An ack is generated only in case 2 which completes a rendezvous in asynchronous protocol. This rendezvous is also allowed by the rendezvous protocol. We formalized above argument in a theorem prover called PVS [16] and proved that the refinement rules are safety preserving. The proofs can be found from the first author s WWW home page. 5 Buffer Management The buffering requirement of one buffer locations per cache line (for a remote node) and two buffer locations per cache line (for a home node) is still ....

....protocols. Since the rendezvous protocol is equivalent to the asynchronous protocol obtained by the refinement rules, the designers can analyze the rendezvous protocol for correct operation but need not analyze the asynchronous protocol. Formal verification techniques such as theorem proving [1, 16] and model checking [5] can be used to verify the protocol. We used the SPIN model checker to verify the migratory and invalidate, another protocol developed for use in Avalanche. Model checking is based on the idea of fully exploring the state space of the protocol to establish its correctness. ....

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In CAV, pages 411--414, New Brunswick, NJ, USA, 1996.

....infinite state version of the protocol using the theorem prover. This approach was used to prove that the cache coherence protocol of the FLASH multiprocessor [56] is consistent with a specification obtained by an abstraction method called aggregation [69] using the automated theorem prover PVS [66]. Model checking can also be used to automatically check the aggregation abstraction before proving its correctness with PVS [67] 1.3 Results of this Thesis This thesis presents three algorithmic techniques that increase the size of the state spaces that can be handled in verification by ....

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In Computer Aided Verification. 8th International Conference, pages 411--4, 1996.

....systems. Section 3 presents our syntax directed translation rules, along with an important optimization called request reply. Section 4 presents an informal argument that the refinement rules we present always produce correct result, and also points to a formal proof of correctness done using PVS [17]. Section 5 presents an example protocol developed using the refinement rules, and the efficiency of model checking the rendezvous protocol compared to the efficiency of model checking the asynchronous protocol. Finally, Section 6 presents a discussion of buffering requirements and concludes the ....

....an ack nack accordingly; hence if an ack is generated it would be allowed by the rendezvous protocol. An ack is generated only in case 2 which completes a rendezvous in asynchronous protocol. This rendezvous is also allowed by the rendezvous protocol. We formalized above argument in PVS [17] and proved that the refinement rules are safety preserving; i.e. we showed that if the a transition is taken in the refined protocol, then it is allowed in the original rendezvous protocol. We constructed an abstraction function, abs , based on [18] abs maps a state in the asynchronous protocol ....

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In CAV, pages 411--414, New Brunswick, NJ, USA, 1996.

No context found.

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. K. Srivas. PVS: Combining speci cation, proof checking and model checking. In R. Alur and T. A. Henzinger, editors, Computer Aided Veri cation, volume 1102 of Lecture Notes in Computer Science, pages 411-414. Springer, 1996.

No context found.

Sam Owre, Sreeranga Rajan, John M. Rushby, Natarajan Shankar, and Mandayam K. Srivas. PVS: Combining specification, proof checking and model checking. In Alur Rajeev and Thomas A. Henzinger, editors, Computer Aided Verification, volume 1102 of Lecture Notes in Computer Science, pages 411, 414. Springer, 1996.

No context found.

S. Owre et al. PVS: Combining speci cation, proof checking and model checking. In Proc. of CAV-96, LNCS 1102. Springer, 1996.

No context found.

S. Owre et. al. PVS: Combining specification, proof checking and model checking. CAV-96, LNCS 1102, pp. 411--414, Springer, 1996.

No context found.

S. Owre, S. Rajan, J.M. Rushby, N. Shankar, M. Srivas: PVS: combining specification, proof checking and model checking, LNCS vol. 1102, Springer Verlag (1996)

No context found.

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In CAV, pages 411--414, New Brunswick, NJ, USA, 1996.

No context found.

S. Owre, S. Rajan, J. M. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking and model checking. In CAV, pages 411--414, New Brunswick, NJ, USA, 1996.

No context found.

S. Owre, S. Rajan, J.M. Rushby, N. Shankar, and M.K. Srivas. PVS: Combining specification, proof checking and model checking. In Rajeev Alur and Thomas A. Henzinger, editors, Computer-Aided Verification, CAV '96, volume 1102, pages 411--414. Springer-Verlag, July/August 1996.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC