T. A. Henzinger, S. Qadeer, S. K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In Formal Methods in Computer-Aided Design, pages 421--432, 1998.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... [14] audio output interface of a multimedia extension SoC [25] and a software supervisor for a multi user phone system [28] The AGR technique has also been extended in several ways, for example, to accomodate multiple constraints on a single output port [22] branching time refinement [15], different implementation and specification time scales [13] and liveness constraints [23] The application of AGR can be semi automatically performed by a user of the MOCHA tool [9, 3] through its proof manager, but the user is still burdened with the task of constructing abstraction and ....

T. A. Henzinger, S. Qadeer, S. K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In G. Gopalakrishnan and P. Windley, editors, Proceedings of the International Conference on Formal Methods in Computer-Aided Design (FMCAD'98), Lecture Notes in Computer Science 1522, pages 421-- 432. Springer-Verlag, 1998.

....rule for the until and weakly until properties of linear temporal logic and show that previously proposed assume guarantee rules can be seen as special instances of our rule. For trace trees, we derive a rule for parallel composition of Moore machines, and show that the rule of [7] is a special instance thus yielding an alternate proof of the results in [7] 1 Introduction Program veri cation is concerned with determining whether a formal model of a system satis es certain correctness properties. The most popular algorithmic technique, model checking, systematically ....

....logic and show that previously proposed assume guarantee rules can be seen as special instances of our rule. For trace trees, we derive a rule for parallel composition of Moore machines, and show that the rule of [7] is a special instance thus yielding an alternate proof of the results in [7]. 1 Introduction Program veri cation is concerned with determining whether a formal model of a system satis es certain correctness properties. The most popular algorithmic technique, model checking, systematically steps through the global states of the system while checking various properties ....

[Article contains additional citation context not shown here]

T. A. Henzinger, S. Qadeer, S. K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In FMCAD 98: Formal Methods in Computer-aided Design, pages 421-432, 1998.

....[Jos87] CLM89] GL94] AL95] McM99] We have concentrated on the completeness question for general rules that apply to both safety and liveness properties. As shown in Section 3, the circular rules in [AL95] and the rule C1 derived from [McM99] are incomplete. The circular rule presented in [HQRT98] for the simulation based verification paradigm is also incomplete for lack of space, this proof is left for the full paper. The simplicity of the counter examples suggests that the incompleteness may indeed impact the verification of systems in practice. We present a new circular rule, which ....

T.A. Henzinger, S. Qadeer, S.K. Rajamani, and S. Tasiran. An assumeguarantee rule for checking simulation. In FMCAD, volume 1522 of LNCS, 1998.

....an interface process Q 0 with a very small number of states. The interface process Q 0 may be obtained, for example, by automatically minimizing the finite automaton representing Q. We will discuss this approach in Section 2. In the assume guarantee reasoning case [10] 3] 4] 11] 15] 7] 14] 17][12], the environment is expressed by an assumption that process P makes on process Q using a temporal formula Q . These assumptions can be used when checking that P satisfies its specification P , and must, of course, be discharged relative to Q. To do this, a reasoning rule is used such as the ....

T. Henzinger, S. Qadeer, S. K. Rajamani, and S.Tasiran. An assume guarantee rule for checking simulation. In G. Gopalakrishnan and P. Windley, editors, FMCAD 98: Formal Methods in Computer-aided Design, volume 1522 of Lecture Notes in Computer Science 1522, pages 421--432. Springer-Verlag, 1998.

.... methodologies for applying strong decomposition rules were developed in [McM97] and [HQR98] The strong decomposition rules and proof methodologies were recently generalized in many ways, for example, to accomodate multiple constraints on a single output port [McM98] branching time refinement [HQRT98] different implementation and specification time scales [HQR99] and liveness constraints [McM99] 2.6 Witnessing refinement The algorithm from Section 2.3 for refinement checking, as well as the decomposition rules from Section 2.5, require that the refinement question to be solved is fully ....

T.A. Henzinger, S. Qadeer, S.K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In G. Gopalakrishnan and P. Windley, editors, FMCAD 98: Formal Methods in Computer-aided Design, Lecture Notes in Computer Science 1522, pages 421--432. Springer-Verlag, 1998.

....to CCS. In this paper we prove a new assumeguarantee rule for CCS with respect to open simulation, in order to integrate it with the subtyping logic of the type system. The proof technique for establishing the soundness of our assume guarantee rule builds on ideas from our earlier work in [24] and [13]. An alternative approach to reason with context sensitive abstractions is given in [18] We are aware of two model checkers [4, 20] that provide tool support for assume guarantee reasoning. Both these systems do not support dynamic channel creation and channel passing, which are important ....

....H witnesses the open simulation We abbreviate as 2 Lemma A.15 (substitutivity of reduction) For all CCS processes ; actions , and substitutions , if then ( We are now ready to prove Theorem 4.3. The idea of the proof builds on ideas from [24] and [13]. Theorem 4.3 (Assume Guarantee) For any processes , 0 , 0 suppose A1. x) j 0 ) 0 A2. x) 0 j ) 0 A3. for all x in x, either x is non blocking for ( in ( x) j 0 ) for all substitutions , or x is non blocking for ( in ( x) 0 j ) for all ....

T.A. Henzinger, S. Qadeer, S.K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In FMCAD 98: Formal Methods in Computeraided Design, LNCS 1522, pages 421-432. SpringerVerlag, 1998.

No context found.

T.A. Henzinger, S. Qadeer, S.K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In Proceedings of the Second International Conference on Formal Methods in Computer-Aided Design (FMCAD 1998), LNCS 1522, pages 421--432. Springer-Verlag, 1998.

No context found.

T. A. Henzinger, S. Qadeer, S. K. Rajamani, and S. Tasiran. An assume-guarantee rule for checking simulation. In Formal Methods in Computer-Aided Design, pages 421--432, 1998.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC