Results 11  20
of
176
Symbolic Reachability Analysis Using Narrowing and its Application to Verification of Cryptographic Protocols
 Journal of HigherOrder and Symbolic Computation
, 2004
"... Narrowing was introduced, and has traditionally been used, to solve equations in initial and free algebras modulo a set of equations E. This paper proposes a generalization of narrowing which can be used to solve reachability goals in initial and free models of a rewrite theory R. We show that narro ..."
Abstract

Cited by 34 (12 self)
 Add to MetaCart
(Show Context)
Narrowing was introduced, and has traditionally been used, to solve equations in initial and free algebras modulo a set of equations E. This paper proposes a generalization of narrowing which can be used to solve reachability goals in initial and free models of a rewrite theory R. We show that narrowing is sound and weakly complete (i.e., complete for normalized solutions) under reasonable executability assumptions about R. We also show that in general narrowing is not strongly complete, that is, not complete when some solutions can be further rewritten by R. We then identify several large classes of rewrite theories, covering many practical applications, for which narrowing is strongly complete. Finally, we illustrate an application of narrowing to analysis of cryptographic protocols.
An algebraic semantics for mof
 Formal Asp. Comput
, 2010
"... Abstract. Modeldriven development is a field within software engineering in which software artifacts are represented as models in order to improve productivity, quality, and cost effectiveness. In this field, the MetaObject Facility (MOF) standard plays a crucial role by providing a generic fram ..."
Abstract

Cited by 31 (4 self)
 Add to MetaCart
(Show Context)
Abstract. Modeldriven development is a field within software engineering in which software artifacts are represented as models in order to improve productivity, quality, and cost effectiveness. In this field, the MetaObject Facility (MOF) standard plays a crucial role by providing a generic framework where the abstract syntax of different modeling languages can be defined. In this work, we present a formal, algebraic semantics of the MOF standard in membership equational logic (mel). By using the Maude language, which directly supports mel specifications, this formal semantics is furthermore executable, and can be used to perform useful formal analyses. The executable algebraic framework for MOF obtained this way has been integrated within the Eclipse Modeling Framework as a plugin. In this way, formal analyses, such as semantic consistency checks, become available within Eclipse to provide formal support for modeldriven development processes. Key words: MOF, modeldriven development, membership equational logic, metamodeling semantics, reflection. 1
Fibring NonTruthFunctional Logics: Completeness Preservation
 Journal of Logic, Language and Information
, 2000
"... Fibring has been shown to be useful for combining logics endowed with truthfunctional semantics. One wonders if bring can be extended in order to cope with logics endowed with nontruthfunctional semantics as, for example, paraconsistent logics. The rst main contribution of the paper is a po ..."
Abstract

Cited by 30 (20 self)
 Add to MetaCart
(Show Context)
Fibring has been shown to be useful for combining logics endowed with truthfunctional semantics. One wonders if bring can be extended in order to cope with logics endowed with nontruthfunctional semantics as, for example, paraconsistent logics. The rst main contribution of the paper is a positive answer to this question. Furthermore, it is shown that this extended notion of bring preserves completeness under certain reasonable conditions. This completeness transfer result, the second main contribution of the paper, generalizes the one established by Zanardo et al. and is obtained using a new technique exploiting the properties of the metalogic where the (possibly nontruthfunctional) valuations are de ned. The modal paraconsistent logic of da Costa and Carnielli is obtained by bring and its completeness is so established.
Combining decision procedures for sorted theories
, 2004
"... Abstract. The NelsonOppen combination method combines decision procedures for theories satisfying certain conditions into a decision procedure for their union. While the method is known to be correct in the setting of unsorted firstorder logic, some current implementations of it appear in tools t ..."
Abstract

Cited by 24 (7 self)
 Add to MetaCart
(Show Context)
Abstract. The NelsonOppen combination method combines decision procedures for theories satisfying certain conditions into a decision procedure for their union. While the method is known to be correct in the setting of unsorted firstorder logic, some current implementations of it appear in tools that use a sorted input language. So far, however, there have been no theoretical results on the correctness of the method in a sorted setting, nor is it obvious that the method in fact lifts as is to logics with sorts. To bridge this gap between the existing theoretical results and the current implementations, we extend the NelsonOppen method to (order)sorted logic and prove it correct under conditions similar to the original ones. From a theoretical point of view, the extension is relevant because it provides a rigorous foundation for the application of the method in a sorted setting. From a practical point of view, the extension has the considerable added benefits that in a sorted setting the method’s preconditions become easier to satisfy in practice, and the method’s nondeterminism is generally reduced. 1
Executable Structural Operational Semantics in Maude
, 2003
"... This paper describes in detail how to bridge the gap between theory and practice when implementing in Maude structural operational semantics described in rewriting logic, where transitions become rewrites and inference rules become conditional rewrite rules with rewrites in the conditions, as mad ..."
Abstract

Cited by 24 (7 self)
 Add to MetaCart
This paper describes in detail how to bridge the gap between theory and practice when implementing in Maude structural operational semantics described in rewriting logic, where transitions become rewrites and inference rules become conditional rewrite rules with rewrites in the conditions, as made possible by the new features in Maude 2.0. We validate this technique using it in several case studies: a functional language Fpl (evaluation and computation semantics, including an abstract machine), imperative languages WhileL (evaluation and computation semantics) and GuardL with nondeterminism (computation semantics), Kahn's functional language MiniML (evaluation or natural semantics), Milner's CCS (with strong and weak transitions), and Full LOTOS (including ACT ONE data type specifications). In addition, on top of CCS we develop an implementation of the HennessyMilner modal logic for describing local capabilities of processes, and for LOTOS we build an entire tool where Full LOTOS specifications can be entered and executed (without user knowledge of the underlying implementation of the semantics). We also compare this method based on transitions as rewrites with another one based on transitions as judgements.
Operational termination of membership equational programs. the ordersorted way
, 2008
"... Our main goal is automating termination proofs for programs in rewritingbased languages with features such as: (i) expressive type structures, (ii) conditional rules, (iii) matching modulo axioms, and (iv) contextsensitive rewriting. Specifically, we present a new operational termination method for ..."
Abstract

Cited by 24 (11 self)
 Add to MetaCart
Our main goal is automating termination proofs for programs in rewritingbased languages with features such as: (i) expressive type structures, (ii) conditional rules, (iii) matching modulo axioms, and (iv) contextsensitive rewriting. Specifically, we present a new operational termination method for membership equational programs with features (i)(iv) that can be applied to programs in membership equational logic (MEL). The method first transforms a MEL program into a simpler, yet semantically equivalent, conditional ordersorted (OS) program. Subsequent trasformations make the OSprogram unconditonal, and, finally, unsorted. In particular, we extend and generalize to this richer setting an ordersorted termination technique for unconditional OS programs proposed by Ölveczky and Lysne. An important advantage of our method is that it minimizes the use of conditional rules and produces simpler transformed programs whose termination is often easier to prove automatically.
Symbolic Model Checking of InfiniteState Systems Using Narrowing
"... Rewriting is a general and expressive way of specifying concurrent systems, where concurrent transitions are axiomatized by rewrite rules. Narrowing is a complete symbolic method for model checking reachability properties. We show that this method can be reinterpreted as a lifting simulation relatin ..."
Abstract

Cited by 24 (12 self)
 Add to MetaCart
(Show Context)
Rewriting is a general and expressive way of specifying concurrent systems, where concurrent transitions are axiomatized by rewrite rules. Narrowing is a complete symbolic method for model checking reachability properties. We show that this method can be reinterpreted as a lifting simulation relating the original system and the symbolic system associated to the narrowing transitions. Since the narrowing graph can be infinite, this lifting simulation only gives us a semidecision procedure for the failure of invariants. However, we propose new methods for folding the narrowing tree that can in practice result in finite systems that symbolically simulate the original system and can be used to algorithmically verify its properties. We also show how both narrowing and folding can be used to symbolically model check systems which, in addition, have state predicates, and therefore correspond to Kripke structures on which ACTL∗ and LTL formulas can be algorithmically verified using such finite symbolic abstractions.
A formal approach to objectoriented software engineering
 Electronic Notes on Theoretical Computer Science 4
"... We show how formal specifications can be integrated into one of the current pragmatic objectoriented software development methods. Jacobson’s “ObjectOriented Software Engineering ” (OOSE) process is combined with objectoriented algebraic specifications by extending object and interaction diagrams ..."
Abstract

Cited by 22 (2 self)
 Add to MetaCart
(Show Context)
We show how formal specifications can be integrated into one of the current pragmatic objectoriented software development methods. Jacobson’s “ObjectOriented Software Engineering ” (OOSE) process is combined with objectoriented algebraic specifications by extending object and interaction diagrams with formal annotations. The specifications are based on Meseguer’s rewriting logic and are written in a metalevel extension of the language Maude by process expressions. As a result any such diagram can be associated with a formal specification, proof obligations ensuring invariant properties can be automatically generated, and the refinement relations between documents at different abstraction levels can be formally stated and proved. 1
Certifying DomainSpecific Policies
, 2001
"... Proofchecking code for compliance to safety policies potentially enables a productoriented approach to certain aspects of software certification. To date, previous research has focused on generic, lowlevel programminglanguage properties such as memory type safety. In this paper we consider proof ..."
Abstract

Cited by 20 (3 self)
 Add to MetaCart
Proofchecking code for compliance to safety policies potentially enables a productoriented approach to certain aspects of software certification. To date, previous research has focused on generic, lowlevel programminglanguage properties such as memory type safety. In this paper we consider proofchecking higherlevel domainspecific properties for compliance to safety policies. The paper first describes a framework related to abstract interpretation in which compliance to a class of certification policies can be efficiently calculated. Membership equational logic is shown to provide a rich logic for carrying out such calculations, including partiality, for certification. The architecture for a domainspecific certifier is described, followed by an implemented case study. The case study considers consistency of abstract variable attributes in code that performs geometric calculations in Aerospace systems.