Results 1  10
of
33
Completing the Temporal Picture
, 1991
"... The paper presents a relatively complete proof system for proving the validity of temporal properties of reactive programs. The presented proof system improves on previous temporal systems, in that it reduces the validity of program properties into pure assertional reasoning, not involving additiona ..."
Abstract

Cited by 74 (16 self)
 Add to MetaCart
The paper presents a relatively complete proof system for proving the validity of temporal properties of reactive programs. The presented proof system improves on previous temporal systems, in that it reduces the validity of program properties into pure assertional reasoning, not involving additional temporal reasoning. The proof system is based on the classification of temporal properties according to the Borel hierarchy, providing appropriate proof rules for the classes of safety, response, and reactivity properties.
A Proof Technique for Rely/Guarantee Properties
 In Proceedings of the 5th Conference on Foundations of Software Technology and Theoretical Computer Science, Lecture Notes in Computer Science 206
, 1986
"... A rely/guarantee specification for a program P is a specification of the form R oe G (R implies G), where R is a rely condition and G is a guarantee condition. A rely condition expresses the conditions that P relies on its environment to provide, and a guarantee condition expresses what P guarantees ..."
Abstract

Cited by 54 (0 self)
 Add to MetaCart
A rely/guarantee specification for a program P is a specification of the form R oe G (R implies G), where R is a rely condition and G is a guarantee condition. A rely condition expresses the conditions that P relies on its environment to provide, and a guarantee condition expresses what P guarantees to provide in return. This paper presents a proof technique that permits us to infer that a program P satisfies a rely/guarantee specification R oe G, given that we know P satisfies a finite collection of rely/guarantee specifications R i oe G i ; (i 2 I). The utility of the proof technique is illustrated by using it to derive global liveness properties of a system of concurrent processes from a collection of local liveness properties satisfied by the component processes. The use of the proof rule as a design principle, and the possibility of its incorporation into a formal logic of rely/guarantee assertions, is also discussed. 1 Introduction A rely/guarantee specification for a program P...
The Anchored Version of the Temporal Framework
 Linear Time, Branching Time, and Partial Order in Logics and Models for Concurrency, Lecture Notes in Computer Science 354
, 1989
"... . In this survey paper we present some of the recent developments in the temporal formal system for the specification, verification and development of reactive programs. While the general methodology remains very much the one presented in some earlier works on the subject, such as [MP83c, MP83a, Pnu ..."
Abstract

Cited by 50 (5 self)
 Add to MetaCart
. In this survey paper we present some of the recent developments in the temporal formal system for the specification, verification and development of reactive programs. While the general methodology remains very much the one presented in some earlier works on the subject, such as [MP83c, MP83a, Pnu86], there have been several technical improvements and gained insights in understanding the computational model, the logic itself, the proof system and its presentation, and connections with alternative formalisms, such as finite automata. In this paper we explicate some of these improvements and extensions. The main difference between this and preceding versions is that here we consider a notion of validity for temporal formulae, which is anchored at the initial state of the computation. The paper discusses some of the consequences of this decision. Key words: Temporal Logic, Reactive Systems, Concurrent Programs, Specification, Verification, Proof System, Classification of Prtoperties, Sa...
Verification of Concurrent Programs: The AutomataTheoretic Framework
 Annals of Pure and Applied Logic
, 1987
"... We present an automatatheoretic framework to the verification of concurrent and nondeterministic programs. The basic idea is that to verify that a program P is correct one writes a program A that receives the computation of P as input and diverges only on incorrect computations of P . Now P is c ..."
Abstract

Cited by 47 (3 self)
 Add to MetaCart
We present an automatatheoretic framework to the verification of concurrent and nondeterministic programs. The basic idea is that to verify that a program P is correct one writes a program A that receives the computation of P as input and diverges only on incorrect computations of P . Now P is correct if and only if a program PA , obtained by combining P and A, terminates. We formalize this idea in a framework of !automata with a recursive set of states. This unifies previous works on verification of fair termination and verification of temporal properties. 1 Introduction In this paper we present an automatatheoretic framework that unifies several trends in the area of concurrent program verification. The trends are temporal logic, model checking, automata theory, and fair termination. Let us start with a survey of these trends. In 1977 Pnueli suggested the use of temporal logic in the verification of concurrent programs [Pn77]. The basic motivation is that in the verificat...
Automated Temporal Reasoning about Reactive Systems
, 1996
"... . There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective a ..."
Abstract

Cited by 39 (2 self)
 Add to MetaCart
. There is a growing need for reliable methods of designing correct reactive systems such as computer operating systems and air traffic control systems. It is widely agreed that certain formalisms such as temporal logic, when coupled with automated reasoning support, provide the most effective and reliable means of specifying and ensuring correct behavior of such systems. This paper discusses known complexity and expressiveness results for a number of such logics in common use and describes key technical tools for obtaining essentially optimal mechanical reasoning algorithms. However, the emphasis is on underlying intuitions and broad themes rather than technical intricacies. 1 Introduction There is a growing need for reliable methods of designing correct reactive systems. These systems are characterized by ongoing, typically nonterminating and highly nondeterministic behavior. Examples include operating systems, network protocols, and air traffic control systems. There is w...
Verifying Temporal Properties without Temporal Logic
, 1989
"... this paper were first presented at the "IEEE Symposium on Logic in Computer Science," Ithaca, New York, June 1987 ..."
Abstract

Cited by 37 (0 self)
 Add to MetaCart
this paper were first presented at the "IEEE Symposium on Logic in Computer Science," Ithaca, New York, June 1987
Proving properties of realtime systems through logical specifications and Petri Net models
 IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 1994
"... The problem of formally analyzing properties of realtime systems is addressed. A method is proposed that allows specifying system properties in the TRIO language (an extension of temporal logic suitable to deal explicitly with the “time ” variable and to measure it) and modeling the system as a tim ..."
Abstract

Cited by 32 (11 self)
 Add to MetaCart
The problem of formally analyzing properties of realtime systems is addressed. A method is proposed that allows specifying system properties in the TRIO language (an extension of temporal logic suitable to deal explicitly with the “time ” variable and to measure it) and modeling the system as a timed Petri net. It is argued that such an approach is more general than analyzing program properties. The proof method is based on an axiomatization of timed Petri nets in terms of TRIO so that their properties can be derived as suitable theorems in much the same spirit as classical Hoare’s method allows proving properties of programs coded in a Pascallike language. The method is then exemplified through two classical “benchmarks ” of the literature on concurrent and realtime systems, namely an elevator system and the dining philosophers problem. A thorough review of the related literature and a comparison thereof with the new method is also provided. Possible alternative methods, theoretical extensions, and practical applications are briefly discussed.
Formal Methods for the Specification and Design of RealTime Safety Critical Systems
, 1992
"... Safety critical computers increasingly a#ect nearly every aspect of our lives. Computers control the planes we #y on, monitor our health in hospitals and do our work in hazardous environments. Computers with software de#ciencies that fail to meet stringent timing constraints have resulted in cat ..."
Abstract

Cited by 31 (0 self)
 Add to MetaCart
Safety critical computers increasingly a#ect nearly every aspect of our lives. Computers control the planes we #y on, monitor our health in hospitals and do our work in hazardous environments. Computers with software de#ciencies that fail to meet stringent timing constraints have resulted in catastrophic failures. This paper surveys formal methods for specifying, designing and verifying realtime systems, so as to improve their safety and reliability. # To appear in Journal of Systems and Software,Vol. 18, Number 1, pages 33#60, April 1992. Jonathan Ostro# is with the Department of Computer Science, York University 4700 Keele Street, North York, Ontario, Canada, M3J 1P3. This work is supported by the Natural Sciences and Engineering Research Council of Canada. 1 CONTENTS 2 Contents 1 Introduction 3 2 De#ning the terms 6 2.1 Major issues that formal theories must address ::::::: 13 3 RealTime Programming Languages 14 4 Structured Methods and#or Graphical Languages 15 4.1 Str...
The "Hoare Logic" of CSP, and All That
 ACM Transactions on Programming Languages and Systems
, 1984
"... this paper, we show how various techniques for establishing safety properties of concurrent programs can be formulated in GHL in terms of invariance. Section 2 contains an overview of GHL and its principles; Section 3 applies the principles to some popular proof systems ..."
Abstract

Cited by 23 (10 self)
 Add to MetaCart
this paper, we show how various techniques for establishing safety properties of concurrent programs can be formulated in GHL in terms of invariance. Section 2 contains an overview of GHL and its principles; Section 3 applies the principles to some popular proof systems
Extending Statecharts With Temporal Logic
"... Statecharts is a behavioural specification language for the specification of realtime event driven reactive systems. Recently, statecharts was related to a logical specification language, using which safety and liveness properties could be expressed# this language provides a compositional proof ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
Statecharts is a behavioural specification language for the specification of realtime event driven reactive systems. Recently, statecharts was related to a logical specification language, using which safety and liveness properties could be expressed# this language provides a compositional proof system for statecharts. However, the logical specification language is flat, with no facilities to account for the structure of statecharts; further, the primitives of this language are dependent on statecharts syntax, and cannot be related directly to the problem domain. This paper discusses a temporal logicbased specification language called FNLOG which addresses these problems.