Abstract. A way to write proof scores showing that distributed systems have invariant properties in algebraic specification languages is described, which has been devised through several case studies. The way makes it possible to divide a formula stating an invariant property under discussion into reasonably small ones, each of which is proved by writing proof scores individually. This relieves the load to reduce logical formulas and can decrease the number of subcases into which the case is split in case analysis.

CafeOBJ is an executable industrial strength multi-logic algebraic speci cation language which is a modern successor of OBJ and incorporates several new algebraic speci cation paradigms.

Case analysis is essential for verification of computer systems by writing proof scores in algebraic specification languages. When case analysis is performed, it is indispensable to cover all cases and find basic predicates that can be used for splitting cases. We propose two methods to support case analysis, which concern the two things. The first method uses matrices to cover all cases. The matrices consist of predicates that come from transition rules ’ conditions and properties to be verified. If it is not sufficient to split cases with such matrices, we must find basic predicates in the specifications of computer systems to split cases more precisely. Given a set of basic predicates, the second method mostly automates this process, which also can help find necessary lemmas. A case study in which our methods are effectively applied to a railroad signaling system is also reported. 1.