Results 11 
16 of
16
Mechanized Operational Semantics of WSL
 IEEE International Workshop on Source Code Analysis and Manipulation (SCAM), Los Alamitos
, 2002
"... This paper presents an experiment on computer assisted formal verification of program transformations. The operational semantics of WSL is formalized in the type theoretical proof assistant Coq, which forms the basis, on which the correctness of program transformations can be stated and proved as fo ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
This paper presents an experiment on computer assisted formal verification of program transformations. The operational semantics of WSL is formalized in the type theoretical proof assistant Coq, which forms the basis, on which the correctness of program transformations can be stated and proved as formul in Coq. A group of program transformations frequently used for software maintenance have been proved correct. The existence of a machine checked formal verification increases significantly the confidence in the correctness of program transformations, which is crucial for the reliability of software maintenance systems.
Exploiting Parallelism in Interactive Theorem Provers
 Proceedings of TPHOLs, volume 1479 of LNCS
, 1998
"... . This paper reports on the implementation and analysis of the MP refiner, the first parallel interactive theorem prover. The MP refiner is a shared memory multiprocessor implementation of the inference engine of Nuprl. The inference engine of Nuprl is called the refiner. The MP refiner is a co ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
. This paper reports on the implementation and analysis of the MP refiner, the first parallel interactive theorem prover. The MP refiner is a shared memory multiprocessor implementation of the inference engine of Nuprl. The inference engine of Nuprl is called the refiner. The MP refiner is a collection of threads operating as sequential refiners running on separate processors. Concurrent tactics exploit parallelism by spawning tactics to be evaluated by other refiner threads simultaneously. Tests conducted with the MP refiner running on a four processor Sparc shared memory multiprocessor reveal that parallelism at the inference rule level can significantly decrease the elapsed time of constructing proofs interactively. 1 Introduction An interactive theorem prover is a computer program that employs automated deduction to construct proofs with the aid of a user. Many interactive theorem provers require users to supply programs, called tactics, to carry out inference. Tacti...
Final Semantics for the picalculus
, 1998
"... In this paper we discuss final semantics for the calculus, a process algebra which models systems that can dynamically change the topology of the channels. We show that the final semantics paradigm, originated by Aczel and Rutten for CCSlike languages, can be successfully applied also here. This i ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
In this paper we discuss final semantics for the calculus, a process algebra which models systems that can dynamically change the topology of the channels. We show that the final semantics paradigm, originated by Aczel and Rutten for CCSlike languages, can be successfully applied also here. This is achieved by suitably generalizing the standard techniques so as to accommodate the mechanism of name creation and the behaviour of the binding operators peculiar to the calculus. As a preliminary step, we give a higher order presentation of the calculus using as metalanguage LF , a logical framework based on typed calculus. Such a presentation highlights the nature of the binding operators and elucidates the role of free and bound channels. The final semantics is defined making use of this higher order presentation, within a category of hypersets.
Reasoning about the Reliability Of Diverse TwoChannel Systems In which One Channel is “Possibly Perfect”
, 2009
"... should appear on the left and oddnumbered pages on the right when opened as a doublepage This report refines and extends an earlier paper by the first author [25]. It considers the problem of reasoning about the reliability of faulttolerant systems with two “channels” (i.e., components) of which o ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
should appear on the left and oddnumbered pages on the right when opened as a doublepage This report refines and extends an earlier paper by the first author [25]. It considers the problem of reasoning about the reliability of faulttolerant systems with two “channels” (i.e., components) of which one, A, because it is conventionally engineered and presumed to contain faults, supports only a claim of reliability, while the other, B, by virtue of extreme simplicity and extensive analysis, supports a plausible claim of “perfection.” We begin with the case where either channel can bring the system to a safe state. The reasoning about system probability of failure on demand (pfd) is divided into two steps. The first concerns aleatory uncertainty about (i) whether channel A will fail on a randomly selected demand and (ii) whether channel B is imperfect. It is shown that, conditional upon knowing pA (the probability that A fails on a randomly selected demand) and pB (the probability that channel B is imperfect), a conservative bound on the probability that the system fails on a randomly selected demand is simply pA × pB. That is, there is conditional independence between the events “A fails ” and “B is imperfect. ” The second
Automated Deductive Verification of Parallel Systems
, 1997
"... This paper describes the use of deductive methods for the verification of invariance properties of parallel systems. We show how a combination of proof rules, invariant generation techniques and abstraction techniques integrated to a theorem prover can be used effectively to prove invariants of syst ..."
Abstract
 Add to MetaCart
This paper describes the use of deductive methods for the verification of invariance properties of parallel systems. We show how a combination of proof rules, invariant generation techniques and abstraction techniques integrated to a theorem prover can be used effectively to prove invariants of systems given as a parallel composition of sequential processes with infinite data types. We present an implementation of these various techniques in our tool the InvariantChecker. The InvariantChecker is build as a frontend for the Pvs theorem prover. The tool is an extension of the Pvs specification language to handle the notion of transition systems describing the parallel composition of sequential processes. The Pvs prover is also extended with a new proof scheme corresponding to the combination of our proof techniques.