this paper have been presented at the 4th European Summer School in Logic, Language and Information, University of Essex, 1992; at the Tempus Summer School for Algebraic and Categorical Methods in Computer Science, Masaryk University, Brno, 1993; and the Summer School in Logic Methods in Concurrency, Aarhus University, 1993. I would like to thank the organisers and the participants of these summer schools, and of the Banff higher order workshop. I would also like to thank Julian Bradfield for use of his Tex tree constructor for building derivation trees and Carron Kirkwood, Faron Moller, Perdita Stevens and David Walker for comments on earlier drafts.

In this paper, we present a constraint-oriented state-based proof methodology for concurrent software systems which exploits compositionality and abstraction for the reduction of the verification problem under investigation. Formal basis for this methodology are Modal Transition Systems allowing loose state-based specifications, which can be refined by successively adding constraints. Key concepts of our method are projective views, separation of proof obligations, Skolemization and abstraction. The method is even applicable to real time systems. 1 Introduction The use of formal methods and in particular formal verification of concurrent systems, interactive or fully automatic, is still limited to very specific problem classes. For state-based methods this is mainly due to the state explosion problem: the state graph of a concurrent systems grows exponentially with the number of its parallel components, leading to an unmanageable size for most practically relevant systems. Consequentl...

We report on the current status of the LMC project, which seeks to deploy the latest developments in logic-programming technology to advance the state of the art of system specification and verification. In particular, the XMC model checker for value-passing CCS and the modal mu-calculus is discussed, as well as the XSB tabled logic programming system, on which XMC is based. Additionally,several ongoing efforts aimed at extending the LMC approachbeyond traditional finite-state model checking are considered, including compositional model checking, the use of explicit induction techniques to model check parameterized systems, and the model checking of real-time systems. Finally, after a brief conclusion, future research directions are identified.

Abstract not found

Many safety-critical systems that have been considered by the verification community are parameterized by the number of concurrent components in the system, and hence describe an infinite family of systems. Traditional model checking techniques can only be used to verify specific instances of this family. In this paper, we present a technique based on compositional model checking and program analysis for automatic verification of infinite families of systems. The technique views a parameterized system as an expression in a process algebra (CCS) and interprets this expression over a domain of formulas (modal mu-calculus), considering a process as a property transformer. The transformers are constructed using partial model checking techniques. At its core, our technique solves the verification problem by finding the limit of a chain of formulas. We present a widening operation to find such a limit for properties expressible in a subset of modal mu-calculus. We describe the verification of a number of parameterized systems using our technique to demonstrate its utility.

We define a compositional labelled transition system semantics for statecharts via a translation into a new process language called SP. The main novelty of the language is an operator of process refinement, which reflects the statecharts hierarchical structure. The translation agrees with Pnueli and Shalev semantics of statecharts. However, since the language is parametric in the set of basic actions and in some operations over actions, other semantics of statecharts can be obtained by suitably instantiating the actions corresponding to transitions and the operations over actions.

Contents 1 Introduction 2 2 Process Calculi 2 3 Equivalences, Modal and Temporal Logics 5 3.1 Interactive games and bisimulations . . . . . . . . . . . . . . . 7 3.2 Modal logic and bisimulations . . . . . . . . . . . . . . . . . . . 9 3.3 Temporal properties and modal mu-calculus . . . . . . . . . . 10 3.4 Second-order propositional modal logic . . . . . . . . . . . . . . 15 3.5 Fixed point and second-order games . . . . . . . . . . . . . . . 16 4 Property Checking and Games 19 4.1 Property checking as a game . . . . . . . . . . . . . . . . . . . . 20 4.2 Model checking games . . . . . . . . . . . . . . . . . . . . . . . 23 4.3 Graph games and reductions . . . . . . . . . . . . . . . . . . . 25 Notes for Mathfit Workshop on Finite Model Theory, University of Wales Swansea, July 7--9. 1 Introduction Concurrency theory is concerned with formal notations and techniques for modelling and reasoning about concurren

. As a case study, we apply a constraint-oriented state-based proof methodology to Fischer's protocol. The method exploits compositionality and abstraction to reduce the investigated verification problem. This reduction avoids state space explosion. Key concepts of the reduction process are modal constraints, separation of proof obligations, Skolemization and abstraction. Formal basis for the method are Timed Modal Specifications (TMS) allowing loose state-based specifications, which can be refined by successively adding constraints. TMS's can be easily translated into Modal Timed Automata, thus enabling automatic verification. A central issue of the method is the use of Parametrized TMS's. 1 Introduction The use of state-based formal methods -- in particular formal verification of concurrent systems -- is still limited to very specific problem classes, mainly due to the state explosion problem: the state graph of the system grows exponentially with the number of its parallel compone...

. For every hierarchical system of equations S over some complete and distributive lattice we construct an equivalent system with the same set of variables which additionally is guarded. The price to be paid is that the resulting right-hand sides may grow exponentially. We therefore present methods how the exponential blow-up can be avoided. Especially, the loop structure of the variable dependence graph is taken into account. Also we prove that size O(m \Delta jSj) suffices whenever S originates from a fixpoint expression where the nesting-depth of fixpoints is at most m. Finally, we sketch an application to regular tree pattern-matching. Keywords: guardedness, -calculus, distributive lattices, loop-connectedness. 1 Introduction Since Kozen's seminal paper [13] in 1983, the modal --calculus has been widely used for specification and verification of properties of concurrent processes. Fixpoint expressions or (slightly more convenient) hierarchical systems of equations, howev...

We consider the problem of formally verifying of processes given in a process algebra with respect to specifications in the modal -calculus. For this problem, we present a Gentzen-style sequent calculus which can be used for different process algebras, and which allows compositional reasoning. The key property of this calculus, due to Dam and Gurov, is the use of explicit ordinal approximations in order to deal with properties expressed by fixed-point operators.