Implementation of the stable revivals model in CSP-Prover

Similar documents
The State Explosion Problem

A Timed Model of Circus with the Reactive Design Miracle

A UTP Semantics for Communicating Processes with Shared Variables

Trace semantics: towards a unification of parallel paradigms Stephen Brookes. Department of Computer Science Carnegie Mellon University

Incorpora(ng (me to an integrated formal method. Steve Schneider

Communicating Parallel Processes. Stephen Brookes

CS 6110 Lecture 21 The Fixed-Point Theorem 8 March 2013 Lecturer: Andrew Myers. 1 Complete partial orders (CPOs) 2 Least fixed points of functions

Unifying Theories of Programming

Responsiveness and stable revivals

Program verification using Hoare Logic¹

Testing for Refinement in CSP

Verifying Data Independent Programs Using Game Semantics

Structured CSP A Process Algebra as an Institution

Coinductive big-step semantics and Hoare logics for nontermination

Trace-based Process Algebras for Real-Time Probabilistic Systems

Lattices and Orders in Isabelle/HOL

A Tutorial Introduction to CSP in Unifying Theories of Programming

Bounded Retransmission in Event-B CSP: a Case Study

Formal Models of Timed Musical Processes Doctoral Defense

Circus Time with Reactive Designs

The non-logical symbols determine a specific F OL language and consists of the following sets. Σ = {Σ n } n<ω

NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications

A Recursion Combinator for Nominal Datatypes Implemented in Isabelle/HOL

EDA045F: Program Analysis LECTURE 10: TYPES 1. Christoph Reichenbach

The Design and Construction of Deadlock-Free Concurrent Systems

Automated Reasoning Lecture 2: Propositional Logic and Natural Deduction

T (s, xa) = T (T (s, x), a). The language recognized by M, denoted L(M), is the set of strings accepted by M. That is,

Relational Interfaces and Refinement Calculus for Compositional System Reasoning

Compositional Abstractions for Interacting Processes

Automated Proving in Geometry using Gröbner Bases in Isabelle/HOL

Introduction to Axiomatic Semantics

A Relative Timed Semantics for BPMN

Communicating Multi-Stack Visibly Pushdown Processes

Property Specifications for Workflow Modelling

Programming Languages and Compilers (CS 421)

Refinement-oriented probability for CSP

Static Program Analysis using Abstract Interpretation

G54FOP: Lecture 17 & 18 Denotational Semantics and Domain Theory III & IV

The Journal of Logic and Algebraic Programming

MOST OF the published research on control of discreteevent

This is a repository copy of Towards Verification of Cyber-Physical Systems with UTP and Isabelle/HOL.

A framework based on implementation relations for implementing LOTOS specifications

Trace Diagnostics using Temporal Implicants

Specifying and Analysing Networks of Processes in CSP T (or In Search of Associativity)

Introduction to Logic in Computer Science: Autumn 2006

Math 535: Topology Homework 1. Mueen Nawaz

Classes and conversions

Mechanising the Alphabetised Relational Calculus

Embedded systems specification and design

NICTA Advanced Course. Theorem Proving Principles, Techniques, Applications. Gerwin Klein Formal Methods

The Underlying Semantics of Transition Systems

Algebraic Trace Theory

Write your own Theorem Prover

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Discrete Analysis of Continuous Behaviour in Real-Time Concurrent Systems. Joël Ouaknine St Cross College and University College

CS 6110 Lecture 35 Solving Domain Equations 19 April 2013 Lecturer: Andrew Myers

Structure Preserving Bisimilarity,

Towards a Mechanised Denotational Semantics for Modelica

Appendix A. Definitions for Ordered Sets. The appendices contain all the formal definitions, propositions and proofs for

Denoting computation

The Reflection Theorem

Axiomatic Semantics. Semantics of Programming Languages course. Joosep Rõõmusaare

Algebraic Trace Theory

BRICS. Finite Equational Bases in Process Algebra: Results and Open Questions

Design of Distributed Systems Melinda Tóth, Zoltán Horváth

Inductive Definitions and Fixed Points

A Formal Semantics for Gaia Liveness Rules and Expressions

PDF hosted at the Radboud Repository of the Radboud University Nijmegen

Concrete Domains. Gilles Kahn INRIA Sophia Antipolis Gordon D. Plotkin University of Edinburgh

M a s t e r r e s e a rc h I n t e r n s h i p. Formalisation of Ground Inference Systems in a Proof Assistant

Equational Reasoning with Applicative Functors. Institute of Information Security

A Relative Timed Semantics for BPMN

Model Checking, Theorem Proving, and Abstract Interpretation: The Convergence of Formal Verification Technologies

Complex Systems Design & Distributed Calculus and Coordination

07 Practical Application of The Axiomatic Method

Data Abstraction for CSP-OZ

A Note on Scope and Infinite Behaviour in CCS-like Calculi p.1/32

Section 0.7. The Axiom of Choice, Order, and Zorn s Lemma

Temporal & Modal Logic. Acronyms. Contents. Temporal Logic Overview Classification PLTL Syntax Semantics Identities. Concurrency Model Checking

On simulations and bisimulations of general flow systems

Shared-Variable Concurrency

Cost-based analysis of probabilistic programs mechanised in HOL

Symbolic Analysis Tools for CSP

A Denotational Semantic Theory of Concurrent Systems

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics

Denotational Semantics of Mobility in Unifying Theories of Programming (UTP)

Formalising the π-calculus in Isabelle

Ready to Preorder: The Case of Weak Process Semantics

Formalization of Mathematics: why Algebraic Topology?

A Thread Algebra with Multi-level Strategic Interleaving

Foundations of Quantum Programming

A Modern Mathematical Theory of Co-operating State Machines

Course Runtime Verification

An Introduction to Temporal Logics

(La méthode Event-B) Proof. Thanks to Jean-Raymond Abrial. Language of Predicates.

Semantic Families for Cyber-physical Systems

Well Founded Relations and Recursion

Benefits of Interval Temporal Logic for Specification of Concurrent Systems

Lecture Notes: Axiomatic Semantics and Hoare-style Verification

CPO Semantics of Timed Interactive Actor Networks

Transcription:

in CSP-Prover in CSP-Prover April 4, 2007 The stable Supported by EPSRC grant EP/D037212/1

in CSP-Prover Csp-Prover Motivation and The stable

in CSP-Prover Csp is a language to describe processes in concurrent systems. A collection of mathematical models and reasoning methods. Traces model T, failure-divergences model N and the stable failures model F. The stable R is a recently developed model (2005). The stable

Csp-Prover is a proof infrastructure to prove refinement and equality proofs using the interactive theorem prover Isabelle. Uses the logic HOL-Complex. Developed by Yoshinao Isobe(AIST, Japan) and Markus Roggenbach() Domain F Theory on CMS Theory on CPO for F INSTANTIATED PART CSP Semantics F REUSABLE PART in CSP-Prover The stable Banach s FP Theorem Metric FP Induction Lifting theorem Restriction spaces Tarski s FP theorem Standard FP Theorem Lifting theorem CSP-Syntax CSP Prover Infrastructure (additional lemmas on natura, reals, lists, sets... ) Isabelle/HOL-Complex Proofs on infinite state systems, which may also have infinite nondeterminism.

in CSP-Prover Verifying Process Equivalence and Process Refinement 1. Semantical proof - by semantics function 2. Syntacial proof - by algebraic CSP laws 3. Semi-Automatically proof - by tactics Currently focuses on the stable failures model F and traces model T. The stable

Motivations to the stable in CSP-Prover The stable (Roscoe 2005) was developed to reason about responsiveness and stuck-freeness. Gives assurance that individual processes don t behave in an undesirable manner. A process Q is responsive to process P if process Q will not cause process P to deadlock by not responding when expected by P. A network is not stuck-free if network of process doesn t terminate leaving one partner hanging. The stable

An example in CSP-Prover A process Q is responsive to process P if process Q will not cause process P to deadlock by not responding when expected by P. P = (rep Skip) Skip Q = rep Skip Q RespondsTo P as Q is ready to engage in rep, but P RespondsTo Q is not The stable

in CSP-Prover The stable revivals semantics assigns meaning for each process P in terms of (traces(p), deadlock(p), revivals(p)). traces(p) Σ, where Σ is the communication alphabet deadlock(p) Σ P can deadlock after execution of σ deadlock(p) revivals(p) (Σ P( Σ) Σ ) P can execute σ, stably refuse X and then perform a for (σ, X,a) revivals(p). The stable

in CSP-Prover Domain R is the set of all (T,D,R) such that T1 T is nonempty and prefix-closed. D1 D T. R1 (s, X,a) R s ˆ a T. R2 (s, X,a) R Y X (s, Y,a) R. R3 (s, X,a) R b Σ ((s, X,b) R (s, X {b}, a) R). R4 s ˆ T (s, Σ, ) R. The stable

Implementating the stable in CSP-Prover Domain R Domain T CSP Semantics R for F The stable Domain F CSP Semantics F Theory on CMS Banach s FP Theorem Metric FP Induction Lifting theorem Theory on CPO Tarski s FP theorem Standard FP Theorem Lifting theorem CSP-Syntax Restriction spaces CSP Prover Infrastructure (additional lemmas on natura, reals, lists, sets... ) Isabelle/HOL-Complex

Implementation of the domain in CSP-Prover The stable

Creating Revivals Components in CSP-Prover Each revival is tripe (σ,x,a) σ (trace) doesn t have X (refusal set) doesn t have types a revival = "( a trace * a event set * a event) " "HC_RT F ==(ALL f.(f: F)? Tick ~: sett(fstr(f)))" "HC_RF F ==(ALL f.(f: F)? Tick ~: SndR(f) )" typedef a setr = "{ R ::( a revival set ). HC_RT(R) & HC_RF(R) }" Abs_setR ( a trace a event set a event) The stable a setr Rep_setR Creates the type a revival to represent a trace which doesn t contain, a set of events which does not contain and an event which may be.

in CSP-Prover Creating the domain of the stable. types a domtsetdsetr="( a domt* a setd* a setr)" typedef a domr "{ T ::( a domtsetdsetr).hc_d1(t)& HC_R1(T)&HC_R2(T)&HC_R3(T) & HC_R4(T)}" a domr Abs_domR Rep_domR ( a domt a setd a setr) The stable Creates the type a domr to represent (T,D,R) such that it satisfies all the healthiness conditions.

Revival component is a CPO Overload the definition of of the axiomatic class order. defs (overloaded) subsetr_def :"F <= E== Rep_setR (F) <= Rep_setR (E)" psubsetr_def:"f < E== Rep_setR (F) < Rep_setR (E)" instance setr :: (type) order The least upper bound of any directed set is simply the componentwise union. UnionR_def:"UnionR Rs==Abs_setR(Union(Rep_setR Rs))" lemma Union_setR_in_setR:"Union (Rep_setR Rs)):setR" ( a trace a event set a event) in CSP-Prover The stable Abs_setR a setr Rep_setR UnionR Rs is an upper bound of Rs and The least upper bound of Rs is UnionR Rs. instance setr :: (type) cpo

Summary & Future works in CSP-Prover Summary Implemented the domain of R in Csp-Prover. Proved in Csp-Prover that this domain is a CPO. Defined the semantics functions of R in Csp-Prover. Future work Proving type correctness of these semantics functions. Proving these semantics functions to be continuous. Defining and proving step laws for R. Develop proof infrastructure for R. The stable

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback