Abstract
Most efforts to automate formal verification of communicating systems have centred around finite-state systems (FSSs). However, FSSs are incapable of modelling many practical communicating systems, including a novel class of problems, which we call VIPS. VIPSs are value-passing, infinite-state, parameterised systems. Existing approaches using model checking over FSSs are insufficient for VIPSs. This is due to their inability both to reason with and about domain-specific theories, and to cope with systems having an unbounded or arbitrary state space.
We use the Calculus of Communicating Systems (CCS) (Communication and Concurrency. London: Prentice Hall, 1989) to express and specify VIPSs. We take program verification to be proving the program and its intended specification equivalent. We use the laws of CCS to conduct the verification task. This approach allows us to study communicating systems and the data such systems communicate. Automating theorem proving in this context is an extremely difficult task.
We provide automated methods for CCS analysis; they are applicable to both FSSs and VIPSs. Adding these methods to the CL A M proof planner (Lecture Notes in Artificial Intelligence, Vol. 449, Springer, 1990, pp. 647, 648), we have implemented an automated verification planner capable of dealing with problems that previously required human interaction. This paper describes these methods, gives an account as to why they work, and provides a short summary of experimental results.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Basin, D. and Walsh, T. 1992. Difference matching. In D. Kapur, editor, 11th Conference on Automated Deduction, pp. 295–309, NY, USA: Saratoga Springs. Published as Springer Lecture Notes in Artificial Intelligence, Vol. 607.
Basin, D. and Walsh, T. 1993. Difference unification. In Bajcsy, editor, Proceedings of the 13th IJCAI, International Joint Conference on Artificial Intelligence. Also available as Technical Report MPI-I-92-247, Max-Planck-Institute f¨ur Informatik.
Basin, D. and Walsh, T. 1996. Annotated rewriting in inductive theorem proving. Journal of Automated Reasoning, 16(1- 2):147–180.
Bergstra, J.A. and Klop, J.W. 1985. Algebra of communicating processes with abstraction. Theoretical Computer Science, 37(1):77–121.
Bouali, A., Gnesi, S., and Larosa, S. 1994. JACK: Just Another Concurrency Kit. Bulletin of the European Association for Theoretical Computer Science, 54:207–224.
Bouali, A., Ressouche, A., Roy, V., and de Simone, R. 1996. The FC2TOOLS set. In R. Alur and T. Henzinger, editors, '96), Springer-Verlag, pp. 441–445. Lecture Notes in Computer Science, Vol. 1102.
Boyer, R.S. and Moore, J.S. 1979. A Computational Logic. Academic Press, ACM monograph series.
Bruns, G. 1991. A language for value-passing CCS. LFCS Report Series ECS-LFCS-91-175, Department of Computer Science, University of Edinburgh.
Bundy, A. 1988. The use of explicit plans to guide inductive proofs. In R. Lusk and R. Overbeek, editors, 9th Conference on Automated Deduction, Springer-Verlag, pp. 111–120. Longer version available from Edinburgh as DAI Research Paper No. 349.
Bundy, A. 1991. A science of reasoning. In J.L. Lassez and G. Plotkin, editors, Computational Logic: Essays in Honor of Alan Robinson, MIT Press, pp. 178–198. Also available from Edinburgh as DAI Research Paper 445.
Bundy, A., Stevens, A., van Harmelen, F., Ireland, A., and Smaill, A. 1993. Rippling: A heuristic for guiding inductive proofs. Artificial Intelligence, 62: 185–253. Also available from Edinburgh as DAI Research PaperNo. 567.
Bundy, A., van Harmelen, F., Hesketh, J., Smaill, A., and Stevens, A. 1989. A rational reconstruction and extension of recursion analysis. In N.S. Sridharan, editor, Proceedings of the Eleventh International Joint Conference on Artificial Intelligence, Morgan Kaufmann, pp. 359–365. Also available from Edinburgh as DAI Research Paper 419.
Bundy, A., van Harmelen, F., Horn, C., and Smaill, A. 1990. The Oyster-Clam system. In M.E. Stickel, editor, 10th International Conference on Automated Deduction, Springer-Verlag, pp. 647–648. Lecture Notes in Artificial Intelligence, Vol. 449. Also available from Edinburgh as DAI Research Paper 507.
Cantu, F., Bundy, A., Smaill, A., and Basin, D. 1996. Experiments in automating hardware verification using inductive proof planning. In M. Srivas and A. Camilleri, editors, Proceedings of the Formal Methods for Computer-Aided Design Conference, Springer-Verlag, pp. 94–108. Lecture Notes in Computer Science, Vol. 1166.
Cleaveland, R., Lewis, P.M., Smolka, S.A., and Sokolsky, O. 1996. The concurrency factory: A development environment for concurrent systems. In R. Alur and T. Henzinger, editors, '96), Springer-Verlag, pp. 398–401. Lecture Notes in Computer Science, Vol. 1102.
Cleaveland, R. and Panangaden, P. 1988. Type theory and concurrency. International Journal of Parallel Programming, 17(2):153–206.
Cleaveland, R., Parrow, J., and Steffen, B. 1990. The concurrency workbench. In J. Sifakis, editor, Proceedings of the International Workshop on Automatic Verification Methods for Finite State Systems, Lecture Notes in Computer Science, Vol. 407, Springer-Verlag, pp. 24–37.
Constable, R.L., Allen, S.F., Bromley, H.M. et al. 1986. Implementing Mathematics with the Nuprl Proof Development System. Prentice Hall.
Dershowitz, N. and Jouannaud, J.P. 1990. Rewrite systems. In J. van Leeuwen, editor, Handbook of Theoretical Computer Science, Vol. B: Formal Models and Semantics, Elsevier, pp. 243–320.
Dowek, G., Felty, A., Herbelin, H., Huet, G., Paulin, C., and Werner, B. 1991. The Coq proof assistant user's guide, Version 5.6. Technical Report 134, INRIA.
Failure Divergence Refinement: FDR2 User Manual. Formal Systems (Europe) Ltd. 1992- 1997.
Fernandez, J.C., Garavel, H., Kerbrat, A., Mateescu, R., Mounier, L., and Sighireanu, M. 1996. CADP: A protocol validation and verification toolbox. In R. Alur and T. Henzinger, editors, '96), Springer-Verlag, pp. 437–440. Lecture Notes in Computer Science, Vol. 1102.
Godskesen, J.C., Larsen, K.G., and Zeeberg, M. 1989. TAV users manual. Internal report R-89-19, Department of Computer Science, Aalborg University.
Gordon, M.J.C. and Melham, T.F. (eds.). 1993. Introduction to HOL: A Theorem Proving Environment for Higher Order Logic. Cambridge University Press.
Groote, J.F., Monin, F., and van de Pol, J.C. 1998. Checking verifications of protocols and distributed systems by computer. In D. Sangiorgi and R. de Simone, editors, Proceedings of CONCUR'98, Springer Verlag, pp. 629–655. Lecture Notes in Computer Science, Vol. 1466. Also available as Computer Science Report 98/13, Department of Mathematics and Computer Science, Eindhoven University, 1998.
Groote, J.F. and van de Pol, J.C. 1996. A bounded retransmission protocol for large data packets. A case study in computer checked verification. In M. Wirsing and M. Nivat, editors, Proceedings of AMAST'96, Springer Verlag, pp. 536–550. Lecture Notes in Computer Science, Vol. 1101.
Groote, J.F. and Ponse, A. 1990. The syntax and semantics of µCRL. Technical report CS-R9076, CWI, Amsterdam.
Groote, J.F. and Ponse, A. 1991. Proof theory for µCRL. Technical report CS-R9138, CWI, Amsterdam.
Hennessy, M. and Lin, H. 1995. Symbolic bisimulations. Theoretical Computer Science, 138:353–389. Also available from Sussex as Computing Science Technical Report 1/92.
Hennessy,M. and Milner, R. 1985. Algebraic laws for nondeterminism and concurrency. Journal of the Association for Computing Machinery, 32(1):137–161.
Hirshfeld, Y., Jerrum, M., and Moller, F. 1996a. A polynomial algorithm for deciding bisimilarity of normed context-free processes. Theoretical Computer Science, 158:143–159. Also available from Edinburgh as LFCS report ECS-LFCS-94-286.
Hirshfeld, Y., Jerrum, M., and Moller, F. 1996b. A polynomial-time algorithm for deciding bisimulation equivalence of normed basic parallel processes. Mathematical Structures in Computer Science, 6(3):251–259. Also available from Edinburgh as LFCS report ECS-LFCS-94-288.
Hoare, C.A.R. 1978. Communicating sequential processes. Communications of the Association for Computing Machinery, 21(8):666–677.
Inverardi, P. and Nesi, M. 1995. Deciding observational congruence of finite-state CCS expressions by rewriting. Theoretical Computer Science, 139:315–354.
Ireland, A. 1992. The use of planning critics in mechanizing inductive proofs. In A. Voronkov, editor, International Conference on Logic Programming and Automated Reasoning—LPAR 92, St.Petersburg, Springer-Verlag, pp. 178–189. Lecture Notes in Artificial Intelligence, Vol. 624. Also available from Edinburgh as DAI Research Paper 592.
Ireland, A. and Bundy, A. 1996a. Productive use of failure in inductive proof. Journal of Automated Reasoning, 16(1- 2):79–111. Also available as DAI Research Paper No. 716, Dept. of Artificial Intelligence, Edinburgh.
Ireland, A. and Bundy, A. 1996b. Extensions to a generalization critic for inductive proof. In M.A. McRobbie and J.K. Slaney, editors, 13th Conference on Automated Deduction, Springer-Verlag, pp. 47–61. Lecture Notes in Artificial Intelligence, Vol. 1104. Also available from Edinburgh as DAI Research Paper 786.
ISO. 1989. Information processing systems—Open Systems Interconnection—LOTOS—A formal description technique based on the temporal ordering of observational behaviour. ISO 8807.
Korver, H. and Springintveld, J. 1994. A computer-checked verification of Milner's schedulers. In M. Hagiya and J.C. Mitchel, editors, '94), Springer-Verlag, pp. 161–178. Lecture Notes in Computer Science, Vol. 789.
Kraan, I., Basin, D., and Bundy, A. 1993. Logic program synthesis via proof planning. In K.K. Lau and T. Clement, editors, Logic ProgramSynthesis and Transformation, Springer-Verlag, pp. 1–14. Also available as Max-Planck-Institut f¨ur Informatik Report MPI-I-92-244 and Edinburgh DAI Research Report 603.
Kurshan, R.P. and McMillan, K. 1989. A structural induction theorem for processes. In 8th ACM Symposium on Principles Of Distributed Computing (PODC), ACM Press, pp. 239–247.
Lin, H. 1993. A verification tool for value-passing processes. In Proceedings of 13th International Symposium on Protocol Specification, Testing and Verification, North-Holland. Series IFIP Transactions. Also available from Sussex as Computing Science Technical Report 8/93.
Lin, H. 1995. PAM: A process algebra manipulator. Formal Methods in System Design, 7:243–259. Kluwer Academic publishers.
Milner, R. 1989. Communication and Concurrency. London: Prentice Hall.
Milner, R. and Moller, F. 1993. Unique decomposition of processes. Theoretical Computer Science, 107:357–363.
Milner, R., Parrow, J., and Walker, D. 1993. Mobile logics for mobile processes. Theoretical Computer Science, 114:149–171. Also available from Edinburgh, as LFCS Report ECS-LFCS-91-136.
Monroy, R. 1997. Planning proofs of correctness of CCS systems. Ph.D. Thesis, Department of Artificial Intelligence, University of Edinburgh.
Monroy, R., Bundy, A., and Green I. 1998a. Annotated term rewriting for deciding observation congruence. In H. Prade, editor, 13th European Conference on Artificial Intelligence, ECAI'98, Wiley & Sons, pp. 393–397.
Monroy, R., Bundy, A., and Green I. 1998b. Planning equational verification in CCS. In D. Redmiles and B. Nuseibeh, editors, 13th Conference on Automated Software Engineering, ASE'98, IEEE Computer Society Press, pp. 43–52. Candidate to best paper award.
Monroy, R., Bundy, A., and Ireland, A. 1994. Proof plans for the correction of false conjectures. In F. Pfenning, editor, 5th International Conference on Logic Programming and Automated Reasoning, LPAR'94s, Springer-Verlag, pp. 54–68. Lecture Notes in Artificial Intelligence, Vol. 822. Also available from Edinburgh as DAI Research Paper 681.
Negrete, S. 1996. Proof planning with logic presentations. Ph.D. Thesis, Department of Artificial Intelligence, University of Edinburgh.
Nesi, M. 1992. Mechanizing a proof by induction of process algebra specifications in higher-order logic. In K.G. Larsen and A. Skou, editors, Proceedings of the 3rd InternationalWorkshop in Computer Aided Verification ('91), Springer Verlag, pp. 288–298. Lecture Notes in Computer Science, Vol. 575.
Nesi, M. 1999. Formalising a value-passing calculus in HOL. Formal Aspects of Computing, 11:160–199.
Park, D. 1981. Concurrency and automata on infinite sequences. In P. Deussen, editor, Proceedings of the 5th GI-Conference on Theoretical Computer Science, Springer Verlag, pp. 167–183. Lecture Notes in Computer Science, Vol. 104.
Paulson, L.C. 1994. Isabelle: A Generic Theorem Prover. Springer-Verlag. Lecture Notes in Computer Science, Vol. 828.
Sellink, M.P.A. 1993. Verifying process algebra proofs in type-theory. Technical Report Logic Group Preprint Series 87, Utrecht University.
Walsh, T., Nunes, A., and Bundy, A. 1992. The use of proof plans to sum series. In D. Kapur, editor, 11th Conference on Automated Deduction, Springer Verlag, pp. 325–339. Lecture Notes in Computer Science, Vol. 607. Also available from Edinburgh as DAI Research Paper 563.
Yoshida, T., Bundy, A., Green, I., Walsh, T., and Basin, D. 1994. Coloured rippling: An extension of a theorem proving heuristic. In A.G. Cohn, editor, Proceedings of ECAI-94, John Wiley, pp. 85–89.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Monroy, R., Bundy, A. & Green, I. Planning Proofs of Equations in CCS. Automated Software Engineering 7, 263–304 (2000). https://doi.org/10.1023/A:1008770222354
Issue Date:
DOI: https://doi.org/10.1023/A:1008770222354