Formal Aspects of Computing

, Volume 18, Issue 3, pp 264–287 | Cite as

Verifying data refinements using a model checker

Original Article

Abstract

In this paper, we consider how refinements between state-based specifications (e.g., written in Z) can be checked by use of a model checker. Specifically, we are interested in the verification of downward and upward simulations which are the standard approach to verifying refinements in state-based notations. We show how downward and upward simulations can be checked using existing temporal logic model checkers.

In particular, we show how the branching time temporal logic CTL can be used to encode the standard simulation conditions. We do this for both a blocking, or guarded, interpretation of operations (often used when specifying reactive systems) as well as the more common non-blocking interpretation of operations used in many state-based specification languages (for modelling sequential systems). The approach is general enough to use with any state-based specification language, and we illustrate how refinements between Z specifications can be checked using the SAL CTL model checker using a small example.

Keywords

State-based specifications Z Refinement Downward and upward simulations Model checking CTL 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. BD06.
    Bolton C, Davies J (2006) A singleton failures semantics for communicating sequential processes. Form Asp Comput (To appear)Google Scholar
  2. Bo105.
    Bolton C (2005) Using the alloy analyzer to verify data refinement Z. Electronic Notes Theor Comput Sci 137(2):23–44CrossRefGoogle Scholar
  3. CCGR99.
    Cimatti A, Clarke E, Giunchiglia F, Roveri M (1999) NuSMV: a new symbolic model verifier. In: Halbwachs N, Peled D (eds) International conference on computer aided verification (CAV’99), vol 1633 of LNCS. Springer, Berlin, pp 495–499 Heidelberg New YorkGoogle Scholar
  4. CGJ+00.
    Clarke E, Grumberg O, Jha S, Lu Y, Veith H (2000) Counterexample-guided abstraction refinement. In: Emerson EA Sistla AP (eds) International conference on computer aided verification (CAV’00), vol 1855 of LNCS. Springer, Berlin Heidelberg New York, pp 154–169Google Scholar
  5. CGP00.
    Clarke E, Grumberg O, Peled D (2000) Model Checking. MIT, New YorkGoogle Scholar
  6. CGR95.
    Craigen D, Gerhart S, Ralston T (1995) Formal methods reality check: Industrial usage. IEEE Trans Softw Eng 21(2):90–98CrossRefGoogle Scholar
  7. DB01.
    Derrick J, Boiten E (2001) Refinement in Z and Object-Z Found Adv Appl. Springer, Berlin Heidelberg New YorkGoogle Scholar
  8. DB03.
    Derrick J, Boiten EA (2003) Relational concurrent refinement. Form Asp Comput 15(2–3):182–214MATHCrossRefGoogle Scholar
  9. DE98.
    de Roever W-P, Engelhardt K (1998) Data refinement: model-oriented proof methods and their comparison. CUPGoogle Scholar
  10. DMOR+04.
    de Moura L, Owre S, Rueß , H, Rushby J, Shankar N, Sorea M, Tiwari A (2004) SAL 2. In: Alur R, Peled D (eds) International conference on computer aided verification (CAV 2004), vol 3114 of LNCS. Springer, Berlin Heidelberg New York pp 496–500Google Scholar
  11. DMOS03.
    de Moura L, Owre S, Shankar N (2003) The SAL language manual. Technical Report SRI-CSL-01-02 (Rev.2), SRI InternationalGoogle Scholar
  12. Eme90.
    Emerson EA (1990) Temporal and modal logic. In: van Leeuwen J (ed) Handbook of Theoretical Computer Science, vol B. Elsevier, Amsterdam, pp 996–1072Google Scholar
  13. FW99.
    Fischer C, Wehrheim H (1999) Model-checking CSP-OZ specifications with FDR. In: Araki K, Galloway A, Taguchi K (eds) International conference on integrated formal methods (IFM’99). Springer, Berlin Heidelberg New York, pp 315–334Google Scholar
  14. GS97.
    Graf S, Saïdi H (1997) Construction of abstract state graphs with PVS. In: International Conference on Computer Aided Verification (CAV’97), vol 1254 of LNCS. Springer, Berlin Heidelberg New York, pp 72–83Google Scholar
  15. He89.
    He J (1989) Process refinement. In: McDermid J (ed) The theory and practice of refinement. Butterworths LondonGoogle Scholar
  16. Jos88.
    Josephs M (1988) A state-based approach to communicating processes. Distributed Comput 3:9–18MATHCrossRefGoogle Scholar
  17. KS01.
    Kassel G, Smith G (2001) Model checking Object-Z classes: some experiments with FDR. In: Asia-Pacific Software Engineering Conference (APSEC 2001). IEEE Computer Society Press, Los AlamitorGoogle Scholar
  18. LB05.
    Leuschel M, Butler M (2005) Automatic refinement checking for B. In: Lau K, Banach R (eds) International conference on formal engineering methods, ICFEM 2005, vol 3785 of LNCS. Springer, Berlin Heidelberg New York, pp 345–359Google Scholar
  19. LMC01.
    Leuschel M, Massart T, Currie A (2001) How to make FDR Spin: LTL model checking of CSP by refinement. In: Oliveira JN, Zave P (eds) FME, vol 2021 of LNCS. Springer, Berlin Heidelberg New York, pp 99–118Google Scholar
  20. MS01.
    Mota A, Sampaio A (2001) Model-checking CSP-Z: strategy, tool support and industrial application. Sci Comput Program 40:59–96MATHCrossRefGoogle Scholar
  21. Rob02.
    Robinson N (2002) Checking Z data refinement using an animation tool. In: Bert D, Bowen JP Henson MC Robinson K (eds) International Conference of Z and B Users (ZB 2002), vol 2272 of LNCS. Springer, Berlin Heidelberg New York, pp 62–81Google Scholar
  22. Ros05.
    Roscoe AW (2005) On the expressive power of CSP refinement. Form Asp Comput 17(2):93–112MATHCrossRefGoogle Scholar
  23. SD01.
    Smith G, Derrick J (2001) Specification, refinement and verification of concurrent systems—an integration of Object-Z and CSP. Form Meth Syst Des 18:249–284MATHCrossRefGoogle Scholar
  24. Smi00.
    Smith G (2000) The Object-Z Specification Language. Advances in Formal Methods. KluwerGoogle Scholar
  25. Spi92.
    Spivey JM (1992) The Z Notation: A reference manual. Prentice Hall, 2nd ednGoogle Scholar
  26. SS99.
    Saïdi H, Shankar N (1999) Abstract and model check while you prove. In: Halbwachs N, Peled D (eds) International conference on computer aided verification (CAV’99), vol 1633 of LNCS. Springer, Berlin Heidelberg New York, pp 443–453Google Scholar
  27. SW03.
    Smith G, Winter K (2003) Proving temporal properties of Z specificatons using abstraction. In: Bert D, Bowen JP, King S, Waldén M (eds) International conference of Z and B users (ZB 2003), vol 2651 of LNCS. Springer, Berlin Heidelberg New York, pp 260–279Google Scholar
  28. SW05.
    Smith G, Wildman L (2005) Model checking Z specifications using SAL. In: Treharne H, King S Henson M Schneider S (eds) International conference of Z and B users (ZB 2005), vol 3455 of LNCS. Springer, Berlin Heidelberg New York, pp 87–105Google Scholar
  29. WD96.
    Woodcock J, Davies J (1996) Using Z: specification, refinement, and proof. Prentice Hall, Englewood CliffsMATHGoogle Scholar

Copyright information

© British Computer Society 2006

Authors and Affiliations

  1. 1.School of Information Technology and Electrical EngineeringThe University of QueenslandBrisbaneAustralia
  2. 2.Department of Computer ScienceUniversity of SheffieldSheffieldUK

Personalised recommendations