Formal Aspects of Computing

, Volume 20, Issue 1, pp 117–139

Mechanising Mondex with Z/Eves

Original Article

DOI: 10.1007/s00165-007-0059-y

Cite this article as:
Freitas, L. & Woodcock, J. Form Asp Comp (2008) 20: 117. doi:10.1007/s00165-007-0059-y


We describe our experiences in mechanising the specification, refinement, and proof of the Mondex Electronic Purse using the Z/Eves theorem prover. We took a conservative approach and mechanised the original LaTEX sources without changing their technical content, except to correct errors. We found problems in the original specification and some missing invariants in the refinements. Based on these experiences, we present novel and detailed guidance on how to drive Z/Eves successfully. The work contributes to the Repository for the Verified Software Grand Challenge.


Correctness Electronic finance Grand challenges Grand Challenge in Verified Software Mondex Refinement Security Smart cards Software archaeology Theorem proving Verification Verified Software Repository Z/Eves Z notation 

Copyright information

© British Computer Society 2007

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of YorkHeslington, YorkUK

Personalised recommendations