Journal of Automated Reasoning

, Volume 45, Issue 4, pp 359–395 | Cite as

Automated Flaw Detection in Algebraic Specifications

  • Andriy DunetsEmail author
  • Gerhard Schellhorn
  • Wolfgang Reif


In interactive theorem proving practice a significant amount of time is spent on unsuccessful proof attempts of wrong conjectures. An automatic method that reveals them by generating finite counter examples would offer an extremely valuable support for a proof engineer by saving his time and effort. In practice, such counter examples tend to be small, so usually there is no need to search for big instances. Most definitions of functions or predicates on infinite structures do not preserve the semantics if a transition to arbitrary finite substructures is made. We propose constraints which guarantee a correct axiomatization on finite structures and present an approach which uses the Alloy Analyzer to generate finite instances of theories in the theorem prover KIV. It is evaluated on the library of basic data types as well as on some challenging case studies in KIV. The technique is implemented using the Kodkod constraint solver which is a successor of Alloy.


Algebraic specifications Abstract data types First-order logic Theorem proving SAT checking Finite models Formal methods 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ahrendt, W.: Deductive search for errors in free data type specifications using model generation. In: Voronkov, A. (ed.) 18th International Conference on Automated Deduction. LNCS, vol. 2392. Springer, New York (2002)Google Scholar
  2. 2.
    Ahrendt, W., Beckert, B., Hähnle, R., Menzel, W., Reif, W., Schellhorn, G., Schmitt, P.: Integrating automated and interactive theorem proving. In: Bibel, W., Schmitt, P. (eds.) Automated Deduction—a Basis for Applications. Kluwer Academic, Dordrecht (1998)Google Scholar
  3. 3.
    Balser, M., Bäumler, S., Reif, W., Schellhorn, G.: Interactive verification of concurrent systems using symbolic execution. In: Proceedings of 7th International Workshop of Implementation of Logics (IWIL 08) (2008)Google Scholar
  4. 4.
    Balser, M.: Verifying Concurrent Systems with Symbolic Execution. PhD thesis, Universität Augsburg, Fakultät für Informatik (2005)Google Scholar
  5. 5.
    Balser, M., Bäumler, S., Knapp, A., Reif, W., Thums, A.: Interactive verification of UML state machines. In: ICFEM, pp. 434–448 (2004)Google Scholar
  6. 6.
    Claessen, K.: Equinox, a new theorem prover for full first-order logic with equality. Presentation at Dagstuhl Seminar 05431 on Deduction and Applications (2005)Google Scholar
  7. 7.
    Claessen, K., Sörensson, N.: New techniques that improve MACE-style model finding. In: Proc. of Workshop on Model Computation (MODEL) (2003)Google Scholar
  8. 8.
    Dijkstra, E.W.: A Discipline of Programming, chapter 14. Prentice-Hall, Englewood Cliffs (1976)Google Scholar
  9. 9.
    Dunets, A., Schellhorn, G., Reif, W.: Automating algebraic specifications of non-freely generated data types. In: Cha et al. (eds.) ATVA. Lecture Notes in Computer Science, vol. 5311, pp. 141–155. Springer, New York (2008)Google Scholar
  10. 10.
    Dunets, A., Schellhorn, G., Reif, W.: Bounded relational analysis of free data types. In: Beckert, B., Hähnle, R. (eds.) TAP. Lecture Notes in Computer Science, vol. 4966, pp. 99–115. Springer, New York (2008)Google Scholar
  11. 11.
    Ehrig, H., Mahr, B.: Fundamentals of Algebraic Specification. Springer, Heidelberg (1985)zbMATHGoogle Scholar
  12. 12.
    Ehrig, H., Mahr, B.: Algebraic techniques in software development: a review of progress up to the mid nineties. In: Current Trends in Theoretical Computer Science, pp. 134–152 (2001)Google Scholar
  13. 13.
    Harel, D., Kozen, D., Tiuryn, J.: Dynamic Logic. MIT, Cambridge (2000)zbMATHGoogle Scholar
  14. 14.
    Harris, T.L.: A pragmatic implementation of non-blocking linked-lists. In: Lecture Notes in Computer Science, pp. 300–314. Springer, New York (2001)Google Scholar
  15. 15.
    Harrison, J.: Inductive definitions: automation and application. In: TPHOLs, pp. 200–213 (1995)Google Scholar
  16. 16.
    Heller, S., Herlihy, M., Luchangco, V., Moir, M., Scherer III, W.N., Shavit, N.: A lazy concurrent list-based set algorithm. In: OPODIS, pp. 3–16 (2005)Google Scholar
  17. 17.
    Jackson, D.: Automating first-order relational logic. In: Proceedings of the 8th ACM SIGSOFT Symposium, pp. 130–139. ACM, New York (2000)Google Scholar
  18. 18.
    Jackson, D.: Software Abstractions: Logic, Language, and Analysis. MIT, Cambridge (2006)Google Scholar
  19. 19.
    Web presentation of the linearizability case study. URL:
  20. 20.
    Kuncak, V., Jackson, D.: Relational analysis of algebraic datatypes. In: Proceedings of the 13th ACM SIGSOFT Symposium (2005)Google Scholar
  21. 21.
    McCune, W.: Mace4 Reference Manual and Guide. Argonne National Laboratory, Argonne (2003)Google Scholar
  22. 22.
    McCune, W.: Prover9 Manual. Argonne National Laboratory, Argonne (2008)Google Scholar
  23. 23.
    Meng, J., Quigley, C., Paulson, L.C.: Automation for interactive proof: first prototype. Inf. Comput. 204(10), 1575–1596 (2006)zbMATHCrossRefMathSciNetGoogle Scholar
  24. 24.
    Moskewicz, M.W., Madigan, C.F., Zhao, Y., Zhang, L., Malik, S.: Chaff: engineering an efficient SAT solver. In: In Dac ’01: Proceedings of the 38th Conference on Design Automation, pp. 530–535. ACM, New York (2001)CrossRefGoogle Scholar
  25. 25.
    Mosses, P.D.: CASL Reference Manual, The Complete Documentation of the Common Algebraic Specification Language. In: Lecture Notes in Computer Science, vol. 2960. Springer, New York (2004)Google Scholar
  26. 26.
    Owre, S., Rushby, J.M., Shankar, N.: PVS: a prototype verification system. In: Kapur, D. (ed.) 11th International Conference on Automated Deduction (CADE). Lecture Notes in Artificial Intelligence, vol. 607, pp. 748–752. Springer, Saratoga (1992)Google Scholar
  27. 27.
    Paulson, L.C.: Isabelle—a Generic Theorem Prover (with a contribution by T. Nipkow). In: Lecture Notes in Computer Science, vol. 828. Springer, New York (1994)Google Scholar
  28. 28.
    Pike, L., Miner, P., Torres-Pomales, W.: Diagnosing a failed proof in fault-tolerance: a disproving challenge problem. In: DISPROVING 2006 Participants’ Proceedings, pp. 24–33 (2006)Google Scholar
  29. 29.
    Ramananandro, T.: Mondex, an electronic purse : specification and refinement checks with the Alloy model-finding method. Form. Asp. Comput. 20(1), 21–39 (2008)CrossRefGoogle Scholar
  30. 30.
    Reif, W., Schellhorn, G., Stenzel, K., Balser, M.: Structured specifications and interactive proofs with KIV. In: Bibel, W., Schmitt, P. (eds.) Automated Deduction—a Basis for Applications, vol. II: Systems and Implementation Techniques, chapter 1: Interactive Theorem Proving, pp. 13–39. Kluwer Academic, Dordrecht (1998)Google Scholar
  31. 31.
    Reif, W.: Korrektheit von Spezifikationen und generischen Moduln. Ph.D. thesis, Universität Karlsruhe, Germany (1991) (in German)Google Scholar
  32. 32.
    Reif, W., Schellhorn, G.: Theorem proving in large theories. In: Bibel, W., Schmitt, P. (eds.) Automated Deduction—a Basis for Applications, vol. III, 2. Kluwer Academic, Dordrecht (1998)Google Scholar
  33. 33.
    Reif, W., Schellhorn, G., Stenzel, K.: Interactive correctness proofs for software modules using KIV. In: COMPASS’95—Tenth Annual Conference on Computer Assurance. IEEE, Gaithersburg (1995)Google Scholar
  34. 34.
    Reif, W., Schellhorn, G., Thums, A.: Flaw detection in formal specifications. In: IJCAR, pp. 642–657 (2001)Google Scholar
  35. 35.
  36. 36.
    Schellhorn, G., Ahrendt, W.: The WAM case study: verifying compiler correctness for prolog with KIV. In: Bibel, W., Schmitt, P. (eds.) Automated Deduction—a Basis for Applications, vol. III: Applications, chapter 3: Automated Theorem Proving in Software Engineering, pp. 165–194. Kluwer Academic, Dordrecht (1998)Google Scholar
  37. 37.
    Slaney, J.K.: Finder: finite domain enumerator—system description. In: CADE, pp. 798–801 (1994)Google Scholar
  38. 38.
    Stenzel, K.: A formally verified calculus for full Java Card. In: Rattray, C., Maharaj, S., Shankland, C. (eds.) AMAST. Lecture Notes in Computer Science, vol. 3116, pp. 491–505. Springer, New York (2004)Google Scholar
  39. 39.
    Torlak, E., Jackson, D.: Kodkod: a relational model finder. In: TACAS, pp. 632–647 (2007)Google Scholar
  40. 40.
    Weber, T.: SAT-Based Finite Model Generation for Higher-Order Logic. Ph.D. thesis, Institut für Informatik, Technische Universität München, Germany (2008)Google Scholar
  41. 41.
    Zhang, J., Zhang, H.: SEM: a system for enumerating models. In: Proceedings of the 14th International Joint Conference on Artificial Intelligence (IJCAI), pp. 298–303. Morgan Kaufmann, San Mateo (1995)Google Scholar

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  • Andriy Dunets
    • 1
    Email author
  • Gerhard Schellhorn
    • 1
  • Wolfgang Reif
    • 1
  1. 1.Institute for Software and Systems EngineeringUniversity of AugsburgAugsburgGermany

Personalised recommendations