Translation Validation: From DC+ to C

  • A. Pnueli
  • O. Shtrichman
  • M. Siegel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1641)


Translation validation is an alternative to the verification of translators (compilers, code generators). Rather than proving in advance that the compiler always produces a target code which correctly implements the source code (compiler verification), each individual translation (i.e. a run of the compiler) is followed by a validation phase which verifies that the target code produced on this run correctly implements the submitted source program. In order to be a practical alternative to compiler verification, a key feature of this validation is its full automation.

In this paper we demonstrate the feasibility of translation validation for industrial code generators from DC+ -a widely used intermediate format for synchronous languages- to C. We explain the compilation pattern from DC+ to C and advocate new abstraction techniques for a fragment of first order logic as part of the automation of our approach.


Function Symbol Proof Obligation Refinement Mapping Proof Rule Function Encode 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    M. Abadi and L. Lamport. The existence of refinement mappings. Theoretical Computer Science, 82(2), 1991.Google Scholar
  2. [2]
    A. Benviniste, P. Le Guernic, and C. Jacquemot. Synchronous programming with events and relations: the SIGNAL language. Science of Computer Programming, 16, 1991.Google Scholar
  3. [3]
    G. Berry and G. Gonthier. The ESTEREL synchronous programming language: Design, semantics, implementation. Science of Computer Programming, 19(2), 1992.Google Scholar
  4. [4]
    E. Börger, E. Grädel, and Y. Gurevich. The Classical Decision Problem. Springer, 1996.Google Scholar
  5. [5]
    P. Caspi, N. Halbwachs, P. Raymond, and D. Pilaud. The synchronous dataflow programming language LUSTRE. Proceedings of the IEEE, 79(9), 1991.Google Scholar
  6. [6]
    A. Cimatti, F. Giunchiglia, and P. Pecchiari et al. A provably correct embedded verifier for the certification of safety critical software. In CAV, number 1254 in LNCS. Springer, 1997.Google Scholar
  7. [7]
    The declarative code DC+. ESPRIT Project: SACRES, Project Report, 1997. Version 1.3.Google Scholar
  8. [8]
    Another look at real-time programming, volume 9 of Proc. of the IEEE, September 1991.Google Scholar
  9. [9]
    F. Maraninchi. Operational and compositional semantics of synchronous automata compositions. In Proceedings CONCUR, volume 630 of LNCS. Springer, 1992.CrossRefGoogle Scholar
  10. [10]
    A. Pnueli, M. Siegel, and O. Shtrichman. Translation validation for synchronous languages. In ICALP’ 98, LNCS. Springer-Verlag, 1998.Google Scholar
  11. [11]
    A. Pnueli, M. Siegel, and E. Singermann. Translation validation. In TACAS 98: Tools and Algorithms for the Construction and Analysis of Systems, LNCS. Springer-Verlag, 1998.Google Scholar
  12. [12]
    private communications with TNI (BREST), Siemens (Munich) and Inria (Rennes).Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • A. Pnueli
    • 1
  • O. Shtrichman
    • 1
  • M. Siegel
    • 1
  1. 1.Weizmann Institute of ScienceRehovotIsrael

Personalised recommendations