The Importance of Non-theorems and Counterexamples in Program Verification

  • Graham Steel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4171)


We argue that the detection and refutation of non-theorems, and the discovery of appropriate counterexamples, is of vital importance to the Grand Challenge of a Program Verifier.


Model Check Grand Challenge Proof Obligation Model Check Problem Predicate Abstraction 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ahrendt, W.: Deductive search for errors in free data type specifications using model generation. In: Voronkov, A. (ed.) CADE 2002. LNCS (LNAI), vol. 2392, Springer, Heidelberg (2002)Google Scholar
  2. 2.
    Ball, T., Cook, B., Lahiri, S., Zhang, L.: Zapato: Automatic theorem proving for predicate abstraction refinement. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 457–461. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Ball, T., Rajamani, S.: The SLAM toolkit. In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Basin, D., Mödersheim, S., Viganò, L.: An on-the-fly model-checker for security protocol analysis. In: Proceedings of the, European Symposium on Research in Computer Security, pp. 253–270, 2003. Extended version available as Technical Report 404, ETH Zurich (2003)Google Scholar
  5. 5.
    Berghofer, S., Nipkow, T.: Random testing in Isabelle/HOL. In: 2nd International Conference on Software Engineering and Formal Methods (SEFM 2004), pp. 230–239 (2004)Google Scholar
  6. 6.
    Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement for symbolic model checking. Journal of the Association for Computing Machinery 50(5), 752–794 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Comon, H., Nieuwenhuis, R.: Induction = I-Axiomatization + First-Order Consistency. Information and Computation 159(1-2), 151–186 (2000)MathSciNetCrossRefzbMATHGoogle Scholar
  8. 8.
    Dennis, L.A.: The use of proof planning critics to diagnose errors in the base cases of recursive programs. In: Basin, D., Rusinowitch, M. (eds.) IJCAR 2004. LNCS (LNAI), vol. 3097, pp. 47–58. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Jackson, D.: Alloy: a lightweight object modelling notation. ACM Transactions on Software Engineering and Methodology (TOSEM) 11(2), 256–290 (2002)CrossRefGoogle Scholar
  10. 10.
    McCune, W.: A Davis Putnam program and its application to finite first order model search. Technical report, Argonne National Laboratory (1994)Google Scholar
  11. 11.
    Monroy, R.: Predicate synthesis for correcting faulty conjectures: The proof planning paradigm. In: Automated Software Engineering, pp. 247–269 (2003)Google Scholar
  12. 12.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  13. 13.
    Paulson, L.: The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security 6, 85–128 (1998)CrossRefGoogle Scholar
  14. 14.
    Pike, L., Miner, P., Torres, W.: Model checking failed conjectures in theorem proving: a case study. Technical Report NASA/TM–2004–213278, NASA Langley Research Center (November 2004),
  15. 15.
    Press, W., Teukolsky, S., Vetterling, W., Flannery, B.: Numerical Recipes in C: The Art of Scientific Computing. Cambridge University Press, Cambridge (1992)zbMATHGoogle Scholar
  16. 16.
    Protzen, M.: Disproving conjectures. In: Kapur, D. (ed.) 11th Conference on Automated Deduction, Saratoga Springs, NY, USA, June 1992. Springer Lecture Notes in Artificial Intelligence, vol. (607), pp. 340–354. Springer, Heidelberg (1992)Google Scholar
  17. 17.
    Reif, W., Schellhorn, G., Thums, A.: Flaw detection in formal specifications. In: Goré, R.P., Leitsch, A., Nipkow, T. (eds.) IJCAR 2001. LNCS (LNAI), vol. 2083, Springer, Heidelberg (2001)CrossRefGoogle Scholar
  18. 18.
    Slaney, J.: FINDER: Finite Domain Enumerator. In: Australian National University (1995),
  19. 19.
    Steel, G., Bundy, A.: Attacking group multicast key management protocols using CORAL. Electronic Notes in Theoretical Computer Science (ENTCS) 125(1), 125–144 (2004) (Also available as Informatics Research Report EDI-INF-RR-0241. Presented at the ARSPA workshop 2004) CrossRefzbMATHGoogle Scholar
  20. 20.
    Steel, G., Bundy, A., Maidl, M.: Attacking a protocol for group key agreement by refuting incorrect inductive conjectures. In: Basin, D., Rusinowitch, M. (eds.) IJCAR 2004. LNCS (LNAI), vol. 3097, pp. 137–151. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  21. 21.
    Weber, T.: Bounded model generation for Isabelle/HOL. In: Basin, D., Rusinowitch, M. (eds.) IJCAR 2004. LNCS (LNAI), vol. 3097, pp. 27–36. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Graham Steel
    • 1
  1. 1.School of InformaticsUniversity of EdinburghEdinburghScotland

Personalised recommendations