Machine Checked Formal Proof of a Scheduling Protocol for Smartcard Personalization

  • Leonard Lensink
  • Sjaak Smetsers
  • Marko van Eekelen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4916)


Using PVS (Prototype Verification System), we prove that an industry designed scheduler for a smartcard personalization machine is safe and optimal. This scheduler has previously been the subject of research in model checked scheduling synthesis and verification. These verification and synthesis efforts had only been done for a limited number of personalization stations. We have created an executable model and have proven the scheduling algorithm to be optimal and safe for any number of personalization stations. This result shows that theorem provers can be successfully used for industrial problems in cases where model checkers suffer from state explosion.


verification theorem proving cyclic scheduling simulation PVS 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [GV04]
    Gebremichael, B., Vaandrager, F.W.: Control synthesis for a smart card personalization system using symbolic model checking. In: Larsen, K.G., Niebert, P. (eds.) FORMATS 2003. LNCS, vol. 2791, pp. 189–203. Springer, Heidelberg (2004)Google Scholar
  2. [HKW05]
    Harel, D., Kugler, H., Weiss, G.: Some methodological observations resulting from experience using lscs and the play-in/play-out approach. In: Leue, S., Systä, T.J. (eds.) Scenarios: Models, Transformations and Tools. LNCS, vol. 3466, pp. 26–42. Springer, Heidelberg (2005)Google Scholar
  3. [JSS07]
    Jacobs, B., Smetsers, S., Schreur, R.W.: Code-carrying theories. Formal Aspects of Computing 19(2), 191–203 (2007)zbMATHCrossRefGoogle Scholar
  4. [Mad04]
    Mader, A.H.: Deriving schedules for a smart card personalisation system. Technical Report TR-CTIT-04-05, University of Twente, Enschede (January 2004)Google Scholar
  5. [Muñ03]
    Muñoz, C.: Rapid prototyping in PVS. Report NIA Report No. 2003-03, NASA/CR-2003-212418, NIA-NASA Langley, National Institute of Aerospace, Hampton, VA (May 2003)Google Scholar
  6. [Nie04]
    Nieberg, T.: On cyclic plans for scheduling a smart card personalisation system. Technical Report TR-CTIT-04-01, Centre for Telematics and Information Technology, University of Twente, Enschede (January 2004)Google Scholar
  7. [ORS92]
    Owre, S., Rushby, J.M., Shankar, N.: PVS: A prototype verification system. In: Kapur, D. (ed.) CADE 1992. LNCS, vol. 607, pp. 748–752. Springer, Heidelberg (1992)Google Scholar
  8. [RSS95]
    Rajan, S., Shankar, N., Srivas, M.K.: An integration of model-checking with automated proof checking. In: Wolper, P. (ed.) CAV 1995. LNCS, vol. 939, pp. 84–97. Springer, Heidelberg (1995)Google Scholar
  9. [Ruy03]
    Ruys, T.C.: Optimal scheduling using branch and bound with spin 4.0. In: Ball, T., Rajamani, S.K. (eds.) SPIN 2003. LNCS, vol. 2648, pp. 1–17. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. [vHPPR98]
    von Henke, F., Pfab, S., Pfeifer, H., Rueß, H.: Case studies in meta-level theorem proving. In: Grundy, J., Newey, M. (eds.) TPHOLs 1998. LNCS, vol. 1479, pp. 461–478. Springer, Heidelberg (1998)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Leonard Lensink
    • 1
  • Sjaak Smetsers
    • 1
  • Marko van Eekelen
    • 1
  1. 1.Institute for Computing and Information SciencesRadboud University NijmegenThe Netherlands

Personalised recommendations