Tutorial on FDR and Its Applications
FDR  is a refinement checker for the process algebra CSP [2,4], based on that language’s well-established semantic models. FDR stands for Failures-Divergences Refinement, after the premier model. In common with many other model checkers, it works by “determinising” (or normalising) a specification and enumerating states in the cartesian product of this and the implementation. Unlike most, the specification and implementation are written in the same language. Under development by its creators, Formal Systems (a spin-off of the Computing Laboratory) since 1991, it now offers a range of state compression methods. On current workstations it can work at up to 20M states/hour with only a small degradation on moving to disc-based storage.
- 1.Formal Systems. FDR web site: http://www.formal.demon.co.uk/FDR2.html
- 2.Hoare, C.A.R.: Communicating Sequential Processes. Prentice Hall, Englewood Cliffs (1985) Google Scholar
- 3.Lowe, G.: Casper web site: http://www.mcs.le.ac.uk/~gl7/Security/Casper/
- 4.Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice Hall, Englewood Cliffs (1998) Google Scholar