Mechanically checked proofs of kernel specifications
This paper describes an experiment in the use of the Boyer-Moore logic to specify a non-finite state operating system kernel, and in the use of the Boyer-Moore theorem prover to prove the correctness of an implementation. The kernel specification had first been given in terms of a labeled transition system. It was transcribed into the Boyer-Moore logic so that an attempt could be made to mechanically check correctness proofs.
KeywordsKernel mechanical proof checking Boyer-Moore Theorem Prover stepwise development labeled transition systems safety properties
Unable to display preview. Download preview PDF.
- William R. Bevier. Kit: A study in operating system verification. IEEE Transactions on Software Engineering, 15(11):1368–81, November 1989.Google Scholar
- William R. Bevier, Jr. Warren A. Hunt, J Strother Moore, and William D. Young. An approach to systems verification. Journal of Automated Reasoning, 5(4):411–428, December 1989.Google Scholar
- R. S. Boyer and J. S. Moore. A Computational Logic Handbook, Academic Press, Boston, 1988.Google Scholar
- INMOS Limited. occam2 Reference Manual. Series in Computer Science. Prentice Hall, 1988.Google Scholar
- INMOS Limited. Transputer Instruction Set: A compiler writer's guide. Prentice Hall, 1988.Google Scholar
- Robin Milner. Communication and Concurrency. Series in Computer Science. Prentice Hall, 1989.Google Scholar
- G. D. Plotkin. An operational semantics for CSP. Formal Description of Programming Concepts-II, pages 199–225, 1983.Google Scholar
- Camilla Østerberg Rump and JØrgen F. SØgaard-Andersen. Specification and verification of kernels. Master's thesis, Department of Computer Science, Technical University of Denmark, August 1990.Google Scholar