Verification with Temporal Logic

In Sections 3.8 and 3.9 we showed how to use assertions to specify and verify correctness properties of concurrent programs written in PROMELA. However, assertions are not sufficient to specify and verify most correctness properties of models. This chapter presents linear temporal logic (LTL), which is the formal logic used for verification in SPIN.1 We start with an informal description of correctness properties more advanced than assertions. This is followed by an introduction to the syntax and semantics of LTL, an explanation of how to specify correctness properties in LTL, and a description of the techniques for using SPIN to verify that an LTL formula holds for a model. Section 5.9 gives an overview of more advanced ways of expressing properties in temporal logic. For a definitive treatment of LTL, see [16, 17].


Temporal Logic Critical Section Mutual Exclusion Linear Temporal Logic Safety Property 
