Automatic Verification of TLA + Proof Obligations with SMT Solvers
TLA + is a formal specification language that is based on ZF set theory and the Temporal Logic of Actions TLA. The TLA + proof system tlaps assists users in deductively verifying safety properties of TLA + specifications. tlaps is built around a proof manager, which interprets the TLA + proof language, generates corresponding proof obligations, and passes them to backend verifiers. In this paper we present a new backend for use with SMT solvers that supports elementary set theory, functions, arithmetic, tuples, and records. Type information required by the solvers is provided by a typing discipline for TLA + proof obligations, which helps us disambiguate the translation of expressions of (untyped) TLA + , while ensuring its soundness. Preliminary results show that the backend can help to significantly increase the degree of automation of certain interactive proofs.
KeywordsFunction Symbol Proof Obligation Type Inference Input Language Type Assignment
Unable to display preview. Download preview PDF.
- 1.Barrett, C., Stump, A., Tinelli, C.: The SMT-LIB standard: Version 2.0. In: Gupta, A., Kroening, D. (eds.) Satisfiability Modulo Theories (SMT 2010), Edinburgh, UK (2010), http://www.SMT-LIB.org
- 8.Dutertre, B., de Moura, L.: The Yices SMT solver. Tool Paper (2006), http://yices.csl.sri.com/tool-paper.pdf
- 10.Lamport, L.: Specifying Systems: The TLA + Language and Tools for Hardware and Software Engineers. Addison-Wesley, Boston (2002)Google Scholar
- 12.Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., McCune, J.M.: Memoir: Practical state continuity for protected modules. In: IEEE Symp. Security and Privacy, Berkeley, California, U.S.A., 2011. IEEE Computer Society. Formal Specifications and Correctness Proofs: Tech. Report, Microsoft Research (February 2011)Google Scholar