BSP-Why: a Tool for Deductive Verification of BSP Programs; Machine-checked semantics and application to distributed state-space algorithms

This thesis falls within the formal verification of parallel programs. The aim of formal verifi-cation is to ensure that a program will run as it should, without making mistakes, blocking, or terminatingabnormally. This is even more important in the parallel computation field, where the cost of calculationscan be very high. The bsp model (Bulk Synchronous Parallelism) is a model of parallelism well suitedfor the use of formal methods. It guarantees a structure in the parallel program, by organising it intosuper-steps, each of them consisting in a phase of computations, followed by communications between theprocesses. In this thesis, we chose to extend an existing tool to adapt it for the proof of bsp programs.We based our work on why, a vcg (verification condition generator) that has the advantage of beingable to interface with several automatic provers and proof assistants to discharge the proof obligations.There are multiple contributions in this thesis. In a first part, we present a comparison of the existing bsplibraries, in order to show the most used bsp primitives, which are the most interesting to formalise. Wethen present bsp-why, our tool for the proof of bsp programs. This tool generates a sequential programto simulate the parallel program in input, thus allowing the use of why and the numerous associatedprovers to solve the proof obligations. We then show how bsp-why can be used to prove the correctnessof some basic bsp algorithms. We also present a more complex example, the generation of the state-space(model-checking) of systems, especially for security protocols. Finally, in order to ensure the greatestconfidence in the bsp-why tool, we give a formalisation of the language semantics, in the coq proofassistant. We also prove the correctness of the transformation used to go from a parallel program to asequential program.