Reasoning about Liveness Properties in Event-B
نویسندگان
چکیده
Event-B is a formal method which is widely used in modelling safety critical systems. So far, the main properties of interest in Event-B are safety related. Even though some liveness properties, e,g, termination, are already within the scope of Event-B, more general liveness properties, e.g. progress or persistence, are currently unsupported. We present in this paper proof rules to reason about important classes of liveness properties. We illustrate our proof rules by applying them to prove liveness properties of realistic examples. Our proof rules are based on several proof obligations that can be implemented in a tool support such as the Rodin platform.
منابع مشابه
Managing LTL Properties in Event-B Refinement
Refinement in Event-B supports the development of systems via proof based step-wise refinement of events. This refinement approach ensures safety properties are preserved, but additional reasoning is required in order to establish liveness and fairness properties. In this paper we present results which allow a closer integration of two formal methods, Event-B and linear temporal logic. In parti...
متن کاملOn the Refinement of Liveness Properties of Distributed Systems1
We present a new approach for reasoning about liveness properties of distributed systems, represented as automata. Our approach is based on simulation relations, and requires reasoning only over finite execution fragments. Current simulation-relation based methods for reasoning about liveness properties of automata require reasoning over entire executions, since they involve a proof obligation ...
متن کاملOn the Refinement of Liveness Properties of Distributed Systems
We present a new approach for reasoning about liveness properties of distributed systems, represented as automata. Our approach is based on simulation relations, and requires reasoning only over finite execution fragments. Current simulation-relation based methods for reasoning about liveness properties of automata require reasoning over entire executions, since they involve a proof obligation ...
متن کاملLiveness-Preserving Simulation Relations1
We present a simulation-based proof method for liveness properties. Our method is based on simulation relations LV93] that relate the liveness properties of an implementation to those of the speciication. Even though reasoning about liveness is usually associated with reasoning over entire executions, variant functions, fairness etc., our method requires reasoning over individual states/transit...
متن کاملCircular Compositional Reasoning about Liveness
Compositional proofs about systems of many components often involve apparently circular arguments. That is, correctness of component A must be assumed when verifying component B, and vice versa. The apparent circularity of such arguments can be resolved by induction over time. However, previous methods for such circular compositional reasoning apply only to safety properties. This paper present...
متن کامل