Mechanical Verification of Fault Tolerant Architecture in a Prototype Verification System

In this paper, we present an approach to embed our formal Generic Fault Tolerant Software Architecture (GFTSA) model in the PVS theorem prover to achieve automatic verification support for reasoning about fault tolerant system properties. In order to make the verification process more efficient and systematic, we also propose a template approach for the auto-generation of specifications and proof obligations at the customized system level from the GFTSA. By customizing the template, we not only can produce the formal models of specific GFTSA systems in PVS, but also the proofs scripts for the fault tolerant properties of such systems. Based on the produced model and proof scripts, we are able to mechanically verify the fault tolerant properties in a batch mode using ProofLite. A case study of an Electronic Power System (EPS) is presented to illustrate the customization process and mechanical verification.