One of the most challenging tasks in software specifications engineering for a multi-agent system is to ensure correctness. As these systems have high concurrency, often have dynamic environments, the formal specification and verification of these systems along with step-wise refinement from abstract to concrete concepts play major role in system correctness. Our objectives are the formal speci...

For modular verification of object-oriented programs, it is necessary to constrain what may be changed by a method in addition to how it is changed. Doing so with the classical means of preand postconditions is cumbersome, and even impossible if the program context is not entirely known. Therefore, specifications make use of an additional construct, known as a “frame property” or “modifies clau...

The data and temporal abstractions of a pipelined case study are explored in an algebraic setting. We apply a set of algebraic tools for modelling microprocessors to the specification, pipelined implementation, and formal verification of an abstract case study. We employ a model of time based on counting events by means of a clock. We model systems as iterated maps that evolve over time from so...

Much automatic pipeline verification research of the last decade has been based on some form of “Burch-Dill flushing” [BD94]. In this work, we study synchronization-at-retirement, an alternative formulation of correctness for pipelines. In this formulation, the proof obligations can also be verified automatically but have significantly-reduced verification complexity compared to flushing. We pr...

We present a behavioral semantics of SystemC that succinctly captures its reactive features, clock and time references, macroand micro-time model, and allows the specification of a network of synchronous and asynchronous components communicating through either high-level transactions or low-level signal and event communications. The proposed semantic framework demonstrates the anomalies introdu...

In [5] we build a formal verification technique for game based correctness proofs of cryptograhic algorithms based on a probabilistic Hoare style logic [10]. An important step towards enabling mechanized verification within this technique is an axiomatization of implication between predicates which is purely semantically defined in [10]. In this paper we provide an axiomatization and illustrate...

In this paper we describe the formal specification and verification of the efficient algorithm for real-time model checking implemented in the model checker RAVEN. It was specified and proved using the KIV system. We demonstrate how to decompose the correctness proof into several independent subtasks and indicate the corresponding verification efforts. The formal verification revealed some erro...

In this paper, we present our approach on testing a particular verification system that is industrially used to generate mathematical proofs of the correctness of C programs. Normally, the tools used in such a verification process are seldomly verified nor thoroughly tested, and their correctness is taken for granted. Our approach to obtain assurance in such tools does not rely on the knowledge...

We present a method to convert (i) an operational semantics for a given machine language, and (ii) an off-the-shelf theorem prover, into a high assurance verification condition generator (VCG). Given a program annotated with assertions at cutpoints, we show how to use the theorem prover directly on the operational semantics to generate verification conditions analogous to those produced by a cu...

Abstract State Machines (ASMs, for short) provide a practical new computational model which has been applied in the area of software engineering for systems design and analysis. However, reasoning about ASM models occurs, not within a formal deductive system, but basically in the classical informal proofs style of mathematics. Several formal verification approaches for proving correctness of AS...