The Experts below are selected from a list of 129 Experts worldwide ranked by ideXlab platform
Peter Gorm Larsen - One of the best experts on this subject based on the ideXlab platform.
-
Proof Obligation generation and discharging for recursive definitions in vdm
International Conference on Formal Engineering Methods, 2010Co-Authors: Augusto Ribeiro, Peter Gorm LarsenAbstract:A Proof Obligation is a theorem stating that a certain property must hold in order for a formal specification to be internally consistent. If a Proof Obligation can be proved, then the referred part in the specification is consistent. The generation of Proof Obligations to check for a specification's internal consistency is a concept that has been applicable in a VDM context for a long time. This work is extending the existing Proof Obligation generation capabilities with Proof Obligations for the termination of recursive functions. Those Proof Obligations can then automatically be moved over to HOL and the corresponding Proofs can be carried out in that framework. Depending upon the nature of the recursion, the discharge of these Proofs can be done automatically. This paper will categorise the different kinds of recursion.
-
ICFEM - Proof Obligation generation and discharging for recursive definitions in VDM
Formal Methods and Software Engineering, 2010Co-Authors: Augusto Ribeiro, Peter Gorm LarsenAbstract:A Proof Obligation is a theorem stating that a certain property must hold in order for a formal specification to be internally consistent. If a Proof Obligation can be proved, then the referred part in the specification is consistent. The generation of Proof Obligations to check for a specification's internal consistency is a concept that has been applicable in a VDM context for a long time. This work is extending the existing Proof Obligation generation capabilities with Proof Obligations for the termination of recursive functions. Those Proof Obligations can then automatically be moved over to HOL and the corresponding Proofs can be carried out in that framework. Depending upon the nature of the recursion, the discharge of these Proofs can be done automatically. This paper will categorise the different kinds of recursion.
-
a Proof Obligation generator for vdm sl
Formal Methods, 1997Co-Authors: Bernhard K Aichernig, Peter Gorm LarsenAbstract:In this paper an extension of the IFAD VDM-SL Toolbox with a Proof Obligation generator is described. Static type checking in VDM is undecidable in general and therefore the type checker must be incomplete. Hence, for the “difficult” parts introducing undecidability, it is up to the user to verify the consistency of a specification. Instead of providing error messages and warnings, the approach of generating Proof Obligations for the consistency of VDM-SL specifications is taken. The overall goal of this work is to automate the generation of Proof Obligations for VDM-SL. Proof Obligation generation has already been carried out for a number of related notations, but VDM-SL contains a number of challenging constructs (e.g. patterns, non-disjoint union types, and operations) for which new research is presented in this paper.
-
FME - A Proof Obligation Generator for VDM-SL
FME '97: Industrial Applications and Strengthened Foundations of Formal Methods, 1997Co-Authors: Bernhard K Aichernig, Peter Gorm LarsenAbstract:In this paper an extension of the IFAD VDM-SL Toolbox with a Proof Obligation generator is described. Static type checking in VDM is undecidable in general and therefore the type checker must be incomplete. Hence, for the “difficult” parts introducing undecidability, it is up to the user to verify the consistency of a specification. Instead of providing error messages and warnings, the approach of generating Proof Obligations for the consistency of VDM-SL specifications is taken. The overall goal of this work is to automate the generation of Proof Obligations for VDM-SL. Proof Obligation generation has already been carried out for a number of related notations, but VDM-SL contains a number of challenging constructs (e.g. patterns, non-disjoint union types, and operations) for which new research is presented in this paper.
Paul Caspi - One of the best experts on this subject based on the ideXlab platform.
-
a pvs Proof Obligation generator for lustre programs
International Conference on Logic Programming, 2000Co-Authors: Cecile Canovasdumas, Paul CaspiAbstract:This paper presents a tool for proving safety properties of Lustre programs in PVS, based on continuous induction. The tool applies off-line a repeated induction strategy and generates Proof Obligations left to PVS. We show on examples how it avoids some drawbacks of co-induction which needs to consider "absent elements" in the case of clocked streams.
-
LPAR - A PVS Proof Obligation generator for Lustre programs
Logic for Programming and Automated Reasoning, 1Co-Authors: Cécile Canovas-dumas, Paul CaspiAbstract:This paper presents a tool for proving safety properties of Lustre programs in PVS, based on continuous induction. The tool applies off-line a repeated induction strategy and generates Proof Obligations left to PVS. We show on examples how it avoids some drawbacks of co-induction which needs to consider "absent elements" in the case of clocked streams.
Mingsong Chen - One of the best experts on this subject based on the ideXlab platform.
-
an approach to proving Proof Obligation of hybrid event b based on differential invariants
Computer Software and Applications Conference, 2017Co-Authors: Jie Liu, Jing Liu, Miaomiao Zhang, Haiying Sun, Xiaohong Chen, Mingsong ChenAbstract:For modelling hybrid systems, we have extended Event B based on its framework with the differential event. The differential event describes continuous behaviors of hybrid systems by differential equations and evolution constraint, whose Proof Obligations provide dynamical properties of a model. In order to ensure the safety and reliability of a model, Proof Obligations should be proved. It is difficult to prove Proof Obligation in state space, because there is no a complete method to solve differential equations in the field of mathematics. Thus we proposed an approach to proving Proof Obligation based on differential invariants. It is to avoid uncontrollable computation on solving differential equation. The main result is that we prove some theorems for proving Proof Obligations involving differential events within the framework of refinement calculus. Lastly, through the case of the Train Control System, we further show that the approach is well suited.
-
COMPSAC (1) - An Approach to Proving Proof Obligation of Hybrid Event B Based on Differential Invariants
2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), 2017Co-Authors: Jie Liu, Jing Liu, Miaomiao Zhang, Haiying Sun, Xiaohong Chen, Mingsong ChenAbstract:For modelling hybrid systems, we have extended Event B based on its framework with the differential event. The differential event describes continuous behaviors of hybrid systems by differential equations and evolution constraint, whose Proof Obligations provide dynamical properties of a model. In order to ensure the safety and reliability of a model, Proof Obligations should be proved. It is difficult to prove Proof Obligation in state space, because there is no a complete method to solve differential equations in the field of mathematics. Thus we proposed an approach to proving Proof Obligation based on differential invariants. It is to avoid uncontrollable computation on solving differential equation. The main result is that we prove some theorems for proving Proof Obligations involving differential events within the framework of refinement calculus. Lastly, through the case of the Train Control System, we further show that the approach is well suited.
Jie Liu - One of the best experts on this subject based on the ideXlab platform.
-
an approach to proving Proof Obligation of hybrid event b based on differential invariants
Computer Software and Applications Conference, 2017Co-Authors: Jie Liu, Jing Liu, Miaomiao Zhang, Haiying Sun, Xiaohong Chen, Mingsong ChenAbstract:For modelling hybrid systems, we have extended Event B based on its framework with the differential event. The differential event describes continuous behaviors of hybrid systems by differential equations and evolution constraint, whose Proof Obligations provide dynamical properties of a model. In order to ensure the safety and reliability of a model, Proof Obligations should be proved. It is difficult to prove Proof Obligation in state space, because there is no a complete method to solve differential equations in the field of mathematics. Thus we proposed an approach to proving Proof Obligation based on differential invariants. It is to avoid uncontrollable computation on solving differential equation. The main result is that we prove some theorems for proving Proof Obligations involving differential events within the framework of refinement calculus. Lastly, through the case of the Train Control System, we further show that the approach is well suited.
-
COMPSAC (1) - An Approach to Proving Proof Obligation of Hybrid Event B Based on Differential Invariants
2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), 2017Co-Authors: Jie Liu, Jing Liu, Miaomiao Zhang, Haiying Sun, Xiaohong Chen, Mingsong ChenAbstract:For modelling hybrid systems, we have extended Event B based on its framework with the differential event. The differential event describes continuous behaviors of hybrid systems by differential equations and evolution constraint, whose Proof Obligations provide dynamical properties of a model. In order to ensure the safety and reliability of a model, Proof Obligations should be proved. It is difficult to prove Proof Obligation in state space, because there is no a complete method to solve differential equations in the field of mathematics. Thus we proposed an approach to proving Proof Obligation based on differential invariants. It is to avoid uncontrollable computation on solving differential equation. The main result is that we prove some theorems for proving Proof Obligations involving differential events within the framework of refinement calculus. Lastly, through the case of the Train Control System, we further show that the approach is well suited.
Bernhard K Aichernig - One of the best experts on this subject based on the ideXlab platform.
-
a Proof Obligation generator for vdm sl
Formal Methods, 1997Co-Authors: Bernhard K Aichernig, Peter Gorm LarsenAbstract:In this paper an extension of the IFAD VDM-SL Toolbox with a Proof Obligation generator is described. Static type checking in VDM is undecidable in general and therefore the type checker must be incomplete. Hence, for the “difficult” parts introducing undecidability, it is up to the user to verify the consistency of a specification. Instead of providing error messages and warnings, the approach of generating Proof Obligations for the consistency of VDM-SL specifications is taken. The overall goal of this work is to automate the generation of Proof Obligations for VDM-SL. Proof Obligation generation has already been carried out for a number of related notations, but VDM-SL contains a number of challenging constructs (e.g. patterns, non-disjoint union types, and operations) for which new research is presented in this paper.
-
FME - A Proof Obligation Generator for VDM-SL
FME '97: Industrial Applications and Strengthened Foundations of Formal Methods, 1997Co-Authors: Bernhard K Aichernig, Peter Gorm LarsenAbstract:In this paper an extension of the IFAD VDM-SL Toolbox with a Proof Obligation generator is described. Static type checking in VDM is undecidable in general and therefore the type checker must be incomplete. Hence, for the “difficult” parts introducing undecidability, it is up to the user to verify the consistency of a specification. Instead of providing error messages and warnings, the approach of generating Proof Obligations for the consistency of VDM-SL specifications is taken. The overall goal of this work is to automate the generation of Proof Obligations for VDM-SL. Proof Obligation generation has already been carried out for a number of related notations, but VDM-SL contains a number of challenging constructs (e.g. patterns, non-disjoint union types, and operations) for which new research is presented in this paper.
