Formal Verification of software

SysML diagrams are significant medium using for supporting software lifecycle management. The existing TBFV method is designed for error detection with full automation efficiency, only for code. For verifying the correctness of SysML diagram, we applying TBFV method into SysML diagram. In this paper, we propose a novel technique that makes use of Hoare Logic and testing to verify whether the SysML diagrams meet the requirement, called TBFV-M. This research can improve the correctness of SysML diagram, which is likely to significantly affect the reliability of the implementation. A case study is conducted to show its feasibility and used to illustrate how the proposed method is applied; and discussion on potential challenges to TBFV-M is also presented.

The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply, even in the absence of a specific statement, that such names are exempt from the relevant protective laws and regulations and therefore free for general use.

This work presents a mechanically verified implementation of an algorithm for deciding the (in-)equivalence of Kleene algebra with tests (KAT) terms. This mechanization was carried out in the Coq proof assistant. The algorithm decides KAT terms equivalence through an iterated process of testing the equivalence of their partial derivatives. It is a purely syntactical decision procedure and so, it does not construct the underlying automata. The motivation for this work comes from the possibility of using KAT encoding of propositional Hoare logic for reasoning about the partial correctness of imperative programs. * This work was partially funded by the European Regional Development Fund through the programme COMPETE and by the FundaÃğÃčo para a CiÃłncia e Tecnologia (FCT) under project CANTE-PTDC/EIA-CCO/101904/2008. † This work was partially funded by the European Regional Development Fund through the programme COMPETE and by the FundaÃğÃčo para a CiÃłncia e Tecnologia (FCT) under project CANTE-PTDC/EIA-CCO/101904/2008.

Kleene algebra [1],(KA) normally called the algebra of regular events, is an algebraic system that axiomatically captures properties of several important structures arising in Computer Science, and has been applied in several contexts like automata and formal languages, semantics and logic of programs, design and analysis of algorithms, among others. Kleene algebra with tests (KAT)[2] extends KA with an embedded Boolean algebra and is particularly suited for the formal verification of propositional programs. In ...

Kleene algebra (KA) is an algebraic system that captures properties of several important structures arising in Computer Science like automata and formal languages, among others. In this paper we present a formalization of regular languages as a KA in the Coq theorem prover. In particular, we describe the implementation of an algorithm for deciding regular expressions equivalence based on the notion of derivative. We envision the usage of (an extension of) our formalization as the formal system in which we can ...

Synchronous Kleene algebra (SKA) is a decidable framework that combines Kleene algebra (KA) with a synchrony model of concurrency. Elements of SKA can be seen as processes taking place within a fixed discrete time frame and that, at each time step, may execute one or more basic actions or then come to a halt. The synchronous Kleene algebra with tests (SKAT) combines SKA with a Boolean algebra. Both algebras were introduced by Prisacariu, who proved the decidability of the equational theory, through a Kleene theorem based on the classical Thompson ε-NFA construction. Using the notion of partial derivatives, we present a new decision procedure for equivalence between SKA terms. The results are extended for SKAT considering automata with transitions labeled by Boolean expressions instead of atoms. This work continous previous research done for KA and KAT, where derivative based methods were used in feasible algorithms for testing terms equivalence.

This paper presents a mechanically verified implementation of an algorithm for deciding the equivalence of Kleene algebra terms within the Coq proof assistant. The algorithm decides equivalence of two given regular expressions through an iterated process of testing the equivalence of their partial derivatives and does not require the construction of the corresponding automata. Recent theoretical and experimental research provides evidence that this method is, on average, more efficient than the classical methods based in automata. We present some performance tests, comparisons with similar approaches, and also introduce a generalization of the algorithm to decide the equivalence of terms of Kleene algebra with tests. The motivation for the work presented in this paper is that of using the libraries developed as trusted frameworks for carrying out certified program verification.

This paper presents a mechanically verified implementation of an algorithm for deciding the equivalence of Kleene algebra terms within the Coq proof assistant. The algorithm decides equivalence of two given regular expressions through an iterated process of testing the equivalence of their partial derivatives and does not require the construction of the corresponding automata. Recent theoretical and experimental research provides evidence that this method is, on average, more efficient than the classical methods based in automata. We present some performance tests, comparisons with similar approaches, and also introduce a generalization of the algorithm to decide the equivalence of terms of Kleene algebra with tests. The motivation for the work presented in this paper is that of using the libraries developed as trusted frameworks for carrying out certified program verification.

In this paper we present a mechanically verified implementation of an algorithm for deciding regular expression (in-)equivalence within the Coq proof assistant. This algorithm is a version of a functional algorithm proposed by Almeida et al. which decides regular expression equivalence through an iterated process of testing the equivalence of their partial derivatives. In particular, this algorithm has a refutation step which improves the process of checking if two regular expressions are not equivalent.

In this article we describe an implementation of Kleene algebra with tests (KAT) in the Coq theorem prover. KAT is an equational system that has been successfully applied in program verification and, in particular, it subsumes the propositional Hoare logic (PHL). We also present an PHL encoding in KAT, by deriving its deduction rules as theorems of KAT. Some examples of simple program's formal correctness are given. This work is part of a study of the feasibility of using KAT in the automatic production of certificates in the context of (source-level) Proof-Carrying-Code (PCC). .

In this paper we present a mechanically verified implementation of an algorithm for deciding regular expression (in-)equivalence within the Coq proof assistant. This algorithm is a version of a functional algorithm proposed by Almeida et al. which decides regular expression equivalence through an iterated process of testing the equivalence of their partial derivatives. In particular, this algorithm has a refutation step which improves the process of checking if two regular expressions are not equivalent.

The partial derivative automaton (A pd) is usually smaller than other non-deterministic finite automata constructed from a regular expression, and it can be seen as a quotient of the Glushkov automaton (Apos). By estimating the number of regular expressions that have ε as a partial derivative, we compute a lower bound of the average number of mergings of states in Apos and describe its asymptotic behaviour. This depends on the alphabet size, k, and its limit, as k goes to infinity, is 1 2. The lower bound corresponds exactly to consider the A pd automaton for the marked version of the regular expression, i.e. where all its letters are made different. Experimental results suggest that the average number of states of this automaton, and of the A pd automaton for the unmarked regular expression, are very close to each other.

In this paper we present a mechanically verified implementation of an algorithm for deciding regular expression (in-)equivalence within the Coq proof assistant. This algorithm is a version of a functional algorithm proposed by Almeida et al. which decides regular expression equivalence through an iterated process of testing the equivalence of their partial derivatives. In particular, this algorithm has a refutation step which improves the process of checking if two regular expressions are not equivalent.

There have been studies that analyse and apply input space partitioning by categorising them into classes such as equivalence partitioning, boundary value testing, category partitions, domain testing, classification trees, etc. This paper proposes a new algorithm for automated input domain modeling with randomised test case generation in a classification tree adhering to some Lie-algebraic structures using a scalable parallelised framework of second-order cellular automata that encompasses a large number of test cases simultaneously. As a proof of concept, this computational system is compared to a physical system described by a Yang-Mills theory of hypothetical quanta of certain gauge-invariant fields that follow the symmetries followed by the Lie algebras considered, in the foreground of the chaotic system as a continuum limit of the cellular automata, and the test cases are compared to the corresponding Feynman diagrams. Brief complexity analyses and brief analogies between the p...

Extended regular expressions (with complement and intersection) are used in many applications due to their succinctness. In particular, regular expressions extended with intersection only (also called semi-extended) can already be exponentially smaller than standard regular expressions or equivalent nondeterministic finite automata (NFA). For practical purposes it is important to study the average behaviour of conversions between these models. In this paper, we focus on the conversion of regular expressions with intersection to nondeterministic finite automata, using partial derivatives and the notion of support. First, we give a tight upper bound of 2 O(n) for the worst-case number of states of the resulting partial derivative automaton, where n is the size of the expression. Using the framework of analytic combinatorics, we then establish an upper bound of (1.056+o(1)) n for its asymptotic average-state complexity, which is significantly smaller than the one for the worst case.

Synchronous Kleene algebra (SKA) is a decidable framework that combines Kleene algebra (KA) with a synchrony model of concurrency. Elements of SKA can be seen as processes taking place within a fixed discrete time frame and that, at each time step, may execute one or more basic actions or then come to a halt. The synchronous Kleene algebra with tests (SKAT) combines SKA with a Boolean algebra. Both algebras were introduced by Prisacariu, who proved the decidability of the equational theory, through a Kleene theorem based on the classical Thompson ε-NFA construction. Using the notion of partial derivatives, we present a new decision procedure for equivalence between SKA terms. The results are extended for SKAT considering automata with transitions labeled by Boolean expressions instead of atoms. This work continous previous research done for KA and KAT, where derivative based methods were used in feasible algorithms for testing terms equivalence.

The partial derivative automaton (A pd ) is usually smaller than other non-deterministic finite automata constructed from a regular expression, and it can be seen as a quotient of the Glushkov automaton (Apos). By estimating the number of regular expressions that have ε as a partial derivative, we compute a lower bound of the average number of mergings of states in Apos and describe its asymptotic behaviour. This depends on the alphabet size, k, and its limit, as k goes to infinity, is 1 2 . The lower bound corresponds exactly to consider the A pd automaton for the marked version of the regular expression, i.e. where all its letters are made different. Experimental results suggest that the average number of states of this automaton, and of the A pd automaton for the unmarked regular expression, are very close to each other.

In this article we describe an implementation of Kleene algebra with tests (KAT) in the Coq theorem prover. KAT is an equational system that has been successfully applied in program verification and, in particular, it subsumes the propositional Hoare logic (PHL). We also present an PHL encoding in KAT, by deriving its deduction rules as theorems of KAT. Some examples of simple program's formal correctness are given. This work is part of a study of the feasibility of using KAT in the automatic production of certificates in the context of (source-level) Proof-Carrying-Code (PCC). .

Para os meus pais David e Maria Clara e para a Ana... v vi I am particularly indebted to José Carlos Bacelar Almeida who was always available to discuss with me several technical issues related to Coq. I also thank Ricardo Almeida for our discussions about Kleene algebra with tests. To Rogério Reis, my sincere thanks for being such a good teacher.

This paper presents a mechanically verified implementation of an algorithm for deciding the equivalence of Kleene algebra terms within the Coq proof assistant. The algorithm decides equivalence of two given regular expressions through an iterated process of testing the equivalence of their partial derivatives and does not require the construction of the corresponding automata. Recent theoretical and experimental research provides evidence that this method is, on average, more efficient than the classical methods based in automata. We present some performance tests, comparisons with similar approaches, and also introduce a generalization of the algorithm to decide the equivalence of terms of Kleene algebra with tests. The motivation for the work presented in this paper is that of using the libraries developed as trusted frameworks for carrying out certified program verification.

In this article we describe an implementation of Kleene algebra with tests (KAT) in the Coq theorem prover. KAT is an equational system that has been successfully applied in program verification and, in particular, it subsumes the propositional Hoare logic (PHL). We also present an PHL encoding in KAT, by deriving its deduction rules as theorems of KAT. Some examples of simple program's formal correctness are given. This work is part of a study of the feasibility of using KAT in the automatic production of certificates in the context of (source-level) Proof-Carrying-Code (PCC). .

There have been studies that analyse and apply input space partitioning by categorising them into classes such as equivalence partitioning, boundary value testing, category partitions, domain testing, classification trees, etc. This paper proposes a new algorithm for automated input domain modeling with randomised test case generation in a classification tree adhering to some Lie-algebraic structures using a scalable parallelised framework of first-order two-dimensional cellular automata that encompasses a large number of test cases simultaneously. As a proof of concept, this computational system is compared to a physical system described by a Yang-Mills theory of hypothetical quanta of certain gauge-invariant fields that follow the symmetries followed by the Lie algebras considered, in the foreground of the chaotic system as a continuum limit of the cellular automata, and the test cases are compared to the corresponding Feynman diagrams. Brief complexity analyses and brief analogies between the proof and the Feynman diagrammatics, algebraic complexity theory, and finite difference methods have also discussed.

Text editors represent one of the fundamental tools that writers use - software developers, book authors, mathematicians. A text editor must work as intended in that it should allow the users to do their job. We start by introducing a small subset of a text editor - line editor. Next, we will give a concrete definition (specification) of what a complete text editor means. Afterward, we will provide an implementation of a line editor in Coq, and then we will prove that it is a complete text editor.

Kleene algebra [1], (KA) normally called the algebra of regular events, is an algebraic system that axiomatically captures properties of several important structures arising in Computer Science, and has been applied in several contexts like automata and formal languages, semantics and logic of programs, design and analysis of algorithms, among others. Kleene algebra with tests (KAT) [2] extends KA with an embedded Boolean algebra and is particularly suited for the formal verication of propositional programs. In particular, KAT subsumes propositional Hoare logic (PHL) [3], a weaker Hoare logic without the assignment axiom. This part of our formalization is described in detail by Pereira and Moreira in [4]. Here we describe a formalization of a fragment of formal languages in the Coq theorem prover. This formalization's goal is to provide a Coq library that contains proof tactics for automatically proving equivalence of KA and KAT's equational logics. Having these tactics available requires the codication of KA and KAT, and also providing proofs that they are complete for their standard models, that is, regular languages and Kozen's automata on guarded strings [5], respectively. In order to provide a proof that regular languages are a model of KA, we have encoded regular languages, by extending Coq's Ensembles library of basic set theory with new inductive types for the concatenation and Kleene's star operations, based in the work of J.C. Filliâtre [6]. In what concerns to KAT, besides the Coq modules describing KAT's signature and of proofs of its main properties, we have encoded PHL deductive rules as KAT expressions and proved that they are KAT theorems. We have also proved correct an annotated version of PHL's deductive rules in our framework. Currently, we are implementing a decision procedure for the equivalence of KA terms, that leads to a decidable procedure for the equational theory of KA, based This work was partially funded by Funda cão para a Ciência e Tecnologia (FCT) and program POSI, and by RESCUE project PTDC/EIA/65862/2006.

This paper presents a mechanically verified implementation of an algorithm for deciding the equivalence of Kleene algebra terms within the Coq proof assistant. The algorithm decides equivalence of two given regular expressions through an iterated process of testing the equivalence of their partial derivatives and does not require the construction of the corresponding automata. Recent theoretical and experimental research provides evidence that this method is, on average, more efficient than the classical methods based in automata. We present some performance tests, comparisons with similar approaches, and also introduce a generalization of the algorithm to decide the equivalence of terms of Kleene algebra with tests. The motivation for the work presented in this paper is that of using the libraries developed as trusted frameworks for carrying out certified program verification.

In this paper we present a mechanically verified implementation of an algorithm for deciding regular expression (in-)equivalence within the Coq proof assistant. This algorithm is a version of a functional algorithm proposed by Almeida et al. which decides regular expression equivalence through an iterated process of testing the equivalence of their partial derivatives. In particular, this algorithm has a refutation step which improves the process of checking if two regular expressions are not equivalent.

Antimirov and Mosses presented a rewrite system for deciding the equivalence of two (extended) regular expressions and argued that this method could lead to a better average-case algorithm than those based on the comparison of the equivalent minimal DFAs. In this ...

Text editors represent one of the fundamental tools that writers use - software developers, book authors, mathematicians. A text editor must work as intended in that it should allow the users to do their job. We start by introducing a small subset of a text editor - line editor. Next, we will give a concrete definition (specification) of what a complete text editor means. Afterward, we will provide an implementation of a line editor in Coq, and then we will prove that it is a complete text editor.

Antimirov and Mosses proposed a rewrite system for deciding the equivalence of two (extended) regular expressions. In this paper we present a functional approach to that method, prove its correctness, and give some experimental comparative results. Besides an improved version of Antimirov and Mosses’s algorithm, we present a version using partial derivatives. Our preliminary results lead to the conclusion that, indeed, these methods are feasible and, generally, faster than the classical methods.

Antimirov and Mosses proposed a rewrite system for deciding the equivalence of two (extended) regular expressions. In this paper we present a functional approach to that method, prove its correctness, and give some experimental comparative results. Besides an improved version of Antimirov and Mosses’s algorithm, we present a version using partial derivatives. Our preliminary results lead to the conclusion that, indeed, these methods are feasible and, generally, faster than the classical methods.

This work presents a mechanically verified implementation of an algorithm for deciding regular expression (in-)equivalence within the Coq proof assistant. This algorithm decides regular expression equivalence through an iterated process of testing the equivalence of their partial derivatives and also does not construct the underlying automata. Our implementation has a refutation step that improves the general efficiency of the decision procedure by enforcing the in-equivalence of regular expressions at early stages of computation. Recent theoretical and experimental research provide evidence that this method is, on average, more efficient than the classical methods based in automata. We present some performance tests and comparisons with similar approaches.

Abstract This work presents a mechanically verified implementation of an algorithm for deciding the (in-) equivalence of Kleene algebra with tests (KAT) terms. This mechanization was carried out in the Coq proof assistant. The algorithm decides KAT terms equivalence through an iterated process of testing the equivalence of their partial derivatives. It is a purely syntactical decision procedure and so, it does not construct the underlying automata.