773 Hits in 4.1 sec

Specifying and Verifying Concurrent C Programs with TLA+ [chapter]

Amira Methni, Matthieu Lemerre, Belgacem Ben Hedia, Serge Haddad, Kamel Barkaoui
2015 Communications in Computer and Information Science  
Here we propose a formal specification and verification approach for concurrent C programs directly based on the semantics of C.  ...  We define a set of translation rules and implement it in a tool (C2TLA+) that automatically translates C code into a TLA+ specification.  ...  Conclusion and Future Work We have sketched an approach for specifying and verifying C code based on an automated translation from C to TLA+.  ... 
doi:10.1007/978-3-319-17581-2_14 fatcat:ncka5nf7pnc77htwqnllomjwri

State Space Reduction Strategie for Model Checking Concurrent C Programs

Amira Methni, Matthieu Lemerre, Belgacem Ben Hedia, Serge Haddad, Kamel Barkaoui
2015 International Workshop on Verification and Evaluation of Computer and Communication Systems  
Here we propose a state space reduction technique for model checking concurrent programs written in C.  ...  We show the usefulness of using agglomeration technique to reduce the state space, as well as to generate an abstract TLA+ specification from a C program.  ...  We give an overview of TLA+ in Section 2. Section 3 presents how we specify the semantics of C in TLA+. Section 4 describes the reduction technique and how we implement it on C programs.  ... 
dblp:conf/vecos/MethniLHHB15 fatcat:qpyluqrijjfwthw72tmiuhjhry

Page 49 of Journal of Research and Practice in Information Technology Vol. 26, Issue 2 [page]

1994 Journal of Research and Practice in Information Technology  
In summary, we have shown that a formal language with simple syntax coupled with an automatic tool (based on model checking) can be used to specify and verify the scheduling aspect of concurrent systems  ...  ACM Trans. on Programming Languages and Systems, 15(1):36-72. ENGBERG, U., GRONNING, P., and LAMPORT, L. (1992). Mechanical Verification of Concurrent Systems with TLA. In v.  ... 

Verifying the correctness of hume programs

Gudmund Grov
2005 Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering - ASE '05  
Hume is a programming language targeted at safety-critical, resource-bounded systems.  ...  Bounded time and space usage is achieved by a clear separation of coordination and computation in the design of the language. However, there is no correctness verification.  ...  Within such logics a program is specified as follows: {P} C {Q} meaning that if P holds and we run command C then Q will hold if C terminates. This is known as partial correctness.  ... 
doi:10.1145/1101908.1101995 dblp:conf/kbse/Grov05 fatcat:grmvdwuzofdsxmvw6jcmsbrc7i

Modeling Concurrent Systems with Shared Resources [chapter]

Ángel Herranz, Julio Mariño, Manuel Carro, Juan José Moreno Navarro
2009 Lecture Notes in Computer Science  
We propose a methodology to design and verify a concurrent system that splits the verification problem in two independent tasks: internal verification of shared resources, where some concurrency aspects  ...  like mutual exclusion and conditional synchronisation are isolated, and external verification of processes, where synchronisation mechanisms are not relevant.  ...  Ada, Java, C#. . . ), there are still application niches where the use of languages less suited for concurrency, like C or C++, is mandatory.  ... 
doi:10.1007/978-3-642-04570-7_9 fatcat:7s7g6hv4vrfn3mawt576qh5hne

Formal verification of concurrent scheduling strategies using TLA

Gudmund Grov, Greg Michaelson, Andrew Ireland
2007 2007 International Conference on Parallel and Distributed Systems  
In contrast, efficient concurrent schedulers are often complex and hard to reason about. This paper will show how the TLA logic can be used to verify schedulers of concurrent components.  ...  This approach is illustrated with the Hume programming language, which is based on concurrent rich automata.  ...  This work is supported by EU FP6 EmBounded project and a James Watt Scholarship.  ... 
doi:10.1109/icpads.2007.4447839 dblp:conf/icpads/GrovMI07 fatcat:p5zggcqt7fcgfppluchz7wer5e

Specifying and checking network protocol based on TLA

Liang Wan, Wenchang Shi
2012 Anti-counterfeiting, Security, and Identification  
An approach is proposed that aims to detect vulnerabilities of a protocol effectively with the TLA, with the Kerberos protocol being taken as an example.  ...  Experiments show that our approach is effective and powerful in specifying and checking a protocol, and it is better than SPIN and SMV.  ...  Write the program for the protocol The TLA+ and HLPSL are the languages based on TLA. The two languages are suitable for the system in the concurrent environment.  ... 
doi:10.1109/icasid.2012.6325286 fatcat:4xncww6bcnal3gofiflpjrvaoa

Specifying and verifying systems with TLA+

Leslie Lamport, John Matthews, Mark Tuttle, Yuan Yu
2002 Proceedings of the 10th workshop on ACM SIGOPS European workshop: beyond the PC - EW10  
We expect that it can also be used to specify and check concurrent algorithms and protocols for software systems.  ...  TLA + is a high-level specification language that has been used to specify and check the correctness of several hardware protocols.  ...  On the Itanium project: Jae Yang helped specify the cache-coherence protocol and Gil Neiger helped us specify the Itanium memory model.  ... 
doi:10.1145/1133373.1133382 dblp:conf/sigopsE/LamportMTY02 fatcat:4al4i3r525ds7iacwhta7mj7cm

The temporal logic of actions

Leslie Lamport
1994 ACM Transactions on Programming Languages and Systems  
This report introduces TLA and describes how it is used to specify and verify concurrent algorithms. The use of TLA to specify and reason about open systems will be described elsewhere.  ...  The temporal logic of actions (TLA) is a logic for specifying and reasoning about concurrent systems.  ...  We believe that TLA is useful for specifying and verifying safety and liveness properties of discrete systems.  ... 
doi:10.1145/177492.177726 fatcat:qliuagrmdzejzlj26hriddz7kq

Verification and specification of concurrent programs [chapter]

Leslie Lamport
1994 Lecture Notes in Computer Science  
I explore the history of, and lessons learned from, eighteen years of assertional methods for specifying and verifying concurrent programs.  ...  Ashcroft's work spawned a plethora of formalisms for specifying and reasoning about concurrent programs.  ...  I know of no programming language, except perhaps Unity, with as simple a semantics as TLA. Moreover, because TLA is mathematics, it has an elegance and power unmatched by any programming language.  ... 
doi:10.1007/3-540-58043-3_23 fatcat:yfizmu2dorhklaj6t2dqsx6pkq

How Amazon web services uses formal methods

Chris Newcombe, Tim Rath, Fan Zhang, Bogdan Munteanu, Marc Brooker, Michael Deardeuff
2015 Communications of the ACM  
Fortunately, TLA+ is accompanied by a second language called PlusCal that is closer to a C-style programming language but much more expressive, as it uses TLA+ for expressions and values.  ...  NASA's C.  ... 
doi:10.1145/2699417 fatcat:2t3z24u35rh5pgjoah6qzpkrty

Mechanical verification of concurrent systems with TLA [chapter]

Urban Engberg, Peter Grønning, Leslie Lamport
1993 Lecture Notes in Computer Science  
Input to the system consists of the correctness properties, expressed in TLA (the temporal logic of actions), and their proofs, written in a humanly readable, hierarchically structured form.  ...  The system uses a mechanical verifier to check each step of the proof, translating the step's assertion into a theorem in the verifier's logic and its proof into instructions for the verifier.  ...  Introduction TLA, the Temporal Logic of Actions, is a logic for specifying and reasoning about concurrent systems.  ... 
doi:10.1007/3-540-56496-9_5 fatcat:qxpoyirksbbitl5q73wurgjoh4

The PlusCal Algorithm Language [chapter]

Leslie Lamport
2009 Lecture Notes in Computer Science  
Algorithms are different from programs and should not be described with programming languages. The only simple alternative to programming languages has been pseudo-code.  ...  It is based on the TLA + specification language, and a PlusCal algorithm is automatically translated to a TLA + specification that can be checked with the TLC model checker and reasoned about formally.  ...  A PlusCal algorithm is translated to a TLA + specification [12] . That specification can be debugged (and occasionally even completely verified) with the TLC model checker [20] .  ... 
doi:10.1007/978-3-642-03466-4_2 fatcat:h5py7eajt5bwza5nrc2ql645wu

High-Level Specifications: Lessons from Industry [chapter]

Brannon Batson, Leslie Lamport
2003 Lecture Notes in Computer Science  
We explain the rationale behind the design of the TLA + specification language, and we describe our experience using it and the TLC model checker in industrial applications-including the verification of  ...  For example, one might define A by A ∆ = B ∨ C ∨ D and then define B , C , and D.  ...  concurrent programs by Ashcroft [2] , Owicki and Gries [21] , Pnueli [24] , and others [3, 11, 12, 22] .  ... 
doi:10.1007/978-3-540-39656-7_10 fatcat:7psnwjf2p5g5pkfcvhmknrdlda


Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath Setty, Brian Zill
2017 Communications of the ACM  
Each implementation achieves performance competitive with a reference system. With our methodology and lessons learned, we aim to raise the standard for distributed systems from "tested" to "correct."  ...  Verification can, in principle, eliminate these bugs, but it has historically been difficult to apply at full-program scale, much less distributed system scale.  ...  Once a program verifies, Dafny compiles it to C# and has the .NET compiler produce an executable.  ... 
doi:10.1145/3068608 fatcat:tnwzkuonwvahterueljh4axakm
« Previous Showing results 1 — 15 out of 773 results