CAVEAT: technique and tool for computer aided verification and transformation [chapter]

E. Pascal Gribomont, Didier Rossetto
1995 Lecture Notes in Computer Science  
We describe CAVEAT, a technique and a tool (under development) for the stepwise design and verification of nearly finite-state concurrent systems (NFCS). A concurrent system is nearly finite-state when most of its variables have a finite range (Booleans, bounded integers). The heart of CAVEAT is a tool for verifying invariants, i.e., inductive safety properties. The underlying method is classical : formula I is an invariant for system ,S if and only if some formula ~r =def {I}S{I} is valid. If
more » ... S is an NFCS, the formula ~5i contains only a small set of non-boolean variables. CAVEAT uses the connection method to extract from ~I a (small) set ~ of paths (some kind of assertions) about the non-boolean variables; ~5i is valid if and only if all paths contain connections, i.e., are inconsistent. For typical NFCS given with a correct invariant, the formula ~I is rather large (more than 100 lines) but k~ is quite small (a dozen one-line formulas). The second part of CAVEAT (not implemented yet) supports an incremental development method that is fairly systematic, but has proved to be flexible enough in practice. attribute P-type a to negations.
doi:10.1007/3-540-60045-0_41 fatcat:t7jcmd3si5aoljs5gdkw5mivm4