Calculational Verification of Reactive Programs with Reactive Relations and Kleene Algebra [chapter]

Simon Foster, Kangfeng Ye, Ana Cavalcanti, Jim Woodcock
2018 Lecture Notes in Computer Science  
Reactive programs are ubiquitous in modern applications, and so verification is highly desirable. We present a verification strategy for reactive programs with a large or infinite state space utilising algebraic laws for reactive relations. We define novel operators to characterise interactions and state updates, and an associated equational theory. With this we can calculate a reactive program's denotational semantics, and thereby facilitate automated proof. Of note is our reasoning support
more » ... iterative programs with reactive invariants, which is supported by Kleene algebra. We illustrate our strategy by verifying a reactive buffer. Our laws and strategy are mechanised in Isabelle/UTP, which provides soundness guarantees, and practical verification support. Preliminaries Kleene Algebras [8] (KA) characterise sequential and iterative behaviour in nondeterministic programs using a signature (K , +, 0, ·, 1, * ), where + is a choice operator with unit 0, and · a composition operator, with unit 1. Kleene closure P * denotes iteration of P using · zero or more times. We consider the class of weak Kleene algebras [14] , which build on weak dioids. Definition 2.1. A weak dioid is a structure (K , +, 0, ·, 1) such that (S , +, 0) is an idempotent and commutative monoid; (S , ·, 1) is a monoid; · left-and rightdistributes over +; and 0 is a left annihilator for ·. 1 All proofs can be found in the cited series of Isabelle/HOL reports. For historical reasons, we use the syntax Rs (P ⊢ Q ⋄R) in our mechanisation for a contract [P − | Q | R], which builds on Hoare and He's original syntax for the theory of designs [6] .
doi:10.1007/978-3-030-02149-8_13 fatcat:2mlcyy36qvgnjj5f4v54556g7q