CN106708525A - Coq-based MSVL program verification method - Google Patents

Coq-based MSVL program verification method Download PDF

Info

Publication number
CN106708525A
CN106708525A CN201611223495.XA CN201611223495A CN106708525A CN 106708525 A CN106708525 A CN 106708525A CN 201611223495 A CN201611223495 A CN 201611223495A CN 106708525 A CN106708525 A CN 106708525A
Authority
CN
China
Prior art keywords
coq
msvl
program verification
gallina
type
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201611223495.XA
Other languages
Chinese (zh)
Inventor
段振华
千琳
张南
田聪
王小兵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201611223495.XA priority Critical patent/CN106708525A/en
Publication of CN106708525A publication Critical patent/CN106708525A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/30Creation or generation of source code
    • G06F8/31Programming languages or programming paradigms

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

The invention discloses a Coq-based MSVL program verification method. The Coq-based MSVL program verification method comprises the steps of describing syntax and semantics of an MSVL by using a Coq specification language Gallina; and describing an axiomatic system of the MSVL by using the Coq specification language. According to the method, the axiomatic system of the MSVL is formalized by utilizing powerful mathematic model foundation and a complete tool set of Coq, so that the Coq can identify an MSVL program; for a program or a system modeled by using the MSVL, system properties are verified through a theorem proving technology; program modeling and extracted related properties can be converted into to-be-proved theorems in the Coq, and a proper Coq strategy chain is manually selected for guiding the proceeding of proving, so that the property verification is finished; and trivial details can be automatically proved by utilizing a Coq strategy, and only complicated steps are guided and controlled manually, so that the theorem proving process of the MSVL program is effectively simplified.

Description

A kind of MSVL program verification methods based on Coq
Technical field
The invention belongs to Program Verification Techniques field, more particularly to a kind of MSVL program verification methods based on Coq.
Background technology
Theorem proving and model inspection are two kinds of formal Verification Techniques of current main-stream.Compared with model inspection, theorem Proof technology can process program or system with infinite state space, and will not cause the problem of state explosion.However, with Family needs to instruct proof procedure and direct intervention intermediate steps, therefore the subjectivity of user to be introduced into proof.Presently, there are perhaps Many theorem provers, for example, Coq, PVS, ACL2, HOL, Isabelle etc..Used as a proof development system, Coq is provided One Formal Languages Gallina for describing mathematical definition, algorithm and theorem and an exploitation for being used for semi-automatic proof Environment.In fact, it provides interactive proof method, decision-making and half decision making algorithm and a permission user can define certainly The policy language of oneself method of proof.It also allows algebra system or theorem prover of the user outside simultaneously.As one It is individual for mathematical form or the platform of program development, Coq is expressed in higher order symbols, implied expression and grand aspect provide branch Hold.At present, Coq is widely used in checking field.MSVL is a timing logic for integrating modeling, emulating and verify Programming language, it may be advantageously employed in the standardization and checking of parallel and real-time system.It contains most of programs The all necessary basic statement of language, for example, assignment statement, sequential statement, branch statement, Do statement, parallel subqueries and projection Sentence etc..MSVL is based on a computation model (CCM) that can be used to describe and explain multinuclear parallel program, meanwhile, it is asynchronous logical Letter mechanism has also been implemented, such that it is able to carry out the modeling and checking of distributed system.In order to increase the availability and reality of MSVL With property, atomic type such as integer, full mold, character type, character string, chained list, array, pointer, structure etc. are implemented to define multiclass Offset, function and predicate.Result can be verified due to model checking method full automation and quickly, thus at present on The most of available verification tool of MSVL is all based on model inspection.And theorems proof methods need user and theorem prover in card Interacted during bright, i.e., automanual proof.Compared with model checking method, theorems proof methods are in proof procedure Requirement to user is higher, and verification process is also more complicated, so also without good in terms of the theorem proving of MSVL programs Instrument is supported.
The content of the invention
It is an object of the invention to provide a kind of MSVL program verification methods based on Coq, it is intended to solve using theorem card Funerary objects carries out the semi-automatic proof problem of MSVL program properties.
The present invention is achieved in that a kind of MSVL program verification methods based on Coq, the MSVL journeys based on Coq Sequence verification method describes the syntax and semantics of MSVL using Coq specification normative languages Gallina;MSVL is described using Coq specification normative languages Axiomatics.
Further, the syntax and semantics of the MSVL, including variable, expression formula, sentence and its abbreviated form;The public affairs of MSVL Reason system, including axiom and inference rule in state and on interval.
Further, the derived structure defined using MSVL sentences of abridging.
Further, in the verification process of property, by with MSVL to the modeling result of example and the relevant nature for extracting Theorem to be demonstrate,proved is converted into, then the suitable strategy chain of artificial selection, often performs a strategy, and current goal can be converted into one Or multiple sub-goal to be demonstrate,proved, continue to select and perform until not having id quod eart demonstradum sub-goal, that is, prove to terminate, Property Verification is complete Into.
Further, the MSVL program verification methods based on Coq are comprised the following steps:
Step one, MSVL variables, expression formula and function are described using the specification normative language Gallina of Coq;
Step 2, MSVL sentences and its derived expression are defined using the specification normative language Gallina of Coq;
Step 3, formal definitions are carried out in Coq to the axiom and derivation rule in MSVL axiomaticses.
Further, the specification normative language Gallina of the use Coq describes MSVL variables, expression formula and function, uses The conclusion type of Gallina is defined, and concluding type needs to specify the name and type of inductive set and conclude the structure of predicate Son is made, the Type inspector of Coq can verify whether the type of each constructor is correct;Definition for function uses recurrence type To construct recursive function.
Further, the specification normative language Gallina of the use Coq defines MSVL sentences and its abbreviation, fixed using Gallina Adopted sentence and abbreviation;Sentence is completed using type definition, abbreviation is concluded using the marker structure of Coq;One mark is one Symbol for expression or formula is abridged.
Another object of the present invention is to provide a kind of theorem card using the MSVL program verification methods based on Coq Funerary objects.
The MSVL program verification methods based on Coq that the present invention is provided, it is basic and complete using Coq powerful Mathematical Modeling Tool set formalize MSVL axiomaticses so that Coq is capable of identify that MSVL programs;To the program modeled using MSVL Or system, by the theorem proving technical identification property of system;Can be by Procedure modeling and the relevant nature for extracting in Coq transfers Theorem to be demonstrate,proved is melted into, the carrying out for instructing to prove by the suitable Coq strategy chains of artificial selection, so as to complete the checking of property; Chickenshit manually can only instruct control using the automatic proof of Coq strategies in complicated step, effectively simplify The theorem proving process of MSVL programs.
Brief description of the drawings
Fig. 1 is the MSVL program verification method flow charts based on Coq provided in an embodiment of the present invention.
Fig. 2 is that the entirety of embodiment provided in an embodiment of the present invention 1 realizes flow chart.
Fig. 3 is the schematic diagram verified to the property of system using the proof system provided in an embodiment of the present invention.
Specific embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to embodiments, to the present invention It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to Limit the present invention.
Application principle of the invention is explained in detail below in conjunction with the accompanying drawings.
As shown in figure 1, the MSVL program verification methods based on Coq provided in an embodiment of the present invention are comprised the following steps:
S101:MSVL variables, expression formula and function are described using the specification normative language Gallina of Coq;
S102:MSVL sentences and its derived expression are defined using the specification normative language Gallina of Coq;
S103:Formal definitions are carried out to the axiom and derivation rule in MSVL axiomaticses in Coq;
In an embodiment of the present invention:
The specification normative language Gallina of the use Coq describes MSVL variables, expression formula and function, using Gallina's Conclude type to define, concluding type needs to specify the name and type of inductive set and conclude the constructor of predicate, Coq's Type inspector can verify whether the type of each constructor is correct.For the definition of function, it may be necessary to directly use and pass Classification type constructs recursive function.Definition is considered as explaining that the title can be by Coq systems after definition to a formalization for title System receives and is replaced at any time by actual definition, on condition that type of definition etc. is correct.And recurrence type generally quilt For defining recursive function, it must conclude type that recursive variable is participated in this case.
The specification normative language Gallina of the use Coq defines MSVL sentences and its abbreviation, is still defined using Gallina Sentence and abbreviation.Sentence is completed using type definition, abbreviation is concluded using the marker structure of Coq.One mark is a use Carry out the symbol abbreviation of expression or formula.
It is described that formal definitions are carried out to the axiom and derivation rule in MSVL axiomaticses in Coq, these axioms and The carrying out that derivation rule can be proved in proof procedure with one piece of guidance of strategy.Therefore, this three part is to be closely connected, Xiang Fuxiang Into.
Application principle of the invention is further described with reference to specific embodiment.
Embodiment 1:
Reference picture 2, the embodiment of the present invention realizes that step is as follows:
Step 1:Variable, expression formula, function, sentence and its abbreviation of MSVL etc. are described using Coq specification normative languages.
Variable and atomic proposition are realized as follows in Coq:
Inductive Var:Set:=var:Z- > Var.
Inductive Ap:Set:=prop:Nat- > Ap.
Var and Ap represent MSVL variables and atomic proposition respectively, use conclusion type definition.
Arithmetic expression and Boolean expression are defined as follows:
Wherein, the constant of n to be one have types, x is a variable, and f is a m meta-function, and p is an atomic proposition, eiIt is arithmetic expression.
Arithmetic expression and Boolean expression are realized as follows in Coq:
Inductive Aexp:Set:=
AInt:Z- > Aexp
|AId:Var- > Aexp
|ANext:Aexp- > Aexp
|APre:Aexp- > Aexp
|APlus:Aexp- > Aexp- > Aexp
|AMinus:Aexp- > Aexp- > Aexp
|AMult:Aexp- > Aexp- > Aexp
|AMod:Aexp- > Aexp- > Aexp.
Inductive Bexp:Set:=
|BTrue:Bexp
|BFalse:Bexp
|BNot:Bexp- > Bexp
|BAnd:Bexp- > Bexp- > Bexp
|BEq:Aexp- > Aexp- > Bexp
|BLe:Aexp- > Aexp- > Bexp.
Aexp and Bexp represent arithmetic expression and Boolean expression respectively in Coq, use conclusion type definition.
Partial function on state, interval and interval is realized as follows in Coq:
Usage record type definition state state, concludes type definition interval Interval, while it is interval to define some On conventional handling function such as interval contiguous function Concatenation.
MSVL basic statements are defined as follows:
For example, empty sentences represent that current state is that program performs last interval state;Nextp sentences are represented Program p is performed in NextState;Institutes of the alw p representation programs p since current state is stateful all to be performed;Sequential statement p; Q representation programs p and q are that order is performed, program p since current state to it is following sometime, then q is performed again;Bar Part sentence ifb then p else q represent that p is performed when b sets up, and otherwise q is performed.
MSVL basic statements realizing in Coq is as follows:
Inductive st:Set:=
|Emp:st
|Ass:Var- > Aexp- > st
|Pass:Var- > Aexp- > st
|SF:Var- > st
|IFr:Var- > st
|Coj:St- > st- > st
|Sec:St- > st- > st
|Nex:St- > st
|Alw:St- > st
|Cond:Bexp- > st- > st- > st
|Exqu:Var- > Ap- > st
|Sequ:St- > st- > st
|Whi:Bexp- > st- > st
|Para:St- > st- > st
|Pro:List st- > st- > st
|Syn:Bexp- > st.
Step 2:Axiomatics (axiom and derivation rule in state and interval of MSVL are described using Coq specification normative languages Then).
MSVL axiomatics examples are as follows:
Work based on before, for example, axiom A 4 and A7 can be expressed as:
Axiom A4:forall p:St,
|-(Alw ((Coj (Alw p) Emp) <=> (Coj p Emp)))
Axiom A7:forall p q:St,
|-(Alw ((Sequ (Nex p) q) <=> Nex (Sequ p q)))
To the property proof procedure reference picture 3 of certain system:
1) using MSVL to system modelling;
2) relevant nature to be proved is extracted;
3) MSVL proof systems based on Coq obtain theorem to be proved, it may be necessary to the definition of some auxiliary lemma And proof.Then other sub-goals to be demonstrate,proved are translated into for currently target artificial selection appropriate strategies to be demonstrate,proved, are continued The process is completed until no sub-goal, i.e. theorem proving, so that property is verified.
When proving, the propulsion that each step is proved is completed by being manually entered suitable strategy.Strategy is realized instead To reasoning, i.e., known current goal come obtain strategy effect after produce sub-goal, that is to say, that a strategy causes target quilt Abbreviation is its sub-goal.However, be not that each rule or axiom are suitable for current goal, nor each is tactful May be used to abbreviation current goal, so before to current goal application certain strategy, Coq systems can check automatically rule or Whether the precondition of axiom meets.If be unsatisfactory for, the strategy can not be chosen, and produce mistake.
Therefore, the selection of strategy and rule is critically important when proving, largely needs according to current goal and need The sub-goal to be produced is determined.And the end for proving also implies that the completion of Property Verification.
Application principle of the invention is further described with reference to specific application.
Checking example-frog-jumping lotus leaf;Problem is described:6 frogs, 7 lotus leaves, each frog is on a piece of lotus leaf. Original state be three yellow frogs on the left side, on the right, two groups of frogs are separated three malachite frogs by a piece of lotus leaf.Each frog can With one step of jump or every in a step of frog-jumping two to a piece of empty lotus leaf.Problem is whether to find a mobile route so that two Group frog transposition
Modeling:It is the modeling result that the problem uses MSVL in MSV.Because frog jump follows certain rule, institute Can be always to reach a moment so that all frogs are all immovable, i.e., solution space can be regarded as a subset tree.Institute Frog state is represented to represent lotus leaf and array value using an array p, is worth for 1 represents yellow frog, 2 represent the malachite frog, 0 Represent on lotus leaf without frog, the correctness of modeling can be checked by emulating.
Property:Make original state for s0=[1,1,1,0,2,2,2], s1=[2,2,2,0,1,1,1], then property to be demonstrate,proved is [] (s0 → ◇ s1), i.e. [] ((p [0]=1 ∧ p [1]=1 ∧ p [2]=1 ∧ p [3]=0 ∧ p [4]=2 ∧ p [5]=2 ∧ p [6]=2) → ◇ (p [0]=2 ∧ p [1]=2 ∧ p [2]=2 ∧ p [3]=0 ∧ p [4]=1 ∧ p [5]=1 ∧ p [6]=1))
Checking:Need first to define some auxiliary functions, the correctness of function can be verified in Coq.
Secondly, the jump rule of frog is defined, so as to ensure the correct conversion of state.Theorem to be demonstrate,proved is:
Lemma Jump:
|-(Alw(Imp
(Coj(Coj(Coj(Coj(Coj(Coj(Coj(Ass empty_pos(AInt 3))
(Ass stone0(AInt 1)))(Ass stone1(AInt 1)))
(Ass stone2(AInt 1)))(Ass stone3(AInt 0)))
(Ass stone4(AInt 2)))(Ass stone5(AInt 2)))
(Ass stone6(AInt 2)))
(Coj(Coj(Coj(Coj(Coj(Coj(Coj(Ass empty_pos(AInt 3))
(Ass stone0(AInt 2)))(Ass stonel(AInt 2)))
(Ass stone2(AInt 2)))(Ass stone3(AInt 0)))
(Assstone4(AInt 1)))(Ass stone5(AInt 1)))
(Ass stone6(AInt 1))))).
Strategy is manually entered, the upper right side of Coq environment can show current sub-goal to be demonstrate,proved.
In sum, the MSVL theorems proof methods based on Coq proposed by the present invention, can be good at for verifying MSVL The property of system, with good correctness and reliability.
Presently preferred embodiments of the present invention is the foregoing is only, is not intended to limit the invention, it is all in essence of the invention Any modification, equivalent and improvement made within god and principle etc., should be included within the scope of the present invention.

Claims (8)

1. a kind of MSVL program verification methods based on Coq, it is characterised in that the MSVL program verification methods based on Coq The syntax and semantics of MSVL are described using Coq specification normative languages Gallina;The axiomatics of MSVL is described using Coq specification normative languages.
2. MSVL program verification methods based on Coq as claimed in claim 1, it is characterised in that the grammer of the MSVL and Semanteme, including variable, expression formula, sentence and its abbreviated form;The axiomatics of MSVL, including the axiom in state and on interval And inference rule.
3. the MSVL program verification methods of Coq are based on as claimed in claim 1, it is characterised in that the abbreviation uses MSVL The derived structure of sentence definition.
4. the MSVL program verification methods of Coq are based on as claimed in claim 1, it is characterised in that in the verification process of property In, theorem to be demonstrate,proved will be converted into the modeling result of example and the relevant nature for extracting with MSVL, then artificial selection is suitable Tactful chain, often perform a strategy, current goal can be converted into one or more sub-goals to be demonstrate,proved, continue to select and hold Row is proved to terminate until not having id quod eart demonstradum sub-goal, that is, and Property Verification is completed.
5. the MSVL program verification methods of Coq are based on as claimed in claim 1, it is characterised in that the MSVL based on Coq Program verification method is comprised the following steps:
Step one, MSVL variables, expression formula and function are described using the specification normative language Gallina of Coq;
Step 2, MSVL sentences and its derived expression are defined using the specification normative language Gallina of Coq;
Step 3, formal definitions are carried out in Coq to the axiom and derivation rule in MSVL axiomaticses.
6. the MSVL program verification methods of Coq are based on as claimed in claim 5, it is characterised in that the specification of the use Coq Language Gallina describes MSVL variables, expression formula and function, is defined using the conclusion type of Gallina, and concluding type needs The name and type of specifying inductive set and the constructor for concluding predicate, the Type inspector of Coq can verify that each is constructed Whether the type of son is correct;For the definition of function recursive function is constructed using recurrence type.
7. the MSVL program verification methods of Coq are based on as claimed in claim 5, it is characterised in that the specification of the use Coq Language Gallina defines MSVL sentences and its abbreviation, uses Gallina definition statements and abbreviation;Sentence is determined using type is concluded Justice, abbreviation is completed using the marker structure of Coq;One mark is that a symbol for expression or formula is abridged.
8. the theorem prover of the MSVL program verification methods of Coq is based on described in a kind of utilization claim 1~7 any one.
CN201611223495.XA 2016-12-27 2016-12-27 Coq-based MSVL program verification method Pending CN106708525A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611223495.XA CN106708525A (en) 2016-12-27 2016-12-27 Coq-based MSVL program verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611223495.XA CN106708525A (en) 2016-12-27 2016-12-27 Coq-based MSVL program verification method

Publications (1)

Publication Number Publication Date
CN106708525A true CN106708525A (en) 2017-05-24

Family

ID=58903520

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611223495.XA Pending CN106708525A (en) 2016-12-27 2016-12-27 Coq-based MSVL program verification method

Country Status (1)

Country Link
CN (1) CN106708525A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108363878A (en) * 2018-02-27 2018-08-03 中国电子科技集团公司第五十八研究所 Circuit safety verification method and computer readable storage medium
CN109543136A (en) * 2018-11-19 2019-03-29 南京航空航天大学 A kind of Laplace transform formalization verification method based on Coq
CN109783380A (en) * 2019-01-04 2019-05-21 北京航空航天大学 A kind of concurrent system combined authentication device
CN111679809A (en) * 2020-04-15 2020-09-18 杭州云象网络技术有限公司 Noesis logic-based program development and verification method and system
CN112119423A (en) * 2017-11-28 2020-12-22 耶鲁大学 System and method for formal verification
CN112463133A (en) * 2020-12-02 2021-03-09 杭州电子科技大学 Coq-based verification method for time sequence safety of robot control system
CN117908992A (en) * 2024-03-18 2024-04-19 浙江望安科技有限公司 C code program verification method and system based on automatic theorem proving device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102231133A (en) * 2011-07-05 2011-11-02 上海交通大学 Concurrent real-time program verification ptimized processing system and method based on rewrite logic
CN102426521A (en) * 2011-10-28 2012-04-25 东南大学 CPS (Cyber Physical Systems) adaptability verification method based on Hybrid UML (Unified Modeling Language) and theorem proving
CN104503816A (en) * 2014-12-30 2015-04-08 西安电子科技大学 System for automatically converting hardware language VHDL (Vhsic Hardware Description Language) into MSVL (Modeling, Simulation and Verification Language)

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102231133A (en) * 2011-07-05 2011-11-02 上海交通大学 Concurrent real-time program verification ptimized processing system and method based on rewrite logic
CN102426521A (en) * 2011-10-28 2012-04-25 东南大学 CPS (Cyber Physical Systems) adaptability verification method based on Hybrid UML (Unified Modeling Language) and theorem proving
CN104503816A (en) * 2014-12-30 2015-04-08 西安电子科技大学 System for automatically converting hardware language VHDL (Vhsic Hardware Description Language) into MSVL (Modeling, Simulation and Verification Language)

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LIN QIAN等: ""A Proof System For MSVL Programs In Coq"", 《6TH INTERNATIONAL WORKSHOP ON STRUCTURED OBJECT-ORIENTED FORMAL LANGUAGE AND METHOD》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112119423A (en) * 2017-11-28 2020-12-22 耶鲁大学 System and method for formal verification
CN108363878A (en) * 2018-02-27 2018-08-03 中国电子科技集团公司第五十八研究所 Circuit safety verification method and computer readable storage medium
CN109543136A (en) * 2018-11-19 2019-03-29 南京航空航天大学 A kind of Laplace transform formalization verification method based on Coq
CN109783380A (en) * 2019-01-04 2019-05-21 北京航空航天大学 A kind of concurrent system combined authentication device
CN111679809A (en) * 2020-04-15 2020-09-18 杭州云象网络技术有限公司 Noesis logic-based program development and verification method and system
CN112463133A (en) * 2020-12-02 2021-03-09 杭州电子科技大学 Coq-based verification method for time sequence safety of robot control system
CN112463133B (en) * 2020-12-02 2022-06-10 杭州电子科技大学 Coq-based verification method for time sequence safety of robot control system
CN117908992A (en) * 2024-03-18 2024-04-19 浙江望安科技有限公司 C code program verification method and system based on automatic theorem proving device
CN117908992B (en) * 2024-03-18 2024-05-24 浙江望安科技有限公司 C code program verification method and system based on automatic theorem proving device

Similar Documents

Publication Publication Date Title
CN106708525A (en) Coq-based MSVL program verification method
Chen et al. Evaluating large language models trained on code
Belta et al. Formal methods for discrete-time dynamical systems
Büttner et al. Verification of ATL transformations using transformation models and model finders
CN105103135B (en) The method of defence program
CN105786715A (en) Program static automatic analysis method
CN104965956A (en) RUCM based demand verification method
CN109634600A (en) A kind of code generating method based on security extension SysML and AADL model
Mai et al. A natural language programming approach for requirements-based security testing
CN109739740A (en) A kind of AADL model combination formalization verification method
CN106708730A (en) Formal verification method capable of aiming at embedded real-time operating system
CN106294148A (en) C programmer software verification method based on escape character transition system and device
Alhabardi et al. Verification of Bitcoin Script in Agda using weakest preconditions for access control
Schmid et al. A Complete Inference System for Skip-free Guarded Kleene Algebra with Tests.
CN110427317A (en) A kind of correlation determines method and device
US7543274B2 (en) System and method for deriving a process-based specification
Abdulkhaleq A system-theoretic safety engineering approach for software-intensive systems
Urban et al. ATP-based cross-verification of Mizar proofs: Method, systems, and first experiments
Morley Safety assurance in interlocking design
Sohier et al. Improving simulation specification with MBSE for better simulation validation and reuse
Arora et al. Probabilistic model checking of incomplete models
Fu Verifying probabilistic systems: new algorithms and complexity results
Saji et al. Natural Language Inference using Neural Network and Tableau Method
Jnanamurthy et al. Formal specification at model-level of model-driven engineering using modelling techniques
CN109542698A (en) A kind of Virtual prototype error-detecting method based on mutation testing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170524