Go to DBLP homepageCircular Compositional Reasoning about Liveness
Abstract: Compositional proofs about systems of many components often involve apparently circular arguments. That is, correctness of component A must be assumed when verifying component B, and vice versa. The apparent circularity of such arguments can be resolved by induction over time. However, previous methods for such circular compositional proofs apply only to safety properties. This paper presents a method of circular compositional reasoning that applies to liveness properties as well. It is based on a new circular compositional rule implemented in the SMV proof assistant. The method is illustrated using Tomasulo’s algorithm for out-of-order instruction execution. An implementation is proved live for arbitrary resources using compositional model checking.
External IDs:dblp:conf/charme/McMillan99a
Loading