Dejanira Araiza-Illan,Kerstin Eder,Arthur Richards

DOI: https://doi.org/10.1109/CONTROL.2014.6915147

2014-06-08

Abstract:This paper presents the deductive formal verification of high-level properties of control systems with theorem proving, using the Why3 tool. Properties that can be verified with this approach include stability, feedback gain, and robustness, among others. For the systems, modelled in Simulink, we propose three main steps to achieve the verification: specifying the properties of interest over the signals within the model using Simulink blocks, an automatic translation of the model into Why3, and the automatic verification of the properties with theorem provers in Why3. We present a methodology to specify the properties in the model and a library of relevant assertion blocks (logic expressions), currently in development. The functionality of the blocks in the Simulink models are automatically translated to Why3 as theories and verification goals by our tool implemented in MATLAB. A library of theories in Why3 corresponding to each supported block has been developed to facilitate the process of translation. The goals are automatically verified in Why3 with relevant theorem provers. A simple first-order discrete system is used to exemplify the specification of the Simulink model, the translation process from Simulink to the Why3 formal logic language, and the verification of Lyapunov stability.

Systems and Control,Logic in Computer Science

Reiner Hähnle,Marieke Huisman

DOI: https://doi.org/10.1007/978-3-319-91908-9_18

2019-01-01

Abstract:Deductive software verification aims at formally verifying that all possible behaviors of a given program satisfy formally defined, possibly complex properties, where the verification process is based on logical inference. We follow the trajectory of the field from its inception in the late 1960s via its current state to its promises for the future, from pen-and-paper proofs for programs written in small, idealized languages to highly automated proofs of complex library or system code written in mainstream languages. We take stock of the state-of-art and give a list of the most important challenges for the further development of the field of deductive software verification.

Dejanira Araiza-Illan,Kerstin Eder,Arthur Richards

DOI: https://doi.org/10.1109/ECC.2015.7330941

2015-05-26

Abstract:This paper presents the verification of control systems implemented in Simulink. The goal is to ensure that high-level requirements on control performance, like stability, are satisfied by the Simulink diagram. A two stage process is proposed. First, the high-level requirements are decomposed into specific parametrized sub-requirements and implemented as assertions in Simulink. Second, the verification takes place. On one hand, the sub-requirements are verified through assertion checks in simulation. On the other hand, according to their scope, some of the sub-requirements are verified through assertion checks in simulation, and others via automatic theorem proving over an ideal mathematical model of the diagram. We compare performing only assertion checks against the use of theorem proving, to highlight the advantages of the latter. Theorem proving performs verification by computing a mathematical proof symbolically, covering the entire state space of the variables. An automatic translation tool from Simulink to the language of the theorem proving tool Why3 is also presented. The paper demonstrates our approach by verifying the stability of a simple discrete linear system.

Systems and Control,Software Engineering

Grigory Devadze,Victor Magron,Stefan Streif

2024-08-01

Abstract:We provide a computer-assisted approach to ensure that a given continuous or discrete-time polynomial system is (asymptotically) stable. Our framework relies on constructive analysis together with formally certified sums of squares Lyapunov functions. The crucial steps are formalized within of the proof assistant Minlog. We illustrate our approach with various examples issued from the control system literature.

Optimization and Control,Logic in Computer Science

Nikos Arechiga,James Kapinski,Jyotirmoy Deshmukh,Andre Platzer,Bruce Krogh

DOI: https://doi.org/10.1109/EMSOFT.2015.7318278

2015-08-11

Abstract:The use of deductive techniques, such as theorem provers, has several advantages in safety verification of hybrid sys- tems; however, state-of-the-art theorem provers require ex- tensive manual intervention. Furthermore, there is often a gap between the type of assistance that a theorem prover requires to make progress on a proof task and the assis- tance that a system designer is able to provide. This paper presents an extension to KeYmaera, a deductive verification tool for differential dynamic logic; the new technique allows local reasoning using system designer intuition about per- formance within particular modes as part of a proof task. Our approach allows the theorem prover to leverage for- ward invariants, discovered using numerical techniques, as part of a proof of safety. We introduce a new inference rule into the proof calculus of KeYmaera, the forward invariant cut rule, and we present a methodology to discover useful forward invariants, which are then used with the new cut rule to complete verification tasks. We demonstrate how our new approach can be used to complete verification tasks that lie out of the reach of existing deductive approaches us- ing several examples, including one involving an automotive powertrain control system.

Logic in Computer Science

Simon Foster,Mario Gleirscher,Radu Calinescu

DOI: https://doi.org/10.1109/ICECCS51672.2020.00020

2020-06-16

Abstract:The use of autonomous vehicles in real-world applications is often precluded by the difficulty of providing safety guarantees for their complex controllers. The simulation-based testing of these controllers cannot deliver sufficient safety guarantees, and the use of formal verification is very challenging due to the hybrid nature of the autonomous vehicles. Our work-in-progress paper introduces a formal verification approach that addresses this challenge by integrating the numerical computation of such a system (in GNU/Octave) with its hybrid system verification by means of a proof assistant (Isabelle). To show the effectiveness of our approach, we use it to verify differential invariants of an Autonomous Marine Vehicle with a controller switching between multiple modes.

Software Engineering,Systems and Control

Junyan Qian,Baowen Xu

2007-01-01

Abstract:we present a methodology for automatically verifying programs against safety specifications based on finite state machine. Firstly, computing the abstract transition between abstract states is done by calling a theorem prover, and then an initial abstract model automatically is extracted from concrete program using predicate abstraction. However, the process of abstraction can be exponential in the number of predicates used. Program slicing, predicate inference and partitioning the set of candidate predicates into subsets make abstract model construction effective. By counterexample-guided abstraction refinement scheme, the abstraction refines incrementally until the specification is either satisfied or refuted. Finally, our methods can be extended to verifying concurrency programs by parallel composition.

Merlin Carl

DOI: https://doi.org/10.48550/arXiv.2002.05083

2020-02-13

Abstract:The Diproche system, an automated proof checker for natural language proofs specifically adapted to the context of exercises for beginner's students similar to the Naproche system by Koepke, Schröder, Cramer and others, uses a modification of an automated theorem prover which uses common formal fallacies intead of sound deduction rules for mistake diagnosis. We briefly describe the concept of such an `Anti-ATP' and explain the basic techniques used in its implementation.

Artificial Intelligence,Logic

Adnan Rashid,Osman Hasan

DOI: https://doi.org/10.48550/arXiv.1707.06967

2017-07-22

Abstract:Control systems are an integral part of almost every engineering and physical system and thus their accurate analysis is of utmost importance. Traditionally, control systems are analyzed using paper-and-pencil proof and computer simulation methods, however, both of these methods cannot provide accurate analysis due to their inherent limitations. Model checking has been widely used to analyze control systems but the continuous nature of their environment and physical components cannot be truly captured by a state-transition system in this technique. To overcome these limitations, we propose to use higher-order-logic theorem proving for analyzing linear control systems based on a formalized theory of the Laplace transform method. For this purpose, we have formalized the foundations of linear control system analysis in higher-order logic so that a linear control system can be readily modeled and analyzed. The paper presents a new formalization of the Laplace transform and the formal verification of its properties that are frequently used in the transfer function based analysis to judge the frequency response, gain margin and phase margin, and stability of a linear control system. We also formalize the active realizations of various controllers, like Proportional-Integral-Derivative (PID), Proportional-Integral (PI), Proportional-Derivative (PD), and various active and passive compensators, like lead, lag and lag-lead. For illustration, we present a formal analysis of an unmanned free-swimming submersible vehicle using the HOL Light theorem prover.

Logic in Computer Science,Systems and Control

Stefan Mitsch,Grant Olney Passmore,Andre Platzer

DOI: https://doi.org/10.1007/s11786-014-0176-y

2014-10-04

Abstract:Hybrid systems with both discrete and continuous dynamics are an important model for real-world cyber-physical systems. The key challenge is to ensure their correct functioning w.r.t. safety requirements. Promising techniques to ensure safety seem to be model-driven engineering to develop hybrid systems in a well-defined and traceable manner, and formal verification to prove their correctness. Their combination forms the vision of verification-driven engineering. Often, hybrid systems are rather complex in that they require expertise from many domains (e.g., robotics, control systems, computer science, software engineering, and mechanical engineering). Moreover, despite the remarkable progress in automating formal verification of hybrid systems, the construction of proofs of complex systems often requires nontrivial human guidance, since hybrid systems verification tools solve undecidable problems. It is, thus, not uncommon for development and verification teams to consist of many players with diverse expertise. This paper introduces a verification-driven engineering toolset that extends our previous work on hybrid and arithmetic verification with tools for (i) graphical (UML) and textual modeling of hybrid systems, (ii) exchanging and comparing models and proofs, and (iii) managing verification tasks. This toolset makes it easier to tackle large-scale verification tasks.

Logic in Computer Science,Software Engineering

Merlin Carl

DOI: https://doi.org/10.4204/EPTCS.328.4

2020-10-30

Abstract:Diproche ("Didactical Proof Checking") is an automatic system for supporting the acquistion of elementary proving skills in the initial phase of university education in mathematics. A key feature of Diproche - which is designed by the example of the Naproche system developed by M. Cramer and others - is an automated proof checker for proofs written in a controlled fragment of natural language specifically designed to capture the language of beginners' proving exercises in mathematics. Both the accepted language and proof methods depend on the didactical and mathematical context and vary with the level of education and the topic proposed. An overall presentation of the system in general was given in Carl and Krapf 2019. Here, we briefly recall the basic architecture of Diproche and then focus on explaining key features and the working principles of Diproche in the sample topics of elementary number theory and axiomatic geometry.

Logic

Michael Winikoff

DOI: https://doi.org/10.48550/arXiv.1903.04159

2019-03-11

Abstract:Formal software verification uses mathematical techniques to establish that software has certain properties. For example, that the behaviour of a software system satisfies certain logically-specified properties. Formal methods have a long history, but a recurring assumption is that the properties to be verified are known, or provided as part of the requirements elicitation process. This working note considers the question: where do the verification properties come from? It proposes a process for systematically identifying verification properties.

Software Engineering

Alexander V. Gheorghiu,David J. Pym

2023-10-19

Abstract:We present a comprehensive programme analysing the decomposition of proof systems for non-classical logics into proof systems for other logics, especially classical logic, using an algebra of constraints. That is, one recovers a proof system for a target logic by enriching a proof system for another, typically simpler, logic with an algebra of constraints that act as correctness conditions on the latter to capture the former; for example, one may use Boolean algebra to give constraints in a sequent calculus for classical propositional logic to produce a sequent calculus for intuitionistic propositional logic. The idea behind such forms of reduction is to obtain a tool for uniform and modular treatment of proof theory and provide a bridge between semantics logics and their proof theory. The article discusses the theoretical background of the project and provides several illustrations of its work in the field of intuitionistic and modal logics. The results include the following: a uniform treatment of modular and cut-free proof systems for a large class of propositional logics; a general criterion for a novel approach to soundness and completeness of a logic with respect to a model-theoretic semantics; and, a case study deriving a model-theoretic semantics from a proof-theoretic specification of a logic.

Logic in Computer Science,Logic

Stefan Mitsch,André Platzer

DOI: https://doi.org/10.4204/EPTCS.240.5

2017-01-30

Abstract:Hybrid systems verification is quite important for developing correct controllers for physical systems, but is also challenging. Verification engineers, thus, need to be empowered with ways of guiding hybrid systems verification while receiving as much help from automation as possible. Due to undecidability, verification tools need sufficient means for intervening during the verification and need to allow verification engineers to provide system design insights. This paper presents the design ideas behind the user interface for the hybrid systems theorem prover KeYmaera X. We discuss how they make it easier to prove hybrid systems as well as help learn how to conduct proofs in the first place. Unsurprisingly, the most difficult user interface challenges come from the desire to integrate automation and human guidance. We also share thoughts how the success of such a user interface design could be evaluated and anecdotal observations about it.

Logic in Computer Science,Human-Computer Interaction,Programming Languages

Talia Ringer,Karl Palmskog,Ilya Sergey,Milos Gligoric,Zachary Tatlock

DOI: https://doi.org/10.1561/2500000045

2020-03-14

Abstract:Development of formal proofs of correctness of programs can increase actual and perceived reliability and facilitate better understanding of program specifications and their underlying assumptions. Tools supporting such development have been available for over 40 years, but have only recently seen wide practical use. Projects based on construction of machine-checked formal proofs are now reaching an unprecedented scale, comparable to large software projects, which leads to new challenges in proof development and maintenance. Despite its increasing importance, the field of proof engineering is seldom considered in its own right; related theories, techniques, and tools span many fields and venues. This survey of the literature presents a holistic understanding of proof engineering for program correctness, covering impact in practice, foundations, proof automation, proof organization, and practical proof development.

Logic in Computer Science,Programming Languages

Guillaume Petiot,Nikolai Kosmatov,Bernard Botella,Alain Giorgetti,Jacques Julliand

DOI: https://doi.org/10.48550/arXiv.1508.01691

2015-08-07

Abstract:Applying deductive verification to formally prove that a program respects its formal specification is a very complex and time-consuming task due in particular to the lack of feedback in case of proof failures. Along with a non-compliance between the code and its specification (due to an error in at least one of them), possible reasons of a proof failure include a missing or too weak specification for a called function or a loop, and lack of time or simply incapacity of the prover to finish a particular proof. This work proposes a new methodology where test generation helps to identify the reason of a proof failure and to exhibit a counter-example clearly illustrating the issue. We describe how to transform an annotated C program into C code suitable for testing and illustrate the benefits of the method on comprehensive examples. The method has been implemented in STADY, a plugin of the software analysis platform FRAMA-C. Initial experiments show that detecting non-compliances and contract weaknesses allows to precisely diagnose most proof failures.

Software Engineering

João Marcos

DOI: https://doi.org/10.48550/arXiv.1507.03673

2015-07-18

Abstract:Real-life conjectures do not come with instructions saying whether they they should be proven or, instead, refuted. Yet, as we now know, in either case the final argument produced had better be not just convincing but actually verifiable in as much detail as our need for eliminating risk might require. For those who do not happen to have direct access to the realm of mathematical truths, the modern field of formalized mathematics has quite a few lessons to contribute, and one might pay heed to what it has to say, for instance, about: the importance of employing proof strategies; the fine control of automation in unraveling the structure of a certain proof object; reasoning forward from the givens and backward from the goals, in developing proof scripts; knowing when and how definitions and identities apply in a helpful way, and when they do not apply; seeing proofs [and refutations] as dynamical objects, not reflected by the static derivation trees that Proof Theory wants them to be. I believe that the great challenge for teachers and learners resides currently less on the availability of suitable generic tools than in combining them wisely in view of their preferred education paradigms and introducing them in a way that best fits their specific aims, possibly with the help of intelligent online interactive tutoring systems. As a proof of concept, a computerized proof assistant that makes use of several successful tools already freely available on the market and that takes into account some of the above findings about teaching and learning Logic is hereby introduced. To fully account for our informed intuitions on the subject it would seem that a little bit extra technology would still be inviting, but no major breakthrough is really needed: We are talking about tools that are already within our reach to develop, as the fruits of collaborative effort.

Computers and Society,Logic in Computer Science

Chen Bo

2005-01-01

Social Sciences in China

Abstract:Hume raised the famous question of generalization, and negated the general necessity of generalization and the possibility of its verification. I would like to state in this article that deduction is faced with a similar dilemma to that of generalization, since the two play a similar role in epistemology. Technical reliability and comprehensiveness is a necessary yet not sufficient condition in verifying a logic system. One must also take into consideration whether it is epistemologically correct or proper; in other words, whether the formal argumentation of the logic system sufficiently and properly reflects and demonstrates its non-formal argumentation. A logic system is related to the empirical experience of daily language and thinking in a very indirect way, by means of the explanation of logical constants within the system. There is never absolute verification of a deduction and logic system. Rather, there is only relative verification. Logic is open to revision in principle, yet it is always a reasonable strategy to avoid injuring it. Logicians are not legislators in the domain of rationality, and are not privileged in any sense in epistemology.

Joseph A. Goguen

DOI: https://doi.org/10.48550/arXiv.2101.02690

2021-01-07

Logic in Computer Science

Abstract:This book can be seen either as a text on theorem proving that uses techniques from general algebra, or else as a text on general algebra illustrated and made concrete by practical exercises in theorem proving. The book considers several different logical systems, including first-order logic, Horn clause logic, equational logic, and first-order logic with equality. Similarly, several different proof paradigms are considered. However, we do emphasize equational logic, and for simplicity we use only the OBJ3 software system, though it is used in a rather flexible manner. We do not pursue the lofty goal of mechanizing proofs like those of which mathematicians are justly so proud; instead, we seek to take steps towards providing mechanical assistance for proofs that are useful for computer scientists in developing software and hardware. This more modest goal has the advantage of both being achievable and having practical benefits. The following topics are covered: many-sorted signature, algebra and homomorphism; term algebra and substitution; equation and satisfaction; conditional equations; equational deduction and its completeness; deduction for conditional equations; the theorem of constants; interpretation and equivalence of theories; term rewriting, termination, confluence and normal form; abstract rewrite systems; standard models, abstract data types, initiality, and induction; rewriting and deduction modulo equations; first-order logic, models, and proof planning; second-order algebra; order-sorted algebra and rewriting; modules; unification and completion; and hidden algebra. In parallel with these are a gradual introduction to OBJ3, applications to group theory, various abstract data types (such as number systems, lists, and stacks), propositional calculus, hardware verification, the {\lambda}-calculus, correctness of functional programs, and other topics.

Jeremy Avigad,Johan Commelin,Heather Macbeth,Adam Topaz

2024-11-05

Abstract:Interactive proof assistants make it possible for ordinary mathematicians to write definitions and theorems in a formal proof language, like a programming language, so that a computer can parse them and check them against the rules of a formal axiomatic foundation. This article describes the experience of working with a proof assistant and considers the impact the technology will have on mathematics.

History and Overview,Logic in Computer Science