1/24 An Introduction to PVS Charngki PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer.

Slides:



Advertisements
Similar presentations
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Advertisements

Proof checking with PVS Book: Chapter 3. A Theory Name: THEORY BEGIN Definitions (types, variables, constants) Axioms Lemmas (conjectures, theorems) END.
Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”
Semantics Static semantics Dynamic semantics attribute grammars
Computing Fundamentals 2 Introduction to CafeOBJ Lecturer: Patrick Browne Lecture Room: K408 Lab Room: A308 Based on work by: Nakamura Masaki, João Pascoal.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
© M. Winter COSC 4P41 – Functional Programming Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,
CSE 8389 Theorem Proving - Seidel Spring CSE 8389 Theorem Proving Peter-Michael Seidel.
Induction and Recursion. Odd Powers Are Odd Fact: If m is odd and n is odd, then nm is odd. Proposition: for an odd number m, m k is odd for all non-negative.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.
Formal Logic Proof Methods Direct Proof / Natural Deduction Conditional Proof (Implication Introduction) Reductio ad Absurdum Resolution Refutation.
Case Study: Using PVS to Analyze Security Protocols Kyle Taylor.
School of Computing and Mathematics, University of Huddersfield CIA2326: WEEK ?? LECTURE: Introduction to Algebras SUPPORTING NOTES: See chapters 8,9,10.
VIDE Integrated Environment for Development and Verification of Programs.
Katz Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems Shmuel Katz The Technion.
TR1413: Discrete Mathematics For Computer Science Lecture 3: Formal approach to propositional logic.
So far we have learned about:
Some administrative stuff Class mailing list: –send to with the command “subscribe”
After today Week 9 –Tu: Pat Rondon –Th: Ravi/Nathan Week 10 –Tu: Nathan/Ravi –Th: Class canceled Finals week –Th: Zach, John.
Fundamental in Computer Science Recursive algorithms 1.
1/25 Pointer Logic Changki PSWLAB Pointer Logic Daniel Kroening and Ofer Strichman Decision Procedure.
1 Theorem Proving and Model Checking in PVS A Modeling Hardware and Software with PVS Edmund Clarke Daniel Kroening Carnegie Mellon University.
First Order Logic. This Lecture Last time we talked about propositional logic, a logic on simple statements. This time we will talk about first order.
Computer Science School of Computing Clemson University Discrete Math and Reasoning about Software Correctness Murali Sitaraman
Deciding a Combination of Theories - Decision Procedure - Changki pswlab Combination of Theories Daniel Kroening, Ofer Strichman Presented by Changki.
1/20 Symbolic Execution and Program Testing Charngki PSWLAB Symbolic Execution and Program Testing James C.King IBM Thomas J.Watson Research Center.
Theoretical basis of GUHA Definition 1. A (simplified) observational predicate language L n consists of (i) (unary) predicates P 1,…,P n, and an infinite.
CAS- 734 (Presentation -1) By : Vasudha Kapil
1 Theorem Proving and Model Checking in PVS A PVS – An Introduction Edmund Clarke Daniel Kroening Carnegie Mellon University.
Induction Schemes Math Foundations of Computer Science.
Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.
1 Inference Rules and Proofs (Z); Program Specification and Verification Inference Rules and Proofs (Z); Program Specification and Verification.
CS 326 Programming Languages, Concepts and Implementation Instructor: Mircea Nicolescu Lecture 7.
1 Formal Semantics of Programming Languages “Program testing can be used to show the presence of bugs, but never to show their absence!” --Dijkstra.
Copyright © 2010 Pearson Education, Inc. All rights reserved. 5.5 – Slide 1.
Computer Science Department Data Structure & Algorithms Lecture 8 Recursion.
Many Sorted First-order Logic Student: Liuxing Kan Instructor: William Farmer Dept. of Computing and Software McMaster University, Hamilton, CA.
Computer Science School of Computing Clemson University Discrete Math and Reasoning about Software Correctness Joseph E. Hollingsworth
First Order Logic Lecture 2: Sep 9. This Lecture Last time we talked about propositional logic, a logic on simple statements. This time we will talk about.
Formal Verification Lecture 9. Formal Verification Formal verification relies on Descriptions of the properties or requirements Descriptions of systems.
CS Introduction to AI Tutorial 8 Resolution Tutorial 8 Resolution.
Chap 3 –A theorem is a statement that can be shown to be true –A proof is a sequence of statements to show that a theorem is true –Axioms: statements which.
1 Automated Theorem Proving: PVS Alexander Serebrenik.
9/30/98 Prof. Richard Fikes Inference In First Order Logic Computer Science Department Stanford University CS222 Fall 1998.
1 Introduction to Abstract Mathematics Chapter 2: The Logic of Quantified Statements. Predicate Calculus Instructor: Hayk Melikya 2.3.
INM175 Topic 8 1 Module INM175 Discrete Mathematics Topic 8 Algebraic Theories.
First Order Logic Lecture 3: Sep 13 (chapter 2 of the book)
This Week Lecture on relational semantics Exercises on logic and relations Labs on using Isabelle to do proofs.
Computer Science School of Computing Clemson University Mathematical Reasoning with Objects.
1 2/21/2016 MATH 224 – Discrete Mathematics Sequences and Sums A sequence of the form ar 0, ar 1, ar 2, ar 3, ar 4, …, ar n, is called a geometric sequence.
1/20 Arrays Changki PSWLAB Arrays Daniel Kroening and Ofer Strichman Decision Procedure.
1 Lecture 5 PVS commands. 2 Last week Logical formalisms, first-order logic (syntax, semantics). Introduction to PVS. Language of PVS. Proving sequents.
Integrating Math Units and Proof Checking for Specification and Verification SAVCBS Workshop 2008 SIGSOFT 2008 / FSE 16 November 9th, 2008 Hampton Smith.
Functional Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture Notes 21.
CSE Winter 2008 Introduction to Program Verification February 5 calculating with simplify.
Interface specifications At the core of each Larch interface language is a model of the state manipulated by the associated programming language. Each.
Section Recursion  Recursion – defining an object (or function, algorithm, etc.) in terms of itself.  Recursion can be used to define sequences.
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
COMP 412, FALL Type Systems C OMP 412 Rice University Houston, Texas Fall 2000 Copyright 2000, Robert Cartwright, all rights reserved. Students.
1 Interactive Computer Theorem Proving CS294-9 October 19, 2006 Adam Chlipala UC Berkeley Lecture 9: Beyond Primitive Recursion.
Lecture 11: Proof by Reflection
Disjunctive Normal Form
Mathematical Induction Recursion
13 Exponents and Polynomials.
Functional Verification I
Functional Verification I
MA/CSSE 474 More Math Review Theory of Computation
This Lecture Substitution model
7.4 Properties of Exponents
Presentation transcript:

1/24 An Introduction to PVS Charngki PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer Science Laboratory, SRI International

2/24 An Introduction to PVSCharngki PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

3/24 An Introduction to PVSCharngki PSWLAB Introduction  PVS stands for “Prototype Verification System”  PVS  consists of a specification language integrated with support tools and theorem prover  is both interactive and highly mechanized: the user chooses each proving step and PVS performs it, displays the result, and then waits for the next command  The goal of PVS  PVS is designed to help in the detection of errors as well as in the confirmation of correctness

4/24 An Introduction to PVSCharngki PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

5/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  PVS has three steps to prove target specifications 1. Creating a specification 2. Typechecking 3. Proving

6/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Creating a specification 1. Use M-x new-pvs-file command to create a new PVS file, and type a name of the file 2. or you can simply load a existing PVS file using M-x find-pvs- file command

7/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Create a sum.pvs file  specification for summation of the first n natural numbers sum : THEORY BEGIN n : VAR nat sum (n) : RECURSIVE nat = (IF n = 0 THEN 0 ELSE n + sum(n-1) ENDIF) MEASURE (LAMBDA n: n) closed_form: THEOREM sum(n) = (n * (n+1) ) / 2 END sum used to show that the definition terminates

8/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Typechecking 1. M-x typecheck command to typecheck 2. M-x show-tccs command to see TCCs 3. M-x typecheck-prove to prove TCCs  TCC  Type Correctness Condition  TCCs must be proved in order to show that the theory is type correct  The proofs of the TCCs may be postponed indefinately

9/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Typechecking  TCCs  sum takes an argument of type nat, but the type of the argument in the recursive call to sum is integer, since nat is not closed under subtraction  Since sum is recursive form, we need to ensure this function terminates % Subtype TCC generated (line 7) for n-1 % unchecked sum_TCC1 : OBLIGATION (FORALL (n: nat): NOT n=0 IMPLIES n-1 >= 0) % Termination TCC generated (line 7) for sum % unchecked sum_TCC2 : OBLIGATION (FORALL (n: nat): NOT n=0 IMPLIES n-1 < n)

10/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Proving  Place the cursor on the line containing the theorem, and type M-x prove  A new buffer will pop up, the formula will be displayed, and the cursor will appear at the Rule? prompt, indicating that users can interact with the prover  The proving process is completed if there are no more unproven subgoals

11/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Proving 1. Prove formula by induction on n Generate 2 subgoals 1.base case 2.inductive step

12/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Proving simplifies the formula send the proof to the PVS decision procedure

13/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Proving  To eliminate the FORALL quantifier  skolem! command  Provide new constants for the bound variables  flatten command  break up the succedent into a new antecedent and consequent antecedent consequent

14/24 An Introduction to PVSCharngki PSWLAB A brief tour of PVS  Proving

15/24 An Introduction to PVSCharngki PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

16/24 An Introduction to PVSCharngki PSWLAB PVS language  A simple example : the rational numbers  predicate subtype rats : THEORY BEGIN rat : TYPE zero : rat / : [rat, rat  rat] * : [rat, rat  rat] x, y : VAR rat left_canclelation : AXIOM x * (y/x) = y zero_times : AXIOM zero * x = zero END rats We need to consider divide by zero

17/24 An Introduction to PVSCharngki PSWLAB PVS language  A simple example : the rational numbers  predicate subtypes rats : THEORY BEGIN rat : TYPE zero : rat nonzero : TYPE = { x | x /= zero } / : [rat, nonzero  rat] * : [rat, rat  rat] x, y : VAR rat left_canclelation : AXIOM x /= zero IMPLIES x * (y/x) = y zero_times : AXIOM zero * x = zero END rats predicate subtype

18/24 An Introduction to PVSCharngki PSWLAB PVS language  Example : Stacks  Generic type stacks [t : TYPE] : THEORY BEGIN stack : TYPE empty : stack s : VAR stack x : VAR t push : [t, stack  stack] pop : [stack  stack] top : [stack  t] pop_push : AXIOM pop(push(x, s)) = s top_push : AXIOM top(push(x, s)) = x END stacks Generic type

19/24 An Introduction to PVSCharngki PSWLAB PVS language  Example : factorial  Recursive  The MEASURE function is used to show that the definition terminates, by generating an obligation that the MEASURE decreases with each call factorial : THEORY BEGIN fac(x: nat) : RECURSIVE nat = IF x = 0 THEN 1 ELSE x * fac(x-1) ENDIF MEASURE (LAMBDA (x: nat): x) END factorial

20/24 An Introduction to PVSCharngki PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

21/24 An Introduction to PVSCharngki PSWLAB More examples  Quantifier Proof  Original goal : FORALL x : P(x) AND Q(x)  (FORALL x : P(x)) AND (FORALL x : Q(x))  After split command  Subgoal 1 : FORALL x : P(x) AND Q(x)  (FORALL x : P(x))  Subgoal 2 : FORALL x : P(x) AND Q(x)  (FORALL x : Q(x)) predicate : THEORY BEGIN T : TYPE x, y, z : VAR T P, Q : [T  bool] pred_calc : THEOREM (FORALL x : P(x) AND Q(x)) IMPLIES (FORALL x : P(x)) AND (FORALL x : Q(x)) END predicate

22/24 An Introduction to PVSCharngki PSWLAB More examples  Decision Procedures  i + 8 can be expressed as 3*m + 5*n  i = 3*m’ + 5*n’  case n=0  i = 3*(m-3) + 5*2  subgoal 2.1  case n>0  i = 3*(m+2) + 5(n-1)  subgoal 2.2 stamps : THEORY BEGIN i, three, five : VAR nat stamps : THEOREM ( FORALL i : (EXISTS three, five : i+8 = 3 * three + 5 * five )) END stamps

23/24 An Introduction to PVSCharngki PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

24/24 An Introduction to PVSCharngki PSWLAB References  A Tutorial Introduction to PVS by Judy Crow, Sam Owre, John Rushby, Natarajan Shankar and Mandayam Srivas, WIFT ‘95

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.