Presentation is loading. Please wait.

Presentation is loading. Please wait.

1/24 An Introduction to PVS Charngki PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer.

Published byLeon Stanley Modified over 9 years ago

Similar presentations

Presentation on theme: "1/24 An Introduction to PVS Charngki PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer."— Presentation transcript:

1 1/24 An Introduction to PVS Charngki Hong @ PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer Science Laboratory, SRI International

2 2/24 An Introduction to PVSCharngki Hong @ PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

3 3/24 An Introduction to PVSCharngki Hong @ PSWLAB Introduction  PVS stands for “Prototype Verification System”  PVS  consists of a specification language integrated with support tools and theorem prover  is both interactive and highly mechanized: the user chooses each proving step and PVS performs it, displays the result, and then waits for the next command  The goal of PVS  PVS is designed to help in the detection of errors as well as in the confirmation of correctness

4 4/24 An Introduction to PVSCharngki Hong @ PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

5 5/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  PVS has three steps to prove target specifications 1. Creating a specification 2. Typechecking 3. Proving

6 6/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Creating a specification 1. Use M-x new-pvs-file command to create a new PVS file, and type a name of the file 2. or you can simply load a existing PVS file using M-x find-pvs- file command

7 7/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Create a sum.pvs file  specification for summation of the first n natural numbers sum : THEORY BEGIN n : VAR nat sum (n) : RECURSIVE nat = (IF n = 0 THEN 0 ELSE n + sum(n-1) ENDIF) MEASURE (LAMBDA n: n) closed_form: THEOREM sum(n) = (n * (n+1) ) / 2 END sum used to show that the definition terminates

8 8/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Typechecking 1. M-x typecheck command to typecheck 2. M-x show-tccs command to see TCCs 3. M-x typecheck-prove to prove TCCs  TCC  Type Correctness Condition  TCCs must be proved in order to show that the theory is type correct  The proofs of the TCCs may be postponed indefinately

9 9/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Typechecking  TCCs  sum takes an argument of type nat, but the type of the argument in the recursive call to sum is integer, since nat is not closed under subtraction  Since sum is recursive form, we need to ensure this function terminates % Subtype TCC generated (line 7) for n-1 % unchecked sum_TCC1 : OBLIGATION (FORALL (n: nat): NOT n=0 IMPLIES n-1 >= 0) % Termination TCC generated (line 7) for sum % unchecked sum_TCC2 : OBLIGATION (FORALL (n: nat): NOT n=0 IMPLIES n-1 < n)

10 10/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Proving  Place the cursor on the line containing the theorem, and type M-x prove  A new buffer will pop up, the formula will be displayed, and the cursor will appear at the Rule? prompt, indicating that users can interact with the prover  The proving process is completed if there are no more unproven subgoals

11 11/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Proving 1. Prove formula by induction on n Generate 2 subgoals 1.base case 2.inductive step

12 12/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Proving simplifies the formula send the proof to the PVS decision procedure

13 13/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Proving  To eliminate the FORALL quantifier  skolem! command  Provide new constants for the bound variables  flatten command  break up the succedent into a new antecedent and consequent antecedent consequent

14 14/24 An Introduction to PVSCharngki Hong @ PSWLAB A brief tour of PVS  Proving

15 15/24 An Introduction to PVSCharngki Hong @ PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

16 16/24 An Introduction to PVSCharngki Hong @ PSWLAB PVS language  A simple example : the rational numbers  predicate subtype rats : THEORY BEGIN rat : TYPE zero : rat / : [rat, rat  rat] * : [rat, rat  rat] x, y : VAR rat left_canclelation : AXIOM x * (y/x) = y zero_times : AXIOM zero * x = zero END rats We need to consider divide by zero

17 17/24 An Introduction to PVSCharngki Hong @ PSWLAB PVS language  A simple example : the rational numbers  predicate subtypes rats : THEORY BEGIN rat : TYPE zero : rat nonzero : TYPE = { x | x /= zero } / : [rat, nonzero  rat] * : [rat, rat  rat] x, y : VAR rat left_canclelation : AXIOM x /= zero IMPLIES x * (y/x) = y zero_times : AXIOM zero * x = zero END rats predicate subtype

18 18/24 An Introduction to PVSCharngki Hong @ PSWLAB PVS language  Example : Stacks  Generic type stacks [t : TYPE] : THEORY BEGIN stack : TYPE empty : stack s : VAR stack x : VAR t push : [t, stack  stack] pop : [stack  stack] top : [stack  t] pop_push : AXIOM pop(push(x, s)) = s top_push : AXIOM top(push(x, s)) = x END stacks Generic type

19 19/24 An Introduction to PVSCharngki Hong @ PSWLAB PVS language  Example : factorial  Recursive  The MEASURE function is used to show that the definition terminates, by generating an obligation that the MEASURE decreases with each call factorial : THEORY BEGIN fac(x: nat) : RECURSIVE nat = IF x = 0 THEN 1 ELSE x * fac(x-1) ENDIF MEASURE (LAMBDA (x: nat): x) END factorial

20 20/24 An Introduction to PVSCharngki Hong @ PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

21 21/24 An Introduction to PVSCharngki Hong @ PSWLAB More examples  Quantifier Proof  Original goal : FORALL x : P(x) AND Q(x)  (FORALL x : P(x)) AND (FORALL x : Q(x))  After split command  Subgoal 1 : FORALL x : P(x) AND Q(x)  (FORALL x : P(x))  Subgoal 2 : FORALL x : P(x) AND Q(x)  (FORALL x : Q(x)) predicate : THEORY BEGIN T : TYPE x, y, z : VAR T P, Q : [T  bool] pred_calc : THEOREM (FORALL x : P(x) AND Q(x)) IMPLIES (FORALL x : P(x)) AND (FORALL x : Q(x)) END predicate

22 22/24 An Introduction to PVSCharngki Hong @ PSWLAB More examples  Decision Procedures  i + 8 can be expressed as 3*m + 5*n  i + 8 + 1 = 3*m’ + 5*n’  case n=0  i + 8 + 1 = 3*(m-3) + 5*2  subgoal 2.1  case n>0  i + 8 + 1 = 3*(m+2) + 5(n-1)  subgoal 2.2 stamps : THEORY BEGIN i, three, five : VAR nat stamps : THEOREM ( FORALL i : (EXISTS three, five : i+8 = 3 * three + 5 * five )) END stamps

23 23/24 An Introduction to PVSCharngki Hong @ PSWLAB Table of Contents  Introduction  A brief tour of PVS  PVS language  More examples  References

24 24/24 An Introduction to PVSCharngki Hong @ PSWLAB References  A Tutorial Introduction to PVS by Judy Crow, Sam Owre, John Rushby, Natarajan Shankar and Mandayam Srivas, WIFT ‘95

Download ppt "1/24 An Introduction to PVS Charngki PSWLAB An Introduction to PVS Judy Crow, Sam Owre, John Rushby, Natarajan Shankar, Mandayam Srivas Computer."

Similar presentations

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
Proof checking with PVS Book: Chapter 3. A Theory Name: THEORY BEGIN Definitions (types, variables, constants) Axioms Lemmas (conjectures, theorems) END.

Proof checking with PVS Book: Chapter 3. A Theory Name: THEORY BEGIN Definitions (types, variables, constants) Axioms Lemmas (conjectures, theorems) END.
Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”

Synthesis, Analysis, and Verification Lecture 04c Lectures: Viktor Kuncak VC Generation for Programs with Data Structures “Beyond Integers”
Semantics Static semantics Dynamic semantics attribute grammars

Semantics Static semantics Dynamic semantics attribute grammars
Computing Fundamentals 2 Introduction to CafeOBJ Lecturer: Patrick Browne Lecture Room: K408 Lab Room: A308 Based on work by: Nakamura Masaki, João Pascoal.

Computing Fundamentals 2 Introduction to CafeOBJ Lecturer: Patrick Browne Lecture Room: K408 Lab Room: A308 Based on work by: Nakamura Masaki, João Pascoal.
Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.

Proofs and Programs Wei Hu 11/01/2007. Outline  Motivation  Theory  Lambda calculus  Curry-Howard Isomorphism  Dependent types  Practice  Coq Wei.
© M. Winter COSC 4P41 – Functional Programming 10. 1 Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,

© M. Winter COSC 4P41 – Functional Programming Testing vs Proving Testing –uses a set of “typical” examples, –symbolic testing, –may find errors,
CSE 8389 Theorem Proving - Seidel Spring 2005 1 CSE 8389 Theorem Proving Peter-Michael Seidel.

CSE 8389 Theorem Proving - Seidel Spring CSE 8389 Theorem Proving Peter-Michael Seidel.
Induction and Recursion. Odd Powers Are Odd Fact: If m is odd and n is odd, then nm is odd. Proposition: for an odd number m, m k is odd for all non-negative.

Induction and Recursion. Odd Powers Are Odd Fact: If m is odd and n is odd, then nm is odd. Proposition: for an odd number m, m k is odd for all non-negative.
1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.

1/22 Programs : Semantics and Verification Charngki PSWLAB Programs: Semantics and Verification Mordechai Ben-Ari Mathematical Logic for Computer.
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.

An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.
74.757 Formal Logic Proof Methods Direct Proof / Natural Deduction Conditional Proof (Implication Introduction) Reductio ad Absurdum Resolution Refutation.

Formal Logic Proof Methods Direct Proof / Natural Deduction Conditional Proof (Implication Introduction) Reductio ad Absurdum Resolution Refutation.
Case Study: Using PVS to Analyze Security Protocols Kyle Taylor.

Case Study: Using PVS to Analyze Security Protocols Kyle Taylor.
School of Computing and Mathematics, University of Huddersfield CIA2326: WEEK ?? LECTURE: Introduction to Algebras SUPPORTING NOTES: See chapters 8,9,10.

School of Computing and Mathematics, University of Huddersfield CIA2326: WEEK ?? LECTURE: Introduction to Algebras SUPPORTING NOTES: See chapters 8,9,10.
VIDE Integrated Environment for Development and Verification of Programs.

VIDE Integrated Environment for Development and Verification of Programs.
Katz2004 236386--Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems 236368 Shmuel Katz The Technion.

Katz Formal Specifications Larch 1 Algebraic Specification and Larch Formal Specifications of Complex Systems Shmuel Katz The Technion.
TR1413: Discrete Mathematics For Computer Science Lecture 3: Formal approach to propositional logic.

TR1413: Discrete Mathematics For Computer Science Lecture 3: Formal approach to propositional logic.
So far we have learned about:

So far we have learned about:
Some administrative stuff Class mailing list: –send to with the command “subscribe”

Some administrative stuff Class mailing list: –send to with the command “subscribe”
After today Week 9 –Tu: Pat Rondon –Th: Ravi/Nathan Week 10 –Tu: Nathan/Ravi –Th: Class canceled Finals week –Th: Zach, John.

After today Week 9 –Tu: Pat Rondon –Th: Ravi/Nathan Week 10 –Tu: Nathan/Ravi –Th: Class canceled Finals week –Th: Zach, John.

Similar presentations

Ads by Google