Skip to main content
Springer Nature Link
Log in

Verifying Invariants by Deductive Model Checking

  • Conference paper
  • First Online:
Rewriting Logic and Its Applications (WRLA 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14953))

Included in the following conference series:

  • 152 Accesses

Abstract

We propose a new deductive model checking methodology where narrowing-based logical model checking of symbolic states specified as disjunctions of constrained patterns is synergistically combined with inductive theorem proving to discharge inductive verification conditions. An obvious synergy is to use an inductive theorem prover in automated mode as an oracle to help logical model checking reach a fixpoint. But this is not the only possible synergy. In this paper we focus instead on a new deductive model checking methodology to verify invariants—including inductive invariants—of infinite-state systems, where logical model checking automates large parts of the verification effort with the help of an inductive theorem prover as an oracle, and the remaining tasks are left to the inductive theorem prover used in interactive mode. We demonstrate this methodology by means of Maude examples using two tools working in tandem: the DM-Check symbolic model checker, and the NuITP inductive theorem prover.

S Escobar, J. Sapiña and R. López-Rueda have been partially supported by the grant PID2021-122830OB-C42 funded by MCIN/AEI/10.13039/501100011033 and ERDF A way of making Europe, and by the grant CIPROM/2022/6 funded by Generalitat Valenciana. S Escobar and K. Bae have been partially supported by the NATO Science for Peace and Security Programme project SymSafe (grant number G6133). J. Meseguer, S Escobar, J. Sapiña and R. López-Rueda have been partially supported by INCIBE’s Chair funded by the EU-NextGenerationEU through the Spanish government’s Plan de Recuperación, Transformación y Resiliencia. K. Bae has been partially supported by the National Research Foundation of Korea (NRF) grants funded by the Korean government (2021R1A5A1021944 and RS-2023-00251577).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    At http://safe-tools.dsic.upv.es/dmc.

  2. 2.

    A disjoint E-unifier of \(u=v\) is an E unifier of \(u'=v'\), with \(u'\) (resp. \(v'\)) a variable renaming of u (resp. v) such that \(u'\) and \(v'\) share no variables.

  3. 3.

    A rewrite theory \(\mathcal {R}\) is topmost iff it has a sort \( State \) such that: (i) if \(f(t_{1},\ldots ,t_{n})\) has sort \( State \), none of the \(t_{i}\), \(1 \le i \le n\) has sort \( State \), and (ii) for any rewrite rule \(l \rightarrow r \; if \; \varphi \) in \(\mathcal {R}\), l and r have sort \( State \). Many common rewrite theories such as, e.g., actor systems, can be transformed into semantically equivalent topmost ones.

  4. 4.

    \(\mathcal {R}= (\varSigma ,E \cup B,R)\) is admissible if \((\varSigma ,E \cup B)\) is ground confluent and the rules R are ground coherent w.r.t. the oriented equations \(\vec{E}\) modulo B, i.e., for each \(t \in T_{\varSigma , State }\) if \(t \rightarrow _{R,B} t'\), then there exists a \(u'\) such that \(t!_{\vec{E},B} \rightarrow _{R,B}u'\) and \(t'!_{\vec{E},B} =_{B} u'!_{\vec{E},B}\).

  5. 5.

    Given a \(\varSigma \)-algebra \(\mathbb {A}\) and a subsignature \(\varSigma '\) with same poset of sorts, the reduct \(\mathbb {A}|_{\varSigma '}\) is the \(\varSigma '\)-algebra with same sorts as \(\mathbb {A}\) and same operations as \(\mathbb {A}\) for each \(f\in \varSigma '\).

  6. 6.

    One case where this does not happen is deadlock-freedom, where a proof by the positive method is easier: see Sect. 4 for an example.

  7. 7.

    At present, \(\sigma \) applies a collection of NuITP formula simplification rules.

  8. 8.

    For example, in [25] a queue is defined using an empty list nil and a non-associative list constructor _::_, with auxiliary functions such as append defined recursively. Five predicates are declared in [25], and there are many lemmas about interactions between these predicates and the append function. We refer to [25] for further details.

  9. 9.

    It is possible to simplify some of these rules; for example, drop-1a and drop-1b can be merged into a single rule. However, to ensure a fair comparison, we use the same rewrite rules as [25], except for the use of associative operators.

References

  1. Bae, K., Escobar, S., Meseguer, J.: Abstract logical model checking of infinite-state systems using narrowing. In: RTA 2013. LIPIcs, vol. 21, pp. 81–96. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2013)

    Google Scholar 

  2. Bae, K., Meseguer, J.: Infinite-state model checking of LTLR formulas using narrowing. In: Proceedings of WRLA 2014. LNCS, vol. 8663, pp. 113–129. Springer, Berlin (2014)

    Google Scholar 

  3. Bae, K., Meseguer, J.: Predicate abstraction of rewrite theories. In: RTA-TLCA. Lecture Notes in Computer Science, vol. 8560, pp. 61–76. Springer, Berlin (2014)

    Google Scholar 

  4. Bartlett, K.A., Scantlebury, R.A., Wilkinson, P.T.: A note on reliable full-duplex transmission over half-duplex links. Commun. ACM 12(5), 260–261 (1969)

    Article  Google Scholar 

  5. Dershowitz, N., Jouannaud, J.P.: Rewrite systems. In: van Leeuwen, J. (ed.) Handbook of Theoretical Computer Science, vol. B, pp. 243–320. North-Holland (1990)

    Google Scholar 

  6. Durán, F., Escobar, S., Meseguer, J., Sapiña, J.: NuITP alpha 21—an inductive theorem prover for maude equational theories. Available at https://nuitp.webs.upv.es/

  7. Durán, F., Eker, S., Escobar, S., Martí-Oliet, N., Meseguer, J., Rubio, R., Talcott, C.L.: Programming and symbolic computation in Maude. J. Log. Algebraic Methods Program. 110 (2020)

    Google Scholar 

  8. Durán, F., Eker, S., Escobar, S., Martí-Oliet, N., Meseguer, J., Rubio, R., Talcott, C.L.: Equational unification and matching, and symbolic reachability analysis in Maude 3.2. In: Blanchette, J., Kovács, L., Pattinson, D. (eds.) Automated Reasoning—11th International Joint Conference, IJCAR 2022, Haifa, Israel, August 8–10, 2022, Proceedings. Lecture Notes in Computer Science, vol. 13385, pp. 529–540. Springer, Berlin (2022). https://doi.org/10.1007/978-3-031-10769-6_31

  9. Escobar, S., Meadows, C., Meseguer, J.: Maude-NPA: cryptographic protocol analysis modulo equational properties. In: Foundations of Security Analysis and Design V, FOSAD 2007/2008/2009 Tutorial Lectures, LNCS, vol. 5705, pp. 1–50. Springer, Berlin (2009)

    Google Scholar 

  10. Escobar, S., López-Rueda, R., Sapiña, J.: Symbolic analysis by using folding narrowing with irreducibility and SMT constraints. In: Artho, C., Ölveczky, P.C. (eds.) Proceedings of the 9th ACM SIGPLAN International Workshop on Formal Techniques for Safety-Critical Systems, FTSCS 2023, Cascais, Portugal, 22 October 2023. pp. 14–25. ACM (2023). https://doi.org/10.1145/3623503.3623537

  11. Escobar, S., Meseguer, J.: Symbolic model checking of infinite-state systems using narrowing. In: Proceedings of RTA. Lecture Notes in Computer Science, vol. 4533, pp. 153–168 (2007)

    Google Scholar 

  12. Escobar, S., Sasse, R., Meseguer, J.: Folding variant narrowing and optimal variant termination. J. Algebraic Logic Program. 81, 898–928 (2012)

    Article  MathSciNet  Google Scholar 

  13. Futatsugi, K.: Advances of proof scores in CafeOBJ. Sci. Comput. Program. 224, 102893 (2022). https://doi.org/10.1016/J.SCICO.2022.102893

  14. Goguen, J., Meseguer, J.: Order-sorted algebra I: equational deduction for multiple inheritance, overloading, exceptions and partial operations. Theoret. Comput. Sci. 105, 217–273 (1992)

    Article  MathSciNet  Google Scholar 

  15. Lucas, S., Meseguer, J.: Normal forms and normal theories in conditional rewriting. J. Log. Algebr. Meth. Program. 85(1), 67–97 (2016)

    Article  MathSciNet  Google Scholar 

  16. Meseguer, J., Thati, P.: Symbolic reachability analysis using narrowing and its application to the verification of cryptographic protocols. J. Higher-Order Symbolic Comput. 20(1–2), 123–160 (2007)

    Article  Google Scholar 

  17. Meseguer, J.: Conditional rewriting logic as a unified model of concurrency. Theoret. Comput. Sci. 96(1), 73–155 (1992)

    Article  MathSciNet  Google Scholar 

  18. Meseguer, J.: Membership algebra as a logical framework for equational specification. In: Proceedings of WADT’97. pp. 18–61. Springer LNCS 1376 (1998)

    Google Scholar 

  19. Meseguer, J.: Variant-based satisfiability in initial algebras. Sci. Comput. Program. 154, 3–41 (2018)

    Article  Google Scholar 

  20. Meseguer, J.: Generalized rewrite theories, coherence completion, and symbolic methods. J. Log. Algebraic Methods Program. 110 (2020)

    Google Scholar 

  21. Ogata, K., Futatsugi, K.: Proof scores in the OTS/CafeOBJ method. In: Najm, E., Nestmann, U., Stevens, P. (eds.) Formal Methods for Open Object-Based Distributed Systems, 6th IFIP WG 6.1 International Conference, FMOODS 2003, Paris, France, November 19.21, 2003, Proceedings. Lecture Notes in Computer Science, vol. 2884, pp. 170–184. Springer, Berlin (2003). https://doi.org/10.1007/978-3-540-39958-2_12

  22. Ogata, K., Futatsugi, K.: Simulation-based verification for invariant properties in the OTS/CafeOBJ method. In: Boiten, E.A., Derrick, J., Smith, G. (eds.) Proceedings of the BCS-FACS Refinement Workshop, REFINE@IFM 2007, Oxford, UK, July 2007. Electronic Notes in Theoretical Computer Science, vol. 201, pp. 127–154. Elsevier (2007). https://doi.org/10.1016/J.ENTCS.2008.02.018

  23. Ogata, K., Futatsugi, K.: Theorem proving based on proof scores for rewrite theory specifications of OTSs. In: Iida, S., Meseguer, J., Ogata, K. (eds.) Specification, Algebra, and Software - Essays Dedicated to Kokichi Futatsugi. Lecture Notes in Computer Science, vol. 8373, pp. 630–656. Springer, Berlin (2014). https://doi.org/10.1007/978-3-642-54624-2_31

  24. Pnueli, A.: Deduction is forever (1999), invited talk at FM’99 avaliable online at cs.nyu.edu/pnueli/fm99.ps

    Google Scholar 

  25. Rocha, C., Meseguer, J.: Mechanical analysis of reliable communication in the alternating bit protocol using the Maude invariant analyzer tool. In: Specification, Algebra, and Software—Essays Dedicated to Kokichi Futatsugi. Lecture Notes in Computer Science, vol. 8373, pp. 603–629. Springer, Berlin (2014)

    Google Scholar 

  26. Rubio, R., Riesco, A.: Theorem proving for maude specifications using lean. In: Riesco, A., Zhang, M. (eds.) Formal Methods and Software Engineering—23rd International Conference on Formal Engineering Methods, ICFEM 2022, Madrid, Spain, October 24-27, 2022, Proceedings. Lecture Notes in Computer Science, vol. 13478, pp. 263–280. Springer, Berlin (2022). https://doi.org/10.1007/978-3-031-17244-1_16

  27. Slagle, J.R.: Automated theorem-proving for theories with simplifiers commutativity, and associativity. J. ACM 21(4), 622–642 (1974)

    Article  MathSciNet  Google Scholar 

  28. Tran, D.D., Ogata, K.: IPSG: invariant proof score generator. In: Leong, H.V., Sarvestani, S.S., Teranishi, Y., Cuzzocrea, A., Kashiwazaki, H., Towey, D., Yang, J., Shahriar, H. (eds.) 46th IEEE Annual Computers, Software, and Applications Conferenc, COMPSAC 2022, Los Alamitos, CA, USA, June 27–July 1, 2022. pp. 1050–1055. IEEE (2022). https://doi.org/10.1109/COMPSAC54236.2022.00164

Download references

Author information

Authors and Affiliations

  1. Pohang University of Science and Technology, Pohang, South Korea

    Kyungmin Bae

  2. VRAIN, Universitat Politècnica de València, Valencia, Spain

    Santiago Escobar, Raúl López-Rueda & Julia Sapiña

  3. University of Illinois at Urbana-Champaign, Urbana, IL, USA

    José Meseguer

Authors
  1. Kyungmin Bae
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Santiago Escobar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Raúl López-Rueda
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. José Meseguer
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Julia Sapiña
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to José Meseguer .

Editor information

Editors and Affiliations

  1. Japan Advanced Institute of Science and Technology, Nomi, Japan

    Kazuhiro Ogata

  2. Universidad Complutense de Madrid, Madrid, Spain

    Narciso Martí-Oliet

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bae, K., Escobar, S., López-Rueda, R., Meseguer, J., Sapiña, J. (2024). Verifying Invariants by Deductive Model Checking. In: Ogata, K., Martí-Oliet, N. (eds) Rewriting Logic and Its Applications. WRLA 2024. Lecture Notes in Computer Science, vol 14953. Springer, Cham. https://doi.org/10.1007/978-3-031-65941-6_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-65941-6_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-65940-9

  • Online ISBN: 978-3-031-65941-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics