Automated Verification of Reactive and Concurrent Programs by Calculation, supporting material

Abstract

Event-driven reactive programs combine traditional sequential programming constructs with primitives to allow communication with other concurrent agents. They are ubiquitous in modern applications, ranging from components systems and web services, to cyber physical systems and autonomous robots, and so verification support for them is highly desirable. We present a verification strategy for concurrent and reactive programs, with a large or infinite state space, utilising algebraic laws for reactive relations. We define novel operators to characterise interactions and state updates, and an associated equational theory. With this we can calculate a reactive program’s denotational semantics, and thereby facilitate automated proof. Of note is our reasoning support for iterative programs with reactive invariants, which is supported by Kleene algebra, and parallel composition, which allows flexible specification of various concurrency schemes. We illustrate our strategy by verifying a reactive buffer. Our laws and strategy are mechanised in Isabelle/UTP, our implementation of Hoare and He’s Unifying Theories of Programming (UTP) semantic framework, which provides soundness guarantees, and practical verification support.

Isabelle Formalisation

This archive accompanies the JLAMP journal submission, "Automated Verification of Reactive and Concurrent Programs by Calculation". All of the Isabelle/HOL theories needed to support the theorems developed in this paper are included, and also the dependencies from the Archive of Formal Proofs (AFP). This development depends on Isabelle/2019 (from https://isabelle.in.tum.de/).

In order to view the theories, you first need to make Isabelle aware of the Isabelle/UTP directly. You can either do this by adding a reference to its absolute path in the ROOTS file of your Isabelle installation, or else by invoking Isabelle on the command line with a command such as:

isabelle jedit -d /path/to/isabelle/utp -l UTP-Circus

The main heap images of interest are UTP, UTP-Reactive-Designs, and UTP-Circus. The first time you invoke the command, you may need to wait for a while to allow Isabelle to build the heap image. You can find the reactive buffer example under tutorial/utp_csp_buffer.thy and further reactive program examples in tutorial/utp_csp_ex.thy. The theories for reactive designs and stateful failure reactive designs may be found under theories/{rea_designs, sf_rdes}.