Georg Rock

On Generating Small Clause Normal Forms

In this paper we focus on two powerful techniques to obtain compact clause normal forms: Renaming of formulae and refined Skolemization methods. We illustrate their effect on various examples. By an exhaustive experiment of all first-order TPTP problems, it shows that our clause normal form transformation yields fewer clauses and fewer literals than the methods known and used so far. This often allows for exponentially shorter proofs and, in some cases, it makes it even possible for a theorem prover to find a proof where it was unable to do so with more standard clause normal form transformations.

VSE: Controlling the Complexity in Formal Software Developments

We give an overview of the enhanced VSE system which is a tool to formally specify and verify systems. It provides means for structuring specifications and it supports the development process from the specification of a system to the code generation. Formal developments following this method are stored and maintained in an administration system that guides the user and maintains a consistent state. An integrated deduction system provides proof support for the deduction problems arising during the development process.

VSE: Formal Methods Meet Industrial Needs

Abstract.The Verification Support Environment (VSE) is a tool to formally specify and verify complex systems. It provides the means to structure specifications and supports the development process from the specification of a system to the automatic generation of code. Formal developments following the VSE method are stored and maintained in an administration system that guides the user and maintains a consistent state of development. An integrated deduction system provides proof support for the deduction problems arising during the development process.We describe the application of VSE to an industrial case study and give an overview of the enhanced VSE system and the VSE methodology.

Modular reasoning about structured TLA specifications

In this paper we propose a modular approach to the specification and verification of reactive and concurrent systems. An assumption-commitment style of specification is necessary in this context since no system will behave as expected if the environment does not fulfill the assumptions. However, assumption-commitment specifications can be circular in nature (Abadi Merz 1995) and so we are faced with the problem to rule out unsound circular reasoning.

Verification of distributed applications

Safety and security guarantees for individual applications in almost all cases depend on assumptions on the given context provided by distributed instances of operating systems, hardware platforms, and other application level programs running on these. In particular for formal approaches the problem is to formalize these assumptions without looking at the (formal) model of the operating system (including the machines that execute applications) in all detail. The work described in the paper proposes a modular approach which uses histories of observable events to specify runs of distributed instances of the system. The overall verification approach decomposes the given verification problem into local tasks along the lines of assume-guarantee reasoning. As an example the paper discusses the specification and implementation of the SMTP scenario. It shows in detail how this methodology is utilized within the Verification Support Environment (VSE) to verify the SMTP server part.

Verifying a chipcard-based biometric identification protocol in VSE

In this paper we describe our experiences in specifying and verifying a complex cryptographic protocol actually used in industry that has been developed for the area of chipcard based biometric identification systems. The main emphasis was placed on authenticity, integrity and confidentiality properties. The formal analysis even led to several simplifying modifications of the protocol that facilitate the implementation, yet maintaining the protocol security properties we considered. The formal analysis is based on an inductive approach performed with the help of VSE (Verification Support Environment). The heuristic based proof automation techniques realized in VSE result in an average grade of automation of 80 percent. Thus, VSE provides substantial support for the specification and verification of cryptographic protocols.

Verification Support Environment

Formal software development turns out to become one of the key issues in software engineering. Today an enormous variety of methods and tools exist that serve as an aid for the software engineer to formally specify and verify large-scaled systems. This paper reviews some of the most important general notions in formal software engineering and, in particular, gives an overview on VSE (Verification Support Environment), a tool that supports both hierarchical specification and formal verification.

Formal software development in the Verification Support Environment (VSE)

In this paper a survey of the VSE system, a CASE-tool for formal software development, is presented. Main emphasis is put on the underlying formal method and tool support, and that in particular from the deductive support perspective. In order to demonstrate its broad range of applicability and to give an impression on how to work with the system we make use of two (commercial) applications taken from the safety and the IT-security domain.

A Variant Management Based Methodology for the Requirements-Engineering Process of Mechanical Parts

The value of software or functionality that is realized using software within modern cars is about 35 % of the value of the car itself. We typically have more than 70 ECU in a car with functionality realized and controlled by software. Although most of the current research is focused on software engineering issues, the problems addressed in the software area also occur in the development of mechanical components. Globalization is not limited to software, it also impacts the development departments of OEMs (Original Equipment Manufacturers) with components requested and produced all over the world. Additionally, variability of hardware components used to customize cars is drastically increasing and can be compared to the variability growth in software. Therefore, the efficient and effective handling of requirements for mechanical parts is one of the key factors for a sustainable success within automobile industry. To be able to cope with the expected complexity, Volkswagen decided to introduce a new product line based requirements management methodology. The paper describes the developed methodology and experience made when introducing such a methodology.

Control variant-rich models by variability measures

The embedded systems market and especially the software part of it is growing drastically in automotive industry. Today we see that the value of software or functionality that is realized using software within cars is about 35% of the value of the car itself. We have typically more than 70 embedded control units (ECUs) in a car with functionality realized and controlled by software. The standardization of communication interfaces and operating system functionality as for example realized by AUTOSAR facilitates the distributed development of software. But the needs to produce software in time and in budget remain still a main task in automotive software industry. To cope with tight project plans, process models based on product line technology promise a good chance to be successful. Nevertheless, the need to control the product development remains still one of the most important questions in this area. The work presented here gives some new insights into the definition and application of measures with special emphasis on the variability aspects used within a product line development. Several known techniques as for example atomic sets or formal variability analysis are revisited and used within the context of variability metrics. The measures are categorized and can be used within a project to control and manage the defined variability.