Peter Kearney

Exploring Fair Exchange Protocols Using Specification Animation

Fair exchange protocols are a mechanism to ensure that items held by two parties are exchanged without one party gaining an advantage. Several such protocols have been proposed in recent years. We used the Possum animation tool to explore these protocols to examine whether they achieve their security goals. Our experiments revealed some new attacks and helped to gain other useful insights into various fair exchange protocols.

Integrating Real-Time Scheduling Theory and Program Refinement

We show how real-time schedulability tests and program refinement rules can be integrated to create a formal development method of practical use to real-time programmers. A computational model for representing task scheduling is developed within a ⋆imed’ refinement calculus. Proven multi-tasking schedulability tests then become available as feasibility checks during system refinement.

COGITO: A METHODOLOGY AND SYSTEM FOR FORMAL SOFTWARE DEVELOPMENT

Cogito 1 is the first iteration of a Z-based integrated methodology and support system for formal software development. This paper gives an overview of the Cogito methodology and associated tools. Particular emphasis is placed on the way in which Cogito integrates the various phases of the formal development process and provides comprehensive tools support for all phases of development addressed by the methodology.

A formal method for building concurrent real-time software

Developing concurrent real-time programs is one of computer sciences greatest challenges. Not only is such software expensive to manufacture, but its role in safety-critical systems demands that it be correct. Formal methods of program specification and refinement could strengthen the mathematical precision used to develop such software. Nevertheless, formalisms that embrace both real-time and concurrency requirements are only just emerging. The Quartz method treats time and functional behavior with equal importance in the development process. The authors argue that by modeling program development in a unified framework, we can increase our confidence in the correctness of real-time concurrent code.

Formal methods pilot project

Reports on a collaborative project to pilot the use of formal methods in the development of safety-related software. Using the SVRCs Cogito methodology, staff from CSC Australia undertook: formal specification; validation of the specification by mathematical consistency checks; hazard analysis; and validation of the specification against the safety requirements. Part of the design was modelled formally and verified.

A Layered Real-Time Specification of a RISC Processor

This paper gives an overview of the real-time specification of a commercial RISC processor. The specification is at two related levels, with an abstraction relation defined between them. The lower level specification models separate stages of execution of up to five overlapped instructions. The higher level specification abstracts from the lower level to recapture an atomic, instruction level view of code execution. The load word instruction is used as an example to illustrate the specification at both levels.

The Cogito methodology and system

Cogito I is the first iteration of a Z-based integrated development methodology and support system for formal software development. This paper gives an overview of the Cogito methodology and associated tools. Particular emphasis is placed on the way in which Cogito integrates the various phases of the formal development process and provides comprehensive tool support for all phases of development addressed by the methodology.<<ETX>>

The Cogito Development System

The Cogito system provides comprehensive support for the development of specifications written in the Sum language (a modular extension of Z). The tool-set provides technology to aid in the construction, analysis and development of Sum specifications. Ada code is the final result of a development in Cogito.

Interactively Verifying a Simple Real-time Scheduler

This paper describes the interactive verification of a simple interrupt-driven real-time scheduler written in the machine code language of the MIPS R3000 RISC processor. The formal verification was carried out using the interactive theorem prover Ergo.