Deductive Veri cation of Modular Systems ?

EEective veriication methods, both deductive and algorith-mic, exist for the veriication of global system properties. In this paper, we introduce a formal framework for the modular description and verii-cation of parameterized fair transition systems. The framework allows us to apply existing global veriication methods, such as veriication rules and diagrams, in a modular setting. Transition systems and transition modules can be described by recursive module expressions, allowing the description of hierarchical systems of unbounded depth. Apart from the usual parallel composition, hiding and renaming operations, our module description language provides constructs to augment and restrict the module interface, capablilities that are essential for recursive descriptions. We present proof rules for property inheritance between modules. Finally, module abstraction and induction allow the veriication of re-cursively deened systems. Our approach is illustrated with a recursively deened arbiter for which we verify mutual exclusion and eventual access.