Theorem Proving Languages for Verification

Verification is a hard task, but much progress has been achieved recently. Many verification problems have been shown decidable by reducing them to modelchecking finite state transition systems. Verification of infinite state transition systems has achieved tremendous progress too, by showing that many particular cases were themselves decidable, such as timed automata [1] or some forms of pushdown-automata [4]. However, the demand for verification is growing fast, and the industrial needs go far beyond the verification of decidable systems. Verification of large, complex systems for which the task is actually undecidable is therefore an issue that must be addressed carefully. There are two main requirements. The first is generality : any system should be amenable to a user-assisted treatment. The second is automaticity : decidable systems should be processed without user-assistance. There are two main approaches to the verification of complex systems. The first is based on abstraction techniques. The system is first simplified by finding a suitable abstraction making verification decidable. This approach requires finding the abstraction first, which can be done by using a toolkit of possible abstractions, or by delegating the problem to the user. In the latter case, the abstraction must be proved correct, while the correctness follows from general theorems in the first case The second is based on theorem proving techniques. The system is first described by using some appropriate language, and the description compiled into some logical formula. The property to be verified is then itself described by a formula of the same language. It is finally checked with the theorem prover. Both approaches are compatible: abstraction techniques need theorem provers to verify their correctness, and theorem provers need abstraction techniques to ease their proving task. The main difference is therefore in the emphasis. In the following, we concentrate on the second approach.