SRI Logo
About Us|R and D Divisions|Careers|Newsroom|Contact Us|SRI Home
     
  SRI Logo

Analyzing Tabular and State-Transition Specifications in PVS
 by Sam Owre, Dr. John Rushby & Dr. Natarajan Shankar.

A shorter version of this report was published in the proceedings of TACAS 97.

Number SRI-CSL-95-12.
Computer Science Laboratory, SRI International, Menlo Park, CA.
July, 1995.


Abstract
We describe PVS's capabilities for representing tabular specifications of the kind advocated by Parnas and others, and show how PVS's Type Correctness Conditions (TCCs) are used to ensure certain well-formedness properties. We then show how these and other capabilities of PVS can be used to represent the AND/OR tables of Leveson and the Decision Tables of Sherry, and we demonstrate how PVS's TCCs can expose and help isolate errors in the latter. We extend this approach to represent the mode transition tables of the Software Cost Reduction (SCR) method in an attractive manner. We show how PVS can check these tables for well-formedness, and how PVS's model checking capabilities can be used to verify invariants and reachability properties of SCR requirements specifications, and inclusion relations between the behaviors of different specifications. These examples demonstrate how several capabilities of the PVS language and verification system can be used in combination to provide customized support for specific methodologies for documenting and analyzing requirements. Because they use only the standard capabilities of PVS, users can adapt and extend these customizations to suit their own needs. Those developing dedicated tools for individual methodologies may find these constructions in PVS helpful for prototyping purposes, or as a useful adjunct to a dedicated tool when the capabilities of a full theorem prover are required. The examples also illustrate the power and utility of an integrated general-purpose system such as PVS. For example, there was no need to adapt or extend the PVS model checker in order to make it work with SCR specifications described using the PVS TABLE construct: the model checker is applicable to any transition relation, independently of the PVS language constructs used in its definition.
BibTEX Entry
@techreport{csl-95-12,
    AUTHOR = {Sam Owre and John Rushby and Natarajan Shankar},
    TITLE = {Analyzing Tabular and State-Transition Specifications in {PVS}},
    INSTITUTION = {Computer Science Laboratory, {SRI} International},
    YEAR = {1995},
    NUMBER = {{SRI-CSL-95-12}},
    ADDRESS = {Menlo Park, {CA}},
    MONTH = {July},
    NOTE = {Revised May 1996.},
    URL = {http://www.csl.sri.com/papers/csl-95-12/}
}
Files
 













 

About Us  |  R&D Divisions  |  Careers  |  Newsroom  |  Contact Us
© 2017 SRI International 333 Ravenswood Avenue, Menlo Park, CA 94025-3493
SRI International is an independent, nonprofit corporation. Privacy policy