Lemma Weakening for State Machine Invariant Proofs

Lemma conjecture is one of the most challenging tasks in theorem proving. The paper focuses on invariant properties (or invariants) of state machines. Thus, lemmas are also invariants. To prove that a state predicate p is an invariant of a state machine M , in general, we need to find an inductive i...

Full description

Saved in:
Bibliographic Details
Published in2020 27th Asia-Pacific Software Engineering Conference (APSEC) pp. 21 - 30
Main Authors Tran, Duong Dinh, Bui, Dang Duy, Gupta, Parth, Ogata, Kazuhiro
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.12.2020
Subjects
algebraic specification language
Knowledge engineering
lemma conjecture
lemma strengthening
lemma weakening
MCS protocol
proof score
Protocols
Software engineering
Systematics
Task analysis
Online AccessGet full text

Cover

More Information
Summary:Lemma conjecture is one of the most challenging tasks in theorem proving. The paper focuses on invariant properties (or invariants) of state machines. Thus, lemmas are also invariants. To prove that a state predicate p is an invariant of a state machine M , in general, we need to find an inductive invariant q of M such that q(s) implies p(s) for all states s of M. q is often in the form p\wedge p^{\prime} , and p^{\prime} is often in the form q_{1}\wedge\ldots\wedge q_{n}.\ q_{1}, \ldots, q_{n} are the lemmas of the proof that p is an invariant of M . The paper proposes a technique called Lemma Weakening (LW). LW replaces q_{i} with q^{\prime}_{i} such that q_{i}(s) implies q_{i}^{\prime}(s) for all states s of M , which can make the proof reasonably tractable that may become otherwise unreasonably hard. MCS mutual exclusion protocol is used as an example to demonstrate the power of LW.
ISSN:2640-0715
DOI:10.1109/APSEC51365.2020.00010