Structural Temporal Logic for Mechanized Program Verification

Mechanized verification of liveness properties for infinite programs with effects and nondeterminism is challenging. Existing temporal reasoning frameworks operate at the level of models such as traces and automata. Reasoning happens at a very low-level, requiring complex nested (co-)inductive proof...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:Proceedings of ACM on programming languages Ročník 9; číslo OOPSLA2; s. 1148 - 1175
Hlavní autoři: Ioannidis, Eleftherios, Zakowski, Yannick, Zdancewic, Steve, Angel, Sebastian
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York, NY, USA ACM 09.10.2025
Témata:
Computer Science
Program specifications
Program verification
Programming Languages
Theory of computation
Systems Verification
Formal Verification
Program Verification
Temporal Logic
Semantics
Proof Assistant
CCS Concepts: Theory of computation → Program verification
Program specifications Formal Verification
Theory of computation → Program verification
CCS Concepts
Systems
ISSN:2475-1421, 2475-1421
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Mechanized verification of liveness properties for infinite programs with effects and nondeterminism is challenging. Existing temporal reasoning frameworks operate at the level of models such as traces and automata. Reasoning happens at a very low-level, requiring complex nested (co-)inductive proof techniques and familiarity with proof assistant mechanics (e.g., the guardedness checker). Further, reasoning at the level of models instead of program constructs creates a verification gap that loses the benefits of modularity and composition enjoyed by structural program logics such as Hoare Logic. To address this verification gap, and the lack of compositional proof techniques for temporal specifications, we propose Ticl, a new structural temporal logic. Using Ticl, we encode complex (co-)inductive proof techniques as structural lemmas and focus our reasoning on variants and invariants. We show that it is possible to perform compositional proofs of general temporal properties in a proof assistant, while working at a high level of abstraction. We demonstrate the benefits of Ticl by giving mechanized proofs of safety and liveness properties for programs with scheduling, concurrent shared memory, and distributed consensus, demonstrating a low proof-to-code ratio.
ISSN:2475-1421
2475-1421
DOI:10.1145/3763091