109

urn:lsid:arphahub.com:pub:3dc5f44e-8666-58db-bc76-a455210e8891

JUCS - Journal of Universal Computer Science

jucs

0948-695X 0948-6968

Journal of Universal Computer Science

10.3217/jucs-014-12-1929

29108

Research Article

D.2.1 - Requirements/Specifications D.2.4 - Software/Program Verification D.3.1 - Formal Definitions and Theory D.4.6 - Security and Protection F.3.1 - Specifying and Verifying and Reasoning about Programs F.4.1 - Mathematical Logic

ASM Refinement Preserving Invariants

Schellhorn

Gerhard

schellhorn@informatik.uni-augsburg.de 1

University of Augsburg, , Germany

University of Augsburg Germany

Corresponding author: Gerhard Schellhorn (schellhorn@informatik.uni-augsburg.de).

Academic editor:

2008

28 06 2008

14 12 1929 1948 F60AC6AA-0D49-52EA-B602-AF6C7183BDF6 7000358

Gerhard Schellhorn

This article is freely available under the J.UCS Open Content License.

Abstract

This paper gives a definition of ASM refinement suitable for the verification that a protocol implements atomic transactions. We used this definition as the basis of the formal verification of the refinements of the Mondex case study with the interactive theorem prover KIV. The refinement definition we give differs from the one we gave in earlier work which preserves partial and total correctness assertions of ASM runs. The reason is that the main goal of the refinement of the Mondex protocol is to preserve a security invariant, while total correctness is not preserved. To preserve invariants, the definition of generalized forward simulation is limited to the use of "small" diagrams, which contain of a single protocol step. We show a technique that allows to use the natural "big" diagrams that consist of an atomic action being refined by a full protocol run.