Using PVS to prove a Z refinement: A case study

  • David W. J. Stringer-Calvert
  • Susan Stepney
  • Ian Wand
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1313)


The development of critical systems often places undue trust in the software tools used. This is especially true of compilers, which are a weak link between the source code produced and the object code which is executed. Stepney [23] advocates a method for the production of trusted compilers (i.e. those which are guaranteed to produce object code that is a correct refinement of the source code) by developing a proof of a small, but non trivial compiler by hand in the Z specification language. This approach is quick, but the type system of Z is too weak to ensure that partial functions are correctly applied.

Here, we present a re-working of that development using the PVS specification and verification system. We describe the problems involved in translating from the partial set theory of Z to the total, higher order logic of the PVS system and the strengths and weaknesses of this approach.


Partial Function Operational Semantic Source Language High Level Language Denotational Semantic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Rosalind Barden, Susan Stepney, and David Cooper. Z in Practice. BCS Practitioners Series. Prentice Hall International, 1994.Google Scholar
  2. 2.
    Jonathan Bowen, C.A.R. Hoare, Michael R. Hansen, Anders R. Ravn, Hans Rischel, Ernst-Rüdiger Olderog, Michael Schenke, Martin Fränzle, Markus Müller-Olm, Jifeng He, and Zheng Jianping. Provably correct systems-FTRTFT'94 tutorial. In Proceedings of FTRTFT'94, number 863 in Lecture Notes in Computer Science. Springer-Verlag, September 1994.Google Scholar
  3. 3.
    Robert S. Boyer and J. Strother Moore. A Computational Logic Handbook. Academic Press, 1988.Google Scholar
  4. 4.
    Karl-Heinz Buth. Automated code generator verification based on algebraic laws. ProCoS Project Document Kiel KHB 5/1, September 1995.Google Scholar
  5. 5.
    W.J. Cullyer. Implementing safety critical systems: The VIPER microprocessor. In G. Birtwistle and P.A. Subrahmanyam, editors, VLSI Specification, Verification and Synthesis, pages 1–25. Kluwer Academic Publishers, 1988.Google Scholar
  6. 6.
    Paul Curzon. A verified vista implementation final report. Technical Report 311, University of Cambridge Computer Laboratory, September 1993.Google Scholar
  7. 7.
    Axel Dold, F.W. von Henke, H. Pfeifer, and H. Rueß. Formal verification of transformations for peephole optimizations. 1997. These proceedings.Google Scholar
  8. 8.
    Mike Gordon. A proof generating system for higher-order logic. Technical Report 103, University of Cambridge Computer Laboratory, January 1987.Google Scholar
  9. 9.
    Stanford Verification Group. Stanford Pascal verifier user manual. Technical Report 11, Stanford Verification Group, 1979.Google Scholar
  10. 10.
    Joshua D. Guttman, John D. Ramsdell, and Vipin Swarup. The VLISP verified scheme system. LISP and Symbolic Computation, 8:33–110, 1995.Google Scholar
  11. 11.
    R.W.S. Hale. Program compilation. In Jonathan Bowen, editor, Towards Verified Systems, chapter 6. Elsevier Science Publishers Series on Real-Time Safety Critical Systems, Amsterdam, 1993.Google Scholar
  12. 12.
    Jeffrey J. Joyce. A verified compiler for a verified microprocessor. Technical Report 167, University of Cambridge Computer Laboratory, March 1989.Google Scholar
  13. 13.
    A.C. Leisenring. Mathematical Logic and Hilbert's ε-symbol. Gordon and Breach Science Publishers, New York, 1969.Google Scholar
  14. 14.
    J. Strother Moore. A mechanically verified language implementation. Technical Report 30, Computational Logic Inc., September 1988.Google Scholar
  15. 15.
    I. T. Nabney and S. Stepney. High integrity separate compilation. In preparation.Google Scholar
  16. 16.
    Sam Owre, John Rushby, Natarajan Shankar, and Friedrich von Henke. Formal verification for fault-tolerant architectures: Prolegomena to the design of PVS. IEEE Transactions on Software Engineering, 21(2):107–125, February 1995.Google Scholar
  17. 17.
    H. Pfeifer, A. Dold, F. W. v. Henke, and H. Rueß. Mechanized Semantics of Simple Imperative Programming Constructs. Ulmer Informatik-Berichte 96-11, Universität Ulm, Fakultät für Informatik, 1996.Google Scholar
  18. 18.
    Wolfgang Polak. Compiler Specification and Verification. Number 124 in Lecture Notes in Computer Science. Springer-Verlag, 1981.Google Scholar
  19. 19.
    J.M. Rushby and D.W.J. Stringer-Calvert. A less elementary tutorial for the PVS specification and verification system. Technical Report CSL-95-10, Computer Science Laboratory, SRI International, August 1996.Google Scholar
  20. 20.
    Mark Saaltink. The Z/EVES system. In ZUM '97. The Z Formal Specification Notation; 10th International Conference of Z Users, number 1212 in Lecture Notes in Computer Science, pages 72–85, Reading, UK, April 1997. Springer-Verlag.Google Scholar
  21. 21.
    J. M. Spivey. The fuzz manual. Computing Science Consultancy, 2 Willow Close, Oxford, UK, 1988.Google Scholar
  22. 22.
    J.M. Spivey. The Z Notation: A Reference Manual. Prentice Hall International, 1989.Google Scholar
  23. 23.
    Susan Stepney. High Integrity Compilation: A Case Study. Prentice Hall International, 1993.Google Scholar
  24. 24.
    Deborah Weber-Wulff. Proven correct scanning. Procos internal report, August 1992.Google Scholar
  25. 25.
    William D. Young. A verified code generator for a subset of Gypsy. Technical Report 33, Computational Logic Inc., October 1988.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1997

Authors and Affiliations

  • David W. J. Stringer-Calvert
    • 1
  • Susan Stepney
    • 2
  • Ian Wand
    • 1
  1. 1.Department of Computer ScienceUniversity of YorkUK
  2. 2.Logica UK Ltd.CambridgeUK

Personalised recommendations