Focus points and convergent process operators: a proof strategy for protocol verification

Abstract: We present a strategy for nding algebraic correctness proofs for communication systems. It is described in the setting of CRL 11], which is, roughly, A CP 2, 3] extended with a formal treatment of the interaction between data and processes. The strategy has already been applied successfully in 4] and 10], but was not explicitly identi ed as such. Moreover, the protocols that were veri ed in these papers were rather complex, so that the general picture was obscured by the amount of details. In this paper, the p… Show more

“…• The cones and foci method from [13,23] [13] for the technical details of the cones and foci technique.…”

“…Another bug in the µCRL specification of the SWP was detected by means of a model checking analysis. A first attempt to prove the resulting SWP correct led to the verification of a bakery protocol [18], and to the development of the cones and foci proof method [23,13]. This method plays an essential role in the proof in the current paper, and has been used to prove many other protocols and distributed algorithms correct.…”

Verifying a Sliding Window Protocol in μCRL

“…• The cones and foci method from [13,23] [13] for the technical details of the cones and foci technique.…”

“…Another bug in the µCRL specification of the SWP was detected by means of a model checking analysis. A first attempt to prove the resulting SWP correct led to the verification of a bakery protocol [18], and to the development of the cones and foci proof method [23,13]. This method plays an essential role in the proof in the current paper, and has been used to prove many other protocols and distributed algorithms correct.…”

Verifying a Sliding Window Protocol in μCRL

“…Barring infinite sequences of τ -transitions (which may be eliminated by CFAR), each state belongs to a cone. Groote and Springintveld [116] presented a general verification technique for linear process operators that do not induce infinite sequences of τ -transitions. Ideally, this technique enables one to identify the states in a cone with the focus point of this cone, using the following approach.…”

“…Assume a process graph that belongs to a linear process operator, a process graph without τ -transitions, and a mapping h from states in the first to states in the second process graph, which maps all the states in a cone to the same state. Groote and Springintveld [116] formulated straightforward criteria to ensure that states s and h(s) are branching bisimilar, so that each state s in the first process graph can be identified with the state h(s) in the second process graph.…”

Introduction to Process Algebra

“…This algorithm serves as a nice benchmark for verification exercises (see [2, 18,9]). The verification is based on the methodology presented in [8] and demonstrates its suitability to deliver mechanically verifiable correctness proofs of highly nondeterministic distributed algorithms. …”

A computer checked algebraic verification of a distributed summation algorithm