Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Semantics and correctness proofs for programs with partial functions

Conference ·
OSTI ID:373932
;  [1]
  1. Sandia National Labs., Albuquerque, NM (United States). Command and Control Software Dept.
+ Show Author Affiliations

This paper presents a portion of the work on specification, design, and implementation of safety-critical systems such as reactor control systems. A natural approach to this problem, once all the requirements are captured, would be to state the requirements formally and then either to prove (preferably via automated tools) that the system conforms to spec (program verification), or to try to simultaneously generate the system and a mathematical proof that the requirements are being met (program derivation). An obstacle to this is frequent presence of partially defined operations within the software and its specifications. Indeed, the usual proofs via first order logic presuppose everywhere defined operations. Recognizing this problem, David Gries, in ``The Science of Programming,`` 1981, introduced the concept of partial functions into the mainstream of program correctness and gave hints how his treatment of partial functions could be formalized. Still, however, existing theorem provers and software verifiers have difficulties in checking software with partial functions, because of absence of uniform first order treatment of partial functions within classical 2-valued logic. Several rigorous mechanisms that took partiality into account were introduced [Wirsing 1990, Breu 1991, VDM 1986, 1990, etc.]. However, they either did not discuss correctness proofs or departed from first order logic. To fill this gap, the authors provide a semantics for software correctness proofs with partial functions within classical 2-valued 1st order logic. They formalize the Gries treatment of partial functions and also cover computations of functions whose argument lists may be only partially available. An example is nuclear reactor control relying on sensors which may fail to deliver sense data. This approach is sufficiently general to cover correctness proofs in various implementation languages.

Research Organization:
Sandia National Labs., Albuquerque, NM (United States)
Sponsoring Organization:
USDOE, Washington, DC (United States)
DOE Contract Number:
AC04-94AL85000
OSTI ID:
373932
Report Number(s):
SAND--96-1123C; CONF-961099--1; ON: DE96010982
Country of Publication:
United States
Language:
English

Similar Records

Proving refinement transformations using extended denotational semantics
Conference · Sun Mar 31 23:00:00 EST 1996 · OSTI ID:219543
System description: IVY
Conference · Thu Feb 03 23:00:00 EST 2000 · OSTI ID:751900
PROVER: A first-order logic system in Ada
Conference · Tue Sep 01 00:00:00 EDT 1987 · OSTI ID:6120000

Related Subjects

22 GENERAL STUDIES OF NUCLEAR REACTORS
99 GENERAL AND MISCELLANEOUS
COMPUTER CODES
COMPUTERIZED CONTROL SYSTEMS
MATHEMATICAL LOGIC
PROGRAMMING LANGUAGES
REACTOR CONTROL SYSTEMS
VERIFICATION