1. 1

“Abstract:” “This thesis puts forward a flexible and principled approach to the development of construction and verification tools for imperative programs, in which the control flow and the data level are cleanly separated. The approach is inspired by algebraic principles and benefits from an algebraic semantics layer. It is programmed in the Isabelle/HOL interactive theorem prover and yields simple lightweight mathematical components as well as program construction and verification tools that are themselves correct by construction.

First, a simple tool is implemented using Kleeene algebra with tests (KAT) for the control flow of while-programs, which is the most compact verification formalism for imperative programs, and their standard relational semantics for the data level. A reference formalisation of KAT in Isabelle/HOL is then presented, providing three different formalisations of tests. The structured comprehensive libraries for these algebras include an algebraic account of Hoare logic for partial correctness. Verification condition generation and program construction rules are based on equational reasoning and supported by powerful Isabelle tactics and automated theorem proving. Second, the tool is expanded to support different programming features and verification methods. A basic program construction tool is developed by adding an operation for the specification statement and one single axiom. To include recursive procedures, KATs are expanded further to quantales with tests, where iteration and the specification statement can be defined explicitly. Additionally, a nondeterministic extension supports the verification of simple concurrent programs.

Finally, the approach is also applied to separation logic, where the control-flow is modelled by power series with convolution as separating conjunction. A generic construction lifts resource monoids to assertion and predicate transformer quantales. The data level is captured by concrete store-heap models. These are linked to the algebra by soundness proofs. A number of examples shows the tools at work.”

  1. 1

    Two highlights for motivation:

    “Algebraic semantic layer. In the algebraic approach to program verification, there is a clear cut distinction between control flow and data level, where a lightweight middle layer is formed by an algebraic semantics. The control flow can thus be understood and analysed directly and efficiently at the algebraic level. The concrete data level can be integrated via soundness of the algebra with respect to its concrete semantics.”

    “Automation. The algebra deals with the control flow very efficiently. In some cases, inference rules and transformation proofs are fully automatic. For instance the equational theory of KAT and its universal Horn theory has been shown to be decidable. More generally, even when the algebraic structure used is not decidable, the algebra forms a first-order layer in which theorems can usually be proved automatically by state-of-the-art theorem provers. These are highly suitable for first-order theory. Algebras thus have the ideal level of expressivity. On the one hand, they are expressive enough to derive verification, construction and transformation tools. On the other hand, they are still simple enough to be suitable for automatic theorem provers.” (emphasis mine)