Building Confidence on Formal Verification Models


A problem hindering the adoption of formal methods in the industry is how to integrate the models and results used during formal verification with existing processes. Indeed, formal verification is a complex process involving multiple methods, models, level of formality, … If we want to use formal verification results in an assurance case, it is therefore necessary to build confidence on this process. The integration of formal methods raises particular problems like, for instance, with the construction of the verification models: a model may not preserve all properties of the system to be verified; it may only cover a subset of these properties; or it may be intractable. In practice, this means that the verification process involves a collection of models whose soundness (with the original system design, but also between each others) shall be justified. Furthermore, formal techniques are usually restricted in terms of the set of properties that can be checked. It is therefore necessary to justify (and trace back) that these restrictions are consistent with the hypotheses made about the system, its application and its environment. This short abstract gives an overview of a methodology for building verification arguments, that is convincing arguments that a system design complies with a set of properties.

In SAFECOMP 2016Fast Abstracts at International Conference on Computer Safety, Reliability, and Security
  • An extended version of this paper appears as Research Report LAAS N°16115, July 2016. URL