An Exercise in Invariant-based Programming with Interactive and Automatic Theorem Prover Support

TL;DR

This paper presents Socos, a tool supporting Invariant-Based Programming (IBP) with interactive and automatic theorem proving, demonstrated through a verified heapsort implementation highlighting the IBP workflow.

Contribution

It introduces Socos, a novel environment that integrates graphical invariant-based programming with automated and interactive theorem proving for program correctness.

Findings

Successful verification of heapsort using Socos

Effective combination of automatic and interactive theorem proving

Clear demonstration of IBP workflow in practice

Abstract

Invariant-Based Programming (IBP) is a diagram-based correct-by-construction programming methodology in which the program is structured around the invariants, which are additionally formulated before the actual code. Socos is a program construction and verification environment built specifically to support IBP. The front-end to Socos is a graphical diagram editor, allowing the programmer to construct invariant-based programs and check their correctness. The back-end component of Socos, the program checker, computes the verification conditions of the program and tries to prove them automatically. It uses the theorem prover PVS and the SMT solver Yices to discharge as many of the verification conditions as possible without user interaction. In this paper, we first describe the Socos environment from a user and systems level perspective; we then exemplify the IBP workflow by building a verified implementation of heapsort in Socos. The case study highlights the role of both automatic and interactive theorem proving in three sequential stages of the IBP workflow: developing the background theory, formulating the program specification and invariants, and proving the correctness of the final implementation.