Realizability Checking of Contracts with Kind 2

Abstract: We present a new feature of the open-source model checker Kind 2 which checks whether a component contract is realizable; i.e., it is possible to construct a component such that for any input allowed by the contract assumptions, there is some output value that the component can produce that satisfies the contract guarantees. When the contract is proven unrealizable, it provides a deadlocking computation and a set of conflicting guarantees. This new feature can be used to detect flaws in component specification… Show more

“…-The design and implementation of a realizability checking framework in FRET that tightly integrates the JKind [23] and Kind 2 [35] analysis tools; -a diagnosis feature for unrealizability that returns all minimal conflicts and their counterexamples in an easy-to-use, graphical user interface; -the extension of the simulator component in FRET, to be used for the simulation of conflicting requirements in unrealizable specifications; and -improvements of the algorithms in our in-house fork of the JKind model checker, following recent work from the Kind 2 and GenSys [48] tools.…”

Capture, Analyze, Diagnose: Realizability Checking Of Requirements in FRET

“…-The design and implementation of a realizability checking framework in FRET that tightly integrates the JKind [23] and Kind 2 [35] analysis tools; -a diagnosis feature for unrealizability that returns all minimal conflicts and their counterexamples in an easy-to-use, graphical user interface; -the extension of the simulator component in FRET, to be used for the simulation of conflicting requirements in unrealizable specifications; and -improvements of the algorithms in our in-house fork of the JKind model checker, following recent work from the Kind 2 and GenSys [48] tools.…”

Capture, Analyze, Diagnose: Realizability Checking Of Requirements in FRET