This book is about the verification of reactive systems. A reactive
system is a system that maintains an ongoing interaction with its
environment, as opposed to computing some final value on termination.
The family of reactive systems includes many classes of programs whose
correct and reliable construction is con- sidered to be particularly
challenging, including concurrent programs, embedded and process control
programs, and operating systems. Typical examples of such systems are an
air traffic control system, programs controlling mechanical devices such
as a train, or perpetually ongoing processes such as a nuclear reactor.
With the expanding use of computers in safety-critical areas, where
failure is potentially disastrous, correctness is crucial. This has led
to the introduction of formal verification techniques, which give both
users and designers of software and hardware systems greater confidence
that the systems they build meet the desired specifications. Framework
The approach promoted in this book is based on the use of temporal logic
for specifying properties of reactive systems, and develops an extensive
verification methodology for proving that a system meets its temporal
specification. Reactive programs must be specified in terms of their
ongoing behavior, and temporal logic provides an expressive and natural
language for specifying this behavior. Our framework for specifying and
verifying temporal properties of reactive systems is based on the
following four components: 1. A computational model to describe the
behavior of reactive systems. The model adopted in this book is that of
a Fair Transition System (FTS).
