Managing LTL properties in Event-B refinement
This work addresses a specific limitation in formal methods for system developers, enabling verification of temporal properties earlier in development, but it is incremental as it builds on existing Event-B and LTL frameworks.
The paper tackles the problem of verifying liveness and fairness properties in Event-B refinement, which traditionally only ensures safety, by integrating linear temporal logic (LTL) to allow these properties to be preserved across refinement steps such as event introduction and splitting, as demonstrated in a case study.
Refinement in Event-B supports the development of systems via proof based step-wise refinement of events. This refinement approach ensures safety properties are preserved, but additional reasoning is required in order to establish liveness and fairness properties. In this paper we present results which allow a closer integration of two formal methods, Event-B and linear temporal logic. In particular we show how a class of temporal logic properties can carry through a refinement chain of machines. Refinement steps can include introduction of new events, event renaming and event splitting. We also identify a general liveness property that holds for the events of the initial system of a refinement chain. The approach will aid developers in enabling them to verify linear temporal logic properties at early stages of a development, knowing they will be preserved at later stages. We illustrate the results via a simple case study.