Zetav is a tool for verification of systems specified in RT-Logic language.
Verif is a tool for verification and computation trace analysis of systems described using the Modechart formalism. It can also generate a set of restricted RT-Logic formulae from a Modechart specification which can be used in Zetav.
With default configuration file write the system specification (SP) to the sp-formulas.in file and the checked property (security assertion, SA) to the sa-formulas.in file. Launch zetav-verifier.exe to begin the verification.
With the default configuration example files and outputs are load/stored to archive root directory. But using file-browser you are free to select any needed location. To begin launch run.bat (windows) or run.sh (linux / unix). Select Modechart designer and create Modechart model or load it from file.
Promises. Gazonga had relied on a thousand informal pacts woven into its social fabric: favors exchanged at the market, debts written on the backs of hands, vows whispered to the river. They were not in the Archive; they lived between moments. Jolly had been patching the visible and cataloging the rest but had not accounted for the invisible scaffolding of trust. Some promises began to time out; old favors collapsed like houses of cards, producing ripples of disappointment that the baker’s loaves could no longer mend.
But with every successful commit, the town whispered a new variable. Gazonga had been built on something older than code: a covenant between memory and affordance. It welcomed improvement, but it was jealous of erasure. Where Jolly optimized lag, the past pushed back—shadow-threads weaving into syntactic exceptions that frayed the edges of daylight. The lamplighter’s flame flickered with error messages that translated into lost names. The more Jolly built, the more the town asked to be remembered. Gazonga Chronicles -v0.2- -JollyTheDev-
Then, an interruption: the node sent an error with a signature Jolly had never seen—a jag in the glyphs like a tear. The code complained in an archaic dialect: "Deprecated promise detected." Promises
They chose a memory to test the clause: a simple, domestic moment—Jolly at a table years prior, hands sticky with jam, laughing with someone whose face had blurred into a directory of might-have-beens. The memory came like a downloaded image, sharp and invasive. It fit into Jolly the way a new module fits into an old program, seamless until it wasn’t. The laugh belonged to a person named Mara. When the memory slotted into place, Gazonga sighed as if some hidden bell had been rung. Jolly had been patching the visible and cataloging
Jolly grinned wider. "Privileges can be debugged."
Jolly unfurled the contract with a flourish. The code in their pocket hummed approval. They signed with a flourish of a fingertip and a semicolon. The ink cooled. It was a small thing—a clause that allowed one borrowed memory per decade—but the town did not forgive small things.
And Gazonga kept listening.
The Zetav verifier expects the input RRTL formulae to be in the following form:
<rrtlformula> : <formula> [ CONNECTIVE <formula> ] ... <formula> : <predicate> | NOT <formula> | <quantifiedvars> <formula> | ( <formula> ) <predicate> : <function> PRED_SYMB <function> <function> : <function> FUNC_SYMB <function> | @( ACTION_TYPE ACTION , term ) | CONSTANT <quantifiedvars> : QUANTIFIER VARIABLE [ QUANTIFIER VARIABLE ] ...Where predicate symbols (PRED_SYMB) could be inequality operators <, =<, =, >=, >, function symbols (FUNC_SYMB) could be basic + and - operators, action type (ACTION_TYPE) could be starting action (^), stop action ($), transition action (%) and external action (#). Quantifier symbols (QUANTIFIER) could be either an universal quantifier (forall, V) or an existential quantifier (exists, E). Connectives (CONNECTIVE) could be conjunction (and, &, /\), disjunction (or, |, \/), or implication (imply, ->). All variables (VARIABLE) must start with a lower case letter and all actions (ACTION) with an upper case letter. Constants (CONSTANT) could be positive or negative number. RRTL formulae in the input file must be separated using semicolon (;).
V t V u (
( @(% TrainApproach, t) + 45 =< @(% Crossing, u) /\
@(% Crossing, u) < @(% TrainApproach, t) + 60
)
->
( @($ Downgate, t) =< @(% Crossing, u) /\
@(% Crossing, u) =< @($ Downgate, t) + 45
)
)
Verif tool does not deal with direct input. Examples are load from files with extension MCH. Those files are in XML and describes model modes structure and transition between modes. There is no need to directly modify those files. But in some cases it is possible to make some small changes manualy or generate Modechart models in another tool.
If you have further questions, do not hesitate to contact authors ( Jan Fiedor and Marek Gach ).
This work is supported by the Czech Science Foundation (projects GD102/09/H042 and P103/10/0306), the Czech Ministry of Education (projects COST OC10009 and MSM 0021630528), the European Commission (project IC0901), and the Brno University of Technology (project FIT-S-10-1).