COMPUTING SCIENCE Proceedings of the 11th International Workshop on Automated Verification of Critical Systems Jens Bendisposto, Cliff Jones, Michael Leuschel and Alexander Romanovsky (Eds.) TECHNICAL REPORT SERIES No. CS-TR-1272 September 2011 TECHNICAL REPORT SERIES No. CS-TR-1272 September, 2011 Proceedings of the 11th International Workshop on Automated Verification of Critical Systems J. Bendisposto, C. Jones, M. Leuschel, A. Romanovsky (Eds.) Abstract AVOCS, the workshop on Automated Verification of Critical Systems, is an annual meeting that brings together researchers and practitioners to exchange new results on tools and techniques relating to the verification of critical systems. Topics of interest include all aspects of automated verification, including model checking, theorem proving, abstract interpretation and re refinement; application areas include various types of critical systems (safety-critical, security-critical, business-critical, performance-critical, etc.). Contributions that describe different techniques or industrial case studies are encouraged. The workshop is supported by the ICT DEPLOY project. © 2011 Newcastle University. Printed and published by Newcastle University, Computing Science, Claremont Tower, Claremont Road, Newcastle upon Tyne, NE1 7RU, England. Bibliographical details BENDISPOSTO, J., JONES, C., LEUSCHEL, M., ROMANOVSKY, A. (EDS.) Every Vote Counts: Ensuring Integrity in Large-Scale DRE-based Electronic Voting [By] J. Bendisposto, C. Jones, M.l Leuschel, A. Romanovsky (Eds.) Newcastle upon Tyne: Newcastle University: Computing Science, 2011. (Newcastle University, Computing Science, Technical Report Series, No. CS-TR-1272) Added entries NEWCASTLE UNIVERSITY Computing Science. Technical Report Series. CS-TR-1272 Abstract AVOCS, the workshop on Automated Verification of Critical Systems, is an annual meeting that brings together researchers and practitioners to exchange new results on tools and techniques relating to the verification of critical systems. Topics of interest include all aspects of automated verification, including model checking, theorem proving, abstract interpretation and re refinement; application areas include various types of critical systems (safety-critical, security-critical, business-critical, performance-critical, etc.). Contributions that describe different techniques or industrial case studies are encouraged. The workshop is supported by the ICT DEPLOY project. About the editors Jens Bendisposto is now finishing his PhD at Institut für Informatik, Heinrich-Heine-Universität Dusseldorf. Cliff Jones is a Professor of Computing Science at Newcastle University. He is now applying research on formal methods to wider issues of dependability. Until 2007 his major research involvement was the five university IRC on "Dependability of Computer-Based Systems" of which he was overall Project Director - he is now PI of the follow-on Platform Grant "Trustworthy Ambient Systems" (TrAmS) (also EPSRC). He is also PI on an EPSRC- funded project "Splitting (Software) Atoms Safely" and coordinates the "Methodology" strand of the EU-funded RODIN project. As well as his academic career, Cliff has spent over twenty years in industry. His fifteen years in IBM saw among other things the creation -with colleagues in Vienna- of VDM which is one of the better known "formal methods". Under Tony Hoare, Cliff wrote his doctoral thesis in two years (and enjoyed the family atmosphere of Wolfson College). From Oxford, he moved directly to a chair at Manchester University where he built a world-class Formal Methods group which -among other projects- was the academic lead in the largest Software Engineering project funded by the Alvey programme (IPSE 2.5 created the "mural"(Formal Method) Support Systems theorem proving assistant). Cliff is a Fellow of the Royal Academy of Engineering (FREng), ACM, BCS, and IET. He has been a member of IFIP Working Group 2.3 (Programming Methodology) since 1973 (and was Chair from 1987-96). Professor Michael Leuschel is head of the STUPS group. He has developed the ProB toolset for the validation of B specifications. Outside of formal methods, his main research areas are automatic program analysis and optimization (notably partial evaluation and abstract interpretation). He was awarded the IBM International Chair 1999 on Modeling and Optimization. He was the program chair of LOPSTR’02, PEPM’03 and iFM’09, the symposium chair of PPDP’07, and is a member of the PEPM and LOPSTR steering committees and of the editorial board of the Journal of Theory and Practice of Logic Programming. He has published over 120 papers and developed several tools, such as the ECCE and LOGEN partial evaluation systems. He has been involved in several EU projects (Deploy, ASAP, PyPy, RODIN, POST) and the Eureka Eurostars project PyJIT. Alexander (Sascha) Romanovsky is a Professor in the Centre for Software and Reliability, Newcastle University. His main research interests are system dependability, fault tolerance, software architectures, exception handling, error recovery, system structuring and verification of fault tolerance. He received a M.Sc. degree in Applied Mathematics from Moscow State University and a PhD degree in Computer Science from St. Petersburg State Technical University. He was with this University from 1984 until 1996, doing research and teaching. In 1991 he worked as a visiting researcher at ABB Ltd Computer Architecture Lab Research Center, Switzerland. In 1993 he was a visiting fellow at Istituto di Elaborazione della Informazione, CNR, Pisa, Italy. In 1993-94 he was a post- doctoral fellow with the Department of Computing Science, the University of Newcastle upon Tyne. In 1992-1998 he was involved in the Predictably Dependable Computing Systems (PDCS) ESPRIT Basic Research Action and the Design for Validation (DeVa) ESPRIT Basic Project. In 1998-2000 he worked on the Diversity in Safety Critical Software (DISCS) EPSRC/UK Project. Prof Romanovsky was a co-author of the Diversity with Off-The- Shelf Components (DOTS) EPSRC/UK Project and was involved in this project in 2001-2004. In 2000-2003 he was in the executive board of Dependable Systems of Systems (DSoS) IST Project. He has been the Coordinator of the Rigorous Open Development Environment for Complex Systems (RODIN) IST Project (2004-2007). He is now the Coordinator of the major FP7 DEPLOY Integrated Project (2008-2012) on Industrial Deployment of System Engineering Methods Providing High Dependability and Productivity. Suggested keywords VERIFICATION MODELLING PROOFS Preface AVOCS, the workshop on Automated Verification of Critical Systems, is an annual meeting that brings together researchers and practitioners to exchange new results on tools and techniques relating to the verification of critical systems. Topics of interest include all aspects of automated verification, including model checking, theorem prov- ing, abstract interpretation and refinement; application areas include various types of critical systems (safety-critical, security-critical, business-critical, performance-critical, etc.). Contributions that describe different techniques or industrial case studies are encouraged. This volume contains the pre-proceedings of the 11th workshop on Automated Ver- ification of Critical Systems that was hosted by Newcastle University and took place during September 1214, 2011 in Newcastle upon Tyne, UK. Previous AVOCS workshops were held at the University of Oxford (2001 and 2007), the University of Birmingham (2002), the University of Southampton (2003), The Royal Society in London (2004), the University of Warwick (2005), LORIA, Nancy (2006), the University of Glasgow (2008), Gregynog (organized by Swansea University) and Heinrich-Heine-Universit¨atD¨usseldorf(2010). AVOCS 2012 will take place in Bamberg, Germany. AVOCS 2011 received 18 submissions (with authors from 13 countries) for Full Papers, out of which 12 papers were selected for presentation at the workshop. Furthermore, AVOCS received 11 submissions for Short Contributions out of which 8 were accepted for presentation. The selection process was carried out by the Program Committee, taking into account the originality, quality, and relevance of the material presented in each submission. The selected preliminary Papers are included in this volume, together with the contributions from the invited speakers Janet Barnes and Tom Maibaum. All full papers will subsequently appear in an Electronic Communications of EASST. We wish to thank all authors who submitted their papers to AVOCS 2011, Jodi Hossbach for help with workshop organization, the Program Committee for its excellent work and the reviewers who supported the Program Committee in the evaluation and selection process. We are grateful to the School of Computing Science at Newcastle University for hosting the event and thank CSR, Formal Methods Europe and Microsoft for sponsoring AVOCS 2011. We also gratefully acknowledge the use of EasyChair, the conference management system developed by Andrei Voronkov. Jens Bendisposto Cliff Jones Michael Leuschel Alexander Romanovsky AVOCS 2011 Program Committee: Jens Bendisposto (co-chair) Antonio Casimiro Michael Goldsmith Ian Hayes Cliff Jones (co-chair) Michael Leuschel (co-chair) Felix Loesch Gerald Luettgen Ursula Martin Stefan Merz Alice Miller Markus Roggenbach Alexander Romanovsky (co-chair) Thomas Santen Sebastian Wieczorek Jim Woodcock AVOCS 2011 Referees: Names will be published in the final EASST Proceedings Content Janet Barnes Experiences in the