View article

In this paper an extension of the IFAD VDM-SL Toolbox with a proof obligation generator is described. Static type checking in VDM is undecidable in general and therefore the type checker must be incomplete. Hence, for the “difficult” parts introducing undecidability, it is up to the user to verify the consistency of a specification. Instead of providing error messages and warnings, the approach of generating proof obligations for the consistency of VDM-SL specifications is taken. The overall goal of this work is to automate the generation of proof obligations for VDM-SL. Proof obligation generation has already been carried out for a number of related notations, but VDM-SL contains a number of challenging constructs (e.g. patterns, non-disjoint union types, and operations) for which new research is presented in this paper.