The ProB Animator and Model Checker: Difference between revisions

 
(66 intermediate revisions by 2 users not shown)
Line 2: Line 2:
|-valign="top"
|-valign="top"
|width="60%" style="padding-right:20px;" |
|width="60%" style="padding-right:20px;" |
ProB is an animator, constraint solver and model checker for the [http://en.wikipedia.org/wiki/B-Method B-Method] (see the [http://www.clearsy.com/en/our-specific-know-how/b-method/?lang=en B-Method site of Clearsy]). It allows fully automatic animation of B specifications, and can be used to systematically check a specification for a wide range of errors. The constraint-solving capabilities of ProB can also be used for model finding, [[Constraint_Based_Checking|deadlock checking]] and [[Test_Case_Generation|test-case generation]].
ProB is an animator, constraint solver and model checker for the [http://www.clearsy.com/en/our-specific-know-how/b-method/?lang=en B-Method]. The constraint-solving capabilities of ProB can be used for animation, model finding, [[Constraint_Based_Checking|constraint-based symbolic checking]] and [[Test_Case_Generation|test-case generation]].


The B language is rooted in predicate logic, arithmetic and set theory and provides support for data structures such as (higher-order) relations, functions and sequences.
The B language is rooted in predicate logic, arithmetic and set theory and provides support for data structures such as (higher-order) relations, functions and sequences.
In addition to the B language, ProB also supports [http://www.event-b.org/ Event-B], [http://en.wikipedia.org/wiki/Communicating_sequential_processes CSP-M],
In addition to the B language, ProB also supports [http://www.event-b.org/ Event-B], [http://en.wikipedia.org/wiki/Communicating_sequential_processes CSP-M],
[http://research.microsoft.com/en-us/um/people/lamport/tla/tla.html TLA+], and [http://en.wikipedia.org/wiki/Z_notation Z]. ProB can be installed within [http://sourceforge.net/projects/rodin-b-sharp/ Rodin].
[http://research.microsoft.com/en-us/um/people/lamport/tla/tla.html TLA+], and [http://en.wikipedia.org/wiki/Z_notation Z]. ProB can be installed within [http://sourceforge.net/projects/rodin-b-sharp/ Rodin].
ProB can now also be used as a [https://gitlab.cs.uni-duesseldorf.de/dgelessus/prob2-jupyter-kernel Jupyter kernel] to generate interactive notebooks.
ProB can also be used as a [https://gitlab.cs.uni-duesseldorf.de/general/stups/prob2-jupyter-kernel Jupyter kernel] to generate interactive notebooks.


ProB is being used within Siemens, Alstom, Thales and several other companies for [http://www.data-validation.fr data validation] of complicated properties for safety critical systems.
ProB is being used within Alstom, ClearSy, Siemens, Thales and several other companies for [http://www.data-validation.fr data validation] of complicated properties for safety critical systems. It was used, e.g., for Paris Line1, Sao Paulo line 4, Barcelona line 9 and many more.
ProB is certified T2 SIL4 according to the Cenelec EN 50128 standard for use at Thales.
ProB is certified T2 SIL4 according to the Cenelec EN 50128 standard for use at Thales.
In this [https://www.youtube.com/watch?v=FjKnugbmrP4 video from the Deutsche Bahn] you can see ProB animating a formal B model of the ETCS hybrid-level 3 principles in real-time, controlling two trains.  
In this [https://www.youtube.com/watch?v=K6mS6akRmvA video from the Deutsche Bahn] you can see ProB animating a formal B model of the ETCS hybrid-level 3 principles in real-time, controlling two trains.
For commercial support contact the spin-off company [http://www.formalmind.com Formal Mind] or  [http://www.stups.uni-duesseldorf.de/~leuschel/ Michael Leuschel].
Michael Leuschel and his group have won the  first edition of the <b>[https://prologyear.logicprogramming.org/ColmerauerPrize.html  AlainColmerauer Prize]</b> for ProB.
For commercial support contact [http://www.stups.uni-duesseldorf.de/~leuschel/ Michael Leuschel].




Line 21: Line 22:
* A command-line tool called [[Using_the_Command-Line_Version_of_ProB|probcli]]. It is distributed with the standard [[Download#Latest_Release|download of the latest release]].
* A command-line tool called [[Using_the_Command-Line_Version_of_ProB|probcli]]. It is distributed with the standard [[Download#Latest_Release|download of the latest release]].
* The original graphical user interface ProB Tcl/Tk.  It is distributed with the standard [[Download#Latest_Release|download of the latest release]].
* The original graphical user interface ProB Tcl/Tk.  It is distributed with the standard [[Download#Latest_Release|download of the latest release]].
* A [[ProB2_JavaFX_UI|new graphical user interface]] based on Java FX and the ProB2-Java-API of ProB. It is available as a  [[Download#ProB2_UI_using_Java_FX| separate download]]. There is also a new plugin [[VisB]] for SVG-based visualizations (as a successor to BMotionStudio).
* The [[ProB2-UI|new graphical user interface ProB2-UI]] based on Java FX and the ProB2-Java-API of ProB. It is available as a  [[Download#ProB2_UI_using_Java_FX| separate download]]. It contains [[VisB]] for SVG-based visualizations (as a successor to BMotionStudio).
* [[ProB_for_Event-B|ProB for use within Rodin]], the toolset for Event-B. It is [[Download#ProB_for_Rodin|available as a plugin]].
* [[ProB_for_Event-B|ProB for use within Rodin]], the toolset for Event-B. It is [[Download#ProB_for_Rodin|available as a plugin]].
* An API for using ProB from Java, called [[ProB_Java_API|ProB2]]. It is available via Maven.
* An API for using ProB from Java, called [[ProB_Java_API|ProB2-Java-API]] (aka ProB2). It is available via [https://search.maven.org/search?q=a:de.prob2.kernel Maven Central].
* A kernel for Jupyter, allowing to use B and ProB from within Jupyter notebooks. It is available via [https://gitlab.cs.uni-duesseldorf.de/dgelessus/prob2-jupyter-kernel|a seperate installation procedure].
* A [https://gitlab.cs.uni-duesseldorf.de/general/stups/prob2-jupyter-kernel kernel for Jupyter], allowing to use B and ProB from within Jupyter notebooks. It is available via [https://gitlab.cs.uni-duesseldorf.de/general/stups/prob2-jupyter-kernel a seperate installation procedure].
 
 
 
=== Implementation ===
The core of ProB is implemented in [http://www.sics.se/isl/sicstuswww/site/index.html SICStus Prolog] (but can be run without a SICStus Prolog license). The ProB constraint solver is implemented using co-routining and the CLP(FD) finite domain library of SICStus. An alternate [[Using_ProB_with_KODKOD | constraint solver based on Kodkod (and thus SAT)]] is also available within ProB, as is [[Using_ProB_with_Z3|an integration with the SMT solver Z3]]. An alternate [[TLC|model checking engine (using TLC)]] well-suited for lower level B specifications is available as is an integration with [https://github.com/utwente-fmt/ltsmin/releases LTSmin] as [[LTSmin|model checking backend]].
The [[ProBLicence | ProB Licence can be found here]].
 


|width="40%" style="background:#EDF2F2;padding:15px;" | '''News'''
|width="40%" style="background:#EDF2F2;padding:15px;" | '''News'''
'''2024-02-20'''
[[Download|ProB 1.13.0]] is available. Better Rodin theory support. Template strings.  READ_JSON and other new external functions. VisB support for groups and "use" element. [[Monte_Carlo_Tree_Search_Game_Play|MCTS game play]].
'''2023-08-10'''
[[Download|ProB 1.12.2]] is available. [[VisB#VisB_DEFINITIONS_2 |VisB]] improvements.
'''2023-04-04'''
[[Download|ProB 1.12.0]] is available. Call stack infos, performance improvements in parser and solver,  new [[LTL_Model_Checking#Supported_Syntax |LTL]] operators, [[VisB#VisB_Additional_SVG_Objects|VisB]] improvements, reals/floats for [[Event-B_Theories|Rodin theories]].
'''2022-11-10'''
Michael Leuschel and his group win [https://prologyear.logicprogramming.org/ColmerauerPrize.html  first edition of Colmerauer Prize] for ProB
'''2021-12-29'''
[[Download|ProB 1.11.1]] is available. Identifiers between backquotes, flexible JSON trace replay, DPLLT solving, improvements to Z3 backend.
'''2021-10-06'''
[[Download|ProB 1.11.0]] is available. Improved support for infinite sets, operation caching, faster LTL checking for safety formulas, more compact .prob files, [[VisB|VisB]] HTML export, constructive Z3 translation.
'''2021-01-26'''
[[Download#ProB2-UI_using_Java_FX|ProB2-UI 1.1.0]] is available, contains [[VisB|VisB]].


'''12/7/2019'''
'''2020-12-15'''
[[Download|ProB 1.9.0]] is available. Highlights: improved error feedback and Unicode support, regular expression library, memoization. [[Download#ProB2_UI_using_Java_FX|New ProB2 UI]].
[[Download|ProB 1.10.0]]. Highlights: [[Well-Definedness_Checking|well-definedness prover]], [[Summary_of_B_Syntax#Reals:|REAL datatype]], -lint comand for [[Editors_for_ProB#VSCode|VSCode]] and [[Editors_for_ProB#Atom|Atom]], improved unsat core.


'''1/10/2018'''
'''2020-02-19'''
[[Download|ProB 1.8.2]] is available. Highlights: [https://gitlab.cs.uni-duesseldorf.de/dgelessus/prob2-jupyter-kernel Jupyter kernel], first [[Alloy|support for Alloy models]].
[[Download|ProB 1.9.3]]. Highlights: performance improvements, new external functions, performance monitoring.


'''20/03/2018'''
'''2019-07-12'''
[[Download|ProB 1.8.0]] is available. Highlights: terminal colours, performance.
[[Download|ProB 1.9.0]]. Highlights: Unicode support, regular expression library, memoization. [[Download#ProB2_UI_using_Java_FX|New ProB2 UI]].


'''5/10/2017'''
'''2018-10-01'''
[[Download|ProB 1.7.1]] highlights: performance, Z support, export history to HTML.
[[Download|ProB 1.8.2]]. Highlights: [https://gitlab.cs.uni-duesseldorf.de/general/stups/prob2-jupyter-kernel Jupyter kernel], first [[Alloy|support for Alloy models]].


'''11/7/2017'''
'''2017-07-11'''
[[Download|ProB 1.7.0]] highlights: improved [[Generating_Documents_with_ProB_and_Latex |Latex document generation]], improved XML/CSV support, RULE DSL language.
[[Download|ProB 1.7.0]] Highlights: improved [[Generating_Documents_with_ProB_and_Latex |Latex document generation]], improved XML/CSV support.


'''20/10/2016'''
'''2016-10-20'''
[[Download|ProB 1.6.1]] highlights:  [[Tips:_B_Idioms |LET and IF-THEN-ELSE for expressions and predicates]].
[[Download|ProB 1.6.1]] Highlights:  [[Tips:_B_Idioms |LET and IF-THEN-ELSE for expressions and predicates]].


'''22/4/2016'''
'''2016-04-22'''
[[Download|ProB 1.6.0]] highlights: [[Tutorial_Directed_Model_Checking|directed model checking]], [[Using_ProB_with_Z3|Z3 as backend]], B line comments and unicode symbols.
[[Download|ProB 1.6.0]] highlights: [[Tutorial_Directed_Model_Checking|directed model checking]], [[Using_ProB_with_Z3|Z3 as backend]].


'''19/2/2015'''
'''2014-08-18'''
[[DownloadPriorVersions |ProB 1.5.0]] is available. [[State_Space_Coverage_Analyses |MC/DC coverage]], improved [[TLC|TLC interface]].
[[DownloadPriorVersions |ProB 1.4.0]] is available. Highlights: CLP(FD)-based constraint solver enabled by default, [[TLC|integration of the TLC model checker]].


'''30/03/2012''' [[ProB_Logic_Calculator|ProB Logic Calculator]] available.
'''2012-03-30''' [[ProB_Logic_Calculator|ProB Logic Calculator]] available.


''' '''
''' '''
Line 58: Line 86:
|}
|}


=== Implementation ===
=== Features ===
The core of ProB is implemented in [http://www.sics.se/isl/sicstuswww/site/index.html SICStus Prolog] (but can be run without a SICStus Prolog license). The ProB constraint solver is implemented using co-routining and the CLP(FD) finite domain library of SICStus. An alternate [[Using_ProB_with_KODKOD | constraint solver based on Kodkod (and thus SAT)]] is also available within ProB, as is [[Using_ProB_with_Z3|an integration with the SMT solver Z3]]. An alternate [[TLC|model checking engine (using TLC)]] well-suited for lower level B specifications is also available. An integration with [https://github.com/utwente-fmt/ltsmin/releases LTSmin] is also available.
ProB covers a [[Summary of B Syntax|large part of B]], and we are striving towards full coverage of Atelier B constructs. ProB supports B features such as non-deterministic operations, arbitrary quantification, sets, sequences, functions, lambda abstractions, set comprehensions, records, and many more. ProB does support multiple machines, refinements, and implementations. ProB can also be used for automated [[Refinement Checking|refinement checking]] and [[LTL Model Checking|LTL model checking]]. It also [[CSP-M|supports CSP-M]] process descriptions, to be used on their own or to guide B machines for specification and property validation. The state space of the specifications can be [[Graphical Viewer|graphically visualized]].
The [[ProBLicence | ProB Licence can be found here]].
ProB supports Z specifications (ProB in this context is sometimes called [[ProZ]]) as well as [[TLA|TLA+ specifications]].
Automatically generated test [https://www3.hhu.de/stups/internal/coverage/html/ coverage reports are also available].
ProB can be used within Rodin and [http://www.atelierb.eu/en/ Atelier-B as a disprover and prover].
ProB supports also importing, validating and visualising [https://www.railml.org/en/applications/detail/prob.html railML data].
 
[[File:ProBAtAGlance.png| center |500px]]
 
=== Citing ProB ===
 
The initial conference publication was:
* Michael Leuschel & Michael Butler (2003): ProB: A Model Checker for B. In Keijiro Araki, Stefania Gnesi & Dino Mandrioli, editors: FME 2003: Formal Methods, LNCS 2805, Springer-Verlag, pp. 855–874, doi:10.1007/978-3-540-45236-2 46.
 
A later journal article describes ProB in more detail:
* Michael Leuschel & Michael J. Butler (2008): ProB: an automated analysis toolset for the B method. STTT 10(2), pp. 185–203. Available at [http://dx.doi.org/10.1007/s10009-007-0063-9 http://dx.doi.org/10.1007/s10009-007-0063-9].
 
For convenience we also provide  [[Citing ProB|Bibtex entries for the above references]].
 


=== Features ===
__NOTOC__
ProB covers a [[Summary of B Syntax|large part of B]], and we are striving towards full coverage of Atelier B constructs. ProB supports B features such as non-deterministic operations, arbitrary quantification, sets, sequences, functions, lambda abstractions, set comprehensions, records, and many more. ProB does support multiple machines, refinements, and implementations. ProB can also be used for automated [[Refinement Checking|refinement checking]] and [[LTL Model Checking|LTL model checking]]. It also [[CSP-M|supports almost full CSP-M]] process descriptions, to be used on their own or to guide B machines for specification and property validation. The state space of the specifications can be [[Graphical Viewer|graphically visualized]].
ProB also supports Z specifications (ProB in this context is sometimes called [[ProZ]]) as well as [[TLA|TLA+ specifications]]. We now also have an online [[ProB Logic Calculator]].
ProB can be used within [http://www.atelierb.eu/en/2016/02/18/atelier-b-4-3-1-is-available-for-maintenance-holders/ Atelier-B as a disprover and prover].

Latest revision as of 12:12, 16 August 2024

ProB is an animator, constraint solver and model checker for the B-Method. The constraint-solving capabilities of ProB can be used for animation, model finding, constraint-based symbolic checking and test-case generation.

The B language is rooted in predicate logic, arithmetic and set theory and provides support for data structures such as (higher-order) relations, functions and sequences. In addition to the B language, ProB also supports Event-B, CSP-M, TLA+, and Z. ProB can be installed within Rodin. ProB can also be used as a Jupyter kernel to generate interactive notebooks.

ProB is being used within Alstom, ClearSy, Siemens, Thales and several other companies for data validation of complicated properties for safety critical systems. It was used, e.g., for Paris Line1, Sao Paulo line 4, Barcelona line 9 and many more. ProB is certified T2 SIL4 according to the Cenelec EN 50128 standard for use at Thales. In this video from the Deutsche Bahn you can see ProB animating a formal B model of the ETCS hybrid-level 3 principles in real-time, controlling two trains. Michael Leuschel and his group have won the first edition of the AlainColmerauer Prize for ProB. For commercial support contact Michael Leuschel.


Versions of ProB

Several versions of ProB are available. They all make use of the same Prolog core (see below).


Implementation

The core of ProB is implemented in SICStus Prolog (but can be run without a SICStus Prolog license). The ProB constraint solver is implemented using co-routining and the CLP(FD) finite domain library of SICStus. An alternate constraint solver based on Kodkod (and thus SAT) is also available within ProB, as is an integration with the SMT solver Z3. An alternate model checking engine (using TLC) well-suited for lower level B specifications is available as is an integration with LTSmin as model checking backend. The ProB Licence can be found here.


News

2024-02-20 ProB 1.13.0 is available. Better Rodin theory support. Template strings. READ_JSON and other new external functions. VisB support for groups and "use" element. MCTS game play.

2023-08-10 ProB 1.12.2 is available. VisB improvements.

2023-04-04 ProB 1.12.0 is available. Call stack infos, performance improvements in parser and solver, new LTL operators, VisB improvements, reals/floats for Rodin theories.

2022-11-10 Michael Leuschel and his group win first edition of Colmerauer Prize for ProB

2021-12-29 ProB 1.11.1 is available. Identifiers between backquotes, flexible JSON trace replay, DPLLT solving, improvements to Z3 backend.

2021-10-06 ProB 1.11.0 is available. Improved support for infinite sets, operation caching, faster LTL checking for safety formulas, more compact .prob files, VisB HTML export, constructive Z3 translation.

2021-01-26 ProB2-UI 1.1.0 is available, contains VisB.

2020-12-15 ProB 1.10.0. Highlights: well-definedness prover, REAL datatype, -lint comand for VSCode and Atom, improved unsat core.

2020-02-19 ProB 1.9.3. Highlights: performance improvements, new external functions, performance monitoring.

2019-07-12 ProB 1.9.0. Highlights: Unicode support, regular expression library, memoization. New ProB2 UI.

2018-10-01 ProB 1.8.2. Highlights: Jupyter kernel, first support for Alloy models.

2017-07-11 ProB 1.7.0 Highlights: improved Latex document generation, improved XML/CSV support.

2016-10-20 ProB 1.6.1 Highlights: LET and IF-THEN-ELSE for expressions and predicates.

2016-04-22 ProB 1.6.0 highlights: directed model checking, Z3 as backend.

2014-08-18 ProB 1.4.0 is available. Highlights: CLP(FD)-based constraint solver enabled by default, integration of the TLC model checker.

2012-03-30 ProB Logic Calculator available.

More in Release History

Features

ProB covers a large part of B, and we are striving towards full coverage of Atelier B constructs. ProB supports B features such as non-deterministic operations, arbitrary quantification, sets, sequences, functions, lambda abstractions, set comprehensions, records, and many more. ProB does support multiple machines, refinements, and implementations. ProB can also be used for automated refinement checking and LTL model checking. It also supports CSP-M process descriptions, to be used on their own or to guide B machines for specification and property validation. The state space of the specifications can be graphically visualized. ProB supports Z specifications (ProB in this context is sometimes called ProZ) as well as TLA+ specifications. ProB can be used within Rodin and Atelier-B as a disprover and prover. ProB supports also importing, validating and visualising railML data.

ProBAtAGlance.png

Citing ProB

The initial conference publication was:

  • Michael Leuschel & Michael Butler (2003): ProB: A Model Checker for B. In Keijiro Araki, Stefania Gnesi & Dino Mandrioli, editors: FME 2003: Formal Methods, LNCS 2805, Springer-Verlag, pp. 855–874, doi:10.1007/978-3-540-45236-2 46.

A later journal article describes ProB in more detail:

For convenience we also provide Bibtex entries for the above references.