Separation logic is an extension of Hoare’s logic for reasoning about programs that manipulate pointers. It is based on the separating conjunction P ∗ Q, which asserts that P and Q hold for separate portions of computer memory. This tutorial on separation logic has three parts. 1. Basics. Concentrating on highlights from the early work [1–4]. 2. Model Theory. The model theory of separation logic evolved from the general resource models of bunched logic [5–7], and includes an account of program dynamics in terms of their interaction with resource [8, 9]. 3. Proof Theory. I will describe those aspects of the proof theory, particularly new entailment questions (frame and anti-frame inference [10, 11]), which are important for applications in mechanized program verification.

Abstract. These are the notes to accompany a course at the Marktoberdorf PhD summer school in 2011. The course consists of an introduction to separation logic, with a slant towards its use in automatic program verification and analysis.

ABSTRACT. Local reasoning about programs exploits the natural local behaviour common in programs by focussing on the footprint- that part of the resource accessed by the program. We address the problem of formally characterising and analysing the notion of footprint for abstract local functions introduced by Calcagno, O’Hearn and Yang. With our definition, we prove that the footprints are the only essential elements required for a complete specification of a local function. We formalise the notion of small specifications in local reasoning and show that, for well-founded resource models, a smallest specification always exists that only includes the footprints. We also present results for the non-well-founded case. Finally, we use this theory of footprints to investigate the conditions under which the footprints correspond to the smallest safe states. We present a new model of RAM in which, unlike the standard model, the footprints of every program correspond to the smallest safe states. We also identify a general condition on the primitive commands of a programming language which guarantees this property for arbitrary models. 1.