Results 1 - 10
of
13
Usable Verification of Object-Oriented Programs by Combining Static and Dynamic Techniques
"... Abstract. With formal techniques becoming more and more powerful, the next big challenge is making software verification practical and usable. The Eve verification environment contributes to this goal by seamlessly integrating a static prover and an automatic testing tool into a development environm ..."
Abstract
-
Cited by 17 (12 self)
- Add to MetaCart
(Show Context)
Abstract. With formal techniques becoming more and more powerful, the next big challenge is making software verification practical and usable. The Eve verification environment contributes to this goal by seamlessly integrating a static prover and an automatic testing tool into a development environment. The paper discusses the general principles behind the integration of heterogeneous verification tools; the peculiar challenges involved in combining static proofs and dynamic testing techniques; and how the combination, implemented in Eve through a blackboard architecture, can improve the user experience with little overhead over usual development practices. Eve is freely available for download. 1 Verification as a Matter of Course Even long-standing skeptics must acknowledge the substantial progress of formal methods in the last decades. Established verification techniques, such as those based on axiomatic semantics or abstract interpretation, have matured from the status of merely interesting scientific ideas to being applicable in practice to realistic programs and systems. Novel approaches have extended their domain of applicability beyond their
JPure: A Modular Purity System for Java
"... Abstract—Purity Analysis is the problem of determining whether or not a method may have side-effects. This has many applications, including automatic parallelisation, extended static checking, and more. We present a novel algorithm for inferring the purity of methods in Java. Our algorithm exploits ..."
Abstract
-
Cited by 13 (5 self)
- Add to MetaCart
(Show Context)
Abstract—Purity Analysis is the problem of determining whether or not a method may have side-effects. This has many applications, including automatic parallelisation, extended static checking, and more. We present a novel algorithm for inferring the purity of methods in Java. Our algorithm exploits two properties, called freshness and locality, which, when combined together, enable more precise purity analysis. Our algorithm also differs from the majority of previous attempts at purity analysis, in that it is modularly checkable. That is, the algorithm produces annotations which can be checked without the need for an expensive and costly interprocedural analysis. We evaluate our analysis against several packages from the Java Standard Library. Our results indicate that it is possible to uncover significant amounts of purity efficiently. I.
Verifying Eiffel Programs with Boogie
"... VeriFast define the state of the art in automated functional verification techniques. The next open challenges are to make verification tools usable even by programmers not fluent in formal techniques. This paper presents AutoProof, a verification tool that translates Eiffel programs to Boogie and u ..."
Abstract
-
Cited by 8 (7 self)
- Add to MetaCart
(Show Context)
VeriFast define the state of the art in automated functional verification techniques. The next open challenges are to make verification tools usable even by programmers not fluent in formal techniques. This paper presents AutoProof, a verification tool that translates Eiffel programs to Boogie and uses the Boogie verifier to prove them. In an effort to be usable with real programs, AutoProof fully supports several advanced objectoriented features including polymorphism, inheritance, and function objects. AutoProof also adopts simple strategies to reduce the amount of annotations needed when verifying programs (e.g., frame conditions). The paper illustrates the main features of AutoProof’s translation, including some whose implementation is underway, and demonstrates them with examples and a case study. 1 Usable Verification Tools It is hard to overstate the importance of tools for software verification: tools have practically demonstrated the impact of general theoretical principles, and
Verifying Generics and Delegates
"... Abstract. Recently, object-oriented languages, such as C ♯ , have been extended with language features prevalent in most functional languages: parametric polymorphism and higher-order functions. In the OO world these are called generics and delegates, respectively. These features allow for greater c ..."
Abstract
-
Cited by 7 (6 self)
- Add to MetaCart
(Show Context)
Abstract. Recently, object-oriented languages, such as C ♯ , have been extended with language features prevalent in most functional languages: parametric polymorphism and higher-order functions. In the OO world these are called generics and delegates, respectively. These features allow for greater code reuse and reduce the possibilities for runtime errors. However, the combination of these features pushes the language beyond current object-oriented verification techniques. In this paper, we address this by extending a higher-order separation logic with new assertions for reasoning about delegates and variables. We faithfully capture the semantics of C ♯ delegates including their capture of the l-value of a variable, and that “stack ” variables can live beyond their “scope”. We demonstrate that our logic is sound and illustrate its use by specifying and verifying a series of interesting and challenging examples. 1
Automatic verification of advanced object-oriented features: The AutoProof approach
- In LASER Tools for Practical Software Verification, volume 7682 of LNCS
, 2012
"... Abstract. Static program verifiers such as Spec#, Dafny, jStar, and VeriFast define the state of the art in automated functional verification techniques. The next open challenges are to make verification tools usable even by programmers not fluent in formal techniques. This paper discusses some tech ..."
Abstract
-
Cited by 4 (4 self)
- Add to MetaCart
(Show Context)
Abstract. Static program verifiers such as Spec#, Dafny, jStar, and VeriFast define the state of the art in automated functional verification techniques. The next open challenges are to make verification tools usable even by programmers not fluent in formal techniques. This paper discusses some techniques used in AutoProof, a verification tool that translates Eiffel programs to Boogie and uses the Boogie verifier to prove them. In an effort to be usable with real programs, AutoProof fully supports several advanced object-oriented features including polymorphism, inheritance, and function objects. AutoProof also adopts simple strategies to reduce the amount of annotations needed when verifying programs (e.g., frame conditions). The paper illustrates the main features of Auto-Proof’s translation, including some whose implementation is underway, and demonstrates them with examples and a case study. 1 Usable Verification Tools It is hard to overstate the importance of tools for software verification: tools
On Effect Analysis for Programs with Callbacks
"... We introduce a precise interprocedural effect analysis for programs with mutable state, dynamic object allocation, and dynamic dispatch. Our analysis is precise even in the presence of dynamic dispatch where the context-insensitive estimate on the number of targets is very large. This feature makes ..."
Abstract
-
Cited by 2 (1 self)
- Add to MetaCart
(Show Context)
We introduce a precise interprocedural effect analysis for programs with mutable state, dynamic object allocation, and dynamic dispatch. Our analysis is precise even in the presence of dynamic dispatch where the context-insensitive estimate on the number of targets is very large. This feature makes our analysis appropriate for programs that manipulate first-class functions (callbacks). We first present a framework in which programs are enriched with special effect statements, and define the semantics of both program and effect statements as relations on states. Our framework defines a program composition operator that is sound with respect to relation composition. Computing the summary of a procedure then consists of composing all its program statements to produce a single effect statement. We propose a strategy for applying the composition operator in a way that balances precision and efficiency. We instantiate this framework with a domain for tracking read and write effects, where relations on program states are abstracted as graphs. We implemented the analysis as a plugin for the Scala compiler. We analyzed the Scala standard library containing 58K methods and classified them into several categories according to their effects. Our analysis proves that over one half of all methods are pure. We also analyze how context sensitivity and composition operator application strategies impact the analysis precision and performance.
Collaborative Software Development on the Web
"... Abstract. Software development environments (IDEs) have not followed the IT industry’s inexorable trend towards distribution. They do too little to address the problems raised by today’s increasingly distributed projects; neither do they facilitate collaborative and interactive development practices ..."
Abstract
-
Cited by 1 (1 self)
- Add to MetaCart
(Show Context)
Abstract. Software development environments (IDEs) have not followed the IT industry’s inexorable trend towards distribution. They do too little to address the problems raised by today’s increasingly distributed projects; neither do they facilitate collaborative and interactive development practices. A consequence is the continued reliance of today’s IDEs on paradigms such as traditional configuration management, which were developed for earlier modes of operation and hamper collaborative projects. This contribution describes a new paradigm: cloud-based development, which caters to the specific needs of distributed and collaborative projects. The CloudStudio IDE embodies this paradigm by enabling developers to work on a shared project repository. Configuration management becomes unobtrusive; it replaces the explicit update-modifycommit cycle by interactive editing and real-time conflict tracking and management. A case study involving three teams of pairs demonstrates the usability of CloudStudio and its advantages for collaborative software development over traditional configuration management practices. 1
Supervised by:
, 2009
"... Proving the correctness of programs has been a major field of computer science research for the last decades. Over the years, many approaches have emerged that try to solve this problem. One of the main approaches is static verification of programs, which is particularly difficult for object-oriente ..."
Abstract
- Add to MetaCart
(Show Context)
Proving the correctness of programs has been a major field of computer science research for the last decades. Over the years, many approaches have emerged that try to solve this problem. One of the main approaches is static verification of programs, which is particularly difficult for object-oriented programs. Since object-oriented programs are usually more complicated to verify, we designed an encoding for the object-oriented programming language Scala in the imperative programming language BoogiePL, which can be statically verified by the existing Boogie verifier. One reason for choosing Scala is that it supports a lot of interesting and helpful features, that are challenging to verify and are not supported in programming languages that can already be verified by existing static verifiers. We developed a tool that can translate a usable subset of Scala to BoogiePL. Our main focus was on coming up with an encoding for two of Scala’s most interesting features, namely closures and traits. 3 4
Certificates and Separation Logic
"... Abstract. Modular and local reasoning about object-oriented programs has been widely studied for programing languages such as C # and Java. Once source programs have been proven, the next verification challenge is to ensure that the code produced by the compiler is correct. Since verifying a compile ..."
Abstract
- Add to MetaCart
Abstract. Modular and local reasoning about object-oriented programs has been widely studied for programing languages such as C # and Java. Once source programs have been proven, the next verification challenge is to ensure that the code produced by the compiler is correct. Since verifying a compiler can be extremely complex, this paper uses proof-transforming compilation, an alternative approach which automatically generates certificates, a bytecode proof, from proofs in the source language. The paper develops a bytecode logic using separation logic, and proof translation from proofs of object-oriented programs to bytecode. The translation also handles proofs for concurrent programs. The bytecode logic and the proof transformation are proven sound.
Overview
"... Eiffel- as well as other object-oriented languages- have a built-in support for higher-order implementations through function objects. These are called agents in Eiffel. As with other functions, these can have pre- and postconditions. Although the problem of static verification of function objects h ..."
Abstract
- Add to MetaCart
(Show Context)
Eiffel- as well as other object-oriented languages- have a built-in support for higher-order implementations through function objects. These are called agents in Eiffel. As with other functions, these can have pre- and postconditions. Although the problem of static verification of function objects has been solved for functional programming languages, these solutions cannot be applied to object-oriented languages due the use of the heap and side effects. Agents are therefore diffcult to prove. In Reasoning about Function Objects [3], a novel approach is described which uses side effect free (pure) routines to specify the pre- and postconditions of agents. To specify routines that take agents as arguments, these pure routines are used. Scope of the work The master thesis focuses on the techniques described in Reasoning about Function Objects [3]. This verification methodology for agents will be implemented in Ballet [4] to allow static verification of agents. Also, the methodology will be extended to allow a generic argument count and return values. Instead of having Ballet as a standalone modification of EiffelStudio [6], it will be integrated in the ETH Verification Environment (EVE) [7].
