Reasoning with specifications containing method calls in JML and first-order provers

Allowing method invocations in program specifications increases modularity and comprehensibility and is as important in specifications as it is in the program itself. However, method invocations do not map neatly into the first-order logics that are often used for assuring the correctness of specifications. One problem is translating specifications in a way that acknowledges the potential for exceptional behavior. The ESC/Java2 tool has been able to achieve a practical translation of method invocations within the design constraints of its parent tool, ESC/Java. Furthermore, the techniques used are applicable to other specification constructs such as quantifiers and model variables.

[1]  Bart Jacobs,et al.  Weakest pre-condition reasoning for Java programs with JML annotations , 2004, J. Log. Algebraic Methods Program..

[2]  Gary T. Leavens,et al.  JML: notations and tools supporting detailed design in Java , 2000 .

[3]  Charles Gregory Nelson,et al.  Techniques for program verification , 1979 .

[4]  Albert L. Baker,et al.  Preliminary design of JML: a behavioral interface specification language for java , 2006, SOEN.

[5]  Albert L. Baker,et al.  JML: A Notation for Detailed Design , 1999, Behavioral Specifications of Businesses and Systems.

[6]  Natarajan Shankar,et al.  PVS: Combining Specification, Proof Checking, and Model Checking , 1996, FMCAD.

[7]  Bart Jacobs,et al.  A Logic for the Java Modeling Language JML , 2001, FASE.

[8]  Gary T. Leavens,et al.  Desugaring JML Method Specifications , 2005 .

[9]  Lilian Burdy,et al.  Jack: Java applet correctness kit , 2002 .

[10]  Bart Jacobs,et al.  Java Program Verification Challenges , 2002, FMCO.

[11]  Greg Nelson,et al.  Extended static checking for Java , 2002, PLDI '02.

[12]  David R. Cok,et al.  ESC/Java2: Uniting ESC/Java and JML , 2004, CASSIS.

[13]  Bernhard Beckert,et al.  The KeY tool , 2005, Software & Systems Modeling.

[14]  Erik Poll,et al.  Implementing a Formally Verifiable Security Protocol in Java Card , 2003, SPC.

[15]  John Tang Boyland,et al.  Formal Techniques for Java-Like Programs , 2007, ECOOP Workshops.

[16]  Gary T. Leavens,et al.  How the design of JML accommodates both runtime assertion checking and formal verification , 2003, Sci. Comput. Program..

[17]  Erik Poll,et al.  Verifying JML specifications with model fields , 2003 .