A Sound Assertion Semantics for the Dependable Systems Evolution Verifying Compiler

The verifying compiler (VC) project is a core component of the dependable systems evolution grand challenge. The VC offers the promise of automatically proving that a program or component is correct, where correctness is defined by program assertions. While several VC prototypes exist, all adopt a semantics for assertions that is unsound. This paper presents a consolidation of VC requirements analysis activities that, in particular, brought us to ask targeted VC customers what kind of semantics they wanted. Taking into account both practitioners' needs and current technological factors, we offer recovery of soundness through an adjusted definition of assertion validity that matches user expectations and can be implemented practically using current prover technology. We describe how support for the new semantics has been added to ESC/Java2. Preliminary results demonstrate the effectiveness of the new semantics at uncovering previously indiscernible specification errors.

[1]  Cliff B. Jones,et al.  Systematic software development using VDM (2. ed.) , 1990, Prentice Hall International Series in Computer Science.

[2]  Glynn Winskel,et al.  The formal semantics of programming languages - an introduction , 1993, Foundation of computing series.

[3]  Gary T. Leavens,et al.  Beyond Assertions: Advanced Specification and Verification with JML and ESC/Java2 , 2005, FMCO.

[4]  G. Winskel The formal semantics of programming languages , 1993 .

[5]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.

[6]  Jim Woodcock,et al.  The verified software repository: a step towards the verifying compiler , 2006, Formal Aspects of Computing.

[7]  Gary T. Leavens,et al.  Protective Interface Specifications , 1997, Formal Aspects of Computing.

[8]  Patrice Chalin,et al.  Are Practitioners Writing Contracts? , 2006, RODIN Book.

[9]  Patrice Chalin,et al.  Early detection of JML specification errors using ESC/Java2 , 2006, SAVCBS '06.

[10]  Jim Grundy,et al.  Predicative Programming - A Survey , 1993, Formal Methods in Programming and Their Applications.

[11]  K. Rustan M. Leino,et al.  Checking Java Programs via Guarded Commands , 1999, ECOOP Workshops.

[12]  David Crocker,et al.  Safe Object-Oriented Software: The Verified Design-By-Contract Paradigm , 2004 .

[13]  Bertrand Meyer,et al.  Object-oriented software construction (2nd ed.) , 1997 .

[14]  Jim Woodcock,et al.  Verified software: a grand challenge , 2006, Computer.

[15]  Patrice Chalin,et al.  Are the Logical Foundations of Verifying Compiler Prototypes Matching user Expectations? , 2007, Formal Aspects of Computing.

[16]  Jeannette M. Wing A TWO-TIERED APPROACH TO SPECIFYING PROGRAMS , 1983 .

[17]  C. A. R. Hoare,et al.  Verified Software: Theories, Tools, Experiments Vision of a Grand Challenge Project , 2005, VSTTE.

[18]  Andrew Taylor,et al.  IT projects: sink or swim , 2000 .

[19]  C. A. R. Hoare,et al.  The verifying compiler: A grand challenge for computing research , 2003, JACM.

[20]  Keith Devlin,et al.  WHY UNIVERSITIES REQUIRE COMPUTER SCIENCE STUDENTS TO TAKE MATH , 2003 .

[21]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[22]  Reiner Hähnle,et al.  Many-Valued Logic, Partiality, and Abstraction in Formal Specification Languages , 2005, Log. J. IGPL.

[23]  Beata Konikowska,et al.  Two over three: a two-valued logic for software specification and validation over a three-valued predicate calculus , 1991, J. Appl. Non Class. Logics.

[24]  Ken Frazer,et al.  Review of "Use cases, requirements in context by Daryl Kulak and Eamon Guiney." Addison-Wesley 2004 , 2004, SOEN.

[25]  Daryl Kulak,et al.  Use cases: requirements in context , 2000, SOEN.

[26]  Joseph M. Morris,et al.  Non-Deterministic Expressions and Predicate Transformers , 1997, Inf. Process. Lett..

[27]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[28]  Jon A. Turner,et al.  Understanding the Process of Information Technology Implementation , 1995 .

[29]  Mark Lillibridge,et al.  Extended static checking for Java , 2002, PLDI '02.

[30]  E. James Whitehead,et al.  Managerial Issues for the Consideration and Use of Formal Methods , 2003, FME.

[31]  Ken Frazer,et al.  Review of "Managing software requirements, a use case approach by Dean Leffingwell and Don Widrig." Addison-Wesley 2003 , 2004, SOEN.

[32]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[33]  David R. Cok,et al.  ESC/Java2: Uniting ESC/Java and JML , 2004, CASSIS.

[34]  John Rushby,et al.  A Less Elementary Tutorial for the PVS Specification and Verification System , 1996 .

[35]  K. Kuhn,et al.  From Hospital Information Systems to Health Information Systems , 2001, Methods of Information in Medicine.

[36]  Capers Jones,et al.  Applied software measurement: assuring productivity and quality , 1991 .

[37]  Cliff B. Jones,et al.  A typed logic of partial functions reconstructed classically , 1993, Acta Informatica.

[38]  K. Rustan M. Leino,et al.  Ecstatic: An object-oriented programming language with an axiomatic semantics , 2006 .

[39]  Gary T. Leavens,et al.  Modular invariants for layered object structures , 2006, Sci. Comput. Program..

[40]  Reinhard Wilhelm,et al.  Parametric shape analysis via 3-valued logic , 1999, POPL '99.

[41]  J. J. Whelan,et al.  5th international conference on software engineering , 1981, SOEN.

[42]  Jeannette M. Wing Writing Larch interface language specifications , 1987, TOPL.

[43]  Fred B. Schneider,et al.  Avoiding the Undefined by Underspecification , 1995, Computer Science Today.

[44]  Gary T. Leavens,et al.  How the design of JML accommodates both runtime assertion checking and formal verification , 2003, Sci. Comput. Program..

[45]  Bob Walraet,et al.  INTRODUCTION TO OVERTURE , 1991 .

[46]  Frank D. Valencia,et al.  Formal Methods for Components and Objects , 2002, Lecture Notes in Computer Science.

[47]  Andrzej Tarlecki,et al.  A three-valued logic for software specification and validation , 1988, Fundam. Informaticae.

[48]  Joshua J. Bloch Effective Java : programming language guide , 2001 .

[49]  Dean Leffingwell,et al.  Managing Software Requirements: A Use Case Approach , 2003 .

[50]  David Beymer,et al.  How to Track What People Do , 2003 .

[51]  John G. P. Barnes,et al.  High Integrity Software - The SPARK Approach to Safety and Security , 2003 .

[52]  Gary T. Leavens,et al.  Design by Contract with JML , 2006 .

[53]  Marsha Chechik,et al.  chi-Chek: A Multi-valued Model-Checker , 2002, CAV.