Verified Characteristic Formulae for CakeML

Characteristic Formulae (CF) offer a productive, principled approach to generating verification conditions for higher-order imperative programs, but so far the soundness of CF has only been considered with respect to an informal specification of a programming language (OCaml). This leaves a gap between what is established by the verification framework and the program that actually runs. We present a fully-fledged CF framework for the formally specified CakeML programming language. Our framework extends the existing CF approach to support exceptions and I/O, thereby covering the full feature set of CakeML, and comes with a formally verified soundness theorem. Furthermore, it integrates with existing proof techniques for verifying CakeML programs. This validates the CF approach, and allows users to prove end-to-end theorems for higher-order imperative programs, from specification to language semantics, within a single theorem prover.

[1]  Adam Chlipala,et al.  Using Crash Hoare logic for certifying the FSCQ file system , 2015, USENIX Annual Technical Conference.

[2]  John C. Reynolds,et al.  Separation logic: a logic for shared mutable data structures , 2002, Proceedings 17th Annual IEEE Symposium on Logic in Computer Science.

[3]  Sidney Amani,et al.  Refinement through restraint: bringing down the cost of verification , 2016, ICFP 2016.

[4]  Simon L. Peyton Jones,et al.  HALO: haskell to logic through denotational semantics , 2013, POPL.

[5]  Arthur Charguéraud,et al.  Characteristic formulae for the verification of imperative programs , 2011, ICFP.

[6]  J. Strother Moore,et al.  An approach to systems verification , 1989, Journal of Automated Reasoning.

[7]  Ramana Kumar,et al.  CakeML: a verified implementation of ML , 2014, POPL.

[8]  Michael Norrish,et al.  seL4: formal verification of an OS kernel , 2009, SOSP '09.

[9]  Andrew W. Appel,et al.  Verified Software Toolchain , 2012, NASA Formal Methods.

[10]  Benjamin C. Pierce The Weird World of Bi-directional Programming , 2006, ESOP.

[11]  Peter Lammich,et al.  Refinement based verification of imperative data structures , 2016, CPP.

[12]  Adam Chlipala,et al.  Fiat , 2015, POPL.

[13]  Adam Chlipala,et al.  Effective interactive proofs for higher-order imperative programs , 2009, ICFP.

[14]  Juan Chen,et al.  Self-certification: bootstrapping certified typecheckers in F* with Coq , 2012, POPL '12.

[15]  Ramana Kumar,et al.  Functional Big-Step Semantics , 2016, ESOP.

[16]  Arthur Charguéraud Program verification through characteristic formulae , 2010, ICFP '10.

[17]  Matthew Z. Weaver,et al.  CertiCoq : A verified compiler for Coq , 2016 .

[18]  Peter V. Homeier The HOL-Omega Logic , 2009, TPHOLs.

[19]  Arthur Charguéraud,et al.  Machine-Checked Verification of the Correctness and Amortized Complexity of an Efficient Union-Find Implementation , 2015, ITP.

[20]  Norbert Schirmer,et al.  Verification of sequential imperative programs in Isabelle-HOL , 2006 .

[21]  Magnus O. Myreen,et al.  Proof-producing translation of higher-order logic into pure and stateful ML , 2014, Journal of Functional Programming.

[22]  Gerwin Klein,et al.  Don't sweat the small stuff: formal verification of C code without the pain , 2014, PLDI.

[23]  Pierre-Yves Strub,et al.  Dependent types and multi-monadic effects in F* , 2016, POPL.

[24]  Ramana Kumar,et al.  A new verified compiler backend for CakeML , 2016, ICFP.

[25]  Peter Lammich,et al.  Refinement to Imperative HOL , 2015, Journal of Automated Reasoning.

[26]  Adam Chlipala,et al.  The bedrock structured programming system: combining generative metaprogramming and hoare logic in an extensible program verifier , 2013, ICFP.