An Improved Rule for While Loops in Deductive Program Verification

Performance and usability of deductive program verification systems can be enhanced if specifications not only consist of pre-/post-condition pairs and invariants but also include information on which memory locations are modified by the program. This allows to separate the aspects of (a) which locations change and (b) how they change, state the change information in a compact way, and make the proof process more efficient. In this paper, we extend this idea from method specifications to loop invariants; and we define a proof rule for while loops that makes use of the change information associated with the loop body. It has been implemented and is successfully used in the KeY software verification system.

[1]  Norbert Schirmer,et al.  A Verification Environment for Sequential Imperative Programs in Isabelle/HOL , 2005, LPAR.

[2]  Bernhard Beckert,et al.  A Dynamic Logic for the Formal Verification of Java Card Programs , 2000, Java Card Workshop.

[3]  K. Rustan M. Leino,et al.  Extended static checking , 1998, PROCOMET.

[4]  Bernhard Beckert,et al.  Dynamic Logic , 2007, The KeY Approach.

[5]  Krzysztof R. Apt,et al.  Ten Years of Hoare's Logic: A Survey—Part I , 1981, TOPL.

[6]  Bernhard Beckert,et al.  The Approach: Integrating Object-oriented Design and Formal Verification (cid:3) , 2007 .

[7]  John Mylopoulos,et al.  On the Frame Problem in Procedure Specifications , 1995, IEEE Trans. Software Eng..

[8]  Yde Venema,et al.  Dynamic Logic by David Harel, Dexter Kozen and Jerzy Tiuryn. The MIT Press, Cambridge, Massachusetts. Hardback: ISBN 0–262–08289–6, $50, xv + 459 pages , 2002, Theory and Practice of Logic Programming.

[9]  Michael D. Ernst,et al.  Dynamically discovering likely program invariants , 2000 .

[10]  Albert L. Baker,et al.  JML: A Notation for Detailed Design , 1999, Behavioral Specifications of Businesses and Systems.

[11]  Bernhard Beckert,et al.  Program verification using change information , 2003, First International Conference onSoftware Engineering and Formal Methods, 2003.Proceedings..

[12]  Fausto Spoto,et al.  Static Analysis for JML's assignable Clauses , 2003 .

[13]  Albert L. Baker,et al.  Preliminary design of JML: a behavioral interface specification language for java , 2006, SOEN.

[14]  Erwin Engeler,et al.  Logic of Programs , 1981, Lecture Notes in Computer Science.

[15]  Néstor Cataño,et al.  CHASE: A Static Checker for JML's Assignable Clause , 2002, VMCAI.

[16]  Philipp Rümmer,et al.  Sequential, Parallel, and Quantified Updates of First-Order Structures , 2006, LPAR.

[17]  Bernhard Beckert,et al.  The KeY tool , 2005, Software & Systems Modeling.

[18]  Michael D. Ernst,et al.  Efficient incremental algorithms for dynamic detection of likely invariants , 2004, SIGSOFT '04/FSE-12.