Extending Source Code Generators for Evidence-Based Software Certification

Automated code generation offers many advantages over manual software development but treating generators as trusted black boxes raise problems for certification. Traditional process-oriented approaches to certification thus require that the generator be verified to the same level of assurance as the generated code, but this is infeasible for realistic generators. However, generators can be extended to support an evidence-based approach to certification. By careful design of the trusted kernel, assurance of the generator itself is not required. In this paper, we describe several related extensions to two in-house code generators to provide two forms of evidence along with the code: safety proofs and safety explanations. We also describe how additionally provided links are used to trace between the code and the safety artifacts.

[1]  Tobias Nipkow,et al.  Proof Terms for Simply Typed Higher Order Logic , 2000, TPHOLs.

[2]  Johann Schumann,et al.  An Empirical Evaluation of Automated Theorem Provers in Software Certification , 2013, Int. J. Artif. Intell. Tools.

[3]  Johann Schumann,et al.  Synthesizing Certified Code , 2002, FME.

[4]  David A. Basin The Next 700 Synthesis Calculi , 2002, FME.

[5]  Geoff Sutcliffe The IJCAR-2004 Automated Theorem Proving Competition , 2005, AI Commun..

[6]  Kevin Barraclough,et al.  I and i , 2001, BMJ : British Medical Journal.

[7]  Johann Schumann,et al.  Under Consideration for Publication in J. Functional Programming Autobayes: a System for Generating Data Analysis Programs from Statistical Models , 2022 .

[8]  Hoyt Lougee,et al.  SOFTWARE CONSIDERATIONS IN AIRBORNE SYSTEMS AND EQUIPMENT CERTIFICATION , 2001 .

[9]  Johann Schumann,et al.  Automating the implementation of Kalman filter algorithms , 2004, TOMS.

[10]  Aaas News,et al.  Book Reviews , 1893, Buffalo Medical and Surgical Journal.

[11]  Ranan Fraer Tracing the Origins of Verification Conditions , 1996, AMAST.

[12]  Ewen Denney,et al.  A generic annotation inference algorithm for the safety certification of automatically generated code , 2006, GPCE '06.

[13]  Ewen Denney,et al.  Correctness of Source-Level Safety Policies , 2003, FME.

[14]  Zhong Shao,et al.  A Syntactic Approach to Foundational Proof-Carrying Code , 2004, Journal of Automated Reasoning.

[15]  James M. Boyle,et al.  Proving refinement transformations for deriving high-assurance software , 1996, Proceedings. IEEE High-Assurance Systems Engineering Workshop (Cat. No.96TB100076).

[16]  Geoff Sutcliffe,et al.  The development of CASC , 2002, AI Commun..

[17]  Christoph Weidenbach,et al.  S PASS Version 2.0 , 2002, CADE.

[18]  Ewen Denney,et al.  A Generic Software Safety Document Generator , 2004, AMAST.

[19]  Johann Schumann,et al.  What makes a code review trustworthy? , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[20]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[21]  Geoff Sutcliffe,et al.  The TPTP Problem Library , 1994, CADE.

[22]  William McCune,et al.  Ivy: a preprocessor and proof checker for first-order logic , 2000 .

[23]  Christoph Weidenbach,et al.  SPASS version 2.0 , 2002 .

[24]  Bernhard Beckert,et al.  leanTAP: Lean tableau-based deduction , 1995, Journal of Automated Reasoning.

[25]  Geoff Sutcliffe,et al.  The CADE-19 ATP System Competition , 2004, AI Commun..

[26]  Michael R. Lowry,et al.  Deductive Composition of Astronomical Software from Subroutine Libraries , 1994, CADE.

[27]  G. Sutcliffe,et al.  Practical Proof Checking for Program Certification , 2005 .

[28]  Geoff Sutcliffe,et al.  The TPTP Problem Library , 1994, Journal of Automated Reasoning.

[29]  William McCune,et al.  OTTER 3.3 Reference Manual , 2003, ArXiv.

[30]  Michael R. Lowry,et al.  Certifying domain-specific policies , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[31]  Geoff Sutcliffe,et al.  The CADE-15 ATP System Competition , 1999, Journal of Automated Reasoning.

[32]  Ingo Stürmer,et al.  Overview of existing safeguarding techniques for automatically generated code , 2005, ACM SIGSOFT Softw. Eng. Notes.

[33]  Stephan Schulz,et al.  E - a brainiac theorem prover , 2002, AI Commun..

[34]  Ewen Denney,et al.  Certifiable program generation , 2005, GPCE'05.

[35]  Andrew W. Appel,et al.  Foundational proof-carrying code , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.

[36]  Geoff Sutcliffe,et al.  Semantic Derivation Verification , 2005, FLAIRS Conference.

[37]  Wai Wong,et al.  Validation of HOL Proofs by Proof Checking , 1999, Formal Methods Syst. Des..