Are the Logical Foundations of Verifying Compiler Prototypes Matching user Expectations?

The verifying compiler (VC) project proposals suggest that mainstream software developers are its targeted end-users. Like other software engineering efforts, the VC project success depends on appropriate end-user consultation. Industrial use of program assertions for the purpose of run-time assertion checking (RAC) is becoming commonplace. A likely next step on the path to VC adoption is the use of assertions in extended static checking (ESC), a fully automated form of static program verification (SPV). Unfortunately, all current VC prototypes supporting SPV, adopt a semantics which is unsound relative to the standard run-time interpretation of assertions. In this article, we report on the results of a survey in which we asked industrial developers what logical semantics they want program assertions to have, and whether consistency across RAC and SPV tools is important. Survey results indicate that developers are in favor of a semantics for assertions that is compatible with their current use in RAC.

[1]  K. Rustan M. Leino,et al.  The Spec# Programming System: An Overview , 2004, CASSIS.

[2]  Benjamin C. Pierce,et al.  Types and programming languages: the next generation , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[3]  Claude Marché,et al.  The KRAKATOA tool for certificationof JAVA/JAVACARD programs annotated in JML , 2004, J. Log. Algebraic Methods Program..

[4]  Mickey Williams,et al.  Microsoft Visual C# .NET , 2002 .

[5]  Gary T. Leavens,et al.  Design by Contract with JML , 2006 .

[6]  Ken Frazer,et al.  Review of "Use cases, requirements in context by Daryl Kulak and Eamon Guiney." Addison-Wesley 2004 , 2004, SOEN.

[7]  Jeannette M. Wing Writing Larch interface language specifications , 1987, TOPL.

[8]  C. A. R. Hoare,et al.  The verifying compiler: A grand challenge for computing research , 2003, JACM.

[9]  Fred B. Schneider,et al.  Avoiding the Undefined by Underspecification , 1995, Computer Science Today.

[10]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[11]  P. K. Kannan,et al.  E-service: a new paradigm for business in the electronic environment , 2003, CACM.

[12]  Stephen J. Garland,et al.  Larch: Languages and Tools for Formal Specification , 1993, Texts and Monographs in Computer Science.

[13]  Daryl Kulak,et al.  Use cases: requirements in context , 2000, SOEN.

[14]  Greg Nelson,et al.  Extended static checking for Java , 2002, PLDI '02.

[15]  Wolfgang Polak,et al.  Formal Verification of Ada Programs , 1990, IEEE Trans. Software Eng..

[16]  Beata Konikowska,et al.  Two over three: a two-valued logic for software specification and validation over a three-valued predicate calculus , 1991, J. Appl. Non Class. Logics.

[17]  Patrice Chalin,et al.  Reassessing JML’s Logical Foundation , 2005 .

[18]  David Crocker,et al.  Safe Object-Oriented Software: The Verified Design-By-Contract Paradigm , 2004 .

[19]  Patrice Chalin,et al.  Integrating Static Checking and Interactive Verification: Supporting Multiple Theories and Provers in Verification , 2005, VSTTE.

[20]  K. Rustan M. Leino,et al.  Extended static checking , 1998, PROCOMET.

[21]  Bart Jacobs,et al.  Java Program Verification at Nijmegen: Developments and Perspective , 2003, ISSS.

[22]  John G. P. Barnes,et al.  High Integrity Software - The SPARK Approach to Safety and Security , 2003 .

[23]  Bertrand Meyer,et al.  Object-Oriented Software Construction, 2nd Edition , 1997 .

[24]  C. A. R. Hoare Assertions: A Personal Perspective , 2002, Software Pioneers.

[25]  Guy L. Steele,et al.  Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley)) , 2005 .

[26]  Michael D. Ernst,et al.  An overview of JML tools and applications , 2003, International Journal on Software Tools for Technology Transfer.

[27]  Bjarne Stroustrup,et al.  C++ Programming Language , 1986, IEEE Softw..

[28]  Joshua J. Bloch Effective Java : programming language guide , 2001 .

[29]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[30]  Jean-Louis Lanet,et al.  Java Applet Correctness: A Developer-Oriented Approach , 2003, FME.

[31]  David R. Cok,et al.  ESC/Java2: Uniting ESC/Java and JML , 2004, CASSIS.

[32]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[33]  Bernhard Beckert,et al.  The KeY tool , 2005, Software & Systems Modeling.

[34]  John Rushby,et al.  A Less Elementary Tutorial for the PVS Specification and Verification System , 1996 .

[35]  K. Kuhn,et al.  From Hospital Information Systems to Health Information Systems , 2001, Methods of Information in Medicine.

[36]  Capers Jones,et al.  Applied software measurement (2nd ed.): assuring productivity and quality , 1996 .

[37]  Cliff B. Jones,et al.  A typed logic of partial functions reconstructed classically , 1993, Acta Informatica.

[38]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[39]  Keith Devlin,et al.  WHY UNIVERSITIES REQUIRE COMPUTER SCIENCE STUDENTS TO TAKE MATH , 2003 .

[40]  Cliff B. Jones,et al.  The Early Search for Tractable Ways of Reasoning about Programs , 2003, IEEE Ann. Hist. Comput..

[41]  C. A. R. Hoare,et al.  Verified Software: Theories, Tools, Experiments Vision of a Grand Challenge Project , 2005, VSTTE.

[42]  Jon A. Turner,et al.  Understanding the Process of Information Technology Implementation , 1995 .

[43]  Heike Wehrheim,et al.  Jass - Java with Assertions , 2001, RV@CAV.

[44]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[45]  Capers Jones,et al.  Applied software measurement: assuring productivity and quality , 1991 .

[46]  K. Rustan M. Leino,et al.  Declaring and checking non-null types in an object-oriented language , 2003, OOPSLA.

[47]  Patrice Chalin,et al.  Are Practitioners Writing Contracts? , 2006, RODIN Book.

[48]  Cliff B. Jones,et al.  A logic covering undefinedness in program proofs , 1984, Acta Informatica.

[49]  Reiner Hähnle,et al.  Many-Valued Logic, Partiality, and Abstraction in Formal Specification Languages , 2005, Log. J. IGPL.

[50]  Andrew Taylor,et al.  IT projects: sink or swim , 2000 .

[51]  Arnd Poetzsch-Heffter,et al.  An Architecture for Interactive Program Provers , 2000, TACAS.

[52]  Cliff B. Jones,et al.  On the Usability of Logics which Handle Partial Functions , 1991 .

[53]  David R. Cok,et al.  ESC/Java2: Uniting ESC/Java and JML Progress and Issues in Building and Using ESC/Java2, Including a Case Study Involving the Use of the Tool to Verify Portions of an Internet Voting Tally System , 2005 .

[54]  Bjarne Stroustrup,et al.  The C++ Programming Language, Second Edition , 1991 .

[55]  David S. Rosenblum A Practical Approach to Programming With Assertions , 1995, IEEE Trans. Software Eng..

[56]  Peter Grogono,et al.  Identification of and Solutions to Shortcomings of LCL, a Larch/C Interface Specification Language , 1996, FME.

[57]  Bart Jacobs,et al.  The LOOP Compiler for Java and JML , 2001, TACAS.

[58]  Peter Grogono,et al.  On the language design and semantic foundation of lcl, a larch/c interface specification language , 1996 .

[59]  E. James Whitehead,et al.  Managerial Issues for the Consideration and Use of Formal Methods , 2003, FME.

[60]  Yang Meng Tan,et al.  LCLint: a tool for using specifications to check code , 1994, SIGSOFT '94.