A case study of specification and verification using JML in an avionics application

The literature for deductive formal verification is quite rich; however, very few case studies have been done. The authors present a case study of using deductive formal verification of a navigation system from the avionics domain. Both writing the specifications and their verification with a runtime assertion checker and KEY, a tool using automatic theorem proving techniques for verifying JAVA programs, are covered.

[1]  簡聰富,et al.  物件導向軟體之架構(Object-Oriented Software Construction)探討 , 1989 .

[2]  Yoonsik Cheon,et al.  A Runtime Assertion Checker for the Java Modeling Language (JML) , 2003, ICSE 2003.

[3]  Greg Nelson,et al.  Extended static checking for Java , 2002, PLDI '02.

[4]  Anneke Kleppe,et al.  The Object Constraint Language: Getting Your Models Ready for MDA , 2003 .

[5]  Jeannette M. Wing,et al.  A behavioral notion of subtyping , 1994, TOPL.

[6]  Stephen H. Edwards,et al.  Model variables: cleanly supporting abstraction in design by contract , 2005, Softw. Pract. Exp..

[7]  Gary T. Leavens,et al.  How the design of JML accommodates both runtime assertion checking and formal verification , 2003, Sci. Comput. Program..

[8]  Bernhard Beckert,et al.  A Dynamic Logic for the Formal Verification of Java Card Programs , 2000, Java Card Workshop.

[9]  Peter H. Schmitt,et al.  Provably correct loops bounds for realtime Java programs , 2006, JTRES '06.

[10]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[11]  Bernhard Beckert,et al.  The KeY tool , 2005, Software & Systems Modeling.

[12]  Néstor Cataño,et al.  CHASE: A Static Checker for JML's Assignable Clause , 2002, VMCAI.

[13]  Gary T. Leavens,et al.  Forcing behavioral subtyping through specification inheritance , 1996, Proceedings of IEEE 18th International Conference on Software Engineering.

[14]  Bertrand Meyer,et al.  Object-Oriented Software Construction, 2nd Edition , 1997 .