Approches formelles dans l'assistance au développement de logiciels

The B-method, as well as its offspring Event-B, are both tool-supported formal methods used for the development of computer systems whose correctness is formally proven. However, the more complex the specification becomes, the more proof obligations need to be discharged. While many proof obligations can be discharged automatically by recent tools such as the RODIN platform, a considerable number still have to be proven interactively. This can be either because the required proof is too complicated or because the B model is erroneous. In this paper we describe a disprover plugin for RODIN that utilizes the ProB animator and model checker to automatically find counterexamples for a given problematic proof obligation. In case the disprover finds a counterexample, the user can directly investigate the source of the problem (as pinpointed by the counterexample) and should not attempt to prove the proof obligation. We also discuss under which circumstances our plug-in can be used as a prover, i.e., when the absence of a counterexample actually is a proof of the proof obligation.

[1]  Ninghui Li,et al.  Comparing the expressive power of access control models , 2004, CCS '04.

[2]  Ajay Chander,et al.  A state-transition model of trust management and access control , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[3]  Andrew John Kennedy,et al.  Programming languages and dimensions , 1995 .

[4]  M. Fowler Improving the Design of Existing Code , 2000 .

[5]  Bo Yang,et al.  Addressing quality attributes in domain analysis for product lines , 2006, IEE Proc. Softw..

[6]  Eugene Miya,et al.  On "Software engineering" , 1985, SOEN.

[7]  Nicolas Halbwachs,et al.  Automatic testing of reactive systems , 1998, Proceedings 19th IEEE Real-Time Systems Symposium (Cat. No.98CB36279).

[8]  Gordon S. Novak Conversion of Units of Measurement , 1995, IEEE Trans. Software Eng..

[9]  Denis Thieffry,et al.  Formalisation of regulatory networks: a logical method and its automatization , 1993 .

[10]  Mary Shaw,et al.  Software architecture: the next step for object technology (panel) , 1993, OOPSLA '93.

[11]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[12]  Fang Chen,et al.  The multilevel relational (MLR) data model , 1998, TSEC.

[13]  Thérèse Hardin,et al.  Building certified components within FOCAL , 2004, Trends in Functional Programming.

[14]  James C. King A new approach to program testing , 1975 .

[15]  Damien Doligez,et al.  Zenon : An Extensible Automated Theorem Prover Producing Checkable Proofs , 2007, LPAR.

[16]  Charles Morisset,et al.  Towards a formal specification of access control , 2006 .

[17]  Mary Shaw,et al.  Software architecture - perspectives on an emerging discipline , 1996 .

[18]  Pascale Le Gall,et al.  Symbolic Modeling of Genetic Regulatory Networks , 2007, J. Bioinform. Comput. Biol..

[19]  Michael J. Butler,et al.  ProB: A Model Checker for B , 2003, FME.

[20]  Serban I. Gavrila,et al.  Formal specification for role based access control user/role and role/role relationship management , 1998, RBAC '98.

[21]  Damien Doligez,et al.  Algorithms and Proofs Inheritance in the FOC Language , 2003, Journal of Automated Reasoning.

[22]  Charles Morisset,et al.  Formalisation and implementation of access control models , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[23]  Atif M. Memon,et al.  GUI ripping: reverse engineering of graphical user interfaces for testing , 2003, 10th Working Conference on Reverse Engineering, 2003. WCRE 2003. Proceedings..

[24]  Jean-Raymond Abrial,et al.  Formal methods in industry: achievements, problems, future , 2006, ICSE.

[25]  Adrien Richard,et al.  Application of formal methods to biological regulatory networks: extending Thomas' asynchronous logical approach with temporal logic. , 2004, Journal of theoretical biology.

[26]  Paul Clements,et al.  Software product lines - practices and patterns , 2001, SEI series in software engineering.

[27]  El Houssine Snoussi,et al.  Logical identification of all steady states: The concept of feedback loop characteristic states , 1993 .

[28]  David Naccache,et al.  The Sorcerer's Apprentice Guide to Fault Attacks , 2006, Proceedings of the IEEE.

[29]  Paul Benoit,et al.  Météor: A Successful Application of B in a Large Project , 1999, World Congress on Formal Methods.

[30]  James P Anderson,et al.  Computer Security Technology Planning Study , 1972 .

[31]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[32]  Sam Supakkul,et al.  Integrating FRs and NFRs : A Use Case and Goal Driven Approach , 2004 .

[33]  Len LaPadula,et al.  Secure Computer Systems: A Mathematical Model , 1996 .

[34]  Koushik Sen,et al.  DART: directed automated random testing , 2005, PLDI '05.

[35]  Virgile Prevosto,et al.  Making proofs in a hierarchy of mathematical structures , 2003 .

[36]  Paul Gastin,et al.  Fast LTL to Büchi Automata Translation , 2001, CAV.

[37]  Stephen McCamant,et al.  Annotation-less Unit Type Inference for C , 2005 .

[38]  Mari Matinlassi,et al.  Comparison of software product line architecture design methods: COPA, FAST, FORM, KobrA and QADA , 2004, Proceedings. 26th International Conference on Software Engineering.

[39]  Narain H. Gehani Ada's derived types and units of measure , 1985, Softw. Pract. Exp..

[40]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[41]  E. Gureghian,et al.  A full formalisation of the Bell and La Padula security model , 2003 .

[42]  Charles Morisset,et al.  A formal approach to implement access control , 2006 .

[43]  Jean-Raymond Abrial,et al.  The B-book - assigning programs to meanings , 1996 .

[44]  David Delahaye,et al.  Certifying Airport Security Regulations Using the Focal Environment , 2006, FM.

[45]  Catherine Dubois,et al.  Réutilisation de preuves formelles : une étude pour le système FoC , 2003, JFLA.

[46]  Frank Waters,et al.  The B Book , 1971 .

[47]  Philippe A. Palanque,et al.  Validating interactive system design through the verification of formal task and system models , 1995, EHCI.

[48]  Peter Amey Dear Sir, Yours faithfully: an Everyday Story of Formality , 2004 .

[49]  Julien Blond,et al.  Formalisation et implantation d'une politique de sécurité d'une base de données , 2006 .

[50]  Zhendong Su,et al.  Osprey: a practical type system for validating dimensional unit correctness of C programs , 2006, ICSE.

[51]  Uzi Vishkin,et al.  Optimal Doubly Logarithmic Parallel Algorithms Based on Finding All Nearest Smaller Values , 1993, J. Algorithms.

[52]  J. Fromentin,et al.  Analysing Gene Regulatory Networks by both Constraint Programming and Model-Checking , 2007, 2007 29th Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[53]  Ravi Sandhu A Lattice Interpretation Of The Chinese Wall Policy , 1992 .