Data abstraction and information hiding

This article describes an approach for verifying programs in the presence of data abstraction and information hiding, which are key features of modern programming languages with objects and modules. This article draws on our experience building and using an automatic program checker, and focuses on the property of modular soundness: that is, the property that the separate verifications of the individual modules of a program suffice to ensure the correctness of the composite program. We found this desirable property surprisingly difficult to achieve. A key feature of our methodology for modular soundness is a new specification construct: the abstraction dependency, which reveals which concrete variables appear in the representation of a given abstract variable, without revealing the abstraction function itself. This article discusses in detail two varieties of abstraction dependencies: static and dynamic. The article also presents a new technical definition of modular soundness as a monotonicity property of verifiability with respect to scope and uses this technical definition to formally prove the modular soundness of a programming discipline for static dependencies.

[1]  John McCarthy,et al.  Correctness of a compiler for arithmetic expressions , 1966 .

[2]  Robin Milner,et al.  An Algebraic Definition of Simulation Between Programs , 1971, IJCAI.

[3]  Christopher Strachey,et al.  OS6 - an experimental operating system for a small computer. Part 1: general principles and structure , 1972, Comput. J..

[4]  Christopher Strachey,et al.  OS6 - an experimental operating system for a small computer. Part 2: input/output and filing system , 1972, Comput. J..

[5]  D. L. Parnas,et al.  On the criteria to be used in decomposing systems into modules , 1972, Software Pioneers.

[6]  C. A. R. Hoare,et al.  An Axiomatic Definition of the Programming Language PASCAL , 1973, Acta Informatica.

[7]  Edsger W. Dijkstra,et al.  A Discipline of Programming , 1976 .

[8]  Niklaus Wirth,et al.  Modula: A language for modular multiprogramming , 1977, Softw. Pract. Exp..

[9]  Juris Hartmanis,et al.  The Programming Language Ada , 1983, Lecture Notes in Computer Science.

[10]  Ralph-Johan Back,et al.  Correctness preserving program refinements: Proof theory and applications , 1980 .

[11]  Professor Dr. Niklaus Wirth,et al.  Programming in Modula-2 , 1982, Springer Berlin Heidelberg.

[12]  S. J. Young,et al.  The programming language ADA reference manual: Springer-Verlag (1981) pp 243, $7.90, DM 16.50 , 1982, Microprocess. Microsystems.

[13]  Juris Hartmanis,et al.  The Programming Language Ada Reference Manual American National Standards Institute, Inc. ANSI/MIL-STD-1815A-1983 , 1983, Lecture Notes in Computer Science.

[14]  Greg Nelson,et al.  Verifying reachability invariants of linked structures , 1983, POPL '83.

[15]  Leslie Lamport,et al.  Constraints: a uniform approach to aliasing and typing , 1985, POPL.

[16]  J. Prins,et al.  A new notion of encapsulation , 1985, SLIPE '85.

[17]  Barbara Liskov,et al.  Abstraction and Specification in Program Development , 1986 .

[18]  Cliff B. Jones,et al.  Systematic software development using VDM , 1986, Prentice Hall International Series in Computer Science.

[19]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[20]  Niklaus Wirth,et al.  The programming language oberon , 1988, Softw. Pract. Exp..

[21]  V. Stavridou,et al.  Abstraction and specification in program development , 1988 .

[22]  Greg Nelson,et al.  A generalization of Dijkstra's calculus , 1989, ACM Trans. Program. Lang. Syst..

[23]  Dennis M. Volpano,et al.  The Transform - a New Language Construct , 1990, Struct. Program..

[24]  Bjarne Stroustrup,et al.  The Annotated C++ Reference Manual , 1990 .

[25]  Edsger W. Dijkstra,et al.  Predicate Calculus and Program Semantics , 1989, Texts and Monographs in Computer Science.

[26]  H. B. M. Jonkers Upgrading the Pre- and Postcondition Technique , 1991, VDM Europe.

[27]  Hanspeter Mössenböck,et al.  The Programming Language Oberon-2 , 1991, Struct. Program..

[28]  John Hogg,et al.  Islands: aliasing protection in object-oriented languages , 1991, OOPSLA '91.

[29]  Greg Nelson,et al.  Systems programming in modula-3 , 1991 .

[30]  Gary T. Leavens Modular specification and verification of object-oriented programs , 1991, IEEE Software.

[31]  William F. Ogden,et al.  Modular Verification of Data Abstractions with Shared Realizations , 1994, IEEE Trans. Software Eng..

[32]  B. Mihov,et al.  Received; accepted , 1994 .

[33]  K. R Leino,et al.  Towards Reliable Modular Programs , 1995 .

[34]  Daniel Jackson Aspect: detecting bugs with abstract dependences , 1995, TSEM.

[35]  Guy L. Steele,et al.  The Java Language Specification , 1996 .

[36]  Gary T. Leavens An Overview of Larch/C++: Behavioral Specifications for C++ Modules , 1996 .

[37]  Martín Abadi,et al.  A Theory of Objects , 1996, Monographs in Computer Science.

[38]  Reasoning about Aliasing , 1996 .

[39]  Raymie Stata,et al.  Checking object invariants , 1997 .

[40]  Paulo Sérgio Almeida Balloon Types: Controlling Sharing of State in Data Types , 1997, ECOOP.

[41]  Martín Abadi,et al.  A Logic of Object-Oriented Programs , 1997, Verification: Theory and Practice.

[42]  K. Rustan M. Leino,et al.  Extended static checking , 1998, PROCOMET.

[43]  K. Rustan M. Leino Recursive Object Types in a Logic of Object-Oriented Programs , 1998, Nord. J. Comput..

[44]  Greg Nelson,et al.  Wrestling with rep exposure , 1998 .

[45]  Jan Vitek,et al.  Flexible Alias Protection , 1998, ECOOP.

[46]  K. Rustan M. Leino,et al.  Data groups: specifying the modification of extended state , 1998, OOPSLA '98.

[47]  K. Rustan M. Leino,et al.  Virginity: A Contribution to the Specification of Object-Oriented Software , 1999, Inf. Process. Lett..

[48]  K. Rustan M. Leino,et al.  ESC/Java User's Manual , 2000 .

[49]  Arnd Poetzsch-Heffter,et al.  Modular specification and verification techniques for object-oriented software components , 2000 .

[50]  John Tang Boyland,et al.  Alias burying: Unique variables without destructive reads , 2001, Softw. Pract. Exp..

[51]  C. A. R. Hoare,et al.  Proof of Correctness of Data Representations (Reprint) , 2002, Software Pioneers.

[52]  Peter Müller,et al.  Modular Specification and Verification of Object-Oriented Programs , 2002, Lecture Notes in Computer Science.

[53]  C. A. R. Hoare,et al.  Proof of correctness of data representations , 1972, Acta Informatica.

[54]  Joseph M. Morris Laws of data refinement , 2004, Acta Informatica.