Will Informatics be able to Justify the Construction of Large Computer Based Systems

The present and the previous article on Realistic Correct Systems Implementation together address correct construction and functioning of large computer based systems. In view of so many annoying and dangerous system misbehaviors we want to ask: Can informaticians righteously be accounted for incorrectness of systems, will they be able to justify systems to work correctly as intended? We understand the word justification in this sense, i.e. for the design of computer based systems, the formulation of mathematical models of information flows, and the construction of controlling software to be such that the expected system effects, the absence of internal failures, and the robustness towards misuses and malicious external attacks are foreseeable as logical consequences of the models. Since more than 40 years, theoretical informatics, software engineering and compiler construction have made important contributions to correct specification and also to correct high-level implementation of compilers. But the third step, translation — bootstrapping — of high level compiler programs into host machine code by existing host compilers, is as important. So far there are no realistic recipes to close this gap, although it is known for many years that trust in executable code can dangerously be compromised by Trojan Horses in compiler executables, even if they pass strongest tests. Our article will show how to close this low level gap. We demonstrate the method of rigorous syntactic a-posteriori code inspection, which has been developed by the research group Verifix funded by the Deutsche Forschungsgemeinschaft (DFG).

[1]  Amir Pnueli,et al.  Translation Validation , 1998, TACAS.

[2]  J. Strother Moore Piton: A Mechanically Verified Assembly-Level Language , 1996 .

[3]  Wolfgang Goerigk,et al.  Towards Rigorous Compiler Implementation Verification , 1999, Collaboration between Human and Artificial Societies.

[4]  David F. Martin,et al.  Toward compiler implementation correctness proofs , 1986, TOPL.

[5]  Wolfgang Goerigk,et al.  Rigorous Compiler Implementation Correctness: How to Prove the Real Thing Correct , 1998, FM-Trends.

[6]  Wolfgang Goerigk Compiler verification revisited , 2000 .

[7]  Fausto Giunchiglia,et al.  A Provably Correct Embedded Verifier for the Certification of Safety Critical Software , 1997, CAV.

[8]  Manuel Blum,et al.  Program Result Checking against Adaptive Programs and in Cryptographic Settings , 1989, Distributed Computing And Cryptography.

[9]  Axel Dold,et al.  A Mechanically Verified Compiling Specification for a Lisp Compiler , 2001, FSTTCS.

[10]  Hans Langmaack,et al.  Softwareengineering zur Zertifizierung von Systemen: Spezifikations-, Implementierungs-, Ubersetzerkorrektheit , 1997, Informationstechnik Tech. Inform..

[11]  Gerhard Goos,et al.  Verification of Compilers , 1999, Correct System Design.

[12]  Thilo S. Gaul,et al.  Correct Programs without Proof? On Checker-Based Program Verification , 1998, Tool Support for System Specification, Development and Verification.

[13]  Andreas Wolf,et al.  On Excusable and Inexcusable Failures , 1999, World Congress on Formal Methods.

[14]  Hans Langmaack,et al.  Contribution to Goodenough's and Gerhart's Theory of Software Testing and Verification: Relation between Strong Compiler Test and Compiler Implementation Verification , 1997, Foundations of Computer Science: Potential - Theory - Cognition.