Roadmap for enhanced languages and methods to aid verification

Leavens, Gary T.; Abrial, Jean-Raymond; Batory, Don; Butler, Michael; Coglio, Alessandro; Fisler, Kathi; Hehner, Eric C. R.; Jones, Cliff B.; Miller, Dale; Peyton-Jones, Simon; Sitaraman, Murali; Smith, Douglas R.; Stump, Aaron

doi:10.1145/1173706.1173740

Cited by 48 publications

(18 citation statements)

References 128 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, there is also work towards automated support for refinement [69]. Theorem provers: The ultimate advantage of using a formal over an informal model is the ability to verify its properties to a high level of rigour [70], even for infinite state systems. Given our concern to balance effort and insight, some degree of automation is required here [71].…”

Section: Verification Of Formal Modelsmentioning

confidence: 99%

Balancing Insight and Effort: The Industrial Uptake of Formal Methods

Fitzgerald

Larsen

Lecture Notes in Computer Science

View full text Add to dashboard Cite

This paper is a contribution to the Festschrift marking the 70th birthdays of Prof. Dines Bjoerner and Prof. Zhou Chaochen. Our goal is to help the developers of computer-based systems to make informed design decisions on the basis of insights gained from the rigorous analysis of abstract system models. The early work on model-oriented specification has inspired the development of numerous formalisms and tools supporting modelling and analysis. There are also many stories of successful industrial application, often driven by a few champions possessing deep a priori understanding of formalisms. There are fewer cases of successful take-up or adoption of the technologyin the long term.We argue that successful industrial adoption of this technology requires that potential users strike a balance between the effort expended in producing and analysing a model and insight gained. In order to support this balancing act, tools need to offer a range of levels of effort and insight. Further, educators need to recognise that training in formal development techniques must support this trade-off process. AbstractThis paper is a contribution to the Festschrift marking the 70th birthdays of Prof. Dines Bjoerner and Prof. Zhou Chaochen. Our goal is to help the developers of computer-based systems to make informed design decisions on the basis of insights gained from the rigorous analysis of abstract system models. The early work on modeloriented specification has inspired the development of numerous formalisms and tools supporting modelling and analysis. There are also many stories of successful industrial application, often driven by a few champions possessing deep a priori understanding of formalisms. There are fewer cases of successful take-up or adoption of the technology in the long term. We argue that successful industrial adoption of this technology requires that potential users strike a balance between the effort expended in producing and analysing a model and insight gained. In order to support this balancing act, tools need to offer a range of levels of effort and insight. Further, educators need to recognise that training in formal development techniques must support this trade-off process. About the authorJohn Fitzgerald is Reader in Computing Science at Newcastle University. His research concerns the use of formal methods to support the design of systems that reconfigure in response to threats. He is co-Investigator in the Trustworthy Ambient Systems project and is Chairman of Formal Methods Europe. Peter Gorm Larsen is Professor of Computer Technology and Embedded Systems at The Engineering College ofAarhus, Denmark and an independent consultant. An authority on system modelling, particularly the Vienna Development Method, he has pioneered the development of industrial-strength tool support for model-oriented specification languages, heading the group that initially developed VDMTools(R) now owned by CSK. Abstract. Our goal is to help the developers of computer-based systems to make informed design decisions...

show abstract

Section: Verification Of Formal Modelsmentioning

confidence: 99%

Balancing Insight and Effort: The Industrial Uptake of Formal Methods

Fitzgerald

Larsen

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…There are many forks in the road of research toward verified software [LAB06] and there are many fundamental questions [Jon03]. Considerable related work lies down the paths not taken by our team, all of which offer hope for progress that other researchers will and should continue to pursue.…”

Section: Related Work and Conclusionmentioning

confidence: 99%

Building a push-button RESOLVE verifier: Progress and challenges

et al. 2011

Self Cite

View full text Add to dashboard Cite

A central objective of the verifying compiler grand challenge is to develop a push-button verifier that generates proofs of correctness in a syntax-driven fashion similar to the way an ordinary compiler generates machine code. The software developer’s role is then to provide suitable specifications and annotated code, but otherwise to have no direct involvement in the verification step. However, the general mathematical developments and results upon which software correctness is based may be established through a separate formal proof process in which proofs might be mechanically checked, but not necessarily automatically generated. While many ideas that could conceivably form the basis for software verification have been known “in principle” for decades, and several tools to support an aspect of verification have been devised, practical fully automated verification of full software behavior remains a grand challenge. This paper explains how RESOLVE takes a step towards addressing this challenge by integrating foundational and practical elements of software engineering, programming languages, and mathematical logic into a coherent framework. Current versions of the RESOLVE verifier generate verification conditions (VCs) for the correctness of component-based software in a modular fashion—one component at a time. The VCs are currently verified using automated capabilities of the Isabelle proof assistant, the SMT solver Z3, a minimalist rewrite prover, and some specialized decision procedures. Initial experiments with the tools and further analytic considerations show both the progress that has been made and the challenges that remain.

show abstract

“…The research roadmap that one Grand Challenge project subcommittee recently produced illustrates the richness of the possible repertoire of verification techniques. 3 Reflecting this richness, the more general term tools for program verification has now replaced the term verifying compiler.…”

Section: Michael Jacksonmentioning

confidence: 99%

“…All this is already envisioned in a proposal for the repository of documentation 2 and a discussion of research directions. 3 Extending the range of verification inputs in this way, to include formalizations of the problem and its environment, considerably broadens the goal of verifying program correctness with respect to a program specification.…”

Section: Physical World Descriptionsmentioning

confidence: 99%

“…In the other direction, our desire for verification has influenced language development toward greater clarity and simplicity in programming. 3 The history of types in programming languages illustrates the symbiosis between enhanced languages and verification methods very well. A similar symbiosis could exist in a wider context.…”

Section: Formalizations Of Environment Properties and System Requiremmentioning

confidence: 99%

See 1 more Smart Citation

What Can We Expect from Program Verification?

Jackson

2006

Computer

View full text Add to dashboard Cite

For the proposed Grand Challenge, a correct software product is one that conforms to a formal specification. Key questions concern a specification's subject matter and its scope. Edsger Dijkstra 4 viewed a specification as a logical firewall separating the correctness concernwhether the program satisfies its formal specificationfrom the pleasantness concern-whether the program that satisfies the specification is one we'd like to have. In a more earthy formulation, the separation is between building the program right and building the right program.The reason for this separation is obvious. Designers have engineered computers to form a domain for program execution in which correct formal reasoning is fully reliable. However, in many cases, the developer must draw on knowledge of the specification subject matter because the necessary reasoning goes beyond purely programming concerns. If this subject matter is abstract and mathematical-for example, computing the convex hull of a set of points in 3-space-the required knowledge concerns relevant mathematical axioms and theorems. It's thus no less formal than the program itself and leaves the applicability of formal reasoning intact.Program verification assumes a formal program specification. In software-intensive systems, such specifications must depend on formalization of the natural, nonformal problem world.This formalization is inevitably imperfect, and poses major difficulties of structure and reasoning. Appropriate verification tools can help address these difficulties and improve system reliability.

show abstract

Roadmap for enhanced languages and methods to aid verification

Cited by 48 publications

References 128 publications

Balancing Insight and Effort: The Industrial Uptake of Formal Methods

Balancing Insight and Effort: The Industrial Uptake of Formal Methods

Building a push-button RESOLVE verifier: Progress and challenges

What Can We Expect from Program Verification?

Contact Info

Product

Resources

About