Mathematical Reasoning with Data Abstractions

Slides:



Advertisements
Similar presentations
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
Advertisements

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
This research is funded in part the U. S. National Science Foundation grant CCR DEET for Component-Based Software Murali Sitaraman, Durga P. Gandi.
Catching Bugs in Software Rajeev Alur Systems Design Research Lab University of Pennsylvania
Computer Science School of Computing Clemson University Introduction to Mathematical Reasoning Jason Hallstrom and Murali Sitaraman Clemson University.
School of Computing Clemson University Mathematical Reasoning  Goal: To prove correctness  Method: Use a reasoning table  Prove correctness on all valid.
Addressing the Challenges of Current Software. Questions to Address Why? What? Where? How?
Formal Semantics of Programming Languages 虞慧群 Topic 5: Axiomatic Semantics.
This research has been funded in part by grants from the U. S. National Science Foundation for the past 20 years. Towards Verified Software: Research and.
Arithmetic Expressions Infix form –operand operator operand 2+3 or a+b –Need precedence rules –May use parentheses 4*(3+5) or a*(b+c)
Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.
Chapter 4: Security Policies Overview The nature of policies What they cover Policy languages The nature of mechanisms Types Secure vs. precise Underlying.
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
1 Advanced Material The following slides contain advanced material and are optional.
Computer Science School of Computing Clemson University Mathematical Modeling Murali Sitaraman Clemson University.
Mathematics throughout the CS Curriculum Support by NSF #
Jason Hallstrom (Clemson), Joan Krone (Denison), Joseph E. Hollingsworth (IU Southeast), and Murali Sitaraman(Clemson) This workshop is funded in part.
Computer Science School of Computing Clemson University Discrete Math and Reasoning about Software Correctness Murali Sitaraman
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 20 October 28, 2004.
Computer Science School of Computing Clemson University Specification and Reasoning in SE Projects Using a Web IDE Charles T. Cook (Clemson) Svetlana V.
From Program Verification to Program Synthesis Saurabh Srivastava * Sumit Gulwani ♯ Jeffrey S. Foster * * University of Maryland, College Park ♯ Microsoft.
Computer Science School of Computing Clemson University Mathematical Reasoning across the Curriculum Software Development Foundations and Software Engineering.
RMIT University; Taylor's College1 Lecture 6  To apply the Principle of Mathematical Induction  To solve the Towers of Hanoi puzzle  To define a recurrence.
Lecture 16 March 22, 2011 Formal Methods CS 315 Spring Adapted from slides provided by Jason Hallstrom and Murali Sitaraman (Clemson)
Computer Science School of Computing Clemson University Introduction to Formal Specification Murali Sitaraman Clemson University.
Chapter 3 (Part 3): Mathematical Reasoning, Induction & Recursion  Recursive Algorithms (3.5)  Program Correctness (3.6)
© by Kenneth H. Rosen, Discrete Mathematics & its Applications, Sixth Edition, Mc Graw-Hill, 2007 Chapter 4 (Part 3): Mathematical Reasoning, Induction.
Lecture 17 March 24, 2011 Formal Methods 2 CS 315 Spring Adapted from slides provided by Jason Hallstrom and Murali Sitaraman (Clemson)
Computer Science School of Computing Clemson University Discrete Math and Reasoning about Software Correctness Joseph E. Hollingsworth
Multiplication by 2 Mental Mathematics Starters Activity 7a.
Runtime Organization (Chapter 6) 1 Course Overview PART I: overview material 1Introduction 2Language processors (tombstone diagrams, bootstrapping) 3Architecture.
What is Testing? Testing is the process of finding errors in the system implementation. –The intent of testing is to find problems with the system.
This research is funded in part by grant CCR from the U. S. National Science Foundation. Profiles: A Compositional Mechanism for Performance Specification.
1 Performance Specifications Based upon Complete Profiles Joan Krone William F. Ogden Murali Sitaraman.
Computer Science School of Computing Clemson University Mathematical Reasoning with Objects.
Slide Copyright © 2007 Pearson Education, Inc. Publishing as Pearson Addison-Wesley.
Sequential Circuit Design Section State Machines Design Procedure 1.Specification- obtain (produce) problem description 2.Formulation - Obtain.
Integrating Math Units and Proof Checking for Specification and Verification SAVCBS Workshop 2008 SIGSOFT 2008 / FSE 16 November 9th, 2008 Hampton Smith.
CSE Winter 2008 Introduction to Program Verification February 5 calculating with simplify.
Lecture 18 March 29, 2011 Formal Methods 3 CS 315 Spring Adapted from slides provided by Jason Hallstrom and Murali Sitaraman (Clemson)
© Bertrand Meyer and Yishai Feldman Notice Some of the material is taken from Object-Oriented Software Construction, 2nd edition, by Bertrand Meyer (Prentice.
Computer Science School of Computing Clemson University Reasoning with Queues and Web Interface Demo.
1 Mathematical Induction. 2 What is induction? A method of proof It does not generate answers: it only can prove them Three parts: Base case(s): show.
Mathematical Induction. The Principle of Mathematical Induction Let S n be a statement involving the positive integer n. If 1.S 1 is true, and 2.the truth.
Database Testing Gourav Mehta (Associate QA Engineer)
Chapter 4 (Part 3): Mathematical Reasoning, Induction & Recursion
Modular Alternatives to Testing
Sequential Circuit Design
Different Types of Testing
Component Implementations Using RESOLVE
Formal Specification of Java Interfaces
Chapter 3 The Real Numbers.
Building Java Programs Chapter 14
Design by Contract Fall 2016 Version.
Introduction to Components and Specifications Using RESOLVE
Mathematical Induction
Performance Specifications Based upon Complete Profiles
Notes 9.5 – Mathematical Induction
This Lecture Substitution model
Formal Specification of Interfaces
Mathematical Induction I
Introduction to Components and Specifications Using RESOLVE
Mathematical Reasoning
UNIT V Run Time Environments.
Computer Science 2 5/17/2016 Finish the Queue Program
More Mathematical Reasoning (Conditional Statements)
This Lecture Substitution model
Formal Methods Lecture 16 March 22, 2011 CS 315 Spring 2011
8/23/
Chapter 10 Def: The subprogram call and return operations of
Presentation transcript:

Mathematical Reasoning with Data Abstractions Jason Hallstrom and Murali Sitaraman Clemson University

Formal Verification Goal: To prove correctness Method: The rest of this presentation Can prove correctness on all valid inputs Can show absence of bugs

Example Specification: Operation Do_Nothing (restores S: Stack); Goal: Same as ensures S = #S; Code: Procedure Do_Nothing (restores S: Stack); Var E: Entry; Pop(E, S); Push(E, S); end Do_Nothing;

Recall: Basics of Mathematical Reasoning Suppose you are verifying code for some operation P Assume its requires clause in state 0 Confirm its ensures clause at the end Suppose that P calls Q Confirm the requires clause of Q in the state before Q is called Why? Because caller is responsible Assume the ensures clause of Q in the state after Q Why? Because Q is assumed to work Prove assertions to be confirmed

Exercise: Complete table and prove! Assume Confirm 0 … … Pop(E, S); 1 … … Push(E. S); 2 … …

Recall Specification of Stack Operations Operation Push (alters E: Entry; updates S: Stack); requires |S| < Max_Depth; ensures S = <#E> o #S; Operation Pop (replaces R: Entry; updates S: Stack); requires |S| > 0; ensures #S = <R> o S; Operation Depth (restores S: Stack): Integer; ensures Depth = |S|; …

Collaborative Exercise: Answers Assume Confirm 0 … |S| > 0 Pop(E, S); 1 S0 = <E1> o S1 |S| < Max_Depth Push(E. S); 2 S2 = <E1> o S1 S2 = S0 …

Discussion Is the code Correct? If not, fix it Important Idea: The reasoning table can be filled mechanically Principles of reasoning about all objects and operations are the same Need mathematical specifications VC generation and automated verification demo

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.