ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 0.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Functional Decompositions for Hardware Verification With a few speculations on formal methods for embedded systems Ken McMillan.

3/27/ :01 PM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

CSE 599F: Formal Verification of Computer Systems.

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Challenges in increasing tool support for programming K. Rustan M. Leino Microsoft Research, Redmond, WA, USA 23 Sep 2004 ICTAC Guiyang, Guizhou, PRC joint.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 1.

SOFTWARE TESTING. Software Testing Principles Types of software tests Test planning Test Development Test Execution and Reporting Test tools and Methods.

Semantics Static semantics Dynamic semantics attribute grammars

PZ03D Programming Language design and Implementation -4th Edition Copyright©Prentice Hall, PZ03D - Program verification Programming Language Design.

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 11.

Annoucements  Next labs 9 and 10 are paired for everyone. So don’t miss the lab.  There is a review session for the quiz on Monday, November 4, at 8:00.

Axiomatic Verification I Prepared by Stephen M. Thebaut, Ph.D. University of Florida Software Testing and Verification Lecture 17.

Prof. Necula CS Lecture 91 Theorem Proving CS Lecture 9.

1 Semantic Description of Programming languages. 2 Static versus Dynamic Semantics n Static Semantics represents legal forms of programs that cannot be.

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

1 Basic Definitions: Testing What is software testing? Running a program In order to find faults a.k.a. defects a.k.a. errors a.k.a. flaws a.k.a. faults.

15 November Essay 1  Methodologies Points on the spectrum All can adapt to changes Required vs. permitted  Releases vs. iterations  Spool’s.

1 Introduction to Computability Theory Lecture12: Reductions Prof. Amos Israeli.

Software Engineering: Where are we? And where do we go from here? V Software Engineering Lecture 23 Clark Barrett New York University 4/17/2006.

Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.

CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.

Describing Syntax and Semantics

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Computability Thank you for staying close to me!! Learning and thinking More algorithms... computability.

272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

Lecture 6 Software Testing and jUnit CS140 Dick Steflik.

Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.

Course: Software Engineering © Alessandra RussoUnit 1 - Introduction, slide Number 1 Unit 1: Introduction Course: C525 Software Engineering Lecturer: Alessandra.

A Z Approach in Validating ORA-SS Data Models Scott Uk-Jin Lee Jing Sun Gillian Dobbie Yuan Fang Li.

2.2 Software Myths 2.2 Software Myths Myth 1. The cost of computers is lower than that of analog or electromechanical devices. –Hardware is cheap compared.

1 Program Correctness CIS 375 Bruce R. Maxim UM-Dearborn.

1 Inference Rules and Proofs (Z); Program Specification and Verification Inference Rules and Proofs (Z); Program Specification and Verification.

Proofs of Correctness: An Introduction to Axiomatic Verification Prepared by Stephen M. Thebaut, Ph.D. University of Florida CEN 5035 Software Engineering.

Overview of Formal Methods. Topics Introduction and terminology FM and Software Engineering Applications of FM Propositional and Predicate Logic Program.

Course Overview and Road Map Computability and Logic.

Reasoning about programs March CSE 403, Winter 2011, Brun.

Disciplined Software Engineering Lecture #13 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department.

Program Analysis and Verification Spring 2014 Program Analysis and Verification Lecture 4: Axiomatic Semantics I Roman Manevich Ben-Gurion University.

COP4020 Programming Languages Introduction to Axiomatic Semantics Prof. Robert van Engelen.

Formal Methods.

Great Theoretical Ideas in Computer Science.

CS6133 Software Specification and Verification

An Axiomatic Basis for Computer Programming Robert Stewart.

Scientific Debugging. Errors in Software Errors are unexpected behaviors or outputs in programs As long as software is developed by humans, it will contain.

13 Aug 2013 Program Verification. Proofs about Programs Why make you study logic? Why make you do proofs? Because we want to prove properties of programs.

CSCI1600: Embedded and Real Time Software Lecture 28: Verification I Steven Reiss, Fall 2015.

Logic Programming. Formal Logics- Recap Formulas – w/out quantifiers Free Variables Bound Variables Assignments and satisfaction Validity and satisfiability.

Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.

Formal Verification. Background Information Formal verification methods based on theorem proving techniques and modelchecking –To prove the absence of.

Requirements Engineering Methods for Requirements Engineering Lecture-31.

CS 5150 Software Engineering Lecture 21 Reliability 2.

CS223: Software Engineering Lecture 25: Software Testing.

Formal Verification – Robust and Efficient Code Lecture 1

Formal Methods. Objectives To introduce formal methods including multiple logic based approaches for software modelling and reasoning 2.

Types for Programs and Proofs

Lecture 2 of Computer Science II

Formal Methods in Software Engineering 1

Lecture 5 Floyd-Hoare Style Verification

Programming Languages 2nd edition Tucker and Noonan

Axiomatic Verification I

Class 24: Computability Halting Problems Hockey Team Logo

Axiomatic Verification I

Programming Languages 2nd edition Tucker and Noonan

COP4020 Programming Languages

Lecture 23: Computability CS200: Computer Science

Presentation transcript:

ECI 2007: Specification and Verification of Object- Oriented Programs Lecture 0

Course information Instructor: Shaz Qadeer Office: Office 19 in this building Office hours: 5:30-6:30pm

What is this course about? Automated techniques for verification of partial specifications for software

This course is not about… Programming languages and type systems Software engineering methodology Dynamic analysis Software testing

Prerequisites Algorithms Formal language theory Elementary mathematical logic But, none of that matters if you really want to understand the material

Goals Learn about the fundamental ideas Understand the current research problems Enable novel research The best advances come from a combination of techniques from different research areas!

Why should we care? NIST (National Institute of Standards and Technology) report –software bugs cost $60 billion annually High profile incidents of systems failure –Therac-25 radiation overdoses, –Pentium FDIV bug, 1994 –Northeast blackout, 2003 –Air traffic control, LA airport, 2004

Intellectual challenge Civil engineering –Bridges don’t fail

Reliable Engineering

Intellectual challenge Civil engineering –Bridges don’t fail Mechanical engineering –Cars are reliable

Intellectual challenge Civil engineering –Bridges don’t fail Mechanical engineering –Cars are reliable Software engineering

Why is software hard? The human element –Getting a consistent and complete set of requirements is difficult –Requirements often change –Human beings use software in ways never imagined by the designers

Why is software hard? The mathematical element –Huge set of behaviors –Nondeterminism External due to inputs Internal due to concurrency –Even if the requirements are unchanging, complete and formally specified, it is infeasible to check all the behaviors

Bubble Sort BubbleSort(int[] a, int n) { for (i=0; i<n-1; i++) { for (j=0; j<n-1-i; j++) { if (a[j+1] < a[j]) { tmp = a[j]; a[j] = a[j+1]; a[j+1] = tmp; } Even for a small program, enumeration of the set of all possible behaviors is impossible! n#inputs 12^32 22^64..

x  Variable P  Program = assert x | x++ | x-- | P 1 ; P 2 | if x then P 1 else P 2 | while x P Simple programming language Assertion checking for this language is undecidable!

Holy grail of algorithmic verification Soundness –If the algorithm reports no failure, then the program does not fail Completeness –If the algorithm reports a failure, then the program does fail Termination –The algorithm terminates It is impossible to achieve the holy grail in general!

Axiomatic progam verification Program verification similar to validity checking in a mathematical logic –Axioms –Rules of inference Programmer attempts to find a proof using the axioms and the rules of inference Manual proof discovery Automated proof checking

Program Verification Mechanical verification of software would improve software productivity, reliability, efficiency Such systems are still in experimental stage –After 40 years ! –Research has revealed formidable obstacles –Many believed that program verification is dead

“Social processes and proofs of theorems and programs”, Richard A. DeMillo, Richard J. Lipton, and Alan J. Perlis, 1977 The research agenda for program verification is destined to fail.

Criticisms Mathematicians do not use automated proof checkers; they use social processes to check proofs of theorems Program specifications are often as complicated as the programs themselves Many mathematical theories have exponential or super-exponential proofs; it is unreasonable to expect that such proofs can be discovered automatically

Program Verification: Attack and Defense Attack: –Mathematicians do not use formal methods to develop proofs –Why then should we try to verify programs formally? Defense: –In programming, we often lack an effective formal framework for describing and checking results –Consider the statements The area bounded by y=0, x=1 and y=x2 is 1/3 By splicing two circular lists we obtain another circular list with the union of the elements

Program Verification: Attack and Defense Attack: –Verification is done with respect to a specification –Is the specification simpler than the program ? –What if the specification is not right ? Defense: –Developing specifications is hard –Redundancy exposes many bugs as inconsistencies –We are interested in partial specifications An index is within bounds, a lock is released

Program Verification: Attack and Defense Attack: –Many logical theories are undecidable or decidable by super-exponential algorithms –There are theorems with super-exponential proofs Defense: –Such limits apply to human proof discovery as well –If the smallest correctness argument of program P is huge then how did the programmer find it? –Theorems arising in program verification are usually shallow but tedious

Program Verification: Attack and Defense Myth: –Think of the peace of mind you will have when the verifier finally says “ Verified ”, and you can relax in the mathematical certainty that no more errors exist Reality: –Use instead to find bugs (like more powerful type checkers) –We should change “Verified” to “Sorry, I can’t find more bugs”