Welcome to CS 477 Formal Methods in Software Development Spring 2011 Madhusudan Parthasarathy ( Madhu )

Slides:



Advertisements
Similar presentations
1 Verification by Model Checking. 2 Part 1 : Motivation.
Advertisements

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Demand-driven inference of loop invariants in a theorem prover
Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.
Copyright W. Howden1 Programming by Contract CSE 111 6/4/2014.
Using SMT solvers for program analysis Shaz Qadeer Research in Software Engineering Microsoft Research.
50.530: Software Engineering
A System to Generate Test Data and Symbolically Execute Programs Lori A. Clarke September 1976.
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Software Engineering & Automated Deduction Willem Visser Stellenbosch University With Nikolaj Bjorner (Microsoft Research, Redmond) Natarajan Shankar (SRI.
1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)
LIFE CYCLE MODELS FORMAL TRANSFORMATION
Panel on Decision Procedures Panel on Decision Procedures Randal E. Bryant Lintao Zhang Nils Klarlund Harald Ruess Sergey Berezin Rajeev Joshi.
Chapter 2- Visual Basic Schneider1 Chapter 2 Problem Solving.
Leonardo de Moura and Nikolaj Bjørner Microsoft Research.
Review of topics Final exam : -May 2nd to May 7 th - Projects due on May 7th.
CS 355 – Programming Languages
Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
An Integration of Program Analysis and Automated Theorem Proving Bill J. Ellis & Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.
Software Engineering: Where are we? And where do we go from here? V Software Engineering Lecture 23 Clark Barrett New York University 4/17/2006.
Nikolaj Bjørner Microsoft Research Lecture 3. DayTopicsLab 1Overview of SMT and applications. SAT solving, Z3 Encoding combinatorial problems with Z3.
Chair of Software Engineering Einführung in die Programmierung Introduction to Programming Prof. Dr. Bertrand Meyer (Nadia Polikarpova) Verification tools.
1 Predicate Abstraction of ANSI-C Programs using SAT Edmund Clarke Daniel Kroening Natalia Sharygina Karen Yorav (modified by Zaher Andraus for presentation.
Static and Dynamic Contract Verifiers For Java Hongming Liu.
Invariant Based Programming, March 20101/ Teaching the construction of correct programs using invariant based programming Ralph-Johan Back Johannes Eriksson.
OOP #10: Correctness Fritz Henglein. Wrap-up: Types A type is a collection of objects with common behavior (operations and properties). (Abstract) types.
Predicate Abstraction for Software and Hardware Verification Himanshu Jain Model checking seminar April 22, 2005.
Copyright © 2006 The McGraw-Hill Companies, Inc. Programming Languages 2nd edition Tucker and Noonan Chapter 18 Program Correctness To treat programming.
CS 330 Programming Languages 09 / 16 / 2008 Instructor: Michael Eckmann.
Chair of Software Engineering Automatic Verification of Computer Programs.
Describing Syntax and Semantics
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
K. Rustan M. Leino Research in Software Engineering (RiSE) Microsoft Research, Redmond Caltech Pasadena, CA 12 November 2009.
SEEFM 07, Thessaloniki, Nov 20071/ Teaching the construction of correct programs using invariant based programming Ralph-Johan Back Johannes Eriksson Linda.
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 4: SMT-based Bounded Model Checking of Concurrent Software.
Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.
CS527 Topics in Software Engineering (Software Testing and Analysis) Darko Marinov September 15, 2011.
Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.
Invariant Based Programming in Education Tutorial, FM’08 Linda Mannila
Chapter 25 Formal Methods Formal methods Specify program using math Develop program using math Prove program matches specification using.
Extended Static Checking for Java  ESC/Java finds common errors in Java programs: null dereferences, array index bounds errors, type cast errors, race.
ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.
C++ Programming Language Lecture 2 Problem Analysis and Solution Representation By Ghada Al-Mashaqbeh The Hashemite University Computer Engineering Department.
© Andrew IrelandDependable Systems Group Static Analysis and Program Proof Andrew Ireland School of Mathematical & Computer Sciences Heriot-Watt University.
CSV 889: Concurrent Software Verification Subodh Sharma Indian Institute of Technology Delhi Symbolic Execution.
Deriving Operational Software Specification from System Goals Xin Bai EEL 5881 Course Fall, 2003.
Chapter 3 Part II Describing Syntax and Semantics.
Symbolic and Concolic Execution of Programs Information Security, CS 526 Omar Chowdhury 10/7/2015Information Security, CS 5261.
Overview of course CS598MP Spring’05. Modeling FSM, PDA Emptiness of PDA Games on FSMs Binary Decision Diagrams CTL bisimulations Mu-calculus Model-check.
Compositionality Entails Sequentializability Pranav Garg, P. Madhusudan University of Illinois at Urbana-Champaign.
Using Symbolic PathFinder at NASA Corina Pãsãreanu Carnegie Mellon/NASA Ames.
Formal Methods in Software Engineering1 Today’s Agenda  Mailing list  Syllabus  Introduction.
Introduction to Hardware Verification ECE 598 SV Prof. Shobha Vasudevan.
R-Verify: Deep Checking of Embedded Code James Ezick † Donald Nguyen † Richard Lethin † Rick Pancoast* (†) Reservoir Labs (*) Lockheed Martin The Eleventh.
Finding bugs with a constraint solver daniel jackson. mandana vaziri mit laboratory for computer science issta 2000.
Formal Verification – Robust and Efficient Code Lecture 1
Cs498dm Software Testing Darko Marinov January 24, 2012.
Sub-fields of computer science. Sub-fields of computer science.
Matching Logic An Alternative to Hoare/Floyd Logic
runtime verification Brief Overview Grigore Rosu
Advanced Compilation and Automatic Programming
Lecture 5 Floyd-Hoare Style Verification
Programming Languages 2nd edition Tucker and Noonan
The Zoo of Software Security Techniques
Programming Languages 2nd edition Tucker and Noonan
Presentation transcript:

Welcome to CS 477 Formal Methods in Software Development Spring 2011 Madhusudan Parthasarathy ( Madhu )

What is this course about? Course on formal ways of –Proving programs correct –Developing reliable software –Analyzing programs for correctness –Finding bugs in software Formal  Mathematical (provable/rigorous) Informal methods are also useful, but they are not covered in this course; see Soft. Engg courses –Eg. Random testing; Software management planning

Aims of this course Theoretical: - The fundamental mathematics behind proving a program correct by reducing it to logic Floyd-Hoare logic; invariants; verification conditions, strongest post, weakest pre, method contracts - Formal logic (FOL); to understand proof systems and automatic theorem proving, some decidable theories - Contract-based programming for both sequential and concurrent programs; developing software using contracts. - Static analysis using abstraction; abstract interpretations, overview of predicate abstraction. - Finding test inputs formally using logic solvers

Aims of this course Practical: - Proving small programs correct using a modern program verification tool (Floyd-style) - Use SMT solvers to solve logical constraints; understand how program verification can be done using these solvers. - Build static analysis algorithms for some analysis problems using abstraction, and learn to use some abstract-interpretation tools - Learn contract based programming using CodeContracts/JML; use to generate unit tests and proofs

Aims of this course The course is hence: Formal-development of programs using contracts + Foundations of proving programs correct + Verification tools for proving programs using abstraction and automatic theorem proving. There are other formal software development methods that we will not cover: --- Model-based software development --- Z-notation; B method, etc. --- UML, etc.

Landscape of program verification Types -- engineered for each property Floyd/Hoare style verification Testing Symbolic testing using SAT and SMT solvers Explicit model checking Counter-example guided abstraction + model-checking Abstract Interpretation Shallow specs; more automataed Complex specs; less automated Static analysis/ data-flow analsyis Deductive verification using SMT solvers (unroll loops)

Contracts First proposed by Bertrand Meyer (Eiffel) called ‘Design by Contract’™ Inspired by Hoare-style program verification Writing specifications *with* the code that formally specifies: –Preconditions of methods –Postconditions of methods –Class invariants

Contracts A compelling way to build develop programs –Specifications give formal documentation (not English comments); helps in communication between developers –Specifications can be used to do unit testing –Faster and more effective debugging by checking contracts at runtime; leads to finding bugs earlier –And…... can be used for program verification (with lots of manual help: loop invariants/thmprovers/patience!)

Contracts Impressive uses: –E.g. Buffer-overflow errors were eradicated from MS Windows kernel using contract-based programming where contracts described the ranges of variables to index arrays. –Huge effort; tremendous gain; –Satisfaction of programmers: bug localization

Techniques: Logic, Logic, Logic Logic!! –Program analysis of all kinds requires reasoning (E.g. x>y & x’=x+1 => x’>y; adding x larger to the end of a sorted list is still sorted if x is larger than all elements in the list) –Advent of SMT solvers: Constraint solvers for particular theories Engineering abstraction of logical reasoning that any program analysis tool can use Completely automated Boolean logic: SAT Other theories: linear arithmetic, arrays, heaps, etc.

Techniques: Logic Use of logic –Formal specification logic (for contracts/invariants) –Hoare-style verification: Verification conditions –Abstraction: finding the abstract transitions –Symbolic execution: solving path constraints to generate input –SMT solvers enable all these technologies! So you will learn logic: Prop. Logic, FOL, FO theories like arithmetic, reals, arrays, etc., and decidable fragments

Successful tools Testing by Symbolic executions –PEX ( Whitebox testing (internal to Microsoft; available in Visual Studio for.NET) PEX-for-fun website –SAGE Checks for security vulnerabilities in Windows code stems from DART/CUTE : ``concolic testing’’ –VeriSol (NEC) for Verilog –…

Some successful tools Explicit model-checking –Verisoft ( Fully automatic tool;systematic state-space exploration; 1996; Bell-labs –SPIN ( Checks software models –CHESS Concurrent programs with bounded preemptions Partially symbolic approaches –Java PathFinder (NASA): (

Some successful tools Abstraction based tools –ASTREE – abstract-interpretation ( For flight control software –SLAM /SDV – Microsoft ( For device drivers –FSoft – NEC ( –TVLA ( Abstractions for heaps using shape analysis –Yogi – MSR Combines static verification with testing

Some successful tools Deductive Floyd-Hoare style verification –ESC-Java –Boogie (MSR) ( Also VCC ( (use Z3 SMT solver) –STORM ( Unsound analysis for finding bugs (uses Z3) –FUSION (from NEC)

Some successful tools Contract-programming languages –EIFFEL –CodeContracts from MS for.NET (see also Spec#) –JML (Java Modeling languages)

SMT (logic) solvers A plethora of satisfiability-modulo-theory solvers –Simplify, Yices, Z3, CVC, UCLID –SAT solvers: zChaff, MiniSAT,… –Core technology in several engines –Eg. Z3 is used in SDV,PREfix, PEX, SAGE, Yogi, Spec#, VCC, HAVOC, SpecExplorer, FORMULA, F7, M3, VS3, …

Logistics Course website: + newsgroup HWs (about once in two weeks on avg; more in the beginning; less near the end; 5-6 sets) Grades will depend on homework and final exam HW: 60 Final exam: 40 Project: 50 3 credits: HW + Final (out of 100) 4 credits: HW + Final + Project (out of 150)

Homework sets First two homeworks must be handed in individually. Rest of the homework sets can be in groups of two –You can work on problems in a group of two –But you must submit homework write-ups individually, written by yourself.

Project 4 credits requires a project. Involves either -Reading up a set of papers, and writing a report, or -Programming a particular technique or developing software using contracts, and submitting a write-up Groups of 3 or less; More details later…

Course resources -No textbook; online handouts (accessible from UIUC net domain) - Software: Many; need access to a MS Windows machine –See course website for info: –Enroll in newsgroup at –Teaching Assistant: Alex Mont

Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.