Presentation is loading. Please wait.

Presentation is loading. Please wait.

19.1.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut.

Published byRonald Gallagher Modified over 8 years ago

Similar presentations

Presentation on theme: "19.1.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut."— Presentation transcript:

1 19.1.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

2 Folie 2 H. Schlingloff, Software Verification I Nochmal: Lehrevaluation Verpflichtend für die HU, im Interesse der Studierenden Zeitraum: 16.01. bis 27.01.2012 online: https://evaluation.hu-berlin.de/evaluation/  Passwort (Token): inf-ws-11-12 Verbesserung der Sicherheit durch sogenanntes Captcha  Completely Automated Public Turing test to tell Computers and Humans Apart Bei Rückfragen: Dr. Elke Warmuth, Studiendekanin  Tel. 2093 5830, E-Mail: warmuth@math.hu-berlin.de 19.1.2012

3 Folie 3 H. Schlingloff, Software Verification I Contracts weakest preconditions and strongest postconditions are related to the require-ensure-paradigm (also assume-guarantee-paradigm): /*@ requires  ensures  */ void foo(...)  ; is equivalent to (  wp( ,  ))  (sp( ,  )  ) such a statement is called contract  use of contract: {  [x 1 :=t 1,..., x n :=t n ]} foo(t 1,...,t n ) {  } 19.1.2012

4 Folie 4 H. Schlingloff, Software Verification I Example with contracts int min (int a, int b) if (a<b) min=a else min=b; {a>=min  b>=min  (a=min  b=min)} {T}{x = 5; y = 7; z = min (x, y)} {z==5} proof: { x = 5; y = 7; a = x; b = y;} {a==5  b==7} {if (a<b) min=a else min=b;} {a==5  b==7  a>=min  b>=min  (a=min  b=min)} {min==5} {z = min;} {z==5} 19.1.2012

5 Folie 5 H. Schlingloff, Software Verification I Parameter Passing Call by value  value of actual parameter is passed Call by reference  address of actual parameter is passed Call by value-result  value is passed, result is copied back Call by result  no value, but copying of result Call by name  name of actual parameter is passed 19.1.2012

6 Folie 6 H. Schlingloff, Software Verification I Example void strange (int x) { x+=2; a[i] = 4; i = 1; x+=2; } a = [1, 1]; i = 0; //a[0], a[1] strange(a[i]); reference: a=[6, 1] value: a=[4, 1] result: a=[?, 1] value-result: a=[5, 1] name: a=[4, 3] 19.1.2012

7 Folie 7 H. Schlingloff, Software Verification I Recursive Functions Example int pow(int a, int b){ if (b==0) return 1 else if (b%2==1) return a*pow(a,b-1) else return pow(a*a, b/2); How to define the semantics? How to verify correctness? How to prove termination? 16.11.2011

8 Folie 8 H. Schlingloff, Software Verification I Semantics denotational: least fixed points of functionals operational: substitution rule, e.g. in lambda- calculus (beta-reduction) pow(5,2) = if (2==0) return 1 else if (2%2==1) return 5*pow(5,2-1) else return pow(5*5, 2/2) =pow(25,1) = if (1==0) return 1 else if (1%2==1) return 25*pow(25,1-1) else return pow(25*25, 1/2) = 25*pow(25,0) = 25* if (0==0) return 1 else... = 25 16.11.2011

9 Folie 9 H. Schlingloff, Software Verification I Replacement Possibilities if there are several occurrences of a recursive function, which one to replace?  example term: f = g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) leftmost-innermost: g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) parallel-innermost: g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) leftmost: g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) parallel-outermost: g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) free-argument: g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) full-substitution : g(f(x 0,f(x 1,x 2 )),f(f(x 3,x 4 ),f(x 5,x 6 ))) Differences in the result? 16.11.2011

10 Folie 10 H. Schlingloff, Software Verification I Church-Rosser-Property “Diamond property”: if t 0  t 1 and t 0  t 2, then there is a t 3 such that t 1  t 3 and t 2  t 3  here  is repeated replacement by any rule Consequence: if computation terminates with result x according to replacement rule A and result y according to replacement rule B, then x=y Example:  int fun(int x, int y) { if (x==0) return 1 else return fun (x-1, fun(x-y, y))}  fun(2,1) = ?  fun(3,2) = ? 16.11.2011

11 Folie 11 H. Schlingloff, Software Verification I Axiomatic – Proof Rules for Recursion Correctness: ⊢ int f() {  } {} {  }  requires  ensures  Example:  int pow(int a, int b) {b>0}{...}{pow=a**b}  can be used in the verification of f! 16.11.2011

Download ppt "19.1.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut."

Similar presentations

Software Verification 2 Automated Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für.

Software Verification 2 Automated Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität and Fraunhofer Institut für.
Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?

Automated Theorem Proving Lecture 1. Program verification is undecidable! Given program P and specification S, does P satisfy S?
9.2.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut.

Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut.
Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers

Hoare’s Correctness Triplets Dijkstra’s Predicate Transformers
1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.

1 University of Toronto Department of Computer Science © 2001, Steve Easterbrook Lecture 10: Formal Verification Formal Methods Basics of Logic first order.
27.5.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.
Partial correctness © Marcelo d’Amorim 2010.

Partial correctness © Marcelo d’Amorim 2010.
ISBN 0-321-33025-0 Chapter 3 Describing Syntax and Semantics.

ISBN Chapter 3 Describing Syntax and Semantics.
Dynamic semantics Precisely specify the meanings of programs. Why? –programmers need to understand the meanings of programs they read –programmers need.

Dynamic semantics Precisely specify the meanings of programs. Why? –programmers need to understand the meanings of programs they read –programmers need.
Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.

Simple Example {i = 0} j := i * i {j < 100} Can we ‘verify’ this triple? Only if we know the semantics of assignment.
Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.

Copyright © 2006 Addison-Wesley. All rights reserved. 3.5 Dynamic Semantics Meanings of expressions, statements, and program units Static semantics – type.
19.1.2012 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut.

Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut.
Formal Specification and Verification. Specifications Imprecise specifications can cause serious problems downstream Lots of interpretations even with.

Formal Specification and Verification. Specifications Imprecise specifications can cause serious problems downstream Lots of interpretations even with.
Program Proving Notes Ellen L. Walker.

Program Proving Notes Ellen L. Walker.
CS 355 – Programming Languages

CS 355 – Programming Languages
3.6.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.
10.6.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.
1.7.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.
6.5.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.
6.5.2008 Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt.

Similar presentations

Ads by Google