Advances in Usability of Formal Methods for Code Verification with Frama-C

Industrial usage of code analysis tools based on semantic analysis, such as the Frama-C platform, poses several challenges, from the setup of analyses to the exploitation of their results.  In this paper, we discuss two of these challenges.  First, such analyses require detailed information about the code structure and the build process, which are often not documented, being part of the implicit build chain used by the developers.  Unlike heuristics-based tools, which can deal with incomplete information, semantics-based tools require stubs or specifications for external library functions, compiler builtins, non-standard extensions, etc.  Setting up a new analysis has a high cost, which precludes industrial users from trying such tools, since the return on investment is not clear in advance: the analysis may reveal itself of little use w.r.t. the invested time.  Improving the usability of this first step is essential for the widespread adoption of formal methods in software development.  A second aspect that is essential for successful analyses is understanding the data and navigating it.  Visualizing data and rendering it in an interactive manner allows users to considerably speed up the process of refining the analysis results.  We present some approaches to both of these issues, derived from experience with code bases given by industrial partners

Formal Verification in the Loop to Enhance Verification of Safety-Critical Cyber-physical Systems

Formal verification may play a central role in the development of safecontrollers, such as those found in electric drives or (semi-)autonomousvehicles, whose complexity arises from the coexistence ofmechanical and electrical subsystems with sophisticated electronic controllersthat must implement high-level control policies according to different drivingmodes, while optimizing several objectives, such as safety first and foremost,efficiency, and performance among others.  Model-driven development resorts tosimulation to assess how well the various requirements and constraints aresatisfied, but there is a growing awareness that more rigorous methods areneeded to achieve the required levels of safety.  This paper proposes aconceptual framework for the development of complex systems based on (i)higher-order logic specification, (ii) verification by theorem proving, and(iii) tight integration of verification with model-driven development andsimulation.  This framework addresses both digital and analog systems, asillustrated with some examples in different fields including implantablebiomedical systems, autonomous vehicles, and electric valve actuation

AN INTRODUCTION TO FRAMEWORK ADAPTATIONS FOR ADDITIONAL ASSURANCE OF A DEEP NEURAL NETWORK WITHIN NAVAL TEST AND EVALUATION

The complexity of modern warfare has rapidly outmatched the capacity of a human brain to accomplish the required tasks of a defined mission set. Task-shedding mundane tasks would prove immensely beneficial, freeing the warfighter to solve more complex issues; however, most tasks that a human might find menial, and shed-worthy, prove vastly abstract for a computer to solve. Advances in Deep Neural Network technology have demonstrated extensive applications as of late. As DNNs become more capable of accomplishing increasingly complex tasks, and the processors to run those neural nets continue to decrease in size, incorporation of DNN technology into legacy and next-generation aerial Department of Defense platforms has become eminently useful and advantageous. The assimilation of DNN-based systems using traditional testing methods and frameworks to produce artifacts in support of platform certification within Naval Airworthiness, however, proves prohibitive from a cost and time perspective, is not factored for agile development, and would provide an incomplete understanding of the capabilities and limitations of a neural network. The framework presented in this paper provides updated methodologies and considerations for the testing and evaluation and assurance of neural networks in support of the Naval Test and Evaluation process.Commander, United States NavyApproved for public release; distribution is unlimited

Gender-specific changes in energy metabolism and protein degradation as major pathways affected in livers of mice treated with ibuprofen.

Ibuprofen, an inhibitor of prostanoid biosynthesis, is a common pharmacological agent used for the management of pain, inflammation and fever. However, the chronic use of ibuprofen at high doses is associated with increased risk for cardiovascular, renal, gastrointestinal and liver injuries. The underlying mechanisms of ibuprofen-mediated effects on liver remain unclear. To determine the mechanisms and signaling pathways affected by ibuprofen (100 mg/kg/day for seven days), we performed proteomic profiling of male mice liver with quantitative liquid chromatography tandem mass spectrometry (LC-MS/MS) using ten-plex tandem mass tag (TMT) labeling. More than 300 proteins were significantly altered between the control and ibuprofen-treated groups. The data suggests that several major pathways including (1) energy metabolism, (2) protein degradation, (3) fatty acid metabolism and (4) antioxidant system are altered in livers from ibuprofen treated mice. Independent validation of protein changes in energy metabolism and the antioxidant system was carried out by Western blotting and showed sex-related differences. Proteasome and immunoproteasome activity/expression assays showed ibuprofen induced gender-specific proteasome and immunoproteasome dysfunction in liver. The study observed multifactorial gender-specific ibuprofen-mediated effects on mice liver and suggests that males and females are affected differently by ibuprofen

Strong Induction in Hardware Model Checking

Symbolic Model checking is a widely used technique for automated verification of both hardware and software systems. Unbounded SAT-based Symbolic Model Checking (SMC) algorithms are very popular in hardware verification. The principle of strong induction is one of the first techniques for SMC. While elegant and simple to apply, properties as such can rarely be proven using strong induction and when they can be strengthened, there is no effective strategy to guess the depth of induction. It has been mostly displaced by techniques that compute inductive strengthenings based on interpolation and property directed reachability (PDR). In this thesis, we prove that strong induction is more concise than induction. We then present kAvy, an SMC algorithm that effectively uses strong induction to guide interpolation and PDR-style incremental inductive invariant construction. Unlike pure strong induction, kAvy uses PDR-style generalization to compute and strengthen an inductive trace. Unlike pure PDR, kAvy uses relative strong induction to construct an inductive invariant. The depth of induction is adjusted dynamically by minimizing a proof of unsatisfiability. We have implemented kAvy within the Avy Model Checker and evaluated it on HWMCC instances. Our results show that kAvy is more effective than both Avy and PDR, and that using strong induction leads to faster running time and solving more instances. Further, on a class of benchmarks, called shift, kAvy is orders of magnitude faster than Avy, PDR and pure strong induction

CFTR interactome mapping using the mammalian membrane two-hybrid high-throughput screening system

Cystic Fibrosis Transmembrane Conductance Regulator (CFTR) is a chloride and bicarbonate channel in secretory epithelia with a critical role in maintaining fluid homeostasis. Mutations in CFTR are associated with Cystic Fibrosis (CF), the most common lethal autosomal recessive disorder in Caucasians. While remarkable treatment advances have been made recently in the form of modulator drugs directly rescuing CFTR dysfunction, there is still considerable scope for improvement of therapeutic effectiveness. Here, we report the application of a high-throughput screening variant of the Mammalian Membrane Two-Hybrid (MaMTH-HTS) to map the protein-protein interactions of wild-type (wt) and mutant CFTR (F508del), in an effort to better understand CF cellular effects and identify new drug targets for patient-specific treatments. Combined with functional validation in multiple disease models, we have uncovered candidate proteins with potential roles in CFTR function/CF pathophysiology, including Fibrinogen Like 2 (FGL2), which we demonstrate in patient-derived intestinal organoids has a significant effect on CFTR functional expression

Should formula for infants provide arachidonic acid along with DHA? A position paper of the European Academy of Paediatrics and the Child Health Foundation

Recently adopted regulatory standards on infant and follow-on formula for the European Union stipulate that from 2021 onwards, all such products marketed in the European Union must contain 20-50 mg/100 kcal of omega-3 docosahexaenoic acid (DHA), which is equivalent to about 0.5-1 % of fatty acids and thus higher than typically found in human milk and current infant formula products, without the need to also include omega-6 arachidonic acid (ARA). This novel concept of infant formula composition has given rise to concern and controversy since there is no accountable evidence on the suitability and safety in healthy infants. Therefore, international experts in the field of infant nutrition were invited to review the state of scientific research on DHA and ARA, and to discuss the questions arising from the new European regulatory standards. Based on the available information, we recommend that infant and follow-on formula should provide both DHA and ARA. The DHA should equal at least the mean content in human milk globally (0.3 % of fatty acids) but preferably reach a level of 0.5 % of fatty acids. While optimal ARA intake levels remain to be defined, we strongly recommend that ARA should be provided along with DHA. At levels of DHA in infant formula up to about 0.64%, ARA contents should at least equal the DHA contents. Further well-designed clinical studies should evaluate the optimal intakes of DHA and ARA in infants at different ages based on relevant outcome