Language-Independent Program Verification Using Symbolic Execution

We present an automatic, language-independent program verification approach and prototype tool based on symbolic execution. The program-specification formalism we consider is Reachability Logic, a language-independent alternative to Hoare logics. Reachability Logic has a sound and relatively complete deduction system that offers a lot of freedom to the user regarding the manner and order of rule application, but it lacks a strategy for automatic proof construction. Hence, we propose a procedure for proof construction, in which symbolic execution plays a major role. We prove that, under reasonable conditions on its inputs (the operational semantics of a programming language, and a specification of a program, both given as sets of Reachability Logic formulas) our procedure is partially correct: if it terminates it correctly answers (positively or negatively) to the question of whether the given program specification holds when executing the program according to the given semantics. Termination, of course, cannot be guaranteed, since program-verification is an undecidable problem; but it does happen if the provided set of goals includes enough information in order to be circularly provable (using each other as hypotheses). We introduce a prototype program-verification tool implementing our procedure in the K language-definition framework, and illustrate it by verifying nontrivial programs written in languages defined in KNous présentons une méthode automatique pour vérifier des programmes, qui ne dépend pas du langage de programmation dans lequel les programmes à vérifier sont écrits. Pour cela nous nous appuyons sur la Reachability Logic, un formalisme de spécification introduit récemment, qui peut être vu comme une alternative à la logique de Hoare, mais qui, contrairement à cette dernière, ne dépend pas du langage de programmation utilisé. La Reachability Logic est munie d'un système déductif correct et relativement complet, qui laisse beaucoup de liberté à l'utilisateur sur la manière d'appliquer les règles de déduction, mais qui n'offre pas de stratégie pour construire automatiquement des preuves. Par conséquent nous proposons ici une procédure de construction des preuves, dans laquelle l'exécution symbolique joue un rôle essentiel. Nous montrons que, moyennant des conditions raisonnables sur la sémantique des langages de programmation et sur les propriétés des programmes, notre procédure est partiellement correcte. Ceci dit en substance que, lorsqu'elle termine, la procédure résout correctement le problème de vérification de programmes à base de Reachability Logic. La terminaison ne peut être garantie car la vérification de programmes est indécidable, mais la procédure termine lorsque les propriétés contiennent suffisamment d'information pour être prouvées de manière circulaire, en s'utilisant mutuellement comme hypothèses. Nous présentons une implémentation prototype d'un outil de vérification basé sur ces idées, que nous avons implémenté dans la K framework et que nous illustrons sur des exemples de programmes non triviaux, écrits dans des langages formellement définis en K

The imperative implementation of algebraic data types

The synthesis of imperative programs for hierarchical, algebraically specified abstract data types is investigated. Two aspects of the synthesis are considered: the choice of data structures for efficient implementation, and the synthesis of linked implementations for the class of ADTs which insert and access data without explicit key. The methodology is based on an analysis of the algebraic semantics of the ADT. Operators are partitioned according to the behaviour of their corresponding operations in the initial algebra. A family of relations, the storage relations of an ADT, Is defined. They depend only on the operator partition and reflect an observational view of the ADT. The storage relations are extended to storage graphs: directed graphs with a subset of nodes designated for efficient access. The data structures in our imperative language are chosen according to properties of the storage relations and storage graphs. Linked implementations are synthesised in a stepwise manner by implementing the given ADT first by its storage graphs, and then by linked data structures in the imperative language. Some circumstances under which the resulting programs have constant time complexity are discussed

Engineering Agile Big-Data Systems

To be effective, data-intensive systems require extensive ongoing customisation to reflect changing user requirements, organisational policies, and the structure and interpretation of the data they hold. Manual customisation is expensive, time-consuming, and error-prone. In large complex systems, the value of the data can be such that exhaustive testing is necessary before any new feature can be added to the existing design. In most cases, the precise details of requirements, policies and data will change during the lifetime of the system, forcing a choice between expensive modification and continued operation with an inefficient design.Engineering Agile Big-Data Systems outlines an approach to dealing with these problems in software and data engineering, describing a methodology for aligning these processes throughout product lifecycles. It discusses tools which can be used to achieve these goals, and, in a number of case studies, shows how the tools and methodology have been used to improve a variety of academic and business systems

Verification and Application of Program Transformations

A programtranszformáció és a refaktorálás alapvető elemei a szoftverfejlesztési folyamatnak. A refaktorálást a kezdetektől próbálják szoftvereszközökkel támogatni, amelyek megbízhatóan és hatékonyan valósítják meg a szoftverminőséget javító, a működést nem érintő programtranszformációkat. A statikus elemzésre alapuló hibakeresés és a refaktorálási transzformációk az akadémiában és a kutatás-fejlesztésben is nagy érdeklődésre tartanak számot, ám még ennél is fontosabb a szerepük a nagy bonyolultságú szoftvereket készítő vállalatoknál. Egyre pontosabbak és megbízhatóbbak a szoftverfejlesztést támogató eszközök, de bőven van még min javítani. A disszertáció olyan definíciós és verifikációs módszereket tárgyal, amelyekkel megbízhatóbb és szélesebb körben használt programtranszformációs eszközöket tudunk készíteni. A dolgozat a statikus és a dinamikus verifikációt is érinti. Elsőként egy újszerű, tömör leíró nyelvet mutat be L-attribútum grammatikákhoz, amelyet tulajdonságalapú teszteléshez használt véletlenszerű adatgenerátorra képezünk le. Ehhez egy esettanulmány társul, amely az Erlang programozási nyelv grammatikáját, majd a teszteléshez való felhasználását mutatja be. A tesztelés mellett a formális helyességbizonyítás kérdését is vizsgáljuk, ehhez bevezetünk egy refaktorálások leírására szolgáló nyelvet, amelyben végrehajtható és automatikusan bizonyítható specifikációkat tudunk megadni. A nyelv környezetfüggő és feltételes termátíráson, stratégiákon és úgynevezett refaktorálási sémákon alapszik. Végül, de nem utolsó sorban a programtranszformációk egy speciális alkalmazása kerül bemutatásra, amikor egy refaktoráló keretrendszert előfordítóként használunk a feldolgozott programozási nyelv kiterjesztésére. Utóbbi módszerrel könnyen implementálható az Erlang nyelvben a kódmigráció

'Water we do about the river?' An Integrated Approach to Understanding Water Quality in the Waikaka Stream, Southland, New Zealand

Water quality causes are a highly contested issue in New Zealand, with rivers and streams struggling with the effects of intensive pastoral agriculture. The Waikaka Stream in Southland is an example of a catchment that currently does not meet local water quality standards, due to ‘very poor’ water quality. Management of freshwater has changed significantly over time in New Zealand, but has typically been the responsibility of regional authorities, carried out with a reliance on technical and scientific information, often with a disregard for the socio-political dimensions of freshwater management. Consequently, in recent years communities in Southland have mobilised to form catchment management groups, offering an alternate bottom-up management regime. It is unknown how these community management groups fit into the wider environmental management structure in New Zealand, or how they can be best directed to contribute to the improvement of New Zealand waterways, including the Waikaka Stream. The aim of this study was to evaluate the water quality of the Waikaka Stream and analyse community responses to their perceived water quality problem. A socio-hydrology lens was employed to elucidate how the measured data compared to water quality perceptions. A mixed methodological approach used a 12-month data set with a monthly water sampling frequency, and semi-structured interviews with farmers in the Waikaka Catchment. Quantitative and qualitative results were integrated in the interpretation phase, to understand the disconnect between physical water quality parameters and community perceptions of the Waikaka Stream. The Waikaka Stream water quality was highly variable across the catchment, indicating that the current single monitoring site is not appropriate to be fully representative. Suspended sediment concentrations exceeded national guidelines across the entire catchment, with site averages ranging from 4.0 mg L-1 to 10.8 mg L-1. E. coli thresholds were exceeded at six sites, ranging from 126 CFU/100ml to a maximum of 1414 CFU/100ml. Total nitrogen ranged from 0.3 ppm to 3.0 ppm, while total phosphorus measured between 11.9 ppb and 242.6 ppb. The water quality results showing exceedance of national guidelines, which contradicted farmer perspectives of ‘good’ water quality, highlighting the hidden risk of water quality. This discord creates issues for freshwater management, as it introduces distrust between farmers and the regulating regional government. The power dynamics between stakeholders can further complicate the collaborative management process and limit the implementation of improved management strategies. The formation of the Waikaka Stream Catchment Group indicates that farmers and local community members are seeking collaborative action to improve freshwater health. This study demonstrates that catchment groups deliver an opportunity for social learning, and a format by which local knowledge can be better included in management, to work towards the principles of Integrated Catchment Management (ICM). Catchment groups provide a link between individual farmers and regional government, therefore building trust for future collaborative management

Engineering Agile Big-Data Systems

To be effective, data-intensive systems require extensive ongoing customisation to reflect changing user requirements, organisational policies, and the structure and interpretation of the data they hold. Manual customisation is expensive, time-consuming, and error-prone. In large complex systems, the value of the data can be such that exhaustive testing is necessary before any new feature can be added to the existing design. In most cases, the precise details of requirements, policies and data will change during the lifetime of the system, forcing a choice between expensive modification and continued operation with an inefficient design.Engineering Agile Big-Data Systems outlines an approach to dealing with these problems in software and data engineering, describing a methodology for aligning these processes throughout product lifecycles. It discusses tools which can be used to achieve these goals, and, in a number of case studies, shows how the tools and methodology have been used to improve a variety of academic and business systems

An Interdisciplinary Approach to Assessing, Planning and Managing Urban Rivers in the context of Greater London

PhDUrban rivers present complex management challenges due to the combined natural and anthropocentric factors affecting developed catchments. Planning urban river rehabilitation strategies and measures in parallel with green infrastructure initiatives requires the combined expertise of multi-disciplinary partnerships, encompassing river science and landscape engineering plus community engagement, to deliver integrated and sustainable outcomes. This thesis takes an interdisciplinary approach to investigate the assessment and management of urban rivers, focusing specifically upon the planning of integrated restoration projects for River Thames tributaries within Greater London. Comparisons of restored and unrestored sites on London tributary rivers at the reachand catchment-scale explore the versatility of the Urban River Survey method for assessing and communicating contrasts in the bio-physical condition and engineering:habitat associations of heavily modified rivers. A trial of the Ecosystem Services Assessment method for urban river restorations indicates the strengths and limitations of this approach and areas of research need. Urban river governance investigations and a review of changes in restoration practices over time confirm a decreasing emphasis on channel control and progressively lighter engineering, plus a greater social focus with urban river management becoming increasingly driven by awareness of the symbiosis between rivers and local communities. In some London boroughs partner organisations are developing new links through sustainable development objectives, but connections are geographically inconsistent and typically dependent upon key advocates. Findings indicate that integrated planning can facilitate interdisciplinary processes through the identification of cross-cutting themes (e.g. climate change) and open knowledge exchange when delivered with appropriate levels of detail. While some disciplinary boundaries are necessary (to define project scope and for task management), socio-ecological benefits may be achieved when these are flexible, permeable and managed responsively in relation to simple overarching goals; and by allowing time for different kinds of knowledge to merge and stimulate new creative and integrated interpretations