277 research outputs found
Theory and Practice of Action Semantics
Action Semantics is a framework for the formal descriptionof programming languages. Its main advantage over other frameworksis pragmatic: action-semantic descriptions (ASDs) scale up smoothly torealistic programming languages. This is due to the inherent extensibilityand modifiability of ASDs, ensuring that extensions and changes tothe described language require only proportionate changes in its description.(In denotational or operational semantics, adding an unforeseenconstruct to a language may require a reformulation of the entire description.)After sketching the background for the development of action semantics,we summarize the main ideas of the framework, and provide a simpleillustrative example of an ASD. We identify which features of ASDsare crucial for good pragmatics. Then we explain the foundations ofaction semantics, and survey recent advances in its theory and practicalapplications. Finally, we assess the prospects for further developmentand use of action semantics.The action semantics framework was initially developed at the Universityof Aarhus by the present author, in collaboration with David Watt(University of Glasgow). Groups and individuals scattered around fivecontinents have since contributed to its theory and practice
Provably Correct Compiler Generation
We have designed, implemented, and proved the correctness of a compiler generator that accepts action semantic descriptions of imperative programming languages. We have used it to generate compilers for both a toy language and a non-trivial subset of Ada. The generated compilers emit absolute code for an abstract RISC machine language that is assembled into code for the SPARC and the HP Precision Architecture. The generated code is an order of magnitude better than that produced by compilers generated by the classical systems of Mosses, Paulson, and Wand. Our machine language needs no run time type-checking and is thus more realistic than those considered in previous compiler proofs. We use solely algebraic specifications; proofs are given in the initiaI model. The use of action semantics makes the processable language specifications easy to read and pleasant to work with. We view our compiler generator as a promising first step towards user-friendly and automatic generation of realistic and provably correct compilers
Action semantics in retrospect
This paper is a themed account of the action semantics project, which Peter Mosses has led since the 1980s. It explains his motivations for developing action semantics, the inspirations behind its design, and the foundations of action semantics based on unified algebras. It goes on to outline some applications of action semantics to describe real programming languages, and some efforts to implement programming languages using action semantics directed compiler generation. It concludes by outlining more recent developments and reflecting on the success of the action semantics project
Vital software: Formal method and coded processor
International audienceSiemens Transportation Systems has been developing mass transit systems for 30 years and for more than 10 years it has used the B formal method to develop and validate its safety critical software. With B, the software is derived stepwise from an abstract mathematical specification and formal proof ensures that each intermediate step is equivalent to the previous one. With the Vital Coded Processor, any run time error caused either by a compiler error or a hardware failure is detected and the unit is set in a safe state. A high level of productivity is achieved through the use of a tool that derives semi-automatically the code from the formal specification
The Sun RPC Language Semantics
A formal description of the Sun Remote Procedure Call Protocol is given. The description is written using the Action Notation style of formal specification. Action Notation proves to be adequate to express the meaning of the Sun RPC communication mechanism
SAGA: A project to automate the management of software production systems
The Software Automation, Generation and Administration (SAGA) project is investigating the design and construction of practical software engineering environments for developing and maintaining aerospace systems and applications software. The research includes the practical organization of the software lifecycle, configuration management, software requirements specifications, executable specifications, design methodologies, programming, verification, validation and testing, version control, maintenance, the reuse of software, software libraries, documentation, and automated management
Lessons from Formally Verified Deployed Software Systems (Extended version)
The technology of formal software verification has made spectacular advances,
but how much does it actually benefit the development of practical software?
Considerable disagreement remains about the practicality of building systems
with mechanically-checked proofs of correctness. Is this prospect confined to a
few expensive, life-critical projects, or can the idea be applied to a wide
segment of the software industry?
To help answer this question, the present survey examines a range of
projects, in various application areas, that have produced formally verified
systems and deployed them for actual use. It considers the technologies used,
the form of verification applied, the results obtained, and the lessons that
can be drawn for the software industry at large and its ability to benefit from
formal verification techniques and tools.
Note: a short version of this paper is also available, covering in detail
only a subset of the considered systems. The present version is intended for
full reference.Comment: arXiv admin note: text overlap with arXiv:1211.6186 by other author
Verified ROS-Based Deployment of Platform-Independent Control Systems
The paper considers the problem of model-based deployment of platform-independent control code on a specific platform. The approach is based on automatic generation of platform-specific glue code from an architectural model of the system. We present a tool, ROSGen, that generates the glue code based on a declarative specification of platform interfaces. Our implementation targets the popular Robot Operating System (ROS) platform. We demonstrate that the code generation process is amenable to formal verification. The code generator is implemented in Coq and relies on the infrastructure provided by the CompCert and VST tool. We prove that the generated code always correctly connects the controller function to sensors and actuators in the robot. We use ROSGen to implement a cruise control system on the LandShark robot
On the engineering of crucial software
The various aspects of the conventional software development cycle are examined. This cycle was the basis of the augmented approach contained in the original grant proposal. This cycle was found inadequate for crucial software development, and the justification for this opinion is presented. Several possible enhancements to the conventional software cycle are discussed. Software fault tolerance, a possible enhancement of major importance, is discussed separately. Formal verification using mathematical proof is considered. Automatic programming is a radical alternative to the conventional cycle and is discussed. Recommendations for a comprehensive approach are presented, and various experiments which could be conducted in AIRLAB are described
- …