9 research outputs found
Viewpoints : What can agile methods bring to high-integrity software development?
Considering the issues and opportunities raised by Agile practices in the development of high-integrity software
Viewpoints : What can agile methods bring to high-integrity software development?
Considering the issues and opportunities raised by Agile practices in the development of high-integrity software
Lightweight Interactive Proving inside an Automatic Program Verifier
International audienceAmong formal methods, the deductive verification approach allows establishing the strongest possible formal guarantees on critical software. The downside is the cost in terms of human effort required to design adequate formal specifications and to successfully discharge the required proof obligations. To popularize deductive verification in an industrial software development environment, it is essential to provide means to progressively transition from simple and automated approaches to deductive verification. The SPARK environment, for development of critical software written in Ada, goes towards this goal by providing automated tools for formally proving that some code fulfills the requirements expressed in Ada contracts. In a program verifier that makes use of automatic provers to discharge the proof obligations, a need for some additional user interaction with proof tasks shows up: either to help analyzing the reason of a proof failure or, ultimately, to discharge the verification conditions that are out-of-reach of state-of-the-art automatic provers. Adding interactive proof features in SPARK appears to be complicated by the fact that the proof toolchain makes use of the independent, intermediate verification tool Why3, which is generic enough to accept multiple front-ends for different input languages. This paper reports on our approach to extend Why3 with interactive proof features and also with a generic client-server infrastructure allowing integration of proof interaction into an external, front-end graph-ical user interface such as the one of SPARK
Putting the Semantics into Semantic Versioning
The long-standing aspiration for software reuse has made astonishing strides
in the past few years. Many modern software development ecosystems now come
with rich sets of publicly-available components contributed by the community.
Downstream developers can leverage these upstream components, boosting their
productivity.
However, components evolve at their own pace. This imposes obligations on and
yields benefits for downstream developers, especially since changes can be
breaking, requiring additional downstream work to adapt to. Upgrading too late
leaves downstream vulnerable to security issues and missing out on useful
improvements; upgrading too early results in excess work. Semantic versioning
has been proposed as an elegant mechanism to communicate levels of
compatibility, enabling downstream developers to automate dependency upgrades.
While it is questionable whether a version number can adequately characterize
version compatibility in general, we argue that developers would greatly
benefit from tools such as semantic version calculators to help them upgrade
safely. The time is now for the research community to develop such tools: large
component ecosystems exist and are accessible, component interactions have
become observable through automated builds, and recent advances in program
analysis make the development of relevant tools feasible. In particular,
contracts (both traditional and lightweight) are a promising input to semantic
versioning calculators, which can suggest whether an upgrade is likely to be
safe.Comment: to be published as Onward! Essays 202
Continuous Reasoning: Scaling the impact of formal methods
This paper describes work in continuous reasoning, where formal reasoning about a (changing) codebase is done in a fashion which mirrors the iterative, continuous model of software development that is increasingly practiced in industry. We suggest that advances in continuous reasoning will allow formal reasoning to scale to more programs, and more programmers. The paper describes the rationale for continuous reasoning, outlines some success cases from within industry, and proposes directions for work by the scientific community
Verificação Formal de Programas com SPARK2014
A verificação formal de software é uma área da Ciência de Computadores com grande importância no desenvolvimento de projetos de alta integridade. Ao adotar a verificação formal como uma das componentes dos projetos de software, aumenta-se a compreensão da natureza e propósito do programa por parte do programador e faz com que este se foque na precisão e consistência. Por outro lado, obriga também o programador a optar por soluções mais simples e que respeitem os requisitos de implementação, pois quanto mais complexo for o código desenvolvido maior será o esforço de prova e a dificuldade da mesma ser obtida de forma automática. Uma consequência é a minimização do risco de introdução de erros e maior facilidade na manutenção do programa.
A linguagem SPARK e o seu conjunto de ferramentas favorecem o desenvolvimento de programas da forma que é descrita no parágrafo anterior. Face às características da linguagem que impõe restrições, muitos erros de programação que são comuns noutras linguagens não acontecem.
O objetivo desta dissertação é o de estudar a usabilidade do SPARK2014 na implementação de estruturas de dados e algoritmos simples que são tipicamente utilizados no desenvolvimento de sistemas críticos ou de elevada integridade. Serão desenvolvidas especificações formais para os algoritmos em estudo, bem como implementações destes que são consistentes com essas mesmas especificações.
Por fim será feita uma análise a todo o processo, no sentido de obter indicadores do real valor do SPARK2014 no desenvolvimento de aplicações mais complexas.Formal verification of software is an area of Computer Science with increasing importance and especially relevant for high-integrity projects. By adopting formal verification, programmers are brought to know better the nature of the algorithms they are implementing which need to be accurate and consistent. These properties are usually not simple to verify and as result of such complexity programmers tend to choose simpler solutions to minimize verification costs.
Simple solutions have clear advantages in terms of error detection and maintenance.
The Spark language and its toolset have become a popular solution among high-integrity software production industry since it helps to produce correct software. The new Spark 2014 is a completely new version of the tool with a completely new approach to the verification process.
The aim of this work is to study the usability of the new SPARK 2014 in implementing data structures and algorithms commonly used in the development of high integrity systems and understand the real advantages of the trade-off imposed by a new, more complex approach.
This goal is achieved by developing specification and implementing a set of selected algorithms using Spark 2014