19,893 research outputs found
The Dafny Integrated Development Environment
In recent years, program verifiers and interactive theorem provers have
become more powerful and more suitable for verifying large programs or proofs.
This has demonstrated the need for improving the user experience of these tools
to increase productivity and to make them more accessible to non-experts. This
paper presents an integrated development environment for Dafny-a programming
language, verifier, and proof assistant-that addresses issues present in most
state-of-the-art verifiers: low responsiveness and lack of support for
understanding non-obvious verification failures. The paper demonstrates several
new features that move the state-of-the-art closer towards a verification
environment that can provide verification feedback as the user types and can
present more helpful information about the program or failed verifications in a
demand-driven and unobtrusive way.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
Debugging of Web Applications with Web-TLR
Web-TLR is a Web verification engine that is based on the well-established
Rewriting Logic--Maude/LTLR tandem for Web system specification and
model-checking. In Web-TLR, Web applications are expressed as rewrite theories
that can be formally verified by using the Maude built-in LTLR model-checker.
Whenever a property is refuted, a counterexample trace is delivered that
reveals an undesired, erroneous navigation sequence. Unfortunately, the
analysis (or even the simple inspection) of such counterexamples may be
unfeasible because of the size and complexity of the traces under examination.
In this paper, we endow Web-TLR with a new Web debugging facility that supports
the efficient manipulation of counterexample traces. This facility is based on
a backward trace-slicing technique for rewriting logic theories that allows the
pieces of information that we are interested to be traced back through inverse
rewrite sequences. The slicing process drastically simplifies the computation
trace by dropping useless data that do not influence the final result. By using
this facility, the Web engineer can focus on the relevant fragments of the
failing application, which greatly reduces the manual debugging effort and also
decreases the number of iterative verifications.Comment: In Proceedings WWV 2011, arXiv:1108.208
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Developing a distributed electronic health-record store for India
The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India
- …