210,145 research outputs found
The Belgian Electronic Identity Card: a Verification Case Study
In the field of annotation-based source code level program verification for Java-like languages, separation-logic based verifiers offer a promising alternative to classic JML based verifiers such as ESC/Java2, the Mobius tool or Spec#. Researchers have demonstrated the advantages of separation logic based verification by showing that it is feasible to verify very challenging (though very small) sample code, such as design patterns, or highly concurrent code. However, there is little experience in using this new breed of verifiers on real code. In this paper we report on our experience of verifying several thousands of lines of Java Card code using VeriFast, one of the state-of-the-art separation logic based verifiers. We quantify annotation overhead, verification performance, and impact on code quality (number of bugs found). Finally, our experiments suggest a number of potential improvements to the VeriFast tool
A Seven-Layer Model of Collaboration: Separation of Concerns for Designers of Collaboration Systems
Designers of collaboration systems address many interrelated issues in a social-technical context. The volume, complexity, and variety of issues can invoke cognitive overload, causing deficiencies in system designs. We use inductive logic to derive seven key areas of concern for designers of collaboration support systems. We use deductive logic to argue that these areas address collaboration at differing levels of abstraction, and so may be organized into a seven-layer model, affording separation of concerns at design time. The layers are: Goals, Products, Activities, Patterns, Techniques, Tools, and Scripts. Design changes at one layer may not necessitate changes to layers above it, but may require changes to layers below it. At each layer and between each layer there are different issues and outcomes that may be addressed with different concepts, techniques and tools. This separation of concerns may reduce cognitive load for designers and may help to improve completeness and consistency of their designs, yielding higher productivity for collaborating groups
Heap Abstractions for Static Analysis
Heap data is potentially unbounded and seemingly arbitrary. As a consequence,
unlike stack and static memory, heap memory cannot be abstracted directly in
terms of a fixed set of source variable names appearing in the program being
analysed. This makes it an interesting topic of study and there is an abundance
of literature employing heap abstractions. Although most studies have addressed
similar concerns, their formulations and formalisms often seem dissimilar and
some times even unrelated. Thus, the insights gained in one description of heap
abstraction may not directly carry over to some other description. This survey
is a result of our quest for a unifying theme in the existing descriptions of
heap abstractions. In particular, our interest lies in the abstractions and not
in the algorithms that construct them.
In our search of a unified theme, we view a heap abstraction as consisting of
two features: a heap model to represent the heap memory and a summarization
technique for bounding the heap representation. We classify the models as
storeless, store based, and hybrid. We describe various summarization
techniques based on k-limiting, allocation sites, patterns, variables, other
generic instrumentation predicates, and higher-order logics. This approach
allows us to compare the insights of a large number of seemingly dissimilar
heap abstractions and also paves way for creating new abstractions by
mix-and-match of models and summarization techniques.Comment: 49 pages, 20 figure
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
A Logic of Reachable Patterns in Linked Data-Structures
We define a new decidable logic for expressing and checking invariants of
programs that manipulate dynamically-allocated objects via pointers and
destructive pointer updates. The main feature of this logic is the ability to
limit the neighborhood of a node that is reachable via a regular expression
from a designated node. The logic is closed under boolean operations
(entailment, negation) and has a finite model property. The key technical
result is the proof of decidability. We show how to express precondition,
postconditions, and loop invariants for some interesting programs. It is also
possible to express properties such as disjointness of data-structures, and
low-level heap mutations. Moreover, our logic can express properties of
arbitrary data-structures and of an arbitrary number of pointer fields. The
latter provides a way to naturally specify postconditions that relate the
fields on entry to a procedure to the fields on exit. Therefore, it is possible
to use the logic to automatically prove partial correctness of programs
performing low-level heap mutations
Verification of Shared-Reading Synchronisers
Synchronisation classes are an important building block for shared memory
concurrent programs. Thus to reason about such programs, it is important to be
able to verify the implementation of these synchronisation classes, considering
atomic operations as the synchronisation primitives on which the
implementations are built. For synchronisation classes controlling exclusive
access to a shared resource, such as locks, a technique has been proposed to
reason about their behaviour. This paper proposes a technique to verify
implementations of both exclusive access and shared-reading synchronisers. We
use permission-based Separation Logic to describe the behaviour of the main
atomic operations, and the basis for our technique is formed by a specification
for class AtomicInteger, which is commonly used to implement synchronisation
classes in java.util.concurrent. To demonstrate the applicability of our
approach, we mechanically verify the implementation of various synchronisation
classes like Semaphore, CountDownLatch and Lock.Comment: In Proceedings MeTRiD 2018, arXiv:1806.0933
OperA/ALIVE/OperettA
Comprehensive models for organizations must, on the one hand, be able to specify global goals and requirements but, on the other hand, cannot assume that particular actors will always act according to the needs and expectations of the system design. Concepts as organizational rules (Zambonelli 2002), norms and institutions (Dignum and Dignum 2001; Esteva et al. 2002), and social structures (Parunak and Odell 2002) arise from the idea that the effective engineering of organizations needs high-level, actor-independent concepts and abstractions that explicitly define the organization in which agents live (Zambonelli 2002).Peer ReviewedPostprint (author's final draft
- …