101,547 research outputs found
An experimental Study using ACSL and Frama-C to formulate and verify Low-Level Requirements from a DO-178C compliant Avionics Project
Safety critical avionics software is a natural application area for formal
verification. This is reflected in the formal method's inclusion into the
certification guideline DO-178C and its formal methods supplement DO-333.
Airbus and Dassault-Aviation, for example, have conducted studies in using
formal verification. A large German national research project, Verisoft XT,
also examined the application of formal methods in the avionics domain.
However, formal methods are not yet mainstream, and it is questionable if
formal verification, especially formal deduction, can be integrated into the
software development processes of a resource constrained small or medium
enterprise (SME). ESG, a Munich based medium sized company, has conducted a
small experimental study on the application of formal verification on a small
portion of a real avionics project. The low level specification of a software
function was formalized with ACSL, and the corresponding source code was
partially verified using Frama-C and the WP plugin, with Alt-Ergo as automated
prover.
We established a couple of criteria which a method should meet to be fit for
purpose for industrial use in SME, and evaluated these criteria with the
experience gathered by using ACSL with Frama-C on a real world example. The
paper reports on the results of this study but also highlights some issues
regarding the method in general which, in our view, will typically arise when
using the method in the domain of embedded real-time programming.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
Developing a distributed electronic health-record store for India
The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India
The AutoProof Verifier: Usability by Non-Experts and on Standard Code
Formal verification tools are often developed by experts for experts; as a
result, their usability by programmers with little formal methods experience
may be severely limited. In this paper, we discuss this general phenomenon with
reference to AutoProof: a tool that can verify the full functional correctness
of object-oriented software. In particular, we present our experiences of using
AutoProof in two contrasting contexts representative of non-expert usage.
First, we discuss its usability by students in a graduate course on software
verification, who were tasked with verifying implementations of various sorting
algorithms. Second, we evaluate its usability in verifying code developed for
programming assignments of an undergraduate course. The first scenario
represents usability by serious non-experts; the second represents usability on
"standard code", developed without full functional verification in mind. We
report our experiences and lessons learnt, from which we derive some general
suggestions for furthering the development of verification tools with respect
to improving their usability.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Functional Requirements-Based Automated Testing for Avionics
We propose and demonstrate a method for the reduction of testing effort in
safety-critical software development using DO-178 guidance. We achieve this
through the application of Bounded Model Checking (BMC) to formal low-level
requirements, in order to generate tests automatically that are good enough to
replace existing labor-intensive test writing procedures while maintaining
independence from implementation artefacts. Given that existing manual
processes are often empirical and subjective, we begin by formally defining a
metric, which extends recognized best practice from code coverage analysis
strategies to generate tests that adequately cover the requirements. We then
formulate the automated test generation procedure and apply its prototype in
case studies with industrial partners. In review, the method developed here is
demonstrated to significantly reduce the human effort for the qualification of
software products under DO-178 guidance
- …