253 research outputs found
OpenJML: Software verification for Java 7 using JML, OpenJDK, and Eclipse
OpenJML is a tool for checking code and specifications of Java programs. We
describe our experience building the tool on the foundation of JML, OpenJDK and
Eclipse, as well as on many advances in specification-based software
verification. The implementation demonstrates the value of integrating
specification tools directly in the software development IDE and in automating
as many tasks as possible. The tool, though still in progress, has now been
used for several college-level courses on software specification and
verification and for small-scale studies on existing Java programs.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
The Dafny Integrated Development Environment
In recent years, program verifiers and interactive theorem provers have
become more powerful and more suitable for verifying large programs or proofs.
This has demonstrated the need for improving the user experience of these tools
to increase productivity and to make them more accessible to non-experts. This
paper presents an integrated development environment for Dafny-a programming
language, verifier, and proof assistant-that addresses issues present in most
state-of-the-art verifiers: low responsiveness and lack of support for
understanding non-obvious verification failures. The paper demonstrates several
new features that move the state-of-the-art closer towards a verification
environment that can provide verification feedback as the user types and can
present more helpful information about the program or failed verifications in a
demand-driven and unobtrusive way.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
User support for software development technologies
The adoption of software development technologies is very closely related to the topic
of user support. This is especially true in early phases, when the users are not familiar
with the modification or the build processes of the software that has to be developed nor
with the technology used for software development. This work introduces an approach
to improve the usability of software development technologies represented by the Combinatory
Logic Synthesizer (CL)S Framework. (CL)S is based on a type inhabitation
algorithm for the combinatory logic with intersection types and aims to automatically
create software components from a domain-specified repository. The framework yields
a complete enumeration of all inhabitants. The inhabitation results are computed in
the form of tree grammars. Unfortunately, the underlying type system allows limited
application of domain-specific knowledge. To compensate for this limit, this work provides
a framework for debugging intersection type specifications and filtering inhabitation
results using domain-specific constraints as main aspects. The aim of the debugger is
to make potentially incomplete or erroneous input specifications and decisions of the
inhabitation algorithm understandable for those who are not experts in the field of type
theory. The combination of tree grammars and graph theory forms the foundation of a
clear representation of the computed results that informs users about the search process
of the algorithm. The graphical representations are based on hypergraphs that illustrate
the inhabitation in a step-wise fashion. Within the scope of this work, three filtering algorithms
were implemented and investigated. The filtering algorithm integrated into the
framework for user support and used for the restriction of inhabitation results is practically
feasible and represents a clear improvement compared to existing approaches. It is
based on modifying the tree grammars resulting from the (CL)S Framework. Additionally,
the usability of the (CL)S Framework is supported by eight perspectives included in a
web-based integrated development environment (IDE) that provides detailed graphical
and textual information about the synthesis
Constraint-based run-time state migration for live modeling
Live modeling enables modelers to incrementally update models as they are running and get immediate feedback about the impact of their changes. Changes introduced in a model may trigger inconsistencies between the model and its run-time state (e.g., deleting the current state in a statemachine); effectively requiring to migrate the run-time state to comply with the updated model. In this paper, we introduce an approach that enables to automatically migrate such runtime state based on declarative constraints defined by the language designer. We illustrate the approach using Nextep, a meta-modeling language for defining invariants and migration constraints on run-time state models. When a model changes, Nextep employs model finding techniques, backed by a solver, to automatically infer a new run-time model that satisfies the declared constraints. We apply Nextep to define migration strategies for two DSLs, and report on its expressiveness and performance
Constraint-based Run-time State Migration for Live Modeling
Live modeling enables modelers to incrementally update models as they are running and get immediate feedback about the impact of their changes. Changes introduced in a model may trigger inconsistencies between the model and its run-time state (e.g., deleting the current state in a statemachine); effectively requiring to migrate the run-time state to comply with the updated model. In this paper, we introduce an approach that enables to automatically migrate such runtime state based on declarative constraints defined by the language designer. We illustrate the approach using Nextep, a meta-modeling language for defining invariants and migration constraints on run-time state models. When a model changes, Nextep employs model finding techniques, backed by a solver, to automatically infer a new run-time model that satisfies the declared constraints. We apply Nextep to define migration strategies for two DSLs, and report on its expressiveness and performance
ORC Layout: Adaptive GUI Layout with OR-Constraints
We propose a novel approach for constraint-based graphical user interface (GUI) layout based on OR-constraints (ORC) in standard soft/hard linear constraint systems. ORC layout unifies grid layout and flow layout, supporting both their features as well as cases where grid and flow layouts individually fail. We describe ORC design patterns that enable designers to safely create flexible layouts that work across different screen sizes and orientations. We also present theORC Editor, a GUI editor that enables designers to apply ORC in a safe and effective manner, mixing grid, flow and new ORC layout features as appropriate. We demonstrate that our prototype can adapt layouts to screens with different aspect ratios with only a single layout specification, easing the burden of GUI maintenance. Finally, we show that ORC specifications can be modified interactively and solved efficiently at runtime
Robustness Testing of Intermediate Verifiers
Program verifiers are not exempt from the bugs that affect nearly every piece
of software. In addition, they often exhibit brittle behavior: their
performance changes considerably with details of how the input program is
expressed-details that should be irrelevant, such as the order of independent
declarations. Such a lack of robustness frustrates users who have to spend
considerable time figuring out a tool's idiosyncrasies before they can use it
effectively.
This paper introduces a technique to detect lack of robustness of program
verifiers; the technique is lightweight and fully automated, as it is based on
testing methods (such as mutation testing and metamorphic testing). The key
idea is to generate many simple variants of a program that initially passes
verification. All variants are, by construction, equivalent to the original
program; thus, any variant that fails verification indicates lack of robustness
in the verifier.
We implemented our technique in a tool called "mugie", which operates on
programs written in the popular Boogie language for verification-used as
intermediate representation in numerous program verifiers. Experiments
targeting 135 Boogie programs indicate that brittle behavior occurs fairly
frequently (16 programs) and is not hard to trigger. Based on these results,
the paper discusses the main sources of brittle behavior and suggests means of
improving robustness
- …