4,854 research outputs found
Boost the Impact of Continuous Formal Verification in Industry
Software model checking has experienced significant progress in the last two
decades, however, one of its major bottlenecks for practical applications
remains its scalability and adaptability. Here, we describe an approach to
integrate software model checking techniques into the DevOps culture by
exploiting practices such as continuous integration and regression tests. In
particular, our proposed approach looks at the modifications to the software
system since its last verification, and submits them to a continuous formal
verification process, guided by a set of regression test cases. Our vision is
to focus on the developer in order to integrate formal verification techniques
into the developer workflow by using their main software development
methodologies and tools.Comment: 7 page
A unified approach for static and runtime verification : framework and applications
Static verification of software is becoming ever more effective
and efficient. Still, static techniques either have high precision, in which
case powerful judgements are hard to achieve automatically, or they use
abstractions supporting increased automation, but possibly losing important aspects of the concrete system in the process. Runtime verification has complementary strengths and weaknesses. It combines full
precision of the model (including the real deployment environment) with
full automation, but cannot judge future and alternative runs. Another
drawback of runtime verification can be the computational overhead of
monitoring the running system which, although typically not very high,
can still be prohibitive in certain settings. In this paper we propose a
framework to combine static analysis techniques and runtime verification with the aim of getting the best of both techniques. In particular,
we discuss an instantiation of our framework for the deductive theorem
prover KeY, and the runtime verification tool Larva. Apart from combining static and dynamic verification, this approach also combines the
data centric analysis of KeY with the control centric analysis of Larva.
An advantage of the approach is that, through the use of a single specification which can be used by both analysis techniques, expensive parts
of the analysis could be moved to the static phase, allowing the runtime
monitor to make significant assumptions, dropping parts of expensive
checks at runtime. We also discuss specific applications of our approach.peer-reviewe
Knowledge web: realising the semantic web... all the way to knowledge-enhanced multimedia documents
The semantic web and semantic web services are major efforts in order to spread and to integrate knowledge technology to the whole web. The Knowledge Web network of excellence aims at supporting their developments at the best and largest European level and supporting industry in adopting them. It especially investigates the solution of scalability, heterogeneity and dynamics obstacles to the full development of the semantic web. We explain how Knowledge Web results should benefit knowledge-enhanced multimedia applications
Expressing best practices in (risk) analysis and testing of safety-critical systems using patterns
The continuing pervasion of our society with safety-critical cyber-physical systems not only demands for adequate (risk) analysis, testing and verification techniques, it also generates growing experience on their use, which can be considered as important as the tools themselves for their efficient use. This paper introduces workflow patterns to describe such best practices in a systematic way that efficiently represents this knowledge, and also provides a way to relate different patterns, making them easier to identify and use, and cover as wide a range of experiences as possible. The value of the approach is demonstrated using some pattern examples from a collection developed in the Artemis-project MBAT. Finally, the paper presents a wiki-based approach for developing and maintaining the pattern collection
Code-level model checking in the software development workflow at Amazon Web Services
This article describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services (AWS). Lessons learned are drawn from proving properties of numerous Câbased systems, for example, custom hypervisors, encryption code, boot loaders, and an IoT operating system. Using our methodology, we find that we can prove the correctness of industrial lowâlevel Câbased systems with reasonable effort and predictability. Furthermore, AWS developers are increasingly writing their own formal specifications. As part of this effort, we have developed a CI system that allows integration of the proofs into standard development workflows and extended the proof tools to provide better feedback to users. All proofs discussed in this article are publicly available on GitHub
Ernst Denert Award for Software Engineering 2020
This open access book provides an overview of the dissertations of the eleven nominees for the Ernst Denert Award for Software Engineering in 2020. The prize, kindly sponsored by the Gerlind & Ernst Denert Stiftung, is awarded for excellent work within the discipline of Software Engineering, which includes methods, tools and procedures for better and efficient development of high quality software. An essential requirement for the nominated work is its applicability and usability in industrial practice. The book contains eleven papers that describe the works by Jonathan BrachthĂ€user (EPFL Lausanne) entitled What You See Is What You Get: Practical Effect Handlers in Capability-Passing Style, Mojdeh Golaghaâs (Fortiss, Munich) thesis How to Effectively Reduce Failure Analysis Time?, Nikolay Harutyunyanâs (FAU Erlangen-NĂŒrnberg) work on Open Source Software Governance, Dominic Henzeâs (TU Munich) research about Dynamically Scalable Fog Architectures, Anne Hessâs (Fraunhofer IESE, Kaiserslautern) work on Crossing Disciplinary Borders to Improve Requirements Communication, Istvan Korenâs (RWTH Aachen U) thesis DevOpsUse: A Community-Oriented Methodology for Societal Software Engineering, Yannic Nollerâs (NU Singapore) work on Hybrid Differential Software Testing, Dominic Steinhofelâs (TU Darmstadt) thesis entitled Ever Change a Running System: Structured Software Reengineering Using Automatically Proven-Correct Transformation Rules, Peter WĂ€gemannâs (FAU Erlangen-NĂŒrnberg) work Static Worst-Case Analyses and Their Validation Techniques for Safety-Critical Systems, Michael von Wencksternâs (RWTH Aachen U) research on Improving the Model-Based Systems Engineering Process, and Franz Zierisâs (FU Berlin) thesis on Understanding How Pair Programming Actually Works in Industry: Mechanisms, Patterns, and Dynamics â which actually won the award. The chapters describe key findings of the respective works, show their relevance and applicability to practice and industrial software engineering projects, and provide additional information and findings that have only been discovered afterwards, e.g. when applying the results in industry. This way, the book is not only interesting to other researchers, but also to industrial software professionals who would like to learn about the application of state-of-the-art methods in their daily work
- âŠ