UCLID5: Multi-Modal Formal Modeling, Verification, and Synthesis

UCLID5 is a tool for the multi-modal formal modeling, verification,and synthesis of systems. It enables one to tackle verification problems for heterogeneous systems such as combinations of hardware and software, or those that have multiple, varied specifications, or systems that require hybrid modes of modeling. A novel aspect of UCLID5 is an emphasis on the use of syntax-guided and inductive synthesis to automate steps in modeling and verification. This toolpaper presents new developments in the UCLID5 tool including new language features, integration with new techniques for syntax-guided synthesis and satisfiability solving, support for hyperproperties and combinations of axiomatic and operational modeling, demonstrations on new problem classes, and a more robust implementation

Verificación formal de protocolos distribuidos

Tesis (Lic. en Cs de la Computación)--Universidad Nacional de Córdoba, Facultad de Matemática, Astronomía, Física y Computación, 2019.En esta tesis probamos la correctitud de tres protocolos distribuidos. Primero, el algoritmo Single Decree Paxos que resuelve el problema de llegar a un acuerdo, o alcanzar consenso, entre un conjunto de procesos. Segundo, una optimización del protocolo de broadcast atómico de ZooKeeper que implementa un esquema primary-backup en el cual un proceso primario ejecuta las operaciones del cliente y utliza Zab para propagar los correspondientes cambios incrementales de estado a los procesos backup. Dicha optimización desarrollada por Alexey Gotsman, Joe Izraelevitz y Gregory Chockler, reduce la transferencia de estado durante la elección del lı́der. Por último, una variante del protocolo Vertical Paxos en las lı́neas de Reconfigurable Atomic Transaction Commit, Bravo & Gotsman, PODC’19, una clase de algoritmo Paxos en el cual reconfiguraciones pueden ocurrir durante el proceso de alcanzar acuerdo. Posteriormente, formalizamos la prueba de Single Decree Paxos en Dafny, un lenguaje de programación verifier-friendly basado en lógica de Floyd-Hoare que automatiza la verificación a través del SMT solver Z3.In this thesis we prove the correctness of three distributed protocols. First, the Single Decree Paxos algorithm which solves the problem of reaching agreement, or consensus, among a set of processes. Secondly, an optimization of the ZooKeeper atomic broadcast protocol which implements a primary-backup scheme in which a primary process executes client operations and uses Zab to propagate the corresponding incremental state changes to the backup processes. Such optimization developed by Alexey Gotsman, Joe Izraelevitz and Gregory Chockler, reduces state transfer during the leader election. Lastly, a variant of Vertical Paxos along the lines of Reconfigurable Atomic Transaction Commit, Bravo & Gotsman, PODC’19, a class of Paxos algorithm in which reconfigurations can occur in the middle of reaching agreement. Finally, we formalize the proof of Single Decree Paxos in Dafny, a verifier-friendly programming language based on Floyd-Hoare logic that automates verification via the Z3 SMT solver.Fil: Naser Pastoriza, Alejandro José. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía, Física y Computación; Argentina

Coping with the reality: adding crucial features to a typestate-oriented language

Detecting programming errors and vulnerabilities in software is increasingly important, and building tools that help with this task is an area of investigation, crucial for the industry these days. When programming in an object-oriented language, one naturally defines stateful objects that are non-uniform, i.e., their methods’ availability depends on their internal state. One might represent their intended usage protocol with an automaton or a state machine. Behavioral types allow to statically check if all the code of a program respects the usage protocol of each object. In this thesis we present a tool that extends Java with typestate definitions. These typestates are associated with Java classes and define the behavior of instances of those classes, specifying the sequences of method calls allowed. This tool checks statically that method calls happen in order, following the specified behavior. The tool was implemented in Kotlin as a plugin for the Checker Framework. It is a new implementation of the Mungo tool and supports prevention of null pointer errors, state transitions depending on return values, assurance of protocol completion, droppable states, and association of protocols with classes from the standard Java library or from third-party libraries. Additionally, the tool integrates behavioral types with access permissions, allowing objects to be shared in a controlled way using a language of assertions. This language of assertions supports concepts like packing and unpacking, including unpacking of aliases objects, and transferring of permissions between aliases. To relieve the programmer from manually writing all the necessary assertions, the tool implements an inference algorithm which analyzes the code statically and, given the uses of objects, constructs all the required assertions.A deteção de erros de programação e vulnerabilidades no software é cada vez mais importante, e a criação de ferramentas que ajudem nesta tarefa é uma área de investigação crucial para a indústria atualmente. Ao programar numa linguagem orientada a objetos, definem-se naturalmente objetos com estado que não são uniformes, ou seja, a disponibilidade dos seus métodos depende do seu estado interno. Pode-se representar o protocolo de uso pretendido com um autómato ou uma máquina de estados. Os tipos comportamentais permitem verificar estaticamente se todo o código de um programa respeita o protocolo de uso de cada objeto. Nesta tese apresentamos uma ferramenta que estende o Java com definições de typestates. Esses estão associados às classes Java e definem o comportamento das instâncias dessas classes, especificando as sequências de chamadas de métodos permitidas. Esta ferramenta verifica estaticamente se as chamadas de métodos ocorrem pela ordem correta, seguindo o comportamento especificado. A ferramenta foi implementada em Kotlin como um plugin para o Checker Framework. É uma implementação nova da ferramenta Mungo e suporta a prevenção de erros de ponteiro nulo, transições de estado dependendo de valores de retorno, asseguração da conclusão dos protocolos, objetos que podem ser «largados», e a associação de protocolos com classes da biblioteca padrão do Java ou de terceiros. Além disso, esta integra tipos comportamentais com permissões de acesso, permitindo que objetos possam ser partilhados por meio de uma linguagem de asserções. Esta linguagem de asserções oferece suporte para conceitos como packing e unpacking, incluindo unpacking de objetos partilhados, e transferência de permissões entre variáveis que apontam para o mesmo objeto. Para aliviar o programador de escrever manualmente todas as asserções necessárias, a ferramenta implementa um algoritmo de inferência que analisa o código estaticamente e, consoante os usos dos objetos, constrói todas as asserções necessárias

Computer Aided Verification

This open access two-volume set LNCS 13371 and 13372 constitutes the refereed proceedings of the 34rd International Conference on Computer Aided Verification, CAV 2022, which was held in Haifa, Israel, in August 2022. The 40 full papers presented together with 9 tool papers and 2 case studies were carefully reviewed and selected from 209 submissions. The papers were organized in the following topical sections: Part I: Invited papers; formal methods for probabilistic programs; formal methods for neural networks; software Verification and model checking; hyperproperties and security; formal methods for hardware, cyber-physical, and hybrid systems. Part II: Probabilistic techniques; automata and logic; deductive verification and decision procedures; machine learning; synthesis and concurrency. This is an open access book