Proving Correctness and Completeness of Normal Programs - a Declarative Approach

We advocate a declarative approach to proving properties of logic programs. Total correctness can be separated into correctness, completeness and clean termination; the latter includes non-floundering. Only clean termination depends on the operational semantics, in particular on the selection rule. We show how to deal with correctness and completeness in a declarative way, treating programs only from the logical point of view. Specifications used in this approach are interpretations (or theories). We point out that specifications for correctness may differ from those for completeness, as usually there are answers which are neither considered erroneous nor required to be computed. We present proof methods for correctness and completeness for definite programs and generalize them to normal programs. For normal programs we use the 3-valued completion semantics; this is a standard semantics corresponding to negation as finite failure. The proof methods employ solely the classical 2-valued logic. We use a 2-valued characterization of the 3-valued completion semantics which may be of separate interest. The presented methods are compared with an approach based on operational semantics. We also employ the ideas of this work to generalize a known method of proving termination of normal programs.Comment: To appear in Theory and Practice of Logic Programming (TPLP). 44 page

Formal verification of cryptographic software implementations

Tese de doutoramento em InformáticaSecurity is notoriously difficult to sell as a feature in software products. In addition to meeting a set of security requirements, cryptographic software has to be cheap, fast, and use little resources. The development of cryptographic software is an area with specific needs in terms of software development processes and tools. In this thesis we explore how formal techniques, namely deductive verification techniques, can be used to increase the guarantees that cryptographic software implementations indeed work as prescribed. This thesis is organized in two parts. The first part is focused on the identification of relevant security policies that may be at play in cryptographic systems, as well as the language-based mechanisms that can be used to enforce such policies in those systems. We propose methodologies based on deductive verification to formalise and verify relevant security policies in cryptographic software. We also show the applicability of those methodologies by presenting some case studies using a deductive verification tool integrated in the Frama-c framework. In the second part we propose a deductive verification tool (CAOVerif) for a domainspecific language for cryptographic implementations (CAO). Our aim is to apply the methodologies proposed in the first part of this thesis work to verify the cryptographic implementations written in CAO. The design of CAOVerif follows the same approach used in other scenarios for general-propose languages and it is build on top of a plug-in from the Frama-c framework. At the very end, we conclude the work of this thesis by reasoning about the soundness of our verification tool.O software criptográfico possui requisitos específicos para garantir a segurança da informação que manipula. Além disso, este tipo de software necessita de ser barato, rápido e utilizar um número reduzido de recursos. Garantir a segurança da informação que é manipulada por tais sistemas é um grande desafio, sendo por isso de grande objecto de estudo actualmente. Nesta tese exploramos como as técnicas formais, nomeadamente as técnicas de verificação dedutiva, podem ser utilizadas por forma a garantir que as implementações de software criptográfico funcionam, de facto, como prescrito. O trabalho desta tese está organizado em duas partes. A primeira parte foca-se essencialmente na identificação de políticas de segurança relevantes nos sistemas criptográficos, bem como nos mecanismos baseados em linguagens que podem ser aplicados para garantir tais políticas. Neste contexto, propomos metodologias baseadas em verificação dedutiva para formalizar e verificar políticas de segurança. Mostramos também como essas metodologias podem ser aplicadas na verificação de casos de estudo reais, utilizando a ferramenta de verificação dedutiva integrada na ferramenta Frama-c. Na segunda parte, propomos uma ferramenta de verificação dedutiva (CAOVerif) para uma linguagem de domínio específico para implementações criptográficas (CAO). O desenvolvimento de tal ferramenta tem como objectivo aplicar as metodologias desenvolvidas na primeira parte deste trabalho às implementações criptográficas definidas em CAO. O desenho desta ferramenta segue a mesma aproximação de outras ferramentas de verificação dedutiva já existentes para outras linguagens. Concluímos o trabalho desenvolvido dando um prova formal da correcção da ferramenta

IEEE/NASA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation

This volume contains the Preliminary Proceedings of the 2005 IEEE ISoLA Workshop on Leveraging Applications of Formal Methods, Verification, and Validation, with a special track on the theme of Formal Methods in Human and Robotic Space Exploration. The workshop was held on 23-24 September 2005 at the Loyola College Graduate Center, Columbia, MD, USA. The idea behind the Workshop arose from the experience and feedback of ISoLA 2004, the 1st International Symposium on Leveraging Applications of Formal Methods held in Paphos (Cyprus) last October-November. ISoLA 2004 served the need of providing a forum for developers, users, and researchers to discuss issues related to the adoption and use of rigorous tools and methods for the specification, analysis, verification, certification, construction, test, and maintenance of systems from the point of view of their different application domains

Embedded System Design

A unique feature of this open access textbook is to provide a comprehensive introduction to the fundamental knowledge in embedded systems, with applications in cyber-physical systems and the Internet of things. It starts with an introduction to the field and a survey of specification models and languages for embedded and cyber-physical systems. It provides a brief overview of hardware devices used for such systems and presents the essentials of system software for embedded systems, including real-time operating systems. The author also discusses evaluation and validation techniques for embedded systems and provides an overview of techniques for mapping applications to execution platforms, including multi-core platforms. Embedded systems have to operate under tight constraints and, hence, the book also contains a selected set of optimization techniques, including software optimization techniques. The book closes with a brief survey on testing. This fourth edition has been updated and revised to reflect new trends and technologies, such as the importance of cyber-physical systems (CPS) and the Internet of things (IoT), the evolution of single-core processors to multi-core processors, and the increased importance of energy efficiency and thermal issues

Embedded System Design

A unique feature of this open access textbook is to provide a comprehensive introduction to the fundamental knowledge in embedded systems, with applications in cyber-physical systems and the Internet of things. It starts with an introduction to the field and a survey of specification models and languages for embedded and cyber-physical systems. It provides a brief overview of hardware devices used for such systems and presents the essentials of system software for embedded systems, including real-time operating systems. The author also discusses evaluation and validation techniques for embedded systems and provides an overview of techniques for mapping applications to execution platforms, including multi-core platforms. Embedded systems have to operate under tight constraints and, hence, the book also contains a selected set of optimization techniques, including software optimization techniques. The book closes with a brief survey on testing. This fourth edition has been updated and revised to reflect new trends and technologies, such as the importance of cyber-physical systems (CPS) and the Internet of things (IoT), the evolution of single-core processors to multi-core processors, and the increased importance of energy efficiency and thermal issues

Nouvelles approches pour la conception d'outils CAO pour le domaine des systèmes embarqués

Thèse numérisée par la Division de la gestion de documents et des archives de l'Université de Montréal

Abstraction in Model Checking Multi-Agent Systems

This thesis presents existential abstraction techniques for multi-agent systems preserving temporal-epistemic specifications. Multi-agent systems, defined in the interpreted system frameworks, are abstracted by collapsing the local states and actions of each agent. The goal of abstraction is to reduce the state space of the system under investigation in order to cope with the state explosion problem that impedes the verification of very large state space systems. Theoretical results show that the resulting abstract system simulates the concrete one. Preservation and correctness theorems are proved in this thesis. These theorems assure that if a temporal-epistemic formula holds on the abstract system, then the formula also holds on the concrete one. These results permit to verify temporal-epistemic formulas in abstract systems instead of the concrete ones, therefore saving time and space in the verification process. In order to test the applicability, usefulness, suitability, power and effectiveness of the abstraction method presented, two different implementations are presented: a tool for data-abstraction and one for variable-abstraction. The first technique achieves a state space reduction by collapsing the values of the domains of the system variables. The second technique performs a reduction on the size of the model by collapsing groups of two or more variables. Therefore, the abstract system has a reduced number of variables. Each new variable in the abstract system takes values belonging to a new domain built automatically by the tool. Both implementations perform abstraction in a fully automatic way. They operate on multi agents models specified in a formal language, called ISPL (Interpreted System Programming Language). This is the input language for MCMAS, a model checker for multi-agent systems. The output is an ISPL file as well (with a reduced state space). This thesis also presents several suitable temporal-epistemic examples to evaluate both techniques. The experiments show good results and point to the attractiveness of the temporal-epistemic abstraction techniques developed in this thesis. In particular, the contributions of the thesis are the following ones: • We produced correctness and preservation theoretical results for existential abstraction. • We introduced two algorithms to perform data-abstraction and variable-abstraction on multi-agent systems. • We developed two software toolkits for automatic abstraction on multi-agent scenarios: one tool performing data-abstraction and the second performing variable-abstraction. • We evaluated the methodologies introduced in this thesis by running experiments on several multi-agent system examples