2,286 research outputs found
A Historical Perspective on Runtime Assertion Checking in Software Development
This report presents initial results in the area of software testing and analysis produced as part of the Software Engineering Impact Project. The report describes the historical development of runtime assertion checking, including a description of the origins of and significant features associated with assertion checking mechanisms, and initial findings about current industrial use. A future report will provide a more comprehensive assessment of development practice, for which we invite readers of this report to contribute information
Issues about the Adoption of Formal Methods for Dependable Composition of Web Services
Web Services provide interoperable mechanisms for describing, locating and
invoking services over the Internet; composition further enables to build
complex services out of simpler ones for complex B2B applications. While
current studies on these topics are mostly focused - from the technical
viewpoint - on standards and protocols, this paper investigates the adoption of
formal methods, especially for composition. We logically classify and analyze
three different (but interconnected) kinds of important issues towards this
goal, namely foundations, verification and extensions. The aim of this work is
to individuate the proper questions on the adoption of formal methods for
dependable composition of Web Services, not necessarily to find the optimal
answers. Nevertheless, we still try to propose some tentative answers based on
our proposal for a composition calculus, which we hope can animate a proper
discussion
Procedure-modular specification and verification of temporal safety properties
This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application
A Verified Information-Flow Architecture
SAFE is a clean-slate design for a highly secure computer system, with
pervasive mechanisms for tracking and limiting information flows. At the lowest
level, the SAFE hardware supports fine-grained programmable tags, with
efficient and flexible propagation and combination of tags as instructions are
executed. The operating system virtualizes these generic facilities to present
an information-flow abstract machine that allows user programs to label
sensitive data with rich confidentiality policies. We present a formal,
machine-checked model of the key hardware and software mechanisms used to
dynamically control information flow in SAFE and an end-to-end proof of
noninterference for this model.
We use a refinement proof methodology to propagate the noninterference
property of the abstract machine down to the concrete machine level. We use an
intermediate layer in the refinement chain that factors out the details of the
information-flow control policy and devise a code generator for compiling such
information-flow policies into low-level monitor code. Finally, we verify the
correctness of this generator using a dedicated Hoare logic that abstracts from
low-level machine instructions into a reusable set of verified structured code
generators
Investigation, Development, and Evaluation of Performance Proving for Fault-tolerant Computers
A number of methodologies for verifying systems and computer based tools that assist users in verifying their systems were developed. These tools were applied to verify in part the SIFT ultrareliable aircraft computer. Topics covered included: STP theorem prover; design verification of SIFT; high level language code verification; assembly language level verification; numerical algorithm verification; verification of flight control programs; and verification of hardware logic
Recovery within long running transactions
As computer systems continue to grow in complexity, the possibilities of failure increase. At the
same time, the increase in computer system pervasiveness in day-to-day activities brought along
increased expectations on their reliability. This has led to the need for effective and automatic error
recovery techniques to resolve failures. Transactions enable the handling of failure propagation
over concurrent systems due to dependencies, restoring the system to the point before the failure
occurred. However, in various settings, especially when interacting with the real world, reversal
is not possible. The notion of compensations has been long advocated as a way of addressing this
issue, through the specification of activities which can be executed to undo partial transactions.
Still, there is no accepted standard theory; the literature offers a plethora of distinct formalisms
and approaches.
In this survey, we review the compensations from a theoretical point of view by: (i) giving a
historic account of the evolution of compensating transactions; (ii) delineating and describing a
number of design options involved; (iii) presenting a number of formalisms found in the literature,
exposing similarities and differences; (iv) comparing formal notions of compensation correctness;
(v) giving insights regarding the application of compensations in practice; and (vi) discussing
current and future research trends in the area.peer-reviewe
Recommended from our members
An evaluation of software fault tolerance techniques in real-time safety-critical applications
The usefulness of three software fault tolerance techniques -- n-version programming, recovery blocks, and exception handling is examined within the context of real-time safety-critical environments. The general requirements of such application systems are presented and the techniques evaluated with regard to how well they satisfy these requirements
Concurrent object-oriented programming: The MP-Eiffel approach
This article evaluates several possible approaches for integrating concurrency into
object-oriented programming languages, presenting afterwards, a new language named
MP-Eiffel. MP-Eiffel was designed attempting to include all the essential properties
of both concurrent and object-oriented programming with simplicity and safety.
A special care was taken to achieve the orthogonality of all the language mechanisms,
allowing their joint use without unsafe side-effects (such as inheritance anomalies)
Several types of types in programming languages
Types are an important part of any modern programming language, but we often
forget that the concept of type we understand nowadays is not the same it was
perceived in the sixties. Moreover, we conflate the concept of "type" in
programming languages with the concept of the same name in mathematical logic,
an identification that is only the result of the convergence of two different
paths, which started apart with different aims. The paper will present several
remarks (some historical, some of more conceptual character) on the subject, as
a basis for a further investigation. The thesis we will argue is that there are
three different characters at play in programming languages, all of them now
called types: the technical concept used in language design to guide
implementation; the general abstraction mechanism used as a modelling tool; the
classifying tool inherited from mathematical logic. We will suggest three
possible dates ad quem for their presence in the programming language
literature, suggesting that the emergence of the concept of type in computer
science is relatively independent from the logical tradition, until the
Curry-Howard isomorphism will make an explicit bridge between them.Comment: History and Philosophy of Computing, HAPOC 2015. To appear in LNC
- …