5,766 research outputs found
TAPAs: A Tool for the Analysis of Process Algebras
Process algebras are formalisms for modelling concurrent systems that permit mathematical reasoning with respect to a set of desired properties. TAPAs is a tool that can be used to support the use of process algebras to specify and analyze concurrent systems. It does not aim at guaranteeing high performances, but has been developed as a support to teaching. Systems are described as process algebras terms that are then mapped to labelled transition systems (LTSs). Properties are verified either by checking equivalence of concrete and abstract systems descriptions, or by model checking temporal formulae over the obtained LTS. A key feature of TAPAs, that makes it particularly suitable for teaching, is that it maintains a consistent double representation of each system both as a term and as a graph. Another useful didactical feature is the exhibition of counterexamples in case equivalences are not verified or the proposed formulae are not satisfied
Fifty years of Hoare's Logic
We present a history of Hoare's logic.Comment: 79 pages. To appear in Formal Aspects of Computin
Computer-Assisted Program Reasoning Based on a Relational Semantics of Programs
We present an approach to program reasoning which inserts between a program
and its verification conditions an additional layer, the denotation of the
program expressed in a declarative form. The program is first translated into
its denotation from which subsequently the verification conditions are
generated. However, even before (and independently of) any verification
attempt, one may investigate the denotation itself to get insight into the
"semantic essence" of the program, in particular to see whether the denotation
indeed gives reason to believe that the program has the expected behavior.
Errors in the program and in the meta-information may thus be detected and
fixed prior to actually performing the formal verification. More concretely,
following the relational approach to program semantics, we model the effect of
a program as a binary relation on program states. A formal calculus is devised
to derive from a program a logic formula that describes this relation and is
subject for inspection and manipulation. We have implemented this idea in a
comprehensive form in the RISC ProgramExplorer, a new program reasoning
environment for educational purposes which encompasses the previously developed
RISC ProofNavigator as an interactive proving assistant.Comment: In Proceedings THedu'11, arXiv:1202.453
The AutoProof Verifier: Usability by Non-Experts and on Standard Code
Formal verification tools are often developed by experts for experts; as a
result, their usability by programmers with little formal methods experience
may be severely limited. In this paper, we discuss this general phenomenon with
reference to AutoProof: a tool that can verify the full functional correctness
of object-oriented software. In particular, we present our experiences of using
AutoProof in two contrasting contexts representative of non-expert usage.
First, we discuss its usability by students in a graduate course on software
verification, who were tasked with verifying implementations of various sorting
algorithms. Second, we evaluate its usability in verifying code developed for
programming assignments of an undergraduate course. The first scenario
represents usability by serious non-experts; the second represents usability on
"standard code", developed without full functional verification in mind. We
report our experiences and lessons learnt, from which we derive some general
suggestions for furthering the development of verification tools with respect
to improving their usability.Comment: In Proceedings F-IDE 2015, arXiv:1508.0338
All-Path Reachability Logic
This paper presents a language-independent proof system for reachability
properties of programs written in non-deterministic (e.g., concurrent)
languages, referred to as all-path reachability logic. It derives
partial-correctness properties with all-path semantics (a state satisfying a
given precondition reaches states satisfying a given postcondition on all
terminating execution paths). The proof system takes as axioms any
unconditional operational semantics, and is sound (partially correct) and
(relatively) complete, independent of the object language. The soundness has
also been mechanized in Coq. This approach is implemented in a tool for
semantics-based verification as part of the K framework (http://kframework.org
Featherweight VeriFast
VeriFast is a leading research prototype tool for the sound modular
verification of safety and correctness properties of single-threaded and
multithreaded C and Java programs. It has been used as a vehicle for
exploration and validation of novel program verification techniques and for
industrial case studies; it has served well at a number of program verification
competitions; and it has been used for teaching by multiple teachers
independent of the authors. However, until now, while VeriFast's operation has
been described informally in a number of publications, and specific
verification techniques have been formalized, a clear and precise exposition of
how VeriFast works has not yet appeared. In this article we present for the
first time a formal definition and soundness proof of a core subset of the
VeriFast program verification approach. The exposition aims to be both
accessible and rigorous: the text is based on lecture notes for a graduate
course on program verification, and it is backed by an executable
machine-readable definition and machine-checked soundness proof in Coq
Evaluation of a tool for Java structural specification checking
Although a number of tools for evaluating Java code functionality and style exist, little work has been done in a distance learning context on automated marking of Java programs with respect to structural specifications. Such automated checks support human markers in assessing students’ work and evaluating their own marking; online automated marking; students checking code before submitting it for marking; and question setters evaluating the completeness of questions set. This project developed and evaluated a prototype tool that performs an automated check of a Java program’s correctness with respect to a structural specification. Questionnaires and interviews were used to gather feedback on the usefulness of the tool as a marking aid to humans, and on its potential usefulness to students for self-assessment when working on their assignments. Markers were asked to compare the usefulness of structural specification testing as compared to other kinds of support, including syntax error assistance, style checking and functionality testing. Initial results suggest that most markers using the structural specification checking tool found it to be useful, and some reported that it increased their accuracy in marking. Reasons for not using the tool included lack of time and the simplicity of the assignment it was trialled on. Some reservations were expressed about reliance on tools for assessment, both for markers and for students. The need for advice on incorporating tools in marking workflow is suggested
- …