3,364 research outputs found
Separation Logic for Small-step Cminor
Cminor is a mid-level imperative programming language; there are
proved-correct optimizing compilers from C to Cminor and from Cminor to machine
language. We have redesigned Cminor so that it is suitable for Hoare Logic
reasoning and we have designed a Separation Logic for Cminor. In this paper, we
give a small-step semantics (instead of the big-step of the proved-correct
compiler) that is motivated by the need to support future concurrent
extensions. We detail a machine-checked proof of soundness of our Separation
Logic. This is the first large-scale machine-checked proof of a Separation
Logic w.r.t. a small-step semantics. The work presented in this paper has been
carried out in the Coq proof assistant. It is a first step towards an
environment in which concurrent Cminor programs can be verified using
Separation Logic and also compiled by a proved-correct compiler with formal
end-to-end correctness guarantees.Comment: Version courte du rapport de recherche RR-613
Abstract State Machines 1988-1998: Commented ASM Bibliography
An annotated bibliography of papers which deal with or use Abstract State
Machines (ASMs), as of January 1998.Comment: Also maintained as a BibTeX file at http://www.eecs.umich.edu/gasm
A formally verified compiler back-end
This article describes the development and formal verification (proof of
semantic preservation) of a compiler back-end from Cminor (a simple imperative
intermediate language) to PowerPC assembly code, using the Coq proof assistant
both for programming the compiler and for proving its correctness. Such a
verified compiler is useful in the context of formal methods applied to the
certification of critical software: the verification of the compiler guarantees
that the safety properties proved on the source code hold for the executable
compiled code as well
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
An overview of ciao and its design philosophy
We provide an overall description of the Ciao multiparadigm programming system emphasizing some of the novel aspects and motivations behind its design and implementation. An important aspect of Ciao is that, in addition to supporting logic programming (and, in particular, Prolog), it provides the programmer with a large number of useful features from different programming paradigms and styles and that the use of each of these features (including those of Prolog) can be turned on and off at will for each program module. Thus,
a given module may be using, e.g., higher order functions and constraints, while another module may be using assignment, predicates, Prolog meta-programming, and concurrency. Furthermore, the language is designed to be extensible in a simple and modular way. Another important aspect of Ciao is its programming environment, which provides a powerful preprocessor (with an associated assertion language) capable of statically finding non-trivial bugs, verifying that programs comply with specifications, and performing many types of optimizations (including automatic parallelization). Such optimizations produce code that is highly competitive with other dynamic languages or, with the (experimental) optimizing compiler, even that of static languages, all while retaining the flexibility and interactive development of a dynamic language. This compilation architecture supports modularity and separate compilation throughout. The environment also includes a powerful autodocumenter and a unit testing framework, both closely integrated with the assertion system. The paper provides an informal overview of the language and program development environment. It aims at illustrating the design philosophy rather than at being exhaustive, which would be impossible in a single journal paper, pointing instead to previous Ciao literature
A Verified Theorem Prover for Higher-Order Logic
This thesis is about mechanically establishing the correctness of computer programs.\ua0In particular, we are interested in establishing the correctness of tools used in computer-aided mathematics. We build on tools for proof-producing program synthesis, and verified compilation, and a verified theorem proving kernel.\ua0With these, we have produced an interactive theorem prover for higher-order logic, called Candle, that is verified to accept only true theorems.\ua0To the best of our knowledge, Candle is the only interactive theorem prover for higher-order logic that has been verified to this degree.Candle and all technology that underpins it is developed using the HOL4 theorem prover.\ua0We use proof-producing synthesis and the verified CakeML compiler to obtain a machine code executable for the Candle theorem prover.\ua0Because the CakeML compiler is verified to preserve program semantics, we are able to obtain a soundness result about the machine code which implements the Candle theorem prover
- …