Inferring Concise Specifications of APIs

Modern software relies on libraries and uses them via application programming interfaces (APIs). Correct API usage as well as many software engineering tasks are enabled when APIs have formal specifications. In this work, we analyze the implementation of each method in an API to infer a formal postcondition. Conventional wisdom is that, if one has preconditions, then one can use the strongest postcondition predicate transformer (SP) to infer postconditions. However, SP yields postconditions that are exponentially large, which makes them difficult to use, either by humans or by tools. Our key idea is an algorithm that converts such exponentially large specifications into a form that is more concise and thus more usable. This is done by leveraging the structure of the specifications that result from the use of SP. We applied our technique to infer postconditions for over 2,300 methods in seven popular Java libraries. Our technique was able to infer specifications for 75.7% of these methods, each of which was verified using an Extended Static Checker. We also found that 84.6% of resulting specifications were less than 1/4 page (20 lines) in length. Our technique was able to reduce the length of SMT proofs needed for verifying implementations by 76.7% and reduced prover execution time by 26.7%

Static Verification of Cloud Applications with Why3

Nowadays large-scale distributed applications rely on replication in order to improve their services. Having data replicated in multiple datacenters increases availability, but it might lead to concurrent updates that violate data integrity. A possible approach to solve this issue is to use strong consistency in the application because this way there is a total order of operations in every replica. However, that would make the application abdicate of its availability. An alternative would be to use weak consistency to make the application more available, but that could break data integrity. To resolve this issue many of these applications use a combination of weak and strong consistency models, such that synchronization is only introduced in the execution of operations that can break data integrity. To build applications that use multiple consistency models, developers have the difficult task of finding the right balance between two conflicting goals: minimizing synchronization while preserving data integrity. To achieve this balance developers have to reason about the concurrent effects of each operation, which is a non-trivial task when it comes to large and complex applications. In this document we propose an approach consisting of a static analysis tool that helps developers find a balance between strong and weak consistency in applications that operate over weakly consistent databases. The verification process is based on a recently defined proof rule that was proven to be sound. The proposed tool uses Why3 as an intermediate framework that communicates with external provers, to analyse the correctness of the application specification. Our contributions also include a predicate transformer and a library of verified data types that can be used to resolve commutativity issues in applications. The predicate transformer can be used to lighten the specification effort

Survey of annotation generators for deductive verifiers

Deductive verifiers require intensive user interaction in the form of writing precise specifications, thereby limiting their use in practice. While many solutions have been proposed to generate specifications, their evaluations and comparisons to other tools are limited. As a result, it is unclear what the best approaches for specification inference are and how these impact the overall specification writing process. In this paper we take steps to address this problem by providing an overview of specification inference tools that can be used for deductive verification of Java programs. For each tool, we discuss its approach to specification inference and identify its advantages and disadvantages. Moreover, we identify the types of specifications that it infers and use this to estimate the impact of the tool on the overall specification writing process. Finally, we identify the ideal features of a specification generator and discuss important challenges for future research.</p

Arís 2.1: Adapting Arís for Object Oriented Language

In the software development area, software verification is important such that it can guarantee the software fulfills its requirements. Despite its importance, verifying software is difficult to achieve. Additional knowledge and effort are needed to write specification especially if the software is complex and big in size. Nevertheless, there are some software that already have verified specifications. This project will focus on extending Arís (Analogical Reasoning for reuse of Implementation & Specification) which has been developed to increase verified software by reusing and transferring the specification from a similar implementation to a target code. The extension is done to facilitate specification transferring to program written in language other than C#, in this case Java. This extension will add functions to existing Arís that will receive Conceptual Graphs representation of a program and write the specification to a file. Another companion system is also built from Java to generate the Conceptual Graphs in Conceptual Graph Interchange Format (CGIF) and transform the Spec# specification to JML. Finally, this new system is evaluated by running some testing. From the result that we have, we can conclude that the building of conceptual graph and the specification transformation is the most difficult part in our system

Arís 2.1: Adapting Arís for Object Oriented Language

In the software development area, software verification is important such that it can guarantee the software fulfills its requirements. Despite its importance, verifying software is difficult to achieve. Additional knowledge and effort are needed to write specification especially if the software is complex and big in size. Nevertheless, there are some software that already have verified specifications. This project will focus on extending Arís (Analogical Reasoning for reuse of Implementation & Specification) which has been developed to increase verified software by reusing and transferring the specification from a similar implementation to a target code. The extension is done to facilitate specification transferring to program written in language other than C#, in this case Java. This extension will add functions to existing Arís that will receive Conceptual Graphs representation of a program and write the specification to a file. Another companion system is also built from Java to generate the Conceptual Graphs in Conceptual Graph Interchange Format (CGIF) and transform the Spec# specification to JML. Finally, this new system is evaluated by running some testing. From the result that we have, we can conclude that the building of conceptual graph and the specification transformation is the most difficult part in our system

GPU-accelerated lip-tracking library

A major part of having correct pronunciation when learning a new language is moving your lips in the correct way. This is a difficult thing to learn and to teach. One solution to this is software which tracks a student\u27s lip movements and provides feedback. This paper describes how we have created a C++ library to accurately track lips in provided images. Further, this library attempts to use a CUDA-enabled GPU implementation to improve the algorithm\u27s performance. It will fall back on a CPU implementation if such a GPU is not found. As a result, the lip tracking library runs on Windows, Linux, and OS X, as well as Android devices