Program-level Specification and Deductive Verification of Security Properties

Programs with publicly accessible interfaces are increasingly used to process confidential data. This makes it all the more important to control the information flow within such applications. This thesis shows how highly precise specification and deductive verification of language-based secure information flow can be made feasible. The approach does not rely on fixed approximations, but makes use of the precision provided by the underlying calculus for Java Dynamic Logic

IC0701 verification competition 2011

Abstract. This paper reports on the experiences with the program verification competition held during the FoVeOOS conference in October 2011. There were 6 teams participating in this competition. We discuss the three different challenges that were posed and the solutions developed by the teams. We conclude with a discussion about the value of such competitions and lessons that can be learned from them.

Extending non-termination proof techniques to asynchronously communicating concurrent programs

Currently, no approaches are known that allow for non-termination proofs of concurrent programs which account for asynchronous communication via FIFO message queues. Those programs may be written in high-level languages such as Java or Promela. We present a first approach to prove non- termination for such programs. In addition to integers, the programs that we consider may contain queues as data structures. We present a representation of queues and the operations on them in the domain of integers, and generate invariants that help us prove non-termination of selected control flow loops using a theorem proving approach. We illustrate this approach by applying a prototype tool implementation to a number of case studies

Heuristic Search for Unbounded Executions

Abstract. We present a heuristic search based approach to finding unbounded executions in software models that can be described using Communicating Finite State Machines (CFSMs). This improves the unboundedness test devised by Jeron and Jard in case certain knowledge about potential sources of unboundedness is available. Such knowledge can be obtained from a boundedness analysis that we designed in precursory work. We evaluate the effectiveness of several different heuristics and search strategies. To show the feasibility of our approach, we compare the performance of the heuristic search algorithms with that of uninformed search algorithms in detecting unbounded executions for a number of case studies. We discuss the applicability of our approach to high level modeling languages for concurrent systems such as Promela.

The KeY Platform for Verification and Analysis of Java Programs

The KeY system offers a platform of software analysis tools for sequential Java. Foremost, this includes full functional verification against contracts written in the Java Modeling Language. But the approach is general enough to provide a basis for other methods and purposes: (i) complementary validation techniques to formal verification such as testing and debugging, methods that reduce the complexity of verification such as modularization and abstract interpretation, (ii) analyses of non-functional properties such as information flow security, and %worst-case execution time, (iii) sound program transformation and code generation. We show that deductive technology that has been developed for full functional verification can be used as a basis and framework for other purposes than pure functional verification. We use the current release of the KeY system as an example to explain and prove this claim