Procedure-modular specification and verification of temporal safety properties

This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application

Connaissance et institutions académiques:Eclairages sur l'avenir de l'économie française

Des changements importants dans l’environnement – un choc démographique couplé avec l’irruption de ce qu’on appelle l’économie de la connaissance – ont profondément perturbé l’organisation de la recherche et de l’enseignement universitaires. Des changements dans le comportement des étudiants comme les changements intervenus dans la demande de travail créent un nouveau défi que les disciplines de base comme l’économie ont à relever. Ce qui est essentiellement en jeu, c’est l’articulation entre recherche et enseignement. Alors que la nécessaire adoption d’une attitude professionnelle pourrait conduire à une profonde séparation entre ces deux dimensions de la mission des universités, nous développons l’idée que le principe, qui était au coeur de la réforme Humboldt au début du xixe siècle en Allemagne, est plus que jamais d’un grand intérêt. La recherche est l’ingrédient nécessaire d’un enseignement efficace, de même que l’enseignement constitue un moyen de mettre en lumière certains des thèmes intéressants des programmes de recherche. Dès lors, un département d’économie devrait exister dans un nombre suffisant d’universités engagées dans une concurrence équitable qui permettrait de produire une meilleure recherche et donner des cours bien adaptés. Il apparaît, néanmoins, que cette organisation ne verra le jour que si une réforme globale de l’architecture institutionnelle est engagée.Significant changes in the environment – a demographic shock coupled with the emergence of the so-called knowledge economy – dramatically disturb the organisation of both university research and teaching. Changes in the behaviour of students as well as in the demand for labour create a new challenge that fundamental disciplines, such as economics, have to take-up. The main issue at stake is that of the articulation between research and teaching. While the necessary adoption of a professional conduct might lead to a strong divide between these two dimensions of the mission of universities, we argue that the principle, which was at the core of the Humboldt reform at the beginning of the nineteenth century in Germany, is more than ever of a great interest. Research activity is the necessary ingredient of an efficient teaching. Similarly, teaching is a means to highlight some of the interesting themes in the research agenda. Therefore, a department of economics should be organised in a sufficient number of universities involved in a fair competition that would allow producing a better research and well suited lectures. Nevertheless, it appears that a global reform of the institutional framework is central to the emergence of this organisation

Procedure-Modular Verification of Temporal Safety Properties

This thesis presents a fully automated technique for procedure-modular verification of control flow temporal safety properties. Procedure-modular verification is a natural instantiation of modular verification where modularity is achieved at the level of procedures. Here it is used for the verification of software systems in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). The technique is built on top of a previously developed modular verification framework based on maximal model construction. In the framework, program data is abstracted away completely to achieve algorithmic verification. This restricts the class of properties that can be verified. The technique is supported by a fully automated tool called ProMoVer which is described and evaluated on a number of real-life case studies. ProMoVer is quipped with a number of features, such as automatic specification extraction, to facilitate easy usage. Moreover, it provides a proof storage and reuse mechanism for efficiency. An application area which can significantly benefit from modular verification is software product line (SPL) design. In SPL engineering, products are generated from a set of well-defined commonalities and variabilities. The products of an SPL can be described by means of a hierarchical variability model specifying the commonalities and variabilities between the individual products. The number of products generated from a hierarchical model is exponential in the size of the hierarchical model. Therefore, scalable and efficient verification for SPL is only possible by exploiting modular verification techniques. In this thesis, we propose a hierarchical variability model for modeling product families. Then the modular verification technique and ProMoVer are adapted for the SPLs described with this hierarchical model. A natural extension of the modular verification technique is to include program data in a conservative fashion, by encoding data from a finite domain through control. By this, a wider class of properties can be supported. As a first step towards including program data, Boolean values are added to the program model, specification languages, maximal model construction and modular verification principles.QC 2012050

Algorithmic Verification of Procedural Programs in the Presence of Code Variability

This thesis addresses the formal verification of temporal properties of procedural programs that are dynamically or statically configured by replacing, adapting, or adding new components. Dealing with such variable programs is challenging because a part of the program is either not available at verification time or changes frequently. Still, such static and dynamic variability is used in a variety of modern software systems and design paradigms, e.g., software product lines. In this thesis, we develop a generic framework and a fully automated tool support for the verification of such programs. We also show that our technique can be used for efficient verification of existing sets of products constructed from product lines. Our framework is built on top of a previously developed framework for compositional verification of control-flow safety properties of procedural programs that abstracts away all program data. The work in this study is presented through three papers. The first paper introduces ProMoVer, a fully automated tool for procedure modular verification of control-flow temporal safety properties. Procedure modular verification is a natural instantiation of compositional verification at the procedure level. ProMoVer is described and evaluated on several real-life case studies. It is equipped with a number of features, such as automatic specification extraction and the support for several specification formalisms, to facilitate easy usage. Moreover, it provides a proof storage and reuse mechanism to minimize the need for the computationally expensive verification subtasks. The second paper discusses the verification of software product lines (SPL). In SPL engineering, products are generated from a set of well-defined commonalities and variabilities. The products of an SPL can be described by means of hierarchical variability models specifying the commonalities and variabilities between the individual products. The number of products generated from a hierarchical model is exponential in the size of the model. Therefore, scalable verification of SPLs is only possible if compositional techniques are applied that allow reusing of the intermediate verification results. In this thesis, we propose a hierarchical variability model for modeling product families, provide a process for extracting such models from existing products, and adapt our compositional verification principle and tool support for the verification of SPLs modeled by this hierarchical model. The third paper presents a generalization of the original framework to capture program data, still keeping its complexity within practical limits. Thus, it brings the capabilities of the framework to a whole new level. To exemplify its use, we instantiate our framework for compositional verification at three levels of data abstraction of real-life programs: full data abstraction, Boolean data as the only datatype, and heap pointers as the only datatype. We also adapt our toolset to provide support for compositional verification of the latter and evaluate the tool on a real-life case study.QC 20140828</p

Generating a Model of a Communication Protocol from Test Data

Model-based techniques for verification and validation require a model of the systemunder test (SUT). However, most communication systems lack a complete, correctmodel. One approach for generating a model of a system is to infer the model byobserving its external behavior. This approach is useful when the source code of thesystem is not available, e.g., third party components. Regular inference techniques areable to infer a finite state machine model of a system by observing its externalbehavior. In this master thesis we consider the models inferred by regular inferencetechniques of a certain kind of systems: communication protocol entities. Suchentities interact by sending and receiving messages consisting of a message type and anumber of parameters, each of which potentially can take on a large number of values.This may cause a model of a communication protocol entity inferred by regularinference, to be very large. Since regular inference creates a model from the observedbehavior of a communication protocol entity, the model may be very different from adesigner's model of the system's source code. This master thesis presents a novel approach to transform the inferred model ofcommunication protocols to a new formalism in a sense that it is more compact andit has a similar partitioning of an entity's behavior into control states as in a designer'smodel of the protocol. We have applied our approach to an executable specificationof the Mobile Arts Advanced Mobile Location Center (A-MLC) protocol andevaluated the results

Algorithmic Verification of Procedural Programs in the Presence of Code Variability

This thesis addresses the formal verification of temporal properties of procedural programs that are dynamically or statically configured by replacing, adapting, or adding new components. Dealing with such variable programs is challenging because a part of the program is either not available at verification time or changes frequently. Still, such static and dynamic variability is used in a variety of modern software systems and design paradigms, e.g., software product lines. In this thesis, we develop a generic framework and a fully automated tool support for the verification of such programs. We also show that our technique can be used for efficient verification of existing sets of products constructed from product lines. Our framework is built on top of a previously developed framework for compositional verification of control-flow safety properties of procedural programs that abstracts away all program data. The work in this study is presented through three papers. The first paper introduces ProMoVer, a fully automated tool for procedure modular verification of control-flow temporal safety properties. Procedure modular verification is a natural instantiation of compositional verification at the procedure level. ProMoVer is described and evaluated on several real-life case studies. It is equipped with a number of features, such as automatic specification extraction and the support for several specification formalisms, to facilitate easy usage. Moreover, it provides a proof storage and reuse mechanism to minimize the need for the computationally expensive verification subtasks. The second paper discusses the verification of software product lines (SPL). In SPL engineering, products are generated from a set of well-defined commonalities and variabilities. The products of an SPL can be described by means of hierarchical variability models specifying the commonalities and variabilities between the individual products. The number of products generated from a hierarchical model is exponential in the size of the model. Therefore, scalable verification of SPLs is only possible if compositional techniques are applied that allow reusing of the intermediate verification results. In this thesis, we propose a hierarchical variability model for modeling product families, provide a process for extracting such models from existing products, and adapt our compositional verification principle and tool support for the verification of SPLs modeled by this hierarchical model. The third paper presents a generalization of the original framework to capture program data, still keeping its complexity within practical limits. Thus, it brings the capabilities of the framework to a whole new level. To exemplify its use, we instantiate our framework for compositional verification at three levels of data abstraction of real-life programs: full data abstraction, Boolean data as the only datatype, and heap pointers as the only datatype. We also adapt our toolset to provide support for compositional verification of the latter and evaluate the tool on a real-life case study.QC 20140828</p

Procedure-Modular Verification of Temporal Safety Properties

This thesis presents a fully automated technique for procedure-modular verification of control flow temporal safety properties. Procedure-modular verification is a natural instantiation of modular verification where modularity is achieved at the level of procedures. Here it is used for the verification of software systems in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). The technique is built on top of a previously developed modular verification framework based on maximal model construction. In the framework, program data is abstracted away completely to achieve algorithmic verification. This restricts the class of properties that can be verified. The technique is supported by a fully automated tool called ProMoVer which is described and evaluated on a number of real-life case studies. ProMoVer is quipped with a number of features, such as automatic specification extraction, to facilitate easy usage. Moreover, it provides a proof storage and reuse mechanism for efficiency. An application area which can significantly benefit from modular verification is software product line (SPL) design. In SPL engineering, products are generated from a set of well-defined commonalities and variabilities. The products of an SPL can be described by means of a hierarchical variability model specifying the commonalities and variabilities between the individual products. The number of products generated from a hierarchical model is exponential in the size of the hierarchical model. Therefore, scalable and efficient verification for SPL is only possible by exploiting modular verification techniques. In this thesis, we propose a hierarchical variability model for modeling product families. Then the modular verification technique and ProMoVer are adapted for the SPLs described with this hierarchical model. A natural extension of the modular verification technique is to include program data in a conservative fashion, by encoding data from a finite domain through control. By this, a wider class of properties can be supported. As a first step towards including program data, Boolean values are added to the program model, specification languages, maximal model construction and modular verification principles.QC 2012050

El dret dels infants a participar: condicions i condicionants

Aquest article sorgeix d'una tesi doctoral titulada Els infants com a ciutadans, defensada el 2005. L'estudi s'inscriu en el canvi de paradigma que ha representat la Convenció Internacional dels Drets de l'Infant (1989) al situar els infants com a subjectes de drets. Els objectius han estat identificar un fet complex com és la participació dels infants en la vida social; analitzar com els infants poden influir en la generació de noves formes de participació i en nous posicionaments socials, i relacionar aquesta participació dels infants amb la noció de ciutadania. Un altre element important a identificar ha estat la confrontació que aquesta participació planteja en el món dels adults. De fet, l'article fa una breu síntesi de la tesi doctoral en la seva totalitat i exposa amb major extensió una de les parts corresponents a l'anàlisi de les dades obtingudes en què es relaten les condicions i condicionants de la participació infantil

Algorithmic verification of procedural programs in the presence of code variability

We present a generic framework for verifying temporal safety properties of procedural programs that are dynamically or statically configured by replacing, adapting, or adding new components. To deal with such a variability of a program, we require programmers to provide local specifications for its variable components, and verify the global properties by replacing these specifications with maximal models. Our framework is a generalization of a previously developed framework that abstracts from all program data. In this work, we capture program data and thus significantly increase the range of properties that can be verified. Our framework is generic by being parametric on the set of observed program events and their semantics. We separate program structure from the behavior it induces to facilitate independent component specification and verification. We provide tool support for an instantiation of our framework to programs written in a procedural language with pointers as the only datatype.QC 20150504. Updated from manuscript to conference paper.</p

Procedure-Modular Specification and Verification of Temporal Safety Properties

This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here, it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre- and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application.QC 20130926</p