deductive verification of object oriented software
play

Deductive Verification of Object-Oriented Software Part B Bernhard - PowerPoint PPT Presentation

Apr 12, 2024 •237 likes •1.82k views

Deductive Verification of Object-Oriented Software Part B Bernhard Beckert | VTSA, 24.28.08.2015 KIT I NSTITUTE FOR T HEORETICAL C OMPUTER S CIENCE www.kit.edu KIT University of the State of Baden-Wuerttemberg and National Laboratory

  1. Rigid and Flexible Terms Example <int i;> \ forall int x ; ( i + 1 . > <i++;> ( i . = x − = x )) ⇒ flexible Interpretation of i depends on computation state Interpretation of x and + do not depend on state ⇒ rigid Locations are always flexible Logical variables, standard functions are always rigid J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 42/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  2. Rigid and Flexible Terms Example <int i;> \ forall int x ; ( i + 1 . > <i++;> ( i . = x − = x )) ⇒ flexible Interpretation of i depends on computation state Interpretation of x and + do not depend on state ⇒ rigid Locations are always flexible Logical variables, standard functions are always rigid J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 42/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  3. Rigid and Flexible Terms Example <int i;> \ forall int x ; ( i + 1 . > <i++;> ( i . = x − = x )) ⇒ flexible Interpretation of i depends on computation state Interpretation of x and + do not depend on state ⇒ rigid Locations are always flexible Logical variables, standard functions are always rigid J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 42/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  4. Rigid and Flexible Terms Example <int i;> \ forall int x ; ( i + 1 . > <i++;> ( i . = x − = x )) ⇒ flexible Interpretation of i depends on computation state Interpretation of x and + do not depend on state ⇒ rigid Locations are always flexible Logical variables, standard functions are always rigid J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 42/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  5. Rigid and Flexible Terms Example <int i;> \ forall int x ; ( i + 1 . > <i++;> ( i . = x − = x )) ⇒ flexible Interpretation of i depends on computation state Interpretation of x and + do not depend on state ⇒ rigid Locations are always flexible Logical variables, standard functions are always rigid J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 42/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  6. Validity A J AVA C ARD DL formula is valid iff it is true in all states. We need a calculus for checking validity of formulas J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 43/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  7. Validity A J AVA C ARD DL formula is valid iff it is true in all states. We need a calculus for checking validity of formulas J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 43/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  8. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 44/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  9. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 45/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  10. Sequents and their Semantics Syntax ψ 1 , . . . , ψ m = ⇒ φ 1 , . . . , φ n � �� � � �� � Antecedent Succedent where the φ i , ψ i are formulae (without free variables) Semantics Same as the formula ( ψ 1 & · · · & ψ m ) − > ( φ 1 | · · · | φ n ) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 46/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  11. Sequents and their Semantics Syntax ψ 1 , . . . , ψ m = ⇒ φ 1 , . . . , φ n � �� � � �� � Antecedent Succedent where the φ i , ψ i are formulae (without free variables) Semantics Same as the formula ( ψ 1 & · · · & ψ m ) − > ( φ 1 | · · · | φ n ) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 46/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  12. Sequent Rules General form Premisses � �� � Γ 1 = ⇒ ∆ 1 · · · Γ r = ⇒ ∆ r rule name Γ = ⇒ ∆ � �� � Conclusion ( r = 0 possible: closing rules) Soundness If all premisses are valid, then the conclusion is valid Use in practice Goal is matched to conclusion J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 47/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  13. Sequent Rules General form Premisses � �� � Γ 1 = ⇒ ∆ 1 · · · Γ r = ⇒ ∆ r rule name Γ = ⇒ ∆ � �� � Conclusion ( r = 0 possible: closing rules) Soundness If all premisses are valid, then the conclusion is valid Use in practice Goal is matched to conclusion J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 47/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  14. Sequent Rules General form Premisses � �� � Γ 1 = ⇒ ∆ 1 · · · Γ r = ⇒ ∆ r rule name Γ = ⇒ ∆ � �� � Conclusion ( r = 0 possible: closing rules) Soundness If all premisses are valid, then the conclusion is valid Use in practice Goal is matched to conclusion J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 47/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  15. Sequent Rules General form Premisses � �� � Γ 1 = ⇒ ∆ 1 · · · Γ r = ⇒ ∆ r rule name Γ = ⇒ ∆ � �� � Conclusion ( r = 0 possible: closing rules) Soundness If all premisses are valid, then the conclusion is valid Use in practice Goal is matched to conclusion J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 47/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  16. Some Simple Sequent Rules Γ = ⇒ A, ∆ not left Γ , ! A = ⇒ ∆ Γ = ⇒ A, ∆ Γ , B = ⇒ ∆ imp left Γ , A − > B = ⇒ ∆ close goal close by true Γ , A = ⇒ A, ∆ Γ = ⇒ true , ∆ Γ , \ forall t x ; φ, { x/e } φ = ⇒ ∆ all left Γ , \ forall t x ; φ = ⇒ ∆ where e var-free term of type t ′ ≺ t J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 48/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  17. Some Simple Sequent Rules Γ = ⇒ A, ∆ not left Γ , ! A = ⇒ ∆ Γ = ⇒ A, ∆ Γ , B = ⇒ ∆ imp left Γ , A − > B = ⇒ ∆ close goal close by true Γ , A = ⇒ A, ∆ Γ = ⇒ true , ∆ Γ , \ forall t x ; φ, { x/e } φ = ⇒ ∆ all left Γ , \ forall t x ; φ = ⇒ ∆ where e var-free term of type t ′ ≺ t J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 48/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  18. Some Simple Sequent Rules Γ = ⇒ A, ∆ not left Γ , ! A = ⇒ ∆ Γ = ⇒ A, ∆ Γ , B = ⇒ ∆ imp left Γ , A − > B = ⇒ ∆ close goal close by true Γ , A = ⇒ A, ∆ Γ = ⇒ true , ∆ Γ , \ forall t x ; φ, { x/e } φ = ⇒ ∆ all left Γ , \ forall t x ; φ = ⇒ ∆ where e var-free term of type t ′ ≺ t J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 48/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  19. Some Simple Sequent Rules Γ = ⇒ A, ∆ not left Γ , ! A = ⇒ ∆ Γ = ⇒ A, ∆ Γ , B = ⇒ ∆ imp left Γ , A − > B = ⇒ ∆ close goal close by true Γ , A = ⇒ A, ∆ Γ = ⇒ true , ∆ Γ , \ forall t x ; φ, { x/e } φ = ⇒ ∆ all left Γ , \ forall t x ; φ = ⇒ ∆ where e var-free term of type t ′ ≺ t J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 48/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  20. Some Simple Sequent Rules Γ = ⇒ A, ∆ not left Γ , ! A = ⇒ ∆ Γ = ⇒ A, ∆ Γ , B = ⇒ ∆ imp left Γ , A − > B = ⇒ ∆ close goal close by true Γ , A = ⇒ A, ∆ Γ = ⇒ true , ∆ Γ , \ forall t x ; φ, { x/e } φ = ⇒ ∆ all left Γ , \ forall t x ; φ = ⇒ ∆ where e var-free term of type t ′ ≺ t J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 48/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  21. Sequent Calculus Proofs Proof tree Proof is tree structure with goal sequent as root Rules are applied from conclusion (old goal) to premisses (new goals) Rule with no premiss closes proof branch Proof is finished when all goals are closed J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 49/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  22. Sequent Calculus Proofs Proof tree Proof is tree structure with goal sequent as root Rules are applied from conclusion (old goal) to premisses (new goals) Rule with no premiss closes proof branch Proof is finished when all goals are closed J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 49/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  23. Sequent Calculus Proofs Proof tree Proof is tree structure with goal sequent as root Rules are applied from conclusion (old goal) to premisses (new goals) Rule with no premiss closes proof branch Proof is finished when all goals are closed J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 49/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  24. Sequent Calculus Proofs Proof tree Proof is tree structure with goal sequent as root Rules are applied from conclusion (old goal) to premisses (new goals) Rule with no premiss closes proof branch Proof is finished when all goals are closed J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 49/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  25. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 50/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  26. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 51/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  27. Proof by Symbolic Program Execution Sequent rules for program formulas? What corresponds to top-level connective in a program? The Active Statement in a Program Sequent rules execute symbolically the active statement J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 52/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  28. Proof by Symbolic Program Execution Sequent rules for program formulas? What corresponds to top-level connective in a program? The Active Statement in a Program l:{try{ i=0; j=0; } finally{ k=0; }} Sequent rules execute symbolically the active statement J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 52/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  29. Proof by Symbolic Program Execution Sequent rules for program formulas? What corresponds to top-level connective in a program? The Active Statement in a Program l:{try{ i=0; j=0; } finally{ k=0; }} Sequent rules execute symbolically the active statement J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 52/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  30. Proof by Symbolic Program Execution Sequent rules for program formulas? What corresponds to top-level connective in a program? The Active Statement in a Program l:{try{ i=0; j=0; } finally{ k=0; }} � �� � � �� � π ω π passive prefix active statement i=0; ω rest Sequent rules execute symbolically the active statement J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 52/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  31. Proof by Symbolic Program Execution Sequent rules for program formulas? What corresponds to top-level connective in a program? The Active Statement in a Program l:{try{ i=0; j=0; } finally{ k=0; }} � �� � � �� � π ω π passive prefix active statement i=0; ω rest Sequent rules execute symbolically the active statement J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 52/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  32. Rules for Symbolic Program Execution If-then-else rule Γ , B = true = ⇒ < p ω > φ, ∆ Γ , B = false = ⇒ < q ω > φ, ∆ Γ = ⇒ <if ( B ) { p } else { q } ω > φ, ∆ Complicated statements/expressions are simplified first, e.g. Γ = ⇒ <v=y; y=y+1; x=v; ω > φ, ∆ Γ = ⇒ <x=y++; ω > φ, ∆ Simple assignment rule Γ = ⇒ { loc := val } < ω > φ, ∆ Γ = ⇒ < loc = val ; ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 53/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  33. Rules for Symbolic Program Execution If-then-else rule Γ , B = true = ⇒ < p ω > φ, ∆ Γ , B = false = ⇒ < q ω > φ, ∆ Γ = ⇒ <if ( B ) { p } else { q } ω > φ, ∆ Complicated statements/expressions are simplified first, e.g. Γ = ⇒ <v=y; y=y+1; x=v; ω > φ, ∆ Γ = ⇒ <x=y++; ω > φ, ∆ Simple assignment rule Γ = ⇒ { loc := val } < ω > φ, ∆ Γ = ⇒ < loc = val ; ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 53/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  34. Rules for Symbolic Program Execution If-then-else rule Γ , B = true = ⇒ < p ω > φ, ∆ Γ , B = false = ⇒ < q ω > φ, ∆ Γ = ⇒ <if ( B ) { p } else { q } ω > φ, ∆ Complicated statements/expressions are simplified first, e.g. Γ = ⇒ <v=y; y=y+1; x=v; ω > φ, ∆ Γ = ⇒ <x=y++; ω > φ, ∆ Simple assignment rule Γ = ⇒ { loc := val } < ω > φ, ∆ Γ = ⇒ < loc = val ; ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 53/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  35. Extending DL by Explicit State Updates Updates explicit syntactic elements in the logic Elementary Updates { loc := val } φ where (roughly) loc a program variable x , an attribute access o.attr , or an array access a [ i ] val is same as loc , or a literal, or a logical variable Parallel Updates { loc 1 := t 1 || · · · || loc n := t n } φ no dependency between the n components (but ‘right wins’ semantics) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 54/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  36. Extending DL by Explicit State Updates Updates explicit syntactic elements in the logic Elementary Updates { loc := val } φ where (roughly) loc a program variable x , an attribute access o.attr , or an array access a [ i ] val is same as loc , or a literal, or a logical variable Parallel Updates { loc 1 := t 1 || · · · || loc n := t n } φ no dependency between the n components (but ‘right wins’ semantics) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 54/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  37. Extending DL by Explicit State Updates Updates explicit syntactic elements in the logic Elementary Updates { loc := val } φ where (roughly) loc a program variable x , an attribute access o.attr , or an array access a [ i ] val is same as loc , or a literal, or a logical variable Parallel Updates { loc 1 := t 1 || · · · || loc n := t n } φ no dependency between the n components (but ‘right wins’ semantics) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 54/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  38. Why Updates? Updates are: lazily applied (i.e. substituted into postcondition) eagerly parallelised + simplified Advantages no renaming required delayed/minimized proof branching (efficient aliasing treatment) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 55/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  39. Why Updates? Updates are: lazily applied (i.e. substituted into postcondition) eagerly parallelised + simplified Advantages no renaming required delayed/minimized proof branching (efficient aliasing treatment) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 55/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  40. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  41. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  42. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  43. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  44. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  45. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  46. Symbolic Execution with Updates (by Example) x < y = ⇒ x < y . . . x < y = ⇒ { x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y || y:=x } <> y < x . . . x < y = ⇒ { t:=x || x:=y }{ y:=t } <> y < x . . . x < y = ⇒ { t:=x }{ x:=y } <y=t;> y < x . . . x < y = ⇒ { t:=x } <x=y; y=t;> y < x . . . = ⇒ x < y − > <int t=x; x=y; y=t;> y < x J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 56/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  47. Program State Representation Local program variables Modeled as non-rigid constants Heap Modeled with theory of arrays: heap : → Heap (the heap in the current state) select : Heap × Object × Field → Any store : Heap × Object × Field × Any → Heap Heap axioms (excerpt) select ( store ( h, o, f, x ) , o, f ) = x select ( store ( h, o, f, x ) , u, f ) = select ( h, u, f ) if o � = u J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 57/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  48. Program State Representation Local program variables Modeled as non-rigid constants Heap Modeled with theory of arrays: heap : → Heap (the heap in the current state) select : Heap × Object × Field → Any store : Heap × Object × Field × Any → Heap Heap axioms (excerpt) select ( store ( h, o, f, x ) , o, f ) = x select ( store ( h, o, f, x ) , u, f ) = select ( h, u, f ) if o � = u J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 57/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  49. Program State Representation Local program variables Modeled as non-rigid constants Heap Modeled with theory of arrays: heap : → Heap (the heap in the current state) select : Heap × Object × Field → Any store : Heap × Object × Field × Any → Heap Heap axioms (excerpt) select ( store ( h, o, f, x ) , o, f ) = x select ( store ( h, o, f, x ) , u, f ) = select ( h, u, f ) if o � = u J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 57/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  50. Handling Abrupt Termination Abrupt termination handled by program transformations Changing control flow = rearranging program parts Example TRY - THROW � if (exc instanceof T) � Γ = ⇒ φ, ∆ {try {e=exc; r} finally {s}} ω else {s throw exc;} Γ = ⇒ <try{throw exc; q} catch(T e){r} finally{s} ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 58/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  51. Handling Abrupt Termination Abrupt termination handled by program transformations Changing control flow = rearranging program parts Example TRY - THROW � if (exc instanceof T) � Γ = ⇒ φ, ∆ {try {e=exc; r} finally {s}} ω else {s throw exc;} Γ = ⇒ <try{throw exc; q} catch(T e){r} finally{s} ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 58/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  52. Handling Abrupt Termination Abrupt termination handled by program transformations Changing control flow = rearranging program parts Example TRY - THROW � π if (exc instanceof T) � Γ = ⇒ φ, ∆ {try {e=exc; r} finally {s}} ω else {s throw exc;} Γ = ⇒ < π try{throw exc; q} catch(T e){r} finally{s} ω > φ, ∆ J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 58/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  53. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 59/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  54. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 60/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  55. Supported Java Features method invocation with polymorphism/dynamic binding object creation and initialisation arrays abrupt termination throwing of NullPointerExceptions, etc. bounded integer data types transactions All J AVA C ARD language features are fully addressed in KeY J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 61/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  56. Supported Java Features method invocation with polymorphism/dynamic binding object creation and initialisation arrays abrupt termination throwing of NullPointerExceptions, etc. bounded integer data types transactions All J AVA C ARD language features are fully addressed in KeY J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 61/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  57. Java—A Language of Many Features Ways to deal with Java features Program transformation, up-front Local program transformation, done by a rule on-the-fly Modeling with first-order formulas Special-purpose extensions of program logic Pro: Feature needs not be handled in calculus Contra: Modified source code Example in KeY: Very rare: treating inner classes J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 62/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  58. Java—A Language of Many Features Ways to deal with Java features Program transformation, up-front Local program transformation, done by a rule on-the-fly Modeling with first-order formulas Special-purpose extensions of program logic Pro: Flexible, easy to implement, usable Contra: Not expressive enough for all features Example in KeY: Complex expression eval, method inlining, etc., etc. J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 62/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  59. Java—A Language of Many Features Ways to deal with Java features Program transformation, up-front Local program transformation, done by a rule on-the-fly Modeling with first-order formulas Special-purpose extensions of program logic Pro: No logic extensions required, enough to express most features Contra: Creates difficult first-order POs, unreadable antecedents Example in KeY: Dynamic types and branch predicates J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 62/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  60. Java—A Language of Many Features Ways to deal with Java features Program transformation, up-front Local program transformation, done by a rule on-the-fly Modeling with first-order formulas Special-purpose extensions of program logic Pro: Arbitrarily expressive extensions possible Contra: Increases complexity of all rules Example in KeY: Method frames, updates J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 62/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  61. Components of the Calculus Non-program rules 1 first-order rules rules for data-types first-order modal rules induction rules Rules for reducing/simplifying the program (symbolic execution) 2 Replace the program by case distinctions (proof branches) and sequences of updates Rules for handling loops 3 using loop invariants using induction Rules for replacing a method’s invocation by the method’s contract 4 Update simplification 5 J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 63/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  62. Components of the Calculus Non-program rules 1 first-order rules rules for data-types first-order modal rules induction rules Rules for reducing/simplifying the program (symbolic execution) 2 Replace the program by case distinctions (proof branches) and sequences of updates Rules for handling loops 3 using loop invariants using induction Rules for replacing a method’s invocation by the method’s contract 4 Update simplification 5 J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 63/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  63. Components of the Calculus Non-program rules 1 first-order rules rules for data-types first-order modal rules induction rules Rules for reducing/simplifying the program (symbolic execution) 2 Replace the program by case distinctions (proof branches) and sequences of updates Rules for handling loops 3 using loop invariants using induction Rules for replacing a method’s invocation by the method’s contract 4 Update simplification 5 J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 63/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  64. Components of the Calculus Non-program rules 1 first-order rules rules for data-types first-order modal rules induction rules Rules for reducing/simplifying the program (symbolic execution) 2 Replace the program by case distinctions (proof branches) and sequences of updates Rules for handling loops 3 using loop invariants using induction Rules for replacing a method’s invocation by the method’s contract 4 Update simplification 5 J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 63/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  65. Components of the Calculus Non-program rules 1 first-order rules rules for data-types first-order modal rules induction rules Rules for reducing/simplifying the program (symbolic execution) 2 Replace the program by case distinctions (proof branches) and sequences of updates Rules for handling loops 3 using loop invariants using induction Rules for replacing a method’s invocation by the method’s contract 4 Update simplification 5 J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 63/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  66. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 64/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  67. Part III Program Verification with Dynamic Logic J AVA C ARD DL 7 Sequent Calculus 8 Rules for Programs: Symbolic Execution 9 10 A Calculus for 100% J AVA C ARD 11 Taclets – KeY’s Rule Description Language J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 65/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  68. Taclets: KeY’s Rule Description Language Taclets ... represent sequent calculus rules in KeY use a simple text-based format are descriptive, but with operational flavor are not a tactic metalanguage J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 66/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  69. Taclet Syntax Γ , A, B = ⇒ ∆ andLeft Γ , A & B = ⇒ ∆ Taclet andLeft { \find ( A & B ==> ) \replacewith ( A, B ==>) }; Unique name Find expression: Formula (Term) to be modified Sequent arrow ==> formula must occur top level and on the corresponding side of the sequent. Goal Description: describes new sequent J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 67/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  70. Taclet Syntax Γ , A, B = ⇒ ∆ andLeft Γ , A & B = ⇒ ∆ Taclet andLeft { \find ( A & B ==> ) \replacewith ( A, B ==>) }; Unique name Find expression: Formula (Term) to be modified Sequent arrow ==> formula must occur top level and on the corresponding side of the sequent. Goal Description: describes new sequent J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 67/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  71. Taclet Syntax Γ , A, B = ⇒ ∆ andLeft Γ , A & B = ⇒ ∆ Taclet andLeft { \find ( A & B ==> ) \replacewith ( A, B ==>) }; Unique name Find expression: Formula (Term) to be modified Sequent arrow ==> formula must occur top level and on the corresponding side of the sequent. Goal Description: describes new sequent J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 67/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  72. Taclet Syntax Γ , A, B = ⇒ ∆ andLeft Γ , A & B = ⇒ ∆ Taclet andLeft { \find ( A & B ==> ) \replacewith ( A, B ==>) }; Unique name Find expression: Formula (Term) to be modified Sequent arrow ==> formula must occur top level and on the corresponding side of the sequent. Goal Description: describes new sequent J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 67/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  73. Taclet Syntax Γ , A, B = ⇒ ∆ andLeft Γ , A & B = ⇒ ∆ Taclet andLeft { \find ( A & B ==> ) \replacewith ( A, B ==>) }; Unique name Find expression: Formula (Term) to be modified Sequent arrow ==> formula must occur top level and on the corresponding side of the sequent. Goal Description: describes new sequent J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 67/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  74. Taclet Syntax Some rules are only sound in a certain context Γ , A, B = ⇒ ∆ modusPonens Γ , A, A − > B = ⇒ ∆ Taclet modusPonens { \assumes ( A ==> ) \find ( A -> B ==> ) \replacewith( B ==> ) }; J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 68/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  75. Taclet Syntax Some rules are only sound in a certain context Γ , A, B = ⇒ ∆ modusPonens Γ , A, A − > B = ⇒ ∆ Taclet modusPonens { \assumes ( A ==> ) \find ( A -> B ==> ) \replacewith( B ==> ) }; J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 68/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  76. Taclet Syntax Some rules are only sound in a certain context Γ , A, B = ⇒ ∆ modusPonens Γ , A, A − > B = ⇒ ∆ Taclet modusPonens { \assumes ( A ==> ) \find ( A -> B ==> ) \replacewith( B ==> ) }; J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 68/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  77. Taclet Syntax Proof Splitting: andRight andRight { \find ( ==> A & B ) Γ = ⇒ A, ∆ Γ = ⇒ B, ∆ \replacewith (==> A ); Γ = ⇒ A & B, ∆ \replacewith (==> B ) }; Variable Conditions: allRight allRight { \find ( ==> \forall x;phi ) Γ = ⇒ { x/c } Φ , ∆ ⇒ ∀ T x ; Φ , ∆ , c new \varcond(\ ♥❡✇ (c,\dependingOn(phi))) Γ = \replacewith ( ==> {\subst x;c}phi ) }; J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 69/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  78. Taclet Syntax Proof Splitting: andRight andRight { \find ( ==> A & B ) Γ = ⇒ A, ∆ Γ = ⇒ B, ∆ \replacewith (==> A ); Γ = ⇒ A & B, ∆ \replacewith (==> B ) }; Variable Conditions: allRight allRight { \find ( ==> \forall x;phi ) Γ = ⇒ { x/c } Φ , ∆ ⇒ ∀ T x ; Φ , ∆ , c new \varcond(\ ♥❡✇ (c,\dependingOn(phi))) Γ = \replacewith ( ==> {\subst x;c}phi ) }; J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 69/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  79. Taclets for Program Transformations � π if (exc == null) { � try{ throw new NPE(); catch(T e) {r}; Γ = ⇒ φ } else if (exc instanceof T) {e=exc; r} else throw exc; ω Γ = ⇒ < π try{throw exc; q} catch(T e){r}; ω > φ \find ( <.. tr② { t❤r♦✇ #se; #slist } ❝❛t❝❤ ( #t #v0 ) { #slist1 } ...> post ) \replacewith ( <.. ✐❢ (#se == ♥✉❧❧ ) { tr② { t❤r♦✇ ♥❡✇ NullPointerException (); } ❝❛t❝❤ (#t #v0) { #slist1 } } ❡❧s❡ ✐❢ (#se ✐♥st❛♥❝❡♦❢ #t) { #t #v0 = (#t) #se; #slist1 } ❡❧s❡ t❤r♦✇ #se; ...> post ) J AVA C ARD DL Sequent Calculus Symbolic Execution A Calculus for 100% J AVA C ARD Taclets VTSA, 24.–28.08.2015 70/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  80. Part IV Verifying Information-Flow Properties 12 Information Flow 13 Formalisation in DL 14 Objects and Information Flow Information Flow Formalisation in DL Objects and Information Flow VTSA, 24.–28.08.2015 71/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  81. Part IV Verifying Information-Flow Properties 12 Information Flow 13 Formalisation in DL 14 Objects and Information Flow Information Flow Formalisation in DL Objects and Information Flow VTSA, 24.–28.08.2015 72/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

  82. Language-based Information Security Secret and public information Partitioning of the set of program variables into variables which contain confidential information (“high variables”) – NOT observable by the attacker – variables which contain non-confidential information (“low variables”) – observable by the attacker – Informal definition of non-interference A program is secure, if the initial values of the high variables do not interfere with the final values of the low variables. Information Flow Formalisation in DL Objects and Information Flow VTSA, 24.–28.08.2015 73/102 Bernhard Beckert – Deductive Verification of Object-Oriented Software

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA,

Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA,

Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA, 24.28.08.2015 KIT I NSTITUTE FOR T HEORETICAL C OMPUTER S CIENCE www.kit.edu KIT University of the State of Baden-Wuerttemberg and National Laboratory

1.29k views • 106 slides
Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente)

Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente)

Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente) www.se.tu-darmstadt.de TU Darmstadt, Software Engineering Group Many challenges apply to AD in general Deductive Software Verification

165 views • 15 slides
CMSC 132: Object-Oriented Programming II Object-Oriented Programming Intro Department of

CMSC 132: Object-Oriented Programming II Object-Oriented Programming Intro Department of

CMSC 132: Object-Oriented Programming II Object-Oriented Programming Intro Department of Computer Science University of Maryland, College Park Object-Oriented Programming (OOP) Approach to improving software View software as a

593 views • 18 slides
Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool

Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool

Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool Reiner H ahnle (joint work with Richard Bubel and Ran Ji) Chalmers University of Technology Department of Computer Science and Engineering 10

1.11k views • 82 slides
Unified Static and Runtime Verification of Object-Oriented Software Wolfgang Ahrendt 1 , Mauricio

Unified Static and Runtime Verification of Object-Oriented Software Wolfgang Ahrendt 1 , Mauricio

Unified Static and Runtime Verification of Object-Oriented Software Wolfgang Ahrendt 1 , Mauricio Chimento 1 , Gerardo Schneider 2 , Gordon J. Pace 3 1 Chalmers University of Technology, Gothenburg, Sweden 2 University of Gothenburg, Sweden 3

449 views • 32 slides
Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Object Oriented Software Development Naufal F. Setiawan School of Computing and Information Systems University of Melbourne Workshop 2 (All images from Wikimedia Commons) Object Oriented Software

494 views • 18 slides
Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Object Oriented Software Development Naufal F. Setiawan School of Computing and Information Systems University of Melbourne Workshop 3 ( Most images from Wikimedia Commons) Object Oriented Software

438 views • 17 slides
Object-Oriented Design No SVN checkout today Software development methods Object-oriented

Object-Oriented Design No SVN checkout today Software development methods Object-oriented

Object-Oriented Design No SVN checkout today Software development methods Object-oriented design with CRC cards LayoutManagers for Java GUIs BallWorlds work time Analysis Design Software Implementation Development Testing

747 views • 30 slides
Object-Oriented Design No SVN checkout today Software development methods Object-oriented

Object-Oriented Design No SVN checkout today Software development methods Object-oriented

Object-Oriented Design No SVN checkout today Software development methods Object-oriented design with CRC cards LayoutManagers for Java GUIs BallWorlds work time Analysis Design Software Implementation Development Testing

793 views • 32 slides
Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Object Oriented Software Development Naufal F. Setiawan School of Computing and Information Systems University of Melbourne Workshop 7 Object Oriented Software Development UML Diagrams What is a UML Class

423 views • 16 slides
Object oriented Object oriented Object oriented Object oriented approach and UML approach and

Object oriented Object oriented Object oriented Object oriented approach and UML approach and

Object oriented Object oriented Object oriented Object oriented approach and UML approach and UML approach and UML approach and UML Goals The goals of this chapter are to introduce the object oriented approach to software systems

1.06k views • 92 slides
Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and

Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and

Object-Oriented Software Design (COMP 304) 7 January 2005 Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and Design Lab (MSDL) School of Computer Science, McGill University, Montr eal, Canada

279 views • 17 slides
Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Naufal F. Setiawan School of Computing and Information

Object Oriented Software Development Object Oriented Software Development Naufal F. Setiawan School of Computing and Information Systems University of Melbourne Workshop 5 Object Oriented Software Development Keywords What does it mean for a

612 views • 25 slides
Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud Toccata, Inria Saclay JCP 2016 1. A short look back 2 / 100 Introduction Software is hard. D ONALD K NUTH ... 1996: Ariane 5 explosion an

1.13k views • 100 slides
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 2:

Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 2:

Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 2: Review of Object Orientation Lecture 2 2.1 What is Object Orientation? Procedural paradigm: Software is organized around the notion of

435 views • 14 slides
Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and

Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and

Object-Oriented Software Design (COMP 304) Object-Oriented Software Design and Software Processes Hans Vangheluwe Modelling, Simulation and Design Lab (MSDL) School of Computer Science, McGill University, Montr eal, Canada Hans Vangheluwe

785 views • 42 slides
Feature-level Phase Detection for Execution Trace Using Object Cache Yui Watanabe, Takashi Ishio,

Feature-level Phase Detection for Execution Trace Using Object Cache Yui Watanabe, Takashi Ishio,

Feature-level Phase Detection for Execution Trace Using Object Cache Yui Watanabe, Takashi Ishio, Katsuro Inoue Osaka University, Japan July 21, 2008 WODA 2008 1 Software Engineering Laboratory, Department of Computer Science, Graduate School

202 views • 19 slides
1 We Will Cover Requirements specification The OO Development Process Very briefly

1 We Will Cover Requirements specification The OO Development Process Very briefly

The OO Solution The problem domain is relatively constant Object-Oriented Development Creating cards Assemble the card and get the right thing at the right place Auto pilot Get a plane from point A to point B using the

409 views • 3 slides
The Evolution of Computational Systems: Foundations of Agent Oriented Computing Multiagent

The Evolution of Computational Systems: Foundations of Agent Oriented Computing Multiagent

The Evolution of Computational Systems: Foundations of Agent Oriented Computing Multiagent Systems LS Sistemi Multiagente LS Andrea Omicini andrea.omicini@unibo.it Ingegneria Due Alma Mater Studiorum Universit` a di Bologna a Cesena

938 views • 75 slides
How do I RE object oriented code (and you should too) Milan Bohacek REcon 2014 .short bio

How do I RE object oriented code (and you should too) Milan Bohacek REcon 2014 .short bio

How do I RE object oriented code (and you should too) Milan Bohacek REcon 2014 .short bio Milan is PhD student at Charles University in Prague Part time malware analyst at avast! software IDA enthusiast without working

521 views • 17 slides
Object Design Chapter 7, Exercise 6.4 6.4 Consider a legacy, fax-based, problem-reporting system

Object Design Chapter 7, Exercise 6.4 6.4 Consider a legacy, fax-based, problem-reporting system

Object-Oriented Software Engineering Conquering Complex and Changing Systems Object Design Chapter 7, Exercise 6.4 6.4 Consider a legacy, fax-based, problem-reporting system for an aircraft manufacturer. You are part of a reengineering

659 views • 55 slides
Software Life Cycle Chapter 12, Outline Software Life Cycle Waterfall model and its

Software Life Cycle Chapter 12, Outline Software Life Cycle Waterfall model and its

Object-Oriented Software Engineering Conquering Complex and Changing Systems Software Life Cycle Chapter 12, Outline Software Life Cycle Waterfall model and its problems Pure Waterfall Model V-Model Sawtooth Model

595 views • 47 slides
Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Introduction Specification of the Java Flight Manager Runtime Assertion Checking and Verification Conclusions Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus Wonnemann Formal Specification and

708 views • 54 slides
CS302 Topic: Intro. to Object Oriented Pgmg. Tuesday, Sept. 6, 2005 Announcements Lab 1

CS302 Topic: Intro. to Object Oriented Pgmg. Tuesday, Sept. 6, 2005 Announcements Lab 1

CS302 Topic: Intro. to Object Oriented Pgmg. Tuesday, Sept. 6, 2005 Announcements Lab 1 due this Friday Lab 2 is now available (online) (due Friday, Sept. 16) Uses red-black trees Still in C Dont procrastinate!!!

770 views • 54 slides

More recommend