getting software right with properties getting software
play

GETTING SOFTWARE RIGHT WITH PROPERTIES, GETTING SOFTWARE RIGHT WITH - PowerPoint PPT Presentation

Apr 07, 2023 •32 likes •622 views

GETTING SOFTWARE RIGHT WITH PROPERTIES, GETTING SOFTWARE RIGHT WITH PROPERTIES, GENERATED TESTS, AND PROOFS GENERATED TESTS, AND PROOFS Evolve your hack into robust software Michael Sperber Active Group GmbH @sperbsen / 1 . 1 BERLIN,

  1. GETTING SOFTWARE RIGHT WITH PROPERTIES, GETTING SOFTWARE RIGHT WITH PROPERTIES, GENERATED TESTS, AND PROOFS GENERATED TESTS, AND PROOFS Evolve your hack into robust software Michael Sperber Active Group GmbH @sperbsen / 1 . 1

  2. BERLIN, FEBRUARY 28 BERLIN, FEBRUARY 28 https://bobkonf.de/ / 2 . 1

  3. INTRODUCTORY TALK! INTRODUCTORY TALK! / 3 . 1

  4. ANIMALS ON THE TEXAS HIGHWAY ANIMALS ON THE TEXAS HIGHWAY data Liveness = Dead | Alive Weight : Type Weight = Int data Animal : Type where Dillo : Liveness -> Weight -> Animal Parrot : String -> Weight -> Animal a1 : Animal a1 = Dillo Alive 10 a2 : Animal a2 = Dillo Dead 12 a3 : Animal a3 = Parrot "The treasure is on treasure island!" 3 runOverAnimal : Animal -> Animal runOverAnimal (Dillo liveness weight) = Dillo Dead weight runOverAnimal (Parrot sentence weight) = Parrot "" weight / 4 . 1

  5. DOMAIN MODELS GROW DOMAIN MODELS GROW / 5 . 1

  6. DOMAIN MODELS GROW DOMAIN MODELS GROW / 6 . 1

  7. WHAT'S THIS? WHAT'S THIS? ( a + b ) + c = a + ( b + c ) / 7 . 1

  8. NUMBERS AND ADDITION NUMBERS AND ADDITION ∀ a , b , c ∈ N : ( a + b ) + c = a + ( b + c ) / 8 . 1

  9. LISTS AND CONCATENATION LISTS AND CONCATENATION ∀ a , b , c ∈ List el : a ++ ( b ++ c ) = ( a ++ b ) ++ c / 9 . 1

  10. IMAGES IMAGES (source: Brent Yorgey ) / 10 . 1

  11. IMAGES IMAGES data Image = ... / 11 . 1

  12. STAR STAR star : Int -> Mode -> Color -> Image goldStar : Image goldStar = star 200 Solid Gold / 12 . 1

  13. POLYGON POLYGON polygon : Int -> Int -> Mode -> Color -> Image pentagon : Image pentagon = polygon 180 5 Outline Red / 13 . 1

  14. BESIDE BESIDE beside : Image -> Image -> Image beside goldStar pentagon / 14 . 1

  15. ABOVE ABOVE above : Image -> Image -> Image above goldStar pentagon / 15 . 1

  16. COMBINATION COMBINATION above (beside goldStar pentagon) (beside pentagon goldStar) / 16 . 1

  17. OVERLAY OVERLAY overlay : Image -> Image -> Image overlay goldStar pentagon / 17 . 1

  18. ASSOCIATIVITY FOR IMAGES ASSOCIATIVITY FOR IMAGES ∀ a , b , c ∈ Image : overlay ( overlay a b ) c ) = overlay a ( overlay b c ) / 18 . 1

  19. SEMIGROUP SEMIGROUP set S ∘ : S → S → S ∀ a , b , c ∈ S : ( a ∘ b ) ∘ c = a ∘ ( b ∘ c ) / 19 . 1

  20. PARENTHESES DON'T MATTER PARENTHESES DON'T MATTER ( a ∘ ( b ∘ ( c ∘ d ))) ∘ ( e ∘ f ) = a ∘ b ∘ c ∘ d ∘ e ∘ f / 20 . 1

  21. DISTRIBUTED COMPUTATION DISTRIBUTED COMPUTATION / 21 . 1

  22. DESIGN DESIGN B. Yorgey: Monoids: Theme and Variations / 22 . 1

  23. MONOID MONOID Semigroup and … n ∈ S ∀ a ∈ S : a ∘ n = n ∘ a = a / 23 . 1

  24. MONOIDS IN THE WILD MONOIDS IN THE WILD numbers lists images music animations �nancial contracts semiconductor-fabrication routes properties pretty printers … / 24 . 1

  25. BOUNDING BOX PROBLEM BOUNDING BOX PROBLEM / 25 . 1

  26. ENVELOPES ENVELOPES / 26 . 1

  27. COMPOSING WITH ENVELOPES COMPOSING WITH ENVELOPES / 27 . 1

  28. COMPOSING ENVELOPES COMPOSING ENVELOPES / 28 . 1

  29. ASSOCIATIVITY ASSOCIATIVITY ∀ image1 , image2 , image3 ∈ Image . overlay (overlay image1 image2) image3 == overlay image1 (overlay image2 image3) / 29 . 1

  30. ASSOCIATIVITY ASSOCIATIVITY prop_overlayAssociative = forAll (arbTriple arbImage arbImage arbImage) (\ image1 image2 image3 => overlay (overlay image1 image2) image3 == overlay image1 (overlay image2 image3)) / 30 . 1

  31. QUICKCHECK QUICKCHECK John Hughes https://www.chalmers.se/ / 31 . 1

  32. INTERVAL SETS INTERVAL SETS ISet : Type ISet = List (Nat, Nat) iToList : ISet -> List Nat λΠ > iToList [(0, 3), (5, 7), (9, 10)] [0, 1, 2, 3, 5, 6, 7, 9, 10] : List Nat / 32 . 1

  33. VALIDITY VALIDITY isValid : ISet -> Bool isValid [] = True isValid [(lo, hi)] = lo <= hi isValid ((lo1, hi1) :: (lo2, hi2) :: rest) = (lo1 <= hi1) && (hi1+1 < lo2) && isValid ((lo2, hi2)::rest) / 33 . 1

  34. UNION UNION iUnion : ISet -> ISet -> ISet / 34 . 1

  35. SIMPLE CRITERION SIMPLE CRITERION prop_unionValid = forAll (arbPair arbISet arbISet) (\ (iset1, iset2) => isValid (iUnion iset1 iset2)) / 35 . 1

  36. TEST TEST prop_unionCorrect = forAll (arbPair arbISet arbISet) (\ (iset1, iset2) => iToList (iUnion iset1 iset2) == merge2 (iToList iset1) (iToList iset2)) / 36 . 1

  37. XMONAD XMONAD / 37 . 1

  38. XMONAD XMONAD record StackSet (window : Type) constructor StackSet current : Int stacks : Map Int (List window) (source: Don Stewart) / 38 . 1

  39. OPERATIONS OPERATIONS empty : Nat -> StackSet window view : Nat -> StackSet window -> StackSet window peek : StackSet window -> Maybe window rotate : Ordering -> StackSet window -> StackSet window push : window -> StackSet window -> StackSet window insert : window -> Nat -> StackSet window -> StackSet window delete : window -> StackSet window -> StackSet window shift : Nat -> StackSet window -> StackSet window / 39 . 1

  40. INVARIANT INVARIANT invariant : StackSet window -> Bool invariant stackSet = let windows = windowList stackSet in (current stackSet < Map.size (stacks stackSet)) && (removeDuplicates windows == windows) / 40 . 1

  41. INVARIANT INVARIANT prop_empty_I = forAll (arbPair arbNat) (\ stackIndex => invariant (empty stackIndex)) prop_view_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => invariant (view stackIndex stackSet)) prop_rotate_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => invariant (rotate stackIndex stackSet)) prop_push_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => invariant (push stackIndex stackSet) prop_delete_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => invariant (delete stackIndex stackSet) prop_shift_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => stackIndex < size stackSet ==> invariant (shift stackIndex stackSet) prop_insert_I = forAll (arbPair arbNat arbStackSet) (\ (stackIndex, stackSet) => window < size stackSet ==> invariant (insert stackIndex window stackSet) / 41 . 1

  42. MIGRATING FROM VISUAL BASIC MIGRATING FROM VISUAL BASIC Public Shared Function CheckHash(Password As String, Hash As String) As Boolean Public Shared Function HashPassword(Password As String) As String / 42 . 1

  43. PROPERTY PROPERTY prop_passwordCorrect = forAll arbString (\ password => compareWithHash password (createUnsaltedPseudoHash password)) / 43 . 1

  44. SURPRISE SURPRISE prop_passwordCorrectReally = forAll arbString (\ password => compareWithHash password (restrictTo11Chars (createUnsaltedPseudoHash password))) / 44 . 1

  45. SYNCHRONIZATION SYNCHRONIZATION / 45 . 1

  46. SYNCHRONIZATION PROPERTY SYNCHRONIZATION PROPERTY forAll (arbPair (arbSet arbBlock) (arbSet arbBlock)) (\ (bs1, bs2) => let all = Set.union bs1 bs2 (bs1', bs2') = synchronize (Set.toList bs1) (Set.toList bs2) in (Set.union bs1 bs1' == all) && (Set.union bs2 bs2' == all) && (Set.isEmpty (Set.intersect bs1 bs1')) && (Set.isEmpty (Set.intersect bs2 bs2')) / 46 . 1

  47. MNESIA MNESIA Prefix: open_file(dets_table ,[{type,bag}]) --> dets_table close(dets_table) --> ok open_file(dets_table ,[{type,bag}]) --> dets_table Parallel: 1. lookup(dets_table ,0) --> [] 2. insert(dets_table ,{0,0}) 3. insert(dets_table ,{0,0}) Result: ok J. Hughes: Experiences with QuickCheck: Testing the Hard Stuff and Staying Sane / 47 . 1

  48. DROPBOX DROPBOX J. Hughes et al.: Mysteries of Dropbox / 48 . 1

  49. SCREENCAST EDITOR SCREENCAST EDITOR 1. Timeline �attening 2. Video scene classi�cation 3. Focus and timeline consistency 4. Symmetry of undo/redo O. Wikstrom: Property-Based Testing in a Screencast Editor / 49 . 1

  50. PROOFS PROOFS ( ++ ) : List a -> List a -> List a ( ++ ) [] right = right ( ++ ) (x::xs) right = x :: (xs ++ right) appendAssoc : (a : List el) -> (b : List el) -> (c : List el) -> a ++ (b ++ c) = (a ++ b) ++ c / 50 . 1

  51. SEL4 SEL4 microkernel security enclave on iOS, among others no buffer over�ows no null-pointer exceptions no use-after-free integrity con�dentiality written in C veri�ed with Haskell, Isabelle/HOL / 51 . 1

  52. COMPCERT COMPCERT C compiler veri�ed with Coq output of register allocator checked by veri�ed code / 52 . 1

  53. TOOLS TOOLS Isabelle/HOL Coq Agda Idris ATS ACL2 / 53 . 1

  54. USEFUL PROPERTIES USEFUL PROPERTIES commutativity a ∘ b = b ∘ a re�exivity a ∷ a symmetry a ∷ b ⇒ b ∷ a antisymmetry a ∷ b , b ∷ a ⇒ a = b transitivity a ∷ b , b ∷ c ⇒ a ∷ c / 54 . 1

  55. FANCY PROPERTIES FANCY PROPERTIES interface Functor (f : Type -> Type) where map : (func : a -> b) -> f a -> f b / 55 . 1

  56. FUNCTOR LAWS FUNCTOR LAWS interface Functor f => VerifiedFunctor (f : Type -> Type) where functorIdentity : {a : Type} -> (g : a -> a) -> ((v : a) -> g v = v) -> (x : f a) -> map g x = x functorComposition : {a : Type} -> {b : Type} -> (x : f a) -> (g1 : a -> b) -> (g2 : b -> c) -> map (g2 . g1) x = (map g2 . map g1) x / 56 . 1

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 QUALITY CONTROL QUALITY ASSURANCE Controlling the software development process

1 QUALITY CONTROL QUALITY ASSURANCE Controlling the software development process

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and Objective quality component: properties that can certification be measured or approximated objectively

228 views • 7 slides
SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and certification Objective quality component: properties that can be Jyrki Nummenmaa University of Tampere, CS

438 views • 5 slides
Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How

Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How

Software Architecture Jay Urbain, Ph.D. urbain@msoe.edu 1 Software Architecture (SA) 1. SA: How a software system is structured. Consists of software components , their external properties , and their relationships with one another. 2. Also

263 views • 24 slides
CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and Design 8 January 2019 OSU CSE 1 Restated Learning Outcomes Theme 1: software engineering concepts Be familiar with sound software engineering

535 views • 17 slides
1 QUALITY ASSURANCE - PROCESS QUALITY METRICS PREREQUISITES Top management commitment

1 QUALITY ASSURANCE - PROCESS QUALITY METRICS PREREQUISITES Top management commitment

SOFTWARE ENGINEERING SOFTWARE QUALITY - SOFTWARE QUALITY QUALITY COMPONENTS Today we talk about software process quality and Objective quality component: properties that can certification be measured or approximated objectively

237 views • 5 slides
Lecture 2: Software Metrics Excursion: Scales Deadlines and Costs Some

Lecture 2: Software Metrics Excursion: Scales Deadlines and Costs Some

Topic Area Project Management: Content Content Software Metrics Survey : Expectations on the Course VL 2 Properties of Metrics Software Metrics Softwaretechnik / Software-Engineering Scales . . Motivation .

106 views • 9 slides
Presentation Software Presentation Software Presentation Software Presentation Software An

Presentation Software Presentation Software Presentation Software Presentation Software An

Presentation Software Presentation Software Presentation Software Presentation Software An introduction to creating electronic presentations using Microsoft PowerPoint 2010 ABT COLLABORATIVE BCCAMPUS Except for third party materials and

1.7k views • 94 slides
ARM Software Suite Powered by GDM Why use ARM Software? ARM is the software solution to plan,

ARM Software Suite Powered by GDM Why use ARM Software? ARM is the software solution to plan,

ARM Software Suite Powered by GDM Why use ARM Software? ARM is the software solution to plan, create, manage, analyze and report agricultural experiments 2 ARM Software Overview Why use ARM Software? ARM provides: Resulting benefits

542 views • 9 slides
KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we

KAI Software YOUR IDEA.OUR SOFTWARE. Overview KAI SOFTWARE INC was founded in 1994 and today we create new software development solutions for projects with sizable data requirements. Having a background in mining industry, KAI Software have

267 views • 26 slides
CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and

CSE 2221 Software I: Software Components and CSE 2231 Software II: Software Development and Design 7 January 2020 OSU CSE 1 Welcome to CSE 2231! Class attendance is required . You will be allowed 4 lecture absences and 4 lab

863 views • 7 slides
Introducing Software Software Applications A.Y. 2020/2021 What is software? What is software?

Introducing Software Software Applications A.Y. 2020/2021 What is software? What is software?

Introducing Software Software Applications A.Y. 2020/2021 What is software? What is software? - Nave answer: anything that is not hardware - A collection of data or computer instructions that tell the computer how to work, in contrast to

1.72k views • 32 slides
B U Y I N G Q U A L .. I T Y SOFTWARE by HENRY OLDERS presented at SOFTWARE '77 -~ B U Y I

B U Y I N G Q U A L .. I T Y SOFTWARE by HENRY OLDERS presented at SOFTWARE '77 -~ B U Y I

B U Y I N G Q U A L .. I T Y SOFTWARE by HENRY OLDERS presented at SOFTWARE '77 -~ B U Y I N G QUALITY SOFTWARE The author describes his experiences in purchasing applications software for real time process control systems.

641 views • 4 slides
Software Engineering Topics Computer science v. software engineering Definition of

Software Engineering Topics Computer science v. software engineering Definition of

Software Engineering Topics Computer science v. software engineering Definition of software engineering Types of software The nature of software Software history and the software crisis Software quality Elements of

818 views • 67 slides
ClickPoint Software Lead Management Software ClickPoint Software Confidential ClickPoint

ClickPoint Software Lead Management Software ClickPoint Software Confidential ClickPoint

ClickPoint Software Lead Management Software ClickPoint Software Confidential ClickPoint Software was created because there was no software that was easy to implement for managing and distributing leads and phone calls. The process was

225 views • 11 slides
Software NFs The good: The fmexibility of software The software development cycle The bad: The

Software NFs The good: The fmexibility of software The software development cycle The bad: The

Automated Synthesis of Adversarial Workloads for Network Functions Luis Pedrosa, Rishabh Iyer, Arseniy Zaostrovnykh, Jonas Fietz, Katerina Argyraki N etwork A rchitecture L aboratory Software NFs The good: The fmexibility of software The

710 views • 54 slides
CSEP504: Advanced topics in software systems Software architecture: design-based Formal

CSEP504: Advanced topics in software systems Software architecture: design-based Formal

CSEP504: Advanced topics in software systems Software architecture: design-based Formal reasoning about properties Static vs. dynamic architectures Software architecture: property-based Autonomic systems Relationship to

1.46k views • 79 slides
MongoDB and Java 8 Agenda Java8 Main Features MongoDB + Java8 Few Examples RX Driver 3 Java

MongoDB and Java 8 Agenda Java8 Main Features MongoDB + Java8 Few Examples RX Driver 3 Java

MongoDB and Java 8 Agenda Java8 Main Features MongoDB + Java8 Few Examples RX Driver 3 Java 8 MongoDB Java Driver is JAVA6+ Complaint Java 8 Features and Improvements Lambda Expressions New Date API Stream API Type

738 views • 72 slides
Requirements &amp; Promises of Functions Advertised Requirements (Pre-Condition)

Requirements &amp; Promises of Functions Advertised Requirements (Pre-Condition)

11. Inheritance: Proper Inheritance, Multiple Inheritance Public Inheritance should model is-a B publicly inherits ( is-a ) from A This means: every object of type B is also an object A of type A anything that is true of

237 views • 9 slides
Using Parrot to access CVMFS repositories Ben Tovar University of Notre Dame btovar@nd.edu

Using Parrot to access CVMFS repositories Ben Tovar University of Notre Dame btovar@nd.edu

Using Parrot to access CVMFS repositories Ben Tovar University of Notre Dame btovar@nd.edu Who we are Scientist says: &quot;This example runs on my laptop, but I need much more for the real application. It would be great if we can run

948 views • 25 slides
Parrot Allison Randal The Perl Foundation &amp; O'Reilly Media, Inc. There's an odd

Parrot Allison Randal The Perl Foundation &amp; O'Reilly Media, Inc. There's an odd

Parrot Allison Randal The Perl Foundation &amp; O'Reilly Media, Inc. There's an odd misconception in the computing world that writing compilers is hard. This view is fueled by the fact that we don't write compilers very often. People used to

834 views • 59 slides
CS 240: Operating System Foundations of Computer Instruction Set Architecture Systems

CS 240: Operating System Foundations of Computer Instruction Set Architecture Systems

Program, Application Programming Language Welcome to Compiler/Interpreter CS 240: Operating System Foundations of Computer Instruction Set Architecture Systems Microarchitecture Digital Logic Devices (transistors, etc.) Solid-State

798 views • 35 slides
Emerging Languages Ola Bini computational metalinguist ola.bini@gmail.com

Emerging Languages Ola Bini computational metalinguist ola.bini@gmail.com

Emerging Languages Ola Bini computational metalinguist ola.bini@gmail.com http://olabini.com/blog torsdag, 2009 november 19 Emerging languages Is Java or C# the best language for all tasks? Obviously not! Older ones Ruby, JavaScript,

399 views • 12 slides
Debian Derivatives P r e s e n t a t i o n / B o F D e b C o n f 1 6 , C

Debian Derivatives P r e s e n t a t i o n / B o F D e b C o n f 1 6 , C

Debian Derivatives P r e s e n t a t i o n / B o F D e b C o n f 1 6 , C a p e T o w n Debian Derivatives Hctor Orn Martnez &lt;hector.oron@collabora.co.uk&gt; &lt;zumbi@debian.org&gt; Works for Collabora

511 views • 15 slides
A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati

A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati

A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati marco@stronati.org joint work with K. Chatzikokolakis and C. Palamidessi marco@stronati.org (PETS14) Predictive Mechanism July 2014 1 / 18 Location Based

312 views • 30 slides

More recommend