Formal methods What are they? Uses Tools Application to software development
|
|
- Sherilyn Lindsey
- 5 years ago
- Views:
Transcription
1 FormalMethods Page 1 Formal methods introduction 9:26 PM Formal methods What are they? Uses Tools Application to software development
2 FormalMethods Page 2 What are formal methods? 9:49 PM Do you have any idea?
3 FormalMethods Page 3 FM overview 9:53 PM Generally, what we mean by FM is applying mathematical rigor to the specification and verification of software. (Maybe also hardware?) But isn't that what engineering does in the normal course of component and system design and implementation? Digital logic and Boolean algebra Electric circuits and differential equations (Laplace) Structures and structural analysis?? Why do we do that? Is there something different about software engineering, or should we think this is normal, too?
4 FormalMethods Page 4 Better specification and verification? Tuesday, March 04, :03 PM Do we really need it? RISKS archive RISKS list Software problem at Heathrow LA School District payroll system Therac 25 London Ambulance Service Ariane 5 Lots more...
5 FormalMethods Page 5 Therac-25 Thursday, March 06, :27 PM Let's look at a little more detail regarding one famous software failure, the Therac-25 radiation therapy machine. This failure was the subject of a 1993 IEEE Computer article by Nancy Leveson and Clark Turner. A summary of the story was made an appendix of a later book by Leveson, who was then at the University of Washington and is now at the Massachusetts Institute of Technology. This version is available on the web: The following figures come from Leveson's description.
6 FormalMethods Page 6 Therac-25 (continued) Thursday, March 06, :56 PM A mismatch of "mode" components and settings could result in the patient receiving lethal radiation doses. A number of software design and user interface errors allowed these dangerous configurations to occur. Eleven Therac-25 machines were installed and six accidents occurred between 1985 and 1987.
7 FormalMethods Page 7 Six patients were massively overdosed In one case a patient received one or two doses of to rad The normal therapeutic dose was about 200 rad One breast had to be removed Her shoulder and arm were paralyzed At least three patients died
8 FormalMethods Page 8 Therac-25 (continued) Thursday, March 06, :08 PM Leveson reported several causal factors. Overconfidence in software Confusing reliability with safety Lack of defensive design Failure to eliminate root causes Unrealistic risk assessments Inadequate investigations and followup She specifically identified a number of software engineering practices that were not followed. Timely and complete specifications Rigorous SQA practices and standards Simple designs, avoiding dangerous coding practices Designed-in audit trails and error detection Extensive testing and formal analysis Careful design of displays and interfaces Although the Therac-25 case was 20 years ago, and the report's language is a little dated, you will find that similar problems still exist.
9 FormalMethods Page 9 FM uses 10:11 PM Suppose we knew how to use formal methods for specification and verification. How would we apply them? Requirements Requirements modeling Analysis (consistency, completeness) Design Formal design model Demonstrate consistency of requirements and design Implementation Prove that implementation (code) correctly follows design and/or requirements Program generation from specification Verification Specifications, as noted above (consistency, completeness) Runtime checking (code vs spec) Specification-guided static analysis Test-case generation
10 FormalMethods Page 10 Notation examples: Z ("zed") 10:22 PM
11 FormalMethods Page 11 Notation examples: Java Modeling Language (JML) 10:25 PM public requires size() > assignable ensures \result!= public requires size() < assignable signals_only public Integer getfirst() throws NoSuchElementException { Integer retval = null; if (list.length > 0) { retval = list[0]; } } else { throw new NoSuchElementException ("getfirst on empty list"); } return retval; JML is often used to implement "design by contract" (DBC) Invariants (predicates that must always be true) Preconditions (must be satisfied on method entry) Postconditions (should be true on method return) Case handling Normal return Exceptional (throwing exception)
12 FormalMethods Page 12 Tools 10:30 PM Types of tools Editors and syntax checkers Theorem provers Model checkers Runtime assertion checkers (RAC) Assertions added by specification "compiler" Extended static analysis (ESC)
13 FormalMethods Page 13 JML RAC 10:39 PM
14 FormalMethods Page 14 JML/JUnit unit test generation 10:41 PM Unit testing How do you use JUnit? What is the hard part? JML/JUnit testing Interesting philosophical approach! Automatically generates a JUnit test case framework from the JML specifications in source Java code Tests all constructors and methods of all classes Generates parameter values from factories that use defined strategies (think Design Patterns!) In the simplest case, only one set of possible test values for each distinct type (e.g., String, ProfData) Runs all tests with one of three outcomes i. Test data satisfies the method precondition and the result of the operation satisfies the postcondition (Good) ii. Test data satisfies the method precondition and the result of the operation does NOT satisfy the postcondition (Failure -- likely defect) iii. Test data does not satisfy the method precondition -- JML Precondition exception thrown (No problem -- code was not expected to work in this case) Bottom line Throws all available data at the system under test Disregards the data combinations that don't satisfy preconditions Automatically checks implementation against specification for all valid test cases generated Details You have to provide factory strategies for some data types (typically including your own classes) Can tailor specific test data sets as desired Can add completely new tests to the suite as needed
15 FormalMethods Page 15 Java/ESC2 (ESC4) 10:43 PM
16 FormalMethods Page 16 Issues 10:55 PM FM issues Tool maturity and support Z and Z/EVES JML: JML2, JML4 Education and training Academic On the job Research and industry practice Bridging the divide (value of application) Industry awareness and knowledge Critical applications (e.g., Praxis and aerospace)
17 FormalMethods Page 17 Questions and comments? 10:47 PM
Formale Entwicklung objektorientierter Software
Formale Entwicklung objektorientierter Software Praktikum im Wintersemester 2008/2009 Prof. P. H. Schmitt Christian Engel, Benjamin Weiß Institut für Theoretische Informatik Universität Karlsruhe 5. November
More informationJava Modelling Language (JML) References
Java Modelling Language (JML) References G. T. Leavens and Y. Cheon. Design by Contract with JML, August 2005. L. Burdy, Y. Cheon, D. Cok, M. Ernst, J. Kiniry, G. T. Leavens, K. R. M. Leino, and E. Poll.
More informationAdvances in Programming Languages
T O Y H Advances in Programming Languages APL4: JML The Java Modeling Language David Aspinall (slides originally by Ian Stark) School of Informatics The University of Edinburgh Thursday 21 January 2010
More informationUnit 1: Introduction
Unit 1: Introduction Course: M225 Software Engineering Lecturer: email: Alessandra Russo ar3@doc.ic.ac.uk office hours: available in my office (room 560) between 1:30-3:30pm on Tuesday. Duration: 12 lectures
More informationThe Java Modeling Language JML
The Java Modeling Language JML Néstor Cataño ncatano@puj.edu.co Faculty of Engineering Pontificia Universidad Javeriana The Java Modelling Language JML p.1/47 Lecture Plan 1. An Introduction to JML 2.
More informationFormal Methods for Java
Formal Methods for Java Lecture 6: Introduction to JML Jochen Hoenicke Software Engineering Albert-Ludwigs-University Freiburg May 15, 2017 Jochen Hoenicke (Software Engineering) Formal Methods for Java
More informationProgramming with Contracts. Juan Pablo Galeotti, Alessandra Gorla Saarland University, Germany
Programming with Contracts Juan Pablo Galeotti, Alessandra Gorla Saarland University, Germany Contract A (formal) agreement between Method M (callee) Callers of M Rights Responsabilities Rights Responsabilities
More informationJava Modeling Language (JML)
CIS 771: Software Specifications Introduction to JML Java Modeling Language (JML) A behavioral interface specification language for Java supporting design-by-contract (DBC)... invented by Gary T. Leavens
More informationJML tool-supported specification for Java Erik Poll Radboud University Nijmegen
JML tool-supported specification for Java Erik Poll Radboud University Nijmegen Erik Poll - JML p.1/41 Overview The specification language JML Tools for JML, in particular runtime assertion checking using
More informationJML. Java Modeling Language
JML Java Modeling Language Overview About the JML Project DBC Design By Contract JML concepts, examples, syntax and capabilities Basics Exceptions Invariants Assertions Quantifiers Other keywords JML hiding
More informationStatic program checking and verification
Chair of Software Engineering Software Engineering Prof. Dr. Bertrand Meyer March 2007 June 2007 Slides: Based on KSE06 With kind permission of Peter Müller Static program checking and verification Correctness
More informationProgram Verification (6EC version only)
Program Verification (6EC version only) Erik Poll Digital Security Radboud University Nijmegen Overview Program Verification using Verification Condition Generators JML a formal specification language
More informationOverview The Java Modeling Language (Part 1) Related Work
Overview The Java Modeling Language (Part 1) Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at
More informationFormal Methods of Software Design, Eric Hehner, segment 1 page 1 out of 5
Formal Methods of Software Design, Eric Hehner, segment 1 page 1 out of 5 [talking head] Formal Methods of Software Engineering means the use of mathematics as an aid to writing programs. Before we can
More informationThe Java Modeling Language (Part 1)
The Java Modeling Language (Part 1) Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at
More informationProgram Verification. Aarti Gupta
Program Verification Aarti Gupta 1 Agenda Famous bugs Common bugs Testing (from lecture 6) Reasoning about programs Techniques for program verification 2 Famous Bugs The first bug: A moth in a relay (1945)
More informationThe JML Tool. Faculty of Engineering Pontificia Universidad Javeriana. The JML Tool p.1/23
The JML Tool Néstor Cataño ncatano@puj.edu.co Faculty of Engineering Pontificia Universidad Javeriana The JML Tool p.1/23 Tools for JML 1. Parsing and type-checking 2. Checking assertions at runtime 3.
More informationFormal Specification and Verification
Formal Specification and Verification Proof Obligations Bernhard Beckert Based on a lecture by Wolfgang Ahrendt and Reiner Hähnle at Chalmers University, Göteborg Formal Specification and Verification:
More informationAdvances in Programming Languages
O T Y H Advances in Programming Languages APL8: ESC/Java2 David Aspinall (including slides by Ian Stark and material adapted from ESC/Java2 tutorial by David Cok, Joe Kiniry and Erik Poll) School of Informatics
More informationJava Modelling Language (JML) References
Java Modelling Language (JML) References www.jmlspecs.org G. T. Leavens and Y. Cheon, Design by Contract with JML, August 2005. C. Marché, C. Paulin-Mohring, and X. Urbain, The Krakatoa Tool for Cerification
More informationReasoning about programs
Reasoning about programs Last time Coming up This Thursday, Nov 30: 4 th in-class exercise sign up for group on moodle bring laptop to class Final projects: final project presentations: Tue Dec 12, in
More informationLast time. Reasoning about programs. Coming up. Project Final Presentations. This Thursday, Nov 30: 4 th in-class exercise
Last time Reasoning about programs Coming up This Thursday, Nov 30: 4 th in-class exercise sign up for group on moodle bring laptop to class Final projects: final project presentations: Tue Dec 12, in
More informationThe Java Modeling Language (Part 2)
The Java Modeling Language (Part 2) Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.jku.at
More informationAdvanced JML Erik Poll Radboud University Nijmegen
JML p.1/23 Advanced JML Erik Poll Radboud University Nijmegen JML p.2/23 Core JML Remember the core JML keywords were requires ensures signals invariant non null pure \old, \forall, \result JML p.3/23
More informationWriting better code Loop invariants Correctness. John Edgar 2
Writing better code Loop invariants Correctness John Edgar 2 Not all code is equal Correct and reliable code is one of our goals Is a new car correct or reliable? Other characteristics of good code Affordable
More informationSoftware Testing Lecture 1. Justin Pearson
Software Testing Lecture 1 Justin Pearson 2017 1 / 50 Four Questions Does my software work? 2 / 50 Four Questions Does my software work? Does my software meet its specification? 3 / 50 Four Questions Does
More informationLecture 10 Design by Contract
CS 5959 Writing Solid Code Fall 2015 Nov-23 Lecture 10 Design by Contract Zvonimir Rakamarić University of Utah Design by Contract Also called assume-guarantee reasoning Developers annotate software components
More informationCITS5501 Software Testing and Quality Assurance Formal methods
CITS5501 Software Testing and Quality Assurance Formal methods Unit coordinator: Arran Stewart May 1, 2018 1 / 49 Sources Pressman, R., Software Engineering: A Practitioner s Approach, McGraw-Hill, 2005
More informationSoftware Testing Prof. Meenakshi D Souza Department of Computer Science and Engineering International Institute of Information Technology, Bangalore
Software Testing Prof. Meenakshi D Souza Department of Computer Science and Engineering International Institute of Information Technology, Bangalore Lecture 04 Software Test Automation: JUnit as an example
More informationESC/Java2 extended static checking for Java Erik Poll Radboud University Nijmegen
ESC/Java2 extended static checking for Java Erik Poll Radboud University Nijmegen Erik Poll - JML p.1/19 Extended static checker for Java ESC/Java by Rustan Leino et.al. Extension ESC/Java2 by David Cok
More informationPart II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs?
Part II. Hoare Logic and Program Verification Part II. Hoare Logic and Program Verification Dilian Gurov Props: Models: Specs: Method: Tool: safety of data manipulation source code logic assertions Hoare
More informationJML Class Specifications The Java Modeling Language (Part 2) A Java Class
JML Class Specifications The Java Modeling Language (Part 2) Wolfgang Schreiner Wolfgang.Schreiner@risc.jku.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria
More informationESC/Java 2. Checker for Java 2. Extended. Static. B y K ats man Andrey S oftware E ngineering S em inar
ESC/Java 2 Extended Static Checker for Java 2 B y K ats man Andrey S oftware E ngineering S em inar 2 0 0 8 Background ESC/Java - Original development by Compaq Systems Research Center (1997) as a successor
More informationIntroduction to JML David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen
Introduction to JML David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen David Cok, Joe Kiniry & Erik Poll - ESC/Java2 & JML Tutorial p.1/30
More informationAssertions & Design-by-Contract using JML Erik Poll University of Nijmegen
Assertions & Design-by-Contract using JML Erik Poll University of Nijmegen Erik Poll - JML p.1/39 Overview Assertions Design-by-Contract for Java using JML Contracts and Inheritance Tools for JML Demo
More informationAssertions, pre/postconditions
Programming as a contract Assertions, pre/postconditions Assertions: Section 4.2 in Savitch (p. 239) Specifying what each method does q Specify it in a comment before method's header Precondition q What
More informationDiscussion of Design Alternatives for JML Java 5 Annotations
Discussion of Design Alternatives for JML Java 5 Annotations Kristina P. Boysen and Gary T. Leavens January 9, 2008 Abstract The Java Modeling Language (JML) is a specification language for Java that allows
More informationChapter 3. Describing Syntax and Semantics
Chapter 3 Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings of Programs:
More informationChapter 3 (part 3) Describing Syntax and Semantics
Chapter 3 (part 3) Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings
More informationTesting Library Specifications by Verifying Conformance Tests
Testing Library Specifications by Verifying Conformance Tests Joseph R. Kiniry, Daniel M. Zimmerman, Ralph Hyland ITU Copenhagen, UW Tacoma, UCD Dublin 6th International Conference on Tests & Proofs Prague,
More informationParallel Programming with OpenMP
Parallel Programming with OpenMP Parallel programming for the shared memory model Christopher Schollar Andrew Potgieter 3 July 2013 DEPARTMENT OF COMPUTER SCIENCE Roadmap for this course Introduction OpenMP
More informationMSO Lecture Design by Contract"
1 MSO Lecture Design by Contract" Wouter Swierstra (adapted by HP, AL) October 8, 2018 2 MSO SO FAR Recap Abstract Classes UP & Requirements Analysis & UML OO & GRASP principles Design Patterns (Facade,
More informationSemantics. There is no single widely acceptable notation or formalism for describing semantics Operational Semantics
There is no single widely acceptable notation or formalism for describing semantics Operational Describe the meaning of a program by executing its statements on a machine, either simulated or actual. The
More informationRigorous Software Development CSCI-GA
Rigorous Software Development CSCI-GA 3033-009 Instructor: Thomas Wies Spring 2013 Lecture 6 Disclaimer. These notes are derived from notes originally developed by Jochen Hoenicke. They are copyrighted
More informationHoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré
Hoare Logic COMP2600 Formal Methods for Software Engineering Rajeev Goré Australian National University Semester 2, 2016 (Slides courtesy of Ranald Clouston) COMP 2600 Hoare Logic 1 Australian Capital
More informationAdvances in Programming Languages
Advances in Programming Languages Lecture 12: Practical Tools for Java Correctness Ian Stark School of Informatics The University of Edinburgh Friday 31 November 2014 Semester 1 Week 7 http://www.inf.ed.ac.uk/teaching/courses/apl
More informationOperational Semantics. One-Slide Summary. Lecture Outline
Operational Semantics #1 One-Slide Summary Operational semantics are a precise way of specifying how to evaluate a program. A formal semantics tells you what each expression means. Meaning depends on context:
More informationAdvanced JML. and more tips and pitfalls. David Cok, Joe Kiniry, and Erik Poll
Advanced JML and more tips and pitfalls David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen David Cok, Joe Kiniry & Erik Poll - ESC/Java2
More informationCS 161 Computer Security
Wagner Spring 2014 CS 161 Computer Security 1/27 Reasoning About Code Often functions make certain assumptions about their arguments, and it is the caller s responsibility to make sure those assumptions
More informationFormal Methods for Software Development
Formal Methods for Software Development Java Modeling Language, Part I Wolfgang Ahrendt 04 October 2018 FMSD: Java Modeling Language /GU 181004 1 / 36 Role of JML in the Course programming/modelling property/specification
More informationTesting, Debugging, and Verification
Testing, Debugging, and Verification Formal Specification, Part II Srinivas Pinisetty 23 November 2017 Introduction Today: Introduction to Dafny: An imperative language with integrated support for formal
More informationFormal Specification and Verification
Formal Specification and Verification Formal Specification, Part III Bernhard Beckert Adaptation of slides by Wolfgang Ahrendt Chalmers University, Gothenburg, Sweden Formal Specification and Verification:
More informationESC/Java2 Warnings David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen
ESC/Java2 Warnings David Cok, Joe Kiniry, and Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen David Cok, Joe Kiniry & Erik Poll - ESC/Java2 & JML Tutorial p.1/??
More informationOutline for Today CSE 142. CSE142 Wi03 G-1. withdraw Method for BankAccount. Class Invariants
CSE 142 Outline for Today Conditional statements if Boolean expressions Comparisons (=,!=, ==) Boolean operators (and, or, not - &&,,!) Class invariants Conditional Statements & Boolean Expressions
More informationTesting, Debugging, and Verification
Testing, Debugging, and Verification TDA567/DIT082 Introduction Srinivas Pinisetty 30 October 2017 Software is everywhere Complexity, evolution, reuse, multiple domains/teams, Software bug Error Fault
More information! Use of formal notations. ! in software system descriptions. ! for a broad range of effects. ! and varying levels of use. !
What Are Formal Methods? David S. Rosenblum ICS 221 Winter 2001! Use of formal notations! first-order logic, state machines, etc.! in software system descriptions! system models, constraints, specifications,
More informationIntroduction to CS 270 Math Foundations of CS
Introduction to CS 270 Math Foundations of CS Verification of Computer Systems Jeremy Johnson Drexel University Course Description Emphasizes analytic problem-solving and introduction of mathematical material
More informationC07: Testing and JUnit
CISC 3120 C07: Testing and JUnit Hui Chen Department of Computer & Information Science CUNY Brooklyn College 9/19/2017 CUNY Brooklyn College 1 Outline Recap and issues Grades and feedback Assignments &
More informationTypes and Static Type Checking (Introducing Micro-Haskell)
Types and Static (Introducing Micro-Haskell) Informatics 2A: Lecture 14 John Longley School of Informatics University of Edinburgh jrl@inf.ed.ac.uk 17 October 2017 1 / 21 1 Types 2 3 4 2 / 21 So far in
More informationTypes and Static Type Checking (Introducing Micro-Haskell)
Types and Static (Introducing Micro-Haskell) Informatics 2A: Lecture 13 Alex Simpson School of Informatics University of Edinburgh als@inf.ed.ac.uk 16 October, 2012 1 / 21 1 Types 2 3 4 2 / 21 Thus far
More informationJML. Outline. Métodos Formais em Engenharia de Software. MI, Braga these slides were prepared by adopting/adapting teaching material
Métodos Formais em Engenharia de Software JML José Carlos Bacelar Almeida Departamento de Informática Universidade do Minho MI, Braga 2008 Outline Design by Contract and JML Design by Contract Java Modeling
More informationWarm-Up Problem. Let be a set of well-formed Predicate logic formulas. Let be well-formed Predicate logic formulas. Prove or disprove the following.
Warm-Up Problem Let be a set of well-formed Predicate logic formulas Let be well-formed Predicate logic formulas Prove or disprove the following If then 1/35 Program Verification Carmen Bruni Lecture 18
More informationRuntime Checking for Program Verification Systems
Runtime Checking for Program Verification Systems Karen Zee, Viktor Kuncak, and Martin Rinard MIT CSAIL Tuesday, March 13, 2007 Workshop on Runtime Verification 1 Background Jahob program verification
More informationFoundations, Reasoning About Algorithms, and Design By Contract CMPSC 122
Foundations, Reasoning About Algorithms, and Design By Contract CMPSC 122 I. Logic 101 In logic, a statement or proposition is a sentence that can either be true or false. A predicate is a sentence in
More informationCSC Advanced Object Oriented Programming, Spring Specification
CSC 520 - Advanced Object Oriented Programming, Spring 2018 Specification Specification A specification is an unambiguous description of the way the components of the software system should be used and
More informationChapter 3. Semantics. Topics. Introduction. Introduction. Introduction. Introduction
Topics Chapter 3 Semantics Introduction Static Semantics Attribute Grammars Dynamic Semantics Operational Semantics Axiomatic Semantics Denotational Semantics 2 Introduction Introduction Language implementors
More informationCSE331 Winter 2014, Midterm Examination February 12, 2014
CSE331 Winter 2014, Midterm Examination February 12, 2014 Please do not turn the page until 10:30. Rules: The exam is closed-book, closed-note, etc. Please stop promptly at 11:20. There are 100 points
More informationMotivation. Correct and maintainable software Cost effective software production Implicit assumptions easily broken
Spec# Andreas Vida Motivation Correct and maintainable software Cost effective software production Implicit assumptions easily broken Need more formal f specification Integration into a popular language
More informationCSE 142/143 Unofficial Commenting Guide Eric Arendt, Alyssa Harding, Melissa Winstanley
CSE 142/143 Unofficial Commenting Guide Eric Arendt, Alyssa Harding, Melissa Winstanley In Brief: What You Need to Know to Comment Methods in CSE 143 Audience o A random person you don t know who wants
More informationA Java Reference Model of Transacted Memory for Smart Cards
Erik Poll p.1/23 A Java Reference Model of Transacted Memory for Smart Cards Erik Poll University of Nijmegen Joint work with Pieter Hartel Eduard de Jong University of Twente Sun Microsystems Erik Poll
More informationA Small Survey of Java Specification Languages *
Proceedings of the 8 th International Conference on Applied Informatics Eger, Hungary, January 27 30, 2010. Vol. 2. pp. 409 416. A Small Survey of Java Specification Languages * Gábor Kusper a, Gergely
More informationESC/Java2 Use and Features
ESC/Java2 Use and Features The ESC/Java2 tool David Cok, Joe Kiniry, Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen David Cok, Joe Kiniry & Erik Poll - ESC/Java2
More informationPeople tell me that testing is
Software Testing Mark Micallef mark.micallef@um.edu.mt People tell me that testing is Boring Not for developers A second class activity Not necessary because they are very good coders 1 What is quality?
More informationRuzica Piskac Yale University
Ruzica Piskac Yale University Why Software Verification? Maiden flight of the Ariane 5 rocket on the 4th of June 1996 The reason for the explosion was a software error Financial loss: $500,000,000 (including
More informationESC/Java2 Use and Features
ESC/Java2 Use and Features David Cok, Joe Kiniry, Erik Poll Eastman Kodak Company, University College Dublin, and Radboud University Nijmegen David Cok, Joe Kiniry & Erik Poll - ESC/Java2 & JML Tutorial
More informationAnnouncements. Testing. Announcements. Announcements
Announcements Testing HW0, HW1, and HW2 are graded Grades and feedback in Submitty Email us at csci2600@cs.lists.rpi.edu Use Submitty discussion board! HW0, HW1, and HW2, Quiz 1 and 2 Grades in Submitty
More informationFreePascal changes: user documentation
FreePascal changes: user documentation Table of Contents Jochem Berndsen February 2007 1Introduction...1 2Accepted syntax...2 Declarations...2 Statements...3 Class invariants...3 3Semantics...3 Definitions,
More informationCS 520 Theory and Practice of Software Engineering Fall 2018
CS 520 Theory and Practice of Software Engineering Fall 2018 Nediyana Daskalova Monday, 4PM CS 151 Debugging October 30, 2018 Personalized Behavior-Powered Systems for Guiding Self-Experiments Help me
More informationFormal Methods. CITS5501 Software Testing and Quality Assurance
Formal Methods CITS5501 Software Testing and Quality Assurance Pressman, R. Software Engineering: A Practitioner s Approach. Chapter 28. McGraw-Hill, 2005 The Science of Programming, David Gries, 1981
More informationStateClock: a Tool for Timed Reactive Modules
StateClock: a Tool for Timed Reactive Modules Jonathan S. Ostroff Department Of Computer Science, York University, Toronto, Canada, M3J 1P3. Email: jonathan@yorku.ca Abstract: We provide an overview of
More informationProgramming Languages Third Edition
Programming Languages Third Edition Chapter 12 Formal Semantics Objectives Become familiar with a sample small language for the purpose of semantic specification Understand operational semantics Understand
More informationRecap. Advanced static analysis jobs. Secure Programming Lecture 14: Static Analysis II. Program understanding tools
Recap Advanced static analysis jobs Secure Programming Lecture 14: Static Analysis II David Aspinall 17th March 2017 We re looking at principles and tools for ensuring software security. This lecture looks
More informationPrelim 1, Solution. CS 2110, 13 March 2018, 7:30 PM Total Question Name Short answer
Prelim 1, Solution CS 2110, 13 March 2018, 7:30 PM 1 2 3 4 5 6 Total Question Name Short answer Exception handling Recursion OO Loop invariants Max 1 30 11 14 30 14 100 Score Grader The exam is closed
More informationCSE 331 Midterm Exam Sample Solution 2/18/15
Question 1. (10 points) (Forward reasoning) Using forward reasoning, write an assertion in each blank space indicating what is known about the program state at that point, given the precondition and the
More informationCSE 331. Programming by contract: pre/post conditions; Javadoc
CSE 331 Programming by contract: pre/post conditions; Javadoc slides created by Marty Stepp based on materials by M. Ernst, S. Reges, D. Notkin, R. Mercer, Wikipedia http://www.cs.washington.edu/331/ 1
More informationAccessible Formal Methods: A Study of the Java Modeling Language
Accessible Formal Methods: A Study of the Java Modeling Language A project presented to the Department of Computer and Information Sciences State University of New York Polytechnic Institute at Utica Utica,
More informationWrite for your audience
Comments Write for your audience Program documentation is for programmers, not end users There are two groups of programmers, and they need different kinds of documentation Some programmers need to use
More informationEXAMINATIONS 2009 END-OF-YEAR. COMP 202 / SWEN 202 Formal Methods of Computer Science / Formal Foundations of Software Engineering
T E W H A R E W Ā N A N G A O T E Ū P O K O O T E I K A A M Ā U I VUW V I C T O R I A UNIVERSITY OF WELLINGTON EXAMINATIONS 2009 END-OF-YEAR COMP 202 / SWEN 202 Formal Methods of Computer Science / Formal
More informationHow the Design of JML Accommodates Both Runtime Assertion Checking and Formal Verification
Computer Science Technical Reports Computer Science 3-2004 How the Design of JML Accommodates Both Runtime Assertion Checking and Formal Verification Gary T. Leavens Iowa State University Yoonsik Cheon
More informationA Partial Correctness Proof for Programs with Decided Specifications
Applied Mathematics & Information Sciences 1(2)(2007), 195-202 An International Journal c 2007 Dixie W Publishing Corporation, U. S. A. A Partial Correctness Proof for Programs with Decided Specifications
More informationRepresentation Invariants and Abstraction Functions
Representation Invariants and Abstraction Functions Outline Reasoning about ADTs Representation invariants (rep invariants) Representation exposure Checking rep invariants Abstraction functions CSCI 2600
More information(From Glenford Myers: The Art of Software Testing)
A Testing Exercise: (From Glenford Myers: The Art of Software Testing) A program reads three integer values from a card. The three values are interpreted as representing the lengths of the sides of a triangle.
More informationDistributed Systems Programming (F21DS1) Formal Verification
Distributed Systems Programming (F21DS1) Formal Verification Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Focus on
More informationUnit 4: Client View of a Component Methods
Unit 4: Client View of a Component Methods Preview of Coming Attractions In this unit be sure to look for method/operation parameters/formal parameters arguments/actual parameters method header/method
More informationFormal Verification. Lecture 10
Formal Verification Lecture 10 Formal Verification Formal verification relies on Descriptions of the properties or requirements of interest Descriptions of systems to be analyzed, and rely on underlying
More informationEXAMINATIONS 2009 MID-TERM TEST. COMP 202 / SWEN 202 Formal Methods of Computer Science / Formal Foundations of Software Engineering WITH ANSWERS
T E W H A R E W Ā N A N G A O T E Ū P O K O O T E I K A A M Ā U I VUW V I C T O R I A UNIVERSITY OF WELLINGTON Time Allowed: 90 minutes EXAMINATIONS 2009 MID-TERM TEST COMP 202 / SWEN 202 Formal Methods
More informationIntegrating verification in programming languages
Integrating verification in programming languages Thomas Jensen, INRIA Seminar INRIA Rennes, 04/11/2015 Collège de France Chaire Algorithmes, machines et langages x / y Types For division to make sense,
More informationHardware versus software
Logic 1 Hardware versus software 2 In hardware such as chip design or architecture, designs are usually proven to be correct using proof tools In software, a program is very rarely proved correct Why?
More informationCanica: An IDE for the Java Modeling Language
Canica: An IDE for the Java Modeling Language Angelica B. Perez, Yoonsik Cheon, and Ann Q. Gates TR #06-36 August 2006 Keywords: Integrated development environment, specification tool, programming tool,
More informationCS 315 Software Design Homework 3 Preconditions, Postconditions, Invariants Due: Sept. 29, 11:30 PM
CS 315 Software Design Homework 3 Preconditions, Postconditions, Invariants Due: Sept. 29, 11:30 PM Objectives Defining a wellformed method to check class invariants Using assert statements to check preconditions,
More information