Formal Verification. Lecture 10

Similar documents
Lecture 11 Lecture 11 Nov 5, 2014

Distributed Systems Programming (F21DS1) Formal Verification

Introduction to Formal Methods

Formal Methods in Software Engineering. Lecture 07

Cover Page. The handle holds various files of this Leiden University dissertation

CSC 501 Semantics of Programming Languages

Semantics. There is no single widely acceptable notation or formalism for describing semantics Operational Semantics

An Annotated Language

Chapter 3. Describing Syntax and Semantics ISBN

ECE 587 Hardware/Software Co-Design Lecture 12 Verification II, System Modeling

Part II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs?

Discrete Mathematics Lecture 4. Harper Langston New York University

Com S 541. Programming Languages I

Chapter 3 (part 3) Describing Syntax and Semantics

From Hoare Logic to Matching Logic Reachability. Grigore Rosu and Andrei Stefanescu University of Illinois, USA

Introduction to Axiomatic Semantics

Proving the Correctness of Distributed Algorithms using TLA

Logik für Informatiker Logic for computer scientists

Proceedings of the 44th Hawaii International Conference on System Sciences

Hoare Logic. COMP2600 Formal Methods for Software Engineering. Rajeev Goré

Verification Condition Generation

Theorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214

Chapter 1. Introduction

Introduction to Linear-Time Temporal Logic. CSE 814 Introduction to LTL

Chapter 3. Describing Syntax and Semantics ISBN

Programming Languages Third Edition

System Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements

Chapter 3. Describing Syntax and Semantics

Advances in Programming Languages

LOGIC AND DISCRETE MATHEMATICS

The discussion of Chapter 1 will be split into two sessions; the first will cover 1.1 and 1.2; the second will cover 1.3, 1.4, and 1.5.

Static program checking and verification

SCADE S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R

Definition: A context-free grammar (CFG) is a 4- tuple. variables = nonterminals, terminals, rules = productions,,

CSE 307: Principles of Programming Languages

To be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 COPYRIGHT 2011 ALCATEL-LUCENT. ALL RIGHTS RESERVED.

SEQUENCES, MATHEMATICAL INDUCTION, AND RECURSION

Chapter 3. Describing Syntax and Semantics

CITS5501 Software Testing and Quality Assurance Formal methods

The design of a programming language for provably correct programs: success and failure

Propositional Logic. Andreas Klappenecker

Basic Verification Strategy

Chapter 3. Semantics. Topics. Introduction. Introduction. Introduction. Introduction

Lecture 5 - Axiomatic semantics

Topic Formal Methods. ICS 121 Lecture Notes. What are Formal Methods? What are Formal Methods? Formal Specification in Software Development

Lectures 20, 21: Axiomatic Semantics

CS590U Access Control: Theory and Practice. Lecture 5 (January 24) Noninterference and Nondeducibility

Proof Carrying Code(PCC)

Propositional Calculus: Boolean Functions and Expressions. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

Symbolic Trajectory Evaluation - A Survey

Algorithmic Verification. Algorithmic Verification. Model checking. Algorithmic verification. The software crisis (and hardware as well)

Introduction to Axiomatic Semantics (1/2)

Model Checking. Automatic Verification Model Checking. Process A Process B. when not possible (not AI).

Lecture Notes on Program Equivalence

A Michael Jackson presentation. CSE503: Software Engineering. The following slides are from his keynote at ICSE 1995

The semantics of a programming language is concerned with the meaning of programs, that is, how programs behave when executed on computers.

Dynamic Logic David Harel, The Weizmann Institute Dexter Kozen, Cornell University Jerzy Tiuryn, University of Warsaw The MIT Press, Cambridge, Massac

Propositional Logic Formal Syntax and Semantics. Computability and Logic

Binary Decision Diagrams

Summary of Course Coverage

AN INTRODUCTION TO FUZZY SETS Analysis and Design. Witold Pedrycz and Fernando Gomide

Introduction to Axiomatic Semantics (1/2)

Automated Reasoning. Natural Deduction in First-Order Logic

From OCL to Propositional and First-order Logic: Part I

Formal Verification in Industry

FreePascal changes: user documentation

Verifying Java Programs Verifying Java Programs with KeY

Runtime Checking for Program Verification Systems

Overview of the KeY System

Model Checking Revision: Model Checking for Infinite Systems Revision: Traffic Light Controller (TLC) Revision: 1.12

Mechanical Proofs about Computer Programs

Program Verification. Aarti Gupta

Warm-Up Problem. Let L be the language consisting of as constant symbols, as a function symbol and as a predicate symbol. Give an interpretation where

Propositional Calculus. CS 270: Mathematical Foundations of Computer Science Jeremy Johnson

Introductory logic and sets for Computer scientists

Computation Club: Gödel s theorem

Lecture 10 Design by Contract

Program Verification & Testing; Review of Propositional Logic

JML tool-supported specification for Java Erik Poll Radboud University Nijmegen

Leslie Lamport: The Specification Language TLA +

Knowledge Representation

Chapter 3. Syntax - the form or structure of the expressions, statements, and program units

An Industrially Useful Prover

A Mechanically Verified Code Generator

Less naive type theory

Second-Order Type Systems

Formally Certified Satisfiability Solving

Note that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.

Verifying Java Programs Verifying Java Programs with KeY

Program Design in PVS. Eindhoven University of Technology. Abstract. Hoare triples (precondition, program, postcondition) have

Program Verification (6EC version only)

Formal Semantics of Programming Languages

CCM Lecture 12. Security Model 1: Bell-LaPadula Model

Trends in Automated Verification

INF672 Protocol Safety and Verification. Karthik Bhargavan Xavier Rival Thomas Clausen

Isabelle/HOL:Selected Features and Recent Improvements

Formal Semantics of Programming Languages

Semantics via Syntax. f (4) = if define f (x) =2 x + 55.

Formal Methods for Java

System Debugging and Verification : A New Challenge. Center for Embedded Computer Systems University of California, Irvine

Transcription:

Formal Verification Lecture 10

Formal Verification Formal verification relies on Descriptions of the properties or requirements of interest Descriptions of systems to be analyzed, and rely on underlying mathematical logic system and the proof theory of that system Two general categories Inductive techniques Model checking techniques

Verification techniques Proof-based vs model-based Proof: Formula define premises / conclusions Proof shows how to reach conclusions from premises Model-based: Premises and conclusions have same truth tables Degree of automation may be manual or have tool support Full verification vs property verification Does methodology model full system? Or just prove certain key properties? Intended domain of application HW/SW, reactive, concurrent Predevelopment vs post development As design aid or after design

Inductive verification Typically more general Uses theorem provers E.g., uses predicate calculus A sequence of proof steps starting with premises of the formula and eventually reaching a conclusion May be used To find flaws in design To verify the properties of computer programs

Model-checking Systems modeled as state transition systems Formula may be true in some states and false in others Formulas may change values as systems evolve Properties are formulas in temporal logic Truth values are dynamic Model and the desired properties are semantically equivalent Model and properties express the same truth table Often used after development is complete but before a product is release to the general market

Formal Verification: Components Formal Specification defined in unambiguous (mathematical) language Restricted syntax, and well-defined semantics based on established mathematical concepts Example: security policy models (Take- Grant, BLP) Implementation Language Generally somewhat constrained Formal Semantics relating the two Methodology to ensure implementation ensures specifications met

Specification Languages Specify WHAT, not HOW Valid states of system Postconditions of operations Non-Procedural Typical Examples: Propositional / Predicate Logic Temporal Logic (supports before/after conditions) Set-based models (e.g., formal Bell-LaPadula)

Specification Languages Must support machine processing Strong typing Model input/output/errors Example: SPECIAL First order logic base Strongly typed VFUN: describes variables (state) OFUN/OVFUN: describe state transitions

Example: SPECIAL MODULE Bell_LaPadula_Model Give_read Types Subject_ID: DESIGNATOR; Object_ID: DESIGNATOR; Access_Model: {READ, APPEND, WRITE}; Access: STRUCT_OF(Subject_ID subject; Object_ID object; Access_Mode mode); Functions VFUN active (Object_ID object) -> BOOLEAN active: HIDDEN; INITIALLY TRUE; VFUN access_matrix() -> Access accesses: HIDDEN; INITIALLY FORALL Access a: a INSERT accesses => active(a.object); OFUN give_access(subject_id giver; Access access); ASSERTIONS active(access.object) = TRUE; EFFECTS `access_matrix() = access_matrix() UNION (access); END_MODULE

Example: Enhanced Hierarchical Development Methodology Based on HDM A general purpose design and implementation methodology Goal was To mechanize and formalize the entire development process Design specification and verification + implementation specification and verification Proof-based method Uses Boyer-Moore Theorem Prover

Example: Enhanced Hierarchical Development Methodology Hierarchical approach Abstract Machines defined at each level specification written in SPECIAL Mapping Specifications define functionality in terms of machines at higher layers Consistency Checker validates mappings match Compiler that maps a program into a theorem-prover understood form Successfully used on MLS systems Few formal policy specifications outside MLS domain

Alternate Approach: Combine Specifications and Language Gypsy verification environment (GVE) Specifications defined on procedures Entry conditions Exit conditions Assertions Proof techniques ensure exit conditions / assertions met given entry conditions Also run-time checking Examples: Gypsy (in book) uses theorem prover CLU Eiffel (and derivatives) run-time checks

Other Examples Prototype Verification System (PVS) Based on EHDM Interactive theorem-prover Symbolic Model Verifier Temporal logic based Notion of path program represented as tree Statements that condition must hold at a future state, all future states, all states on one path, etc.

Other Examples Formal verification of protocols Key management Protocol development Verification of libraries Entire system not verified But components known okay High risk subsystems

Protocol Verification Generating protocols that meet security specifications Assumes cryptography secure But cryptography not enough

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback