Abstract
Echo is a novel yet practical approach to the formal verification of large software systems. The Echo approach splits verification into two major parts. In the first part, the SPARK tools are used to verify an implementation written in SPARK Ada against a low-level specification written using the SPARK source-code annotations. In the second part, a high-level specification is extracted automatically from the annotated implementation, and a proof constructed using the PVS theorem proving system that the extracted specification implies the original specification. Part of what makes Echo practical is a technique called verification refactoring. The program to be verified is mechanically refactored specifically to facilitate verification. In both parts of the proof process, semantics-preserving refactorings are applied to the implementation to reduce the complexity of the software and thereby to reduce the difficulty of verification proof. Much of the Echo approach is automated. The verification burden is reduced by distributing the burden over separate tools and techniques. In this presentation, the Echo verification technology will be described. The technology will be illustrated using the verification of two security applications and a novel medical device.
Index Terms
Echo: a new approach to formal verification based on Ada
Recommendations
Echo: a new approach to formal verification based on Ada
SIGAda '09: Proceedings of the ACM SIGAda annual international conference on Ada and related technologiesEcho is a novel yet practical approach to the formal verification of large software systems. The Echo approach splits verification into two major parts. In the first part, the SPARK tools are used to verify an implementation written in SPARK Ada against ...
Automatic Compositional Verification of Probabilistic Safety Properties for Inter-organisationalWorkflow Processes
SIMULTECH 2016: Proceedings of the 6th International Conference on Simulation and Modeling Methodologies, Technologies and ApplicationsFor many complex systems, it is important to verify formally their correctness; the aim is to guarantee the
reliability and the correctness of such systems before their effective deployment. Several methods have been
proposed to this effect using ...
Bounded model checking of high-integrity software
HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technologyModel checking [5] is an automated algorithmic technique for exhaustive verification of systems, described as finite state machines, against temporal logic [9] specifications. It has been used successfully to verify hardware at an industrial scale [6]. ...







Comments