Abstract
Performance critical software is almost always developed in C, as programmers do not trust high-level languages to deliver the same reliable performance. This is bad because low-level code in unsafe languages attracts security vulnerabilities and because development is far less productive, with PL advances mostly lost on programmers operating under tight performance constraints. High-level languages provide memory safety out of the box, but they are deemed too slow and unpredictable for serious system software.
Recent years have seen a surge in staging and generative programming: the key idea is to use high-level languages and their abstraction power as glorified macro systems to compose code fragments in first-order, potentially domain-specific, intermediate languages, from which fast C can be emitted. But what about security? Since the end result is still C code, the safety guarantees of the high-level host language are lost.
In this paper, we extend this generative approach to emit ACSL specifications along with C code. We demonstrate that staging achieves ``abstraction without regret'' for verification: we show how high-level programming models, in particular higher-order composable contracts from dynamic languages, can be used at generation time to compose and generate first-order specifications that can be statically checked by existing tools. We also show how type classes can automatically attach invariants to data types, reducing the need for repetitive manual annotations.
We evaluate our system on several case studies that varyingly exercise verification of memory safety, overflow safety, and functional correctness. We feature an HTTP parser that is (1) fast (2) high-level: implemented using staged parser combinators (3) secure: with verified memory safety. This result is significant, as input parsing is a key attack vector, and vulnerabilities related to HTTP parsing have been documented in all widely-used web servers.
- M. Abadi, M. Budiu, Ú. Erlingsson, and J. Ligatti. Control-flow integrity. In ACM Conference on Computer and Communications Security, pages 340–353. ACM, 2005. Google Scholar
Digital Library
- S. Amani, A. Hixon, Z. Chen, C. Rizkallah, P. Chubb, L. O’Connor, J. Beeren, Y. Nagashima, J. Lim, T. Sewell, J. Tuong, G. Keller, T. C. Murray, G. Klein, and G. Heiser. Cogent: Verifying high-assurance file system implementations. In ASPLOS, pages 175–188. ACM, 2016. Google Scholar
Digital Library
- S. P. Amarasinghe. Petabricks: a language and compiler based on autotuning. In M. Katevenis, M. Martonosi, C. Kozyrakis, and O. Temam, editors, High Performance Embedded Architectures and Compilers, 6th International Conference, HiPEAC 2011, Heraklion, Crete, Greece, January 24-26, 2011. Proceedings, page 3. ACM, 2011. Google Scholar
Digital Library
- ARMmbed. PolarSSL security advisory 2014-04, 2015.Google Scholar
- https: //tls.mbed.org/tech-updates/security-advisories/polarsslsecurity-advisory-2014-04.Google Scholar
- M. Barnett, B. E. Chang, R. DeLine, B. Jacobs, and K. R. M. Leino. Boogie: A modular reusable verifier for object-oriented programs. In FMCO, volume 4111 of Lecture Notes in Computer Science, pages 364–387. Springer, 2005. Google Scholar
Digital Library
- M. Barnett, M. Fähndrich, K. R. M. Leino, P. Müller, W. Schulte, and H. Venter. Specification and verification: the spec# experience. Commun. ACM, 54(6):81–91, 2011. Google Scholar
Digital Library
- P. Baudin, P. Cuoq, J.-C. Filliâtre, C. Marché, B. Monate, Y. Moy, and V. Prevosto. ACSL: ANSI/ISO C Specification Language, reference manual, version 1.11, 2009-2016. http://frama-c.com/download/acsl.pdf.Google Scholar
- S. Bauman, C. F. Bolz, R. Hirschfeld, V. Kirilichev, T. Pape, J. G. Siek, and S. Tobin-Hochstadt. Pycket: a tracing JIT for a functional language. In K. Fisher and J. H. Reppy, editors, Proceedings of the 20th ACM SIGPLAN International Conference on Functional Programming, ICFP 2015, Vancouver, BC, Canada, September 1-3, 2015, pages 22–34. ACM, 2015. Google Scholar
Digital Library
- O. Beckmann, A. Houghton, M. R. Mellor, and P. H. J. Kelly. Runtime code generation in C++ as a foundation for domain-specific optimisation. In Domain-Specific Program Generation, pages 291–306, 2003.Google Scholar
- J. Berdine, B. Cook, and S. Ishtiaq. Slayer: Memory safety for systems-level code. In CAV, volume 6806 of Lecture Notes in Computer Science, pages 178–183. Springer, 2011. Google Scholar
Digital Library
- J. T. Boyland, editor. 29th European Conference on Object-Oriented Programming, ECOOP 2015, July 5-10, 2015, Prague, Czech Republic, volume 37 of LIPIcs. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2015.Google Scholar
- S. Bratus, M. L. Patterson, and A. Shubina. The bugs we have to kill. ; login:: the magazine of USENIX & SAGE, 40(4):4–10, 2015.Google Scholar
- K. J. Brown, A. K. Sujeeth, H. Lee, T. Rompf, H. Chafi, M. Odersky, and K. Olukotun. A heterogeneous parallel framework for domainspecific languages. PACT, 2011. Google Scholar
Digital Library
- C. Calcagno, W. Taha, L. Huang, and X. Leroy. Implementing multistage languages using asts, gensym, and reflection. GPCE, pages 57– 76, 2003. Google Scholar
Digital Library
- J. Carette, O. Kiselyov, and C. chieh Shan. Finally tagless, partially evaluated: Tagless staged interpreters for simpler typed languages. J. Funct. Program., 19(5):509–543, 2009. Google Scholar
Digital Library
- H. Chen, D. Ziegler, T. Chajed, A. Chlipala, M. F. Kaashoek, and N. Zeldovich. Using crash hoare logic for certifying the FSCQ file system. In E. L. Miller and S. Hand, editors, Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015, Monterey, CA, USA, October 4-7, 2015, pages 18–37. ACM, 2015. Google Scholar
Digital Library
- A. Chlipala. The bedrock structured programming system: combining generative metaprogramming and hoare logic in an extensible program verifier. In G. Morrisett and T. Uustalu, editors, ACM SIGPLAN International Conference on Functional Programming, ICFP’13, Boston, MA, USA - September 25 - 27, 2013, pages 391–402. ACM, 2013. Google Scholar
Digital Library
- A. Chlipala. From network interface to multithreaded web applications: A case study in modular program verification. In S. K. Rajamani and D. Walker, editors, Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2015, Mumbai, India, January 15-17, 2015, pages 609–622. ACM, 2015. Google Scholar
Digital Library
- U. Costa. Correct sorting with Frama-C and some thoughts on formal methdos, Feb 2011. ulissesaraujo.wordpress.com.Google Scholar
- P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. The astreé analyzer. In ESOP, volume 3444 of Lecture Notes in Computer Science, pages 21–30. Springer, 2005.Google Scholar
- P. Cuoq, F. Kirchner, N. Kosmatov, V. Prevosto, J. Signoles, and B. Yakobowski. Frama-C, pages 233–247. Springer Berlin Heidelberg, Berlin, Heidelberg, 2012.Google Scholar
- P. Cuoq, B. Monate, A. Pacalet, V. Prevosto, J. Regehr, B. Yakobowski, and X. Yang. Testing static analyzers with randomly generated programs. In NASA Formal Methods, volume 7226 of Lecture Notes in Computer Science, pages 120–125. Springer, 2012. Google Scholar
Digital Library
- CVE. 2002-0392: Apache security advisory. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002- 0392.Google Scholar
- CVE. 2013-2028: nginx security advisory. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013- 2028.Google Scholar
- B. Delaware, C. Pit-Claudel, J. Gross, and A. Chlipala. Fiat: Deductive synthesis of abstract data types in a proof assistant. In POPL, pages 689–700. ACM, 2015. Google Scholar
Digital Library
- C. Dimoulas and M. Felleisen. On contract satisfaction in a higherorder world. ACM Trans. Program. Lang. Syst., 33(5):16, 2011. Google Scholar
Digital Library
- C. Elliott, S. Finne, and O. de Moor. Compiling embedded languages. J. Funct. Program., 13(3):455–481, 2003. Google Scholar
Digital Library
- T. Elliott, L. Pike, S. Winwood, P. C. Hickey, J. Bielman, J. Sharp, E. L. Seidel, and J. Launchbury. Guilt free ivory. In B. Lippmeier, editor, Proceedings of the 8th ACM SIGPLAN Symposium on Haskell, Haskell 2015, Vancouver, BC, Canada, September 3-4, 2015, pages 189–200. ACM, 2015. Google Scholar
Digital Library
- M. Felleisen, R. B. Findler, M. Flatt, S. Krishnamurthi, E. Barzilay, J. A. McCarthy, and S. Tobin-Hochstadt. The racket manifesto. In T. Ball, R. Bodík, S. Krishnamurthi, B. S. Lerner, and G. Morrisett, editors, 1st Summit on Advances in Programming Languages, SNAPL 2015, May 3-6, 2015, Asilomar, California, USA, volume 32 of LIPIcs, pages 113–128. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2015.Google Scholar
- R. B. Findler and M. Felleisen. Contracts for higher-order functions. In M. Wand and S. L. P. Jones, editors, Proceedings of the Seventh ACM SIGPLAN International Conference on Functional Programming (ICFP ’02), Pittsburgh, Pennsylvania, USA, October 4-6, 2002. Google Scholar
Digital Library
- , pages 48–59. ACM, 2002.Google Scholar
- K. Fisher. HACMS: high assurance cyber military systems. In HILT, pages 51–52. ACM, 2012. Google Scholar
Digital Library
- D. Frampton, S. M. Blackburn, P. Cheng, R. Garner, D. Grove, J. E. B. Moss, and S. I. Salishev. Demystifying magic: high-level low-level programming. In A. L. Hosking, D. F. Bacon, and O. Krieger, editors, Proceedings of the 5th International Conference on Virtual Execution Environments, VEE 2009, Washington, DC, USA, March 11-13, 2009, pages 81–90. ACM, 2009. Google Scholar
Digital Library
- M. Frigo. A fast fourier transform compiler. In PLDI, pages 169–180, 1999. Google Scholar
Digital Library
- Y. Futamura. Partial evaluation of computation process, revisited. Higher-Order and Symbolic Computation, 12(4):377–380, 1999. Google Scholar
Digital Library
- M. Hanger, T. A. Johansen, G. K. Mykland, and A. Skullestad. Dynamic model predictive control allocation using CVXGEN. In 9th IEEE International Conference on Control and Automation, ICCA 2011, Santiago, Chile, December 19-21, 2011, pages 417–422. IEEE, 2011.Google Scholar
Cross Ref
- T. A. Henzinger, R. Jhala, and R. Majumdar. The BLAST software verification system. In SPIN, volume 3639 of Lecture Notes in Computer Science, pages 25–26. Springer, 2005. Google Scholar
Digital Library
- P. C. Hickey, L. Pike, T. Elliott, J. Bielman, and J. Launchbury. Building embedded systems with embedded dsls. In Jeuring and Chakravarty {40}, pages 3–9. Google Scholar
Digital Library
- C. Hofer, K. Ostermann, T. Rendel, and A. Moors. Polymorphic embedding of DSLs. In Y. Smaragdakis and J. G. Siek, editors, GPCE, pages 137–148. ACM, 2008. Google Scholar
Digital Library
- B. Jacobs, J. Smans, P. Philippaerts, F. Vogels, W. Penninckx, and F. Piessens. Verifast: A powerful, sound, predictable, fast verifier for C and java. In NASA Formal Methods, volume 6617 of Lecture Notes in Computer Science, pages 41–55. Springer, 2011. Google Scholar
Digital Library
- J. Jeuring and M. M. T. Chakravarty, editors. Proceedings of the 19th ACM SIGPLAN international conference on Functional programming, Gothenburg, Sweden, September 1-3, 2014. ACM, 2014. Google Scholar
Cross Ref
- J. Jeuring and P. Jansson. Polytypic programming. In Advanced Functional Programming, volume 1129 of Lecture Notes in Computer Science, pages 68–114. Springer, 1996. Google Scholar
Digital Library
- M. Jonnalagedda. Staged parser combinators and recursion, Sep 2015. manojo.github.io.Google Scholar
- M. Jonnalagedda, T. Coppey, S. Stucki, T. Rompf, and M. Odersky. Staged parser combinators for efficient data processing. In A. P. Black and T. D. Millstein, editors, Proceedings of the 2014 ACM International Conference on Object Oriented Programming Systems Languages & Applications, OOPSLA 2014, part of SPLASH 2014, Portland, OR, USA, October 20-24, 2014, pages 637–653. ACM, 2014. Google Scholar
Digital Library
- M. Keil and P. Thiemann. Treatjs: Higher-order contracts for javascripts. In Boyland {11}, pages 28–51.Google Scholar
- B. Kernighan and R. Pike. A regular expression matcher. In G. Wilson and A. Oram, editors, Beautiful Code, chapter 1. O’Reilly, 2007.Google Scholar
- G. Klein, J. Andronick, K. Elphinstone, T. C. Murray, T. Sewell, R. Kolanski, and G. Heiser. Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst., 32(1):2, 2014. Google Scholar
Digital Library
- Y. Klonatos, C. Koch, T. Rompf, and H. Chafi. Building efficient query engines in a high-level language. PVLDB, 7(10):853–864, 2014. Google Scholar
Digital Library
- V. Kuncak. Developing verified software using leon. In NFM, volume 9058 of Lecture Notes in Computer Science, pages 12–15. Springer, 2015.Google Scholar
- J. R. Larus and G. C. Hunt. The singularity system. Commun. ACM, 53(8):72–79, 2010. Google Scholar
Digital Library
- H. Lee, K. J. Brown, A. K. Sujeeth, H. Chafi, T. Rompf, M. Odersky, and K. Olukotun. Implementing domain-specific languages for heterogeneous parallel computing. IEEE Micro, 31(5):42–53, 2011. Google Scholar
Digital Library
- D. Leijen and E. Meijer. Domain specific embedded compilers. In DSL, pages 109–122, 1999. Google Scholar
Digital Library
- K. R. M. Leino. Dafny: An automatic program verifier for functional correctness. In LPAR (Dakar), volume 6355 of Lecture Notes in Computer Science, pages 348–370. Springer, 2010. Google Scholar
Digital Library
- X. Leroy. Formal verification of a realistic compiler. Commun. ACM, 52(7):107–115, 2009. Google Scholar
Digital Library
- N. D. Matsakis and F. S. Klock, II. The Rust language. Ada Lett., 34(3):103–104, Oct. 2014. Google Scholar
Digital Library
- B. Meyer. Eiffel: A language and environment for software engineering. Journal of Systems and Software, 8(3):199–246, 1988. Google Scholar
Digital Library
- B. Meyer. Eiffel as a framework for verification. In VSTTE, volume 4171 of Lecture Notes in Computer Science, pages 301–307. Springer, 2005.Google Scholar
- C. Newcombe, T. Rath, F. Zhang, B. Munteanu, M. Brooker, and M. Deardeuff. How amazon web services uses formal methods. Communications of the ACM, 58(4):66–73, 2015. Google Scholar
Digital Library
- P. C. Nguyen, S. Tobin-Hochstadt, and D. V. Horn. Soft contract verification. In Jeuring and Chakravarty {40}, pages 139–152. Google Scholar
Digital Library
- P. C. Nguyen, S. Tobin-Hochstadt, and D. V. Horn. Higher-order symbolic execution for contract verification and refutation. 2015.Google Scholar
- nodejs & nginx. HTTP parser. https://github.com/nodejs/http-parser.Google Scholar
- G. Ofenbeck, T. Rompf, A. Stojanov, M. Odersky, and M. Püschel. Spiral in scala: towards the systematic construction of generators for performance libraries. In J. Järvi and C. Kästner, editors, Generative Programming: Concepts and Experiences, GPCE’13, Indianapolis, IN, USA - October 27 - 28, 2013, pages 125–134. ACM, 2013. Google Scholar
Digital Library
- L. Pike, P. C. Hickey, J. Bielman, T. Elliott, T. DuBuisson, and J. Launchbury. Programming languages for high-assurance autonomous vehicles: extended abstract. In N. A. Danielsson and B. Jacobs, editors, Proceedings of the 2014 ACM SIGPLAN Workshop on Programming Languages meets Program Verification, PLPV 2014, January 21, 2014, San Diego, California, USA, Co-located with POPL ’14, pages 1–2. ACM, 2014. Google Scholar
Digital Library
- M. Püschel, J. M. F. Moura, B. Singer, J. Xiong, J. Johnson, D. A. Padua, M. M. Veloso, and R. W. Johnson. Spiral: A generator for platform-adapted libraries of signal processing alogorithms. IJHPCA, 18(1):21–45, 2004. Google Scholar
Digital Library
- J. Ragan-Kelley, A. Adams, S. Paris, M. Levoy, S. P. Amarasinghe, and F. Durand. Decoupling algorithms from schedules for easy optimization of image processing pipelines. ACM Trans. Graph., 31(4):32, 2012. Google Scholar
Digital Library
- J. Ragan-Kelley, C. Barnes, A. Adams, S. Paris, F. Durand, and S. P. Amarasinghe. Halide: a language and compiler for optimizing parallelism, locality, and recomputation in image processing pipelines. In H. Boehm and C. Flanagan, editors, ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI ’13, Seattle, WA, USA, June 16-19, 2013, pages 519–530. ACM, 2013. Google Scholar
Digital Library
- J. Regehr. Comments on a formal verification of PolarSSL, 2015. http://blog.regehr.org/archives/1261.Google Scholar
- J. Reynolds. User-defined types and procedural data structures as complementary approaches to data abstraction. 1975.Google Scholar
- C. Rizkallah, J. Lim, Y. Nagashima, T. Sewell, Z. Chen, L. O’Connor, T. C. Murray, G. Keller, and G. Klein. A framework for the automatic formal verification of refinement from cogent to C. In ITP, volume 9807 of Lecture Notes in Computer Science, pages 323–340. Springer, 2016.Google Scholar
- T. Rompf. Lightweight Modular Staging and Embedded Compilers: Abstraction Without Regret for High-Level High-Performance Programming. PhD thesis, EPFL, 2012.Google Scholar
- T. Rompf, N. Amin, A. Moors, P. Haller, and M. Odersky. Scalavirtualized: Linguistic reuse for deep embeddings. Higher-Order and Symbolic Computation (Special issue for PEPM’12). Google Scholar
Digital Library
- T. Rompf, K. J. Brown, H. Lee, A. K. Sujeeth, M. Jonnalagedda, N. Amin, G. Ofenbeck, A. Stojanov, Y. Klonatos, M. Dashti, C. Koch, M. Püschel, and K. Olukotun. Go meta! A case for generative programming and dsls in performance critical systems. In SNAPL, 2015.Google Scholar
- T. Rompf and M. Odersky. Lightweight modular staging: a pragmatic approach to runtime code generation and compiled dsls. Commun. ACM, 55(6):121–130, 2012. Google Scholar
Digital Library
- T. Rompf, A. K. Sujeeth, N. Amin, K. Brown, V. Jovanovic, H. Lee, M. Jonnalagedda, K. Olukotun, and M. Odersky. Optimizing data structures in high-level programs. POPL, 2013. Google Scholar
Digital Library
- T. Rompf, A. K. Sujeeth, H. Lee, K. J. Brown, H. Chafi, M. Odersky, and K. Olukotun. Building-blocks for performance oriented dsls. DSL, 2011.Google Scholar
Cross Ref
- Scala-LMS. Tutorial: Automata-based regex matcher. http://scala-lms.github.io/tutorials/automata.html.Google Scholar
- Scala-LMS. Tutorial: From interpreter to compiler. http://scala-lms.github.io/tutorials/regex.html.Google Scholar
- A. Slesarenko, A. Filippov, and A. Romanov. First-class isomorphic specialization by staged evaluation. In WGP, pages 35–46. ACM, 2014. Google Scholar
Digital Library
- C. Strachey. Fundamental concepts in programming languages. Higher-Order and Symbolic Computation, 13(1/2):11–49, 2000. Google Scholar
Digital Library
- T. S. Strickland, C. Dimoulas, A. Takikawa, and M. Felleisen. Contracts for first-class classes. ACM Trans. Program. Lang. Syst., 35(3):11, 2013. Google Scholar
Digital Library
- T. S. Strickland, S. Tobin-Hochstadt, R. B. Findler, and M. Flatt. Chaperones and impersonators: run-time support for reasonable interposition. In G. T. Leavens and M. B. Dwyer, editors, Proceedings of the 27th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2012, part of SPLASH 2012, Tucson, AZ, USA, October 21-25, 2012, pages 943–962. ACM, 2012. Google Scholar
Digital Library
- A. K. Sujeeth, H. Lee, K. J. Brown, T. Rompf, M. Wu, A. R. Atreya, M. Odersky, and K. Olukotun. OptiML: an implicitly parallel domainspecific language for machine learning. In Proceedings of the 28th International Conference on Machine Learning, ICML, 2011.Google Scholar
- A. K. Sujeeth, T. Rompf, K. J. Brown, H. Lee, H. Chafi, V. Popic, M. Wu, A. Prokopec, V. Jovanovic, M. Odersky, and K. Olukotun. Composition and reuse with compiled domain-specific languages. In ECOOP, 2013. Google Scholar
Digital Library
- J. Svenningsson and E. Axelsson. Combining deep and shallow embedding for EDSL. In TFP, 2012.Google Scholar
- L. Szekeres, M. Payer, T. Wei, and D. Song. Sok: Eternal war in memory. In IEEE Symposium on Security and Privacy, pages 48–62. IEEE Computer Society, 2013. Google Scholar
Digital Library
- W. Taha and T. Sheard. Metaml and multi-stage programming with explicit annotations. Theor. Comput. Sci., 248(1-2):211–242, 2000. Google Scholar
Digital Library
- A. Takikawa, D. Feltey, E. Dean, M. Flatt, R. B. Findler, S. Tobin-Hochstadt, and M. Felleisen. Towards practical gradual typing. In Boyland {11}, pages 4–27.Google Scholar
- A. Takikawa, D. Feltey, B. Greenman, M. New, J. Vitek, and M. Felleisen. Is sound gradual typing dead? In POPL, 2016. Google Scholar
Digital Library
- S. Tobin-Hochstadt and M. Felleisen. The design and implementation of typed scheme. In G. C. Necula and P. Wadler, editors, Proceedings of the 35th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2008, San Francisco, California, USA, January 7-12, 2008, pages 395–406. ACM, 2008. Google Scholar
Digital Library
- TrustInSoft. PolarSSL 1.1.8 verification kit, 2015. http://trust-in-soft.com/polarSSL_demo.pdf.Google Scholar
- P. Wadler and S. Blott. How to make ad-hoc polymorphism less adhoc. In POPL, pages 60–76, 1989. Google Scholar
Digital Library
- X. Wang, D. Lazar, N. Zeldovich, A. Chlipala, and Z. Tatlock. Jitk: A trustworthy in-kernel interpreter infrastructure. In J. Flinn and H. Levy, editors, 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI ’14, Broomfield, CO, USA, October 6-8, 2014. Google Scholar
Digital Library
- , pages 33–47. USENIX Association, 2014.Google Scholar
- R. C. Whaley, A. Petitet, and J. Dongarra. Automated empirical optimizations of software and the ATLAS project. Parallel Computing, 27(1-2):3–35, 2001.Google Scholar
Digital Library
- J. Yang and C. Hawblitzel. Safe to the last instruction: automated verification of a type-safe operating system. Commun. ACM, 54(12):123– 131, 2011. Google Scholar
Digital Library
Index Terms
LMS-Verify: abstraction without regret for verified systems programming
Recommendations
LMS-Verify: abstraction without regret for verified systems programming
POPL '17: Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming LanguagesPerformance critical software is almost always developed in C, as programmers do not trust high-level languages to deliver the same reliable performance. This is bad because low-level code in unsafe languages attracts security vulnerabilities and ...
Programmed Strategies for Program Verification
Plover is an automated property-verifier for Haskell programs that has been under development for the past three years as a component of the Programatica project. In Programatica, predicate definitions and property assertions written in P-logic, a ...
How to verify and exploit a refinement of component-based systems
PSI'06: Proceedings of the 6th international Andrei Ershov memorial conference on Perspectives of systems informaticsIn order to deal with the verification of large systems, compositional approaches postpone in part the problem of combinatorial explosion during model exploration. The purpose of the work we present in this paper is to establish a compositional ...







Comments