Article

Extensible specifications for automatic re-use of specifications and proofs

Authors:

Daniel Matichuk,

Toby MurrayAuthors Info & Claims

SEFM'12: Proceedings of the 10th international conference on Software Engineering and Formal Methods

Pages 333 - 341

https://doi.org/10.1007/978-3-642-33826-7_23

Published: 01 October 2012 Publication History

Publisher Site

Abstract

One way to reduce the cost of formally verifying a large program is to perform proofs over a specification of its behaviour, which its implementation refines. However, interesting programs must often satisfy multiple properties. Ideally, each property should be proved against the most abstract specification for which it holds. This simplifies reasoning and increases the property's robustness against later tweaks to the program's implementation. We introduce extensible specifications, a lightweight technique for constructing a specification that can be instantiated and reasoned about at multiple levels of abstraction. This avoids having to write and maintain a different specification for each property being proved whilst still allowing properties to be proved at the highest levels of abstraction. Importantly, properties proved of an extensible specification hold automatically for all instantiations of it, avoiding unnecessary proof duplication. We explain how we applied this idea in the context of verifying confidentiality enforcement for the seL4 microkernel, saving us significant proof and code duplication.

References

[1]

Blazy, S., Gervais, F., Laleau, R.: Reuse of Specification Patterns with the B Method. In: Bert, D., Bowen, J.P., King, S. (eds.) ZB 2003. LNCS, vol. 2651, pp. 40-57. Springer, Heidelberg (2003).

Digital Library

Google Scholar

[2]

Cock, D., Klein, G., Sewell, T.: Secure Microkernels, State Monads and Scalable Refinement. In: Mohamed, O.A., Muñoz, C., Tahar, S. (eds.) TPHOLs 2008. LNCS, vol. 5170, pp. 167-182. Springer, Heidelberg (2008).

Digital Library

Google Scholar

[3]

Kiczales, G., Lamping, J., Mendhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., Irwin, J.: Aspect-Oriented Programming. In: Aksit, M., Auletta, V. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220-242. Springer, Heidelberg (1997).

Google Scholar

[4]

Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal verification of an OS kernel. In: 22nd SOSP, Big Sky, MT, USA, pp. 207-220. ACM (October 2009).

Digital Library

Google Scholar

[5]

Klein, G., Murray, T., Gammie, P., Sewell, T., Winwood, S.: Provable security: How feasible is it? In: 13th HotOS, Napa, CA, USA, pp. 28-32. USENIX (May 2011).

Digital Library

Google Scholar

[6]

Leino, K.R.M., Yessenov, K.: Stepwise refinement of heap-manipulating code in Chalice (2011) Unpublished manuscript, http://research.microsoft.com/en-us/um/people/leino/papers/krml211.pdf.

Google Scholar

[7]

Liskov, B., Zilles, S.: Programming with abstract data types. SIGPLAN Not. 9(4), 50-59 (1974).

Digital Library

Google Scholar

[8]

Murray, T., Lowe, G.: On refinement-closed security properties and nondeterministic compositions. In: 8th AVoCS, Glasgow, UK. ENTCS, vol. 250, pp. 49-68 (2009).

Digital Library

Google Scholar

[9]

Sewell, T., Winwood, S., Gammie, P., Murray, T., Andronick, J., Klein, G.: seL4 Enforces Integrity. In: van Eekelen, M., Geuvers, H., Schmaltz, J., Wiedijk, F. (eds.) ITP 2011. LNCS, vol. 6898, pp. 325-340. Springer, Heidelberg (2011).

Digital Library

Google Scholar

[10]

Silva, R., Butler, M.: Supporting Reuse of Event-B Developments through Generic Instantiation. In: Breitman, K., Cavalcanti, A. (eds.) ICFEM 2009. LNCS, vol. 5885, pp. 466-484. Springer, Heidelberg (2009).

Digital Library

Google Scholar

Cited By

View all

Matichuk DMurray TAndronick JJeffery RKlein GStaples MBertolino ACanfora GElbaum S(2015)Empirical study towards a leading indicator for cost of formal software verificationProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818842(722-732)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2818754.2818842
Klein GAndronick JElphinstone KMurray TSewell TKolanski RHeiser G(2014)Comprehensive formal verification of an OS microkernelACM Transactions on Computer Systems (TOCS)10.1145/256053732:1(1-70)Online publication date: 26-Feb-2014
https://dl.acm.org/doi/10.1145/2560537
Cock D(2013)Practical probabilityProceedings of the 4th international conference on Interactive Theorem Proving10.1007/978-3-642-39634-2_23(311-327)Online publication date: 22-Jul-2013
https://dl.acm.org/doi/10.1007/978-3-642-39634-2_23
Show More Cited By

Recommendations

Formalized structured analysis specifications
Protective Interface Specifications
Abstract.
The interface specification of a procedure describes the procedure's behaviour using pre- and postconditions. These pre- and postconditions are written using various functions. If some of these functions are partial, or underspecified, then the ...
Automatic Verification of Requirement Specifications
IIS '97: Proceedings of the 1997 IASTED International Conference on Intelligent Information Systems (IIS '97)

Use of formal specification does not a priori guarantee correctness. So far a number of animation approaches were used for validating formal specification for correctness. However, they require complex validation procedures and exhaustive testing and ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

SEFM'12: Proceedings of the 10th international conference on Software Engineering and Formal Methods

October 2012

383 pages

ISBN:9783642338250

Editors:
George Eleftherakis
Internal Faculty, CITY College, Computer Science Department, The University of Sheffield, 3 Leontos Sofou St., 546 26, Thessaloniki, Greece
,
Mike Hinchey
Lero - the Irish Software Engineering Research Centre, University of Limerick, 3 Leontos Sofou St., 546 26, Limerick, Ireland
,
Mike Holcombe
Department of Computer Science, Regent Court, 211 Portobello, University of Sheffield, 3 Leontos Sofou St., 546 26, S1 4DP, UK

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 October 2012

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Matichuk DMurray TAndronick JJeffery RKlein GStaples MBertolino ACanfora GElbaum S(2015)Empirical study towards a leading indicator for cost of formal software verificationProceedings of the 37th International Conference on Software Engineering - Volume 110.5555/2818754.2818842(722-732)Online publication date: 16-May-2015
https://dl.acm.org/doi/10.5555/2818754.2818842
Klein GAndronick JElphinstone KMurray TSewell TKolanski RHeiser G(2014)Comprehensive formal verification of an OS microkernelACM Transactions on Computer Systems (TOCS)10.1145/256053732:1(1-70)Online publication date: 26-Feb-2014
https://dl.acm.org/doi/10.1145/2560537
Cock D(2013)Practical probabilityProceedings of the 4th international conference on Interactive Theorem Proving10.1007/978-3-642-39634-2_23(311-327)Online publication date: 22-Jul-2013
https://dl.acm.org/doi/10.1007/978-3-642-39634-2_23
Murray TMatichuk DBrassil MGammie PKlein G(2012)Noninterference for operating system kernelsProceedings of the Second international conference on Certified Programs and Proofs10.1007/978-3-642-35308-6_12(126-142)Online publication date: 13-Dec-2012
https://dl.acm.org/doi/10.1007/978-3-642-35308-6_12

Abstract

References

Cited By

Recommendations

Formalized structured analysis specifications

Protective Interface Specifications

Automatic Verification of Requirement Specifications

Comments

Information

Published In

Sponsors

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations