research-article

Public Access

Let's verify Linux: accelerated learning of analytical reasoning through automation and collaboration

Authors:

Suresh Kothari,

Jeremías Sauceda,

Jon MathewsAuthors Info & Claims

ICSE '16: Proceedings of the 38th International Conference on Software Engineering Companion

Pages 394 - 403

https://doi.org/10.1145/2889160.2889192

Published: 14 May 2016 Publication History

Abstract

We describe our experiences in the classroom using the internet to collaboratively verify a significant safety and security property across the entire Linux kernel. With 66,609 instances to check across three versions of Linux, the naive approach of simply dividing up the code and assigning it to students does not scale, and does little to educate. However, by teaching and applying analytical reasoning, the instances can be categorized effectively, the problems of scale can be managed, and students can collaborate and compete with one another to achieve an unprecedented level of verification.

We refer to our approach as Evidence-Enabled Collaborative Verification (EECV). A key aspect of this approach is the use of visual software models, which provide mathematically rigorous and critical evidence for verification. The visual models make analytical reasoning interactive, interesting and applicable to large software.

Visual models are generated automatically using a tool we have developed called L-SAP [14]. This tool generates an Instance Verification Kit (IVK) for each instance, which contains all of the verification evidence for the instance. The L-SAP tool is implemented on a software graph database platform called Atlas [6]. This platform comes with a powerful query language and interactive visualization to build and apply visual models for software verification.

The course project is based on three recent versions of the Linux operating system with altogether 37 MLOC and 66,609 verification instances. The instances are accessible through a website [2] for students to collaborate and compete. The Atlas platform, the L-SAP tool, the structured labs for the project, and the lecture slides are available upon request for academic use.

References

[1]

Ensoft corp. http://www.ensoftcorp.com.

[2]

Linux results. http://kcsl.ece.iastate.edu/linux-results/.

[3]

XINU. http://en.wikipedia.org/wiki/XNU.

[4]

P. J. Clarke, Y. Wu, A. A. Allen, and T. M. King. Experiences of teaching model-driven engineering in a software design course. In Online Proceedings of the 5th Educators' Symposium of the MODELS Conference, pages 6--14, 2009.

[5]

A. J. Cowling. Modelling: a neglected feature in the software engineering curriculum. In Software Engineering Education and Training, 2003.(GSEE&T 2003). Proceedings. 16th Conference on, pages 206--215. IEEE, 2003.

Digital Library

[6]

T. Deering, S. Kothari, J. Sauceda, and J. Mathews. Atlas: a new way to explore software, build analysis tools. In Companion Proceedings of the 36th International Conference on Software Engineering, pages 588--591. ACM, 2014.

Digital Library

[7]

J. Gleick and R. C. Hilborn. Chaos, making a new science. American Journal of Physics, 56(11):1053--1054, 1988.

[8]

K. Gui and S. Kothari. A 2-phase method for validation of matching pair property with case studies of operating systems. In Software Reliability Engineering (ISSRE), 2010 IEEE 21st International Symposium on, pages 151--160. IEEE, 2010.

Digital Library

[9]

B. Holland, T. Deering, S. Kothari, J. Mathews, and N. Ranade. Security toolbox for detecting novel and sophisticated android malware. ICSE, 2015.

Digital Library

[10]

J. Kramer. Is abstraction the key to computing? Communications of the ACM, 50(4):36--42, 2007.

Digital Library

[11]

E. N. Lorenz. Deterministic nonperiodic flow. Journal of the atmospheric sciences, 20(2):130--141, 1963.

[12]

L. Pareto. Teaching domain specific modeling. In Symposium at MODELS 2007, page 7, 2007.

[13]

P. Roberts. Abstract thinking: a predictor of modelling ability? 2009.

[14]

A. Tamrawi and S. Kothari. L-SAP: Scalable and Accurate Lock/Unlock Pairing Analysis for The Linux Kernel. Submitted to ACM Transactions on Software Engineering and Methodology.

[15]

A. Tamrawi and S. Kothari. Event-flow graphs for efficient path-sensitive analyses. arXiv preprint arXiv:1404.1279, 2014.

[16]

A. S. Tanenbaum and H. Bos. Modern operating systems. Prentice Hall Press, 2014.

Digital Library

Cited By

Kothari SAwadhutkar PTamrawi AMathews J(2017)Modeling lessons from verifying large software systems for safety and security2017 Winter Simulation Conference (WSC)10.1109/WSC.2017.8247886(1431-1442)Online publication date: Dec-2017
https://doi.org/10.1109/WSC.2017.8247886
Kothari SAwadhutkar PTamrawi A(2016)Insights for Practicing Engineers from a Formal Verification Study of the Linux Kernel2016 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)10.1109/ISSREW.2016.9(264-270)Online publication date: Oct-2016
https://doi.org/10.1109/ISSREW.2016.9

Let's verify Linux: accelerated learning of analytical reasoning through automation and collaboration

Recommendations

Let's verify this with Why3

We present solutions to the three challenges of the VerifyThis competition held at the 18th FM symposium in August 2012. These solutions use the Why3 environment for deductive program verification.
Linux: The Complete Reference
Linux: The Complete Reference

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ICSE '16: Proceedings of the 38th International Conference on Software Engineering Companion

May 2016

946 pages

ISBN:9781450342056

DOI:10.1145/2889160

General Chair:
Laura Dillon
Michigan State University
,
Program Chairs:
Willem Visser
Stellenbosch University, South Africa
,
Laurie Williams
North Carolina State University

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

ACM: Association for Computing Machinery
SIGSOFT: ACM Special Interest Group on Software Engineering
IEEE-CS\TCSE: TC on Software Engineering
IEEE-CS\DATC: IEEE Computer Society

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 May 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Defense Advanced Research Projects Agency

Conference

ICSE '16

Sponsor:

ACM
SIGSOFT
IEEE-CS\TCSE
IEEE-CS\DATC

ICSE '16: 38th International Conference on Software Engineering

May 14 - 22, 2016

Texas, Austin

Acceptance Rates

Overall Acceptance Rate 276 of 1,856 submissions, 15%

Upcoming Conference

ICSE 2025

2025 IEEE/ACM 46th International Conference on Software Engineering

April 26 - May 3, 2025

Ottawa , ON , Canada

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
342
Total Downloads

Downloads (Last 12 months)53
Downloads (Last 6 weeks)6

Reflects downloads up to 24 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Kothari SAwadhutkar PTamrawi AMathews J(2017)Modeling lessons from verifying large software systems for safety and security2017 Winter Simulation Conference (WSC)10.1109/WSC.2017.8247886(1431-1442)Online publication date: Dec-2017
https://doi.org/10.1109/WSC.2017.8247886
Kothari SAwadhutkar PTamrawi A(2016)Insights for Practicing Engineers from a Formal Verification Study of the Linux Kernel2016 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)10.1109/ISSREW.2016.9(264-270)Online publication date: Oct-2016
https://doi.org/10.1109/ISSREW.2016.9

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents