1 / 17

Formal Methods: Three suggestions for rapid adoption

Formal Methods: Three suggestions for rapid adoption. Wolfram Schulte RiSE, MSR Workshop on Usable Verification 11/15/2010 . First. Build on the shoulder of giants: Unify and leverage tool chains. From Program analysis tools in 2000-2003…. Slam Model- checker Simple Decision

gada
Download Presentation

Formal Methods: Three suggestions for rapid adoption

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Formal Methods: Three suggestions for rapid adoption Wolfram Schulte RiSE, MSR Workshop on Usable Verification 11/15/2010

  2. First Build on the shoulder of giants:Unify and leverage tool chains

  3. From Program analysis tools in 2000-2003… Slam Model-checker SimpleDecision Procedure Fugue Dataflow Analyzer Abstract Domains Prefix/Prefast SymbolicInterpret. CustomDecision Procedure ESP Dataflow Analyzer Abstract Domains

  4. … to formal methods tools in 2004-2010… Formula Fine Bek SymDiff VCC Spec# Poirot Havoc Pex CodeContracts Sage Daphne Chalice Rex Boogie SymAutom Z3 Isabelle Simplify

  5. ….to…

  6. Second Specifications for free: Embrace developer languages

  7. CodeContracts • Use a language agnostic library to author contracts • Enables runtime and compile-time checking based on AI • Supports full scenario: author, check, view, doc • Authoring ships in VS 2010, > 50k downloads for tools, key feature

  8. CodeContracts: Code as Specifications • Use a language agnostic library to author contracts • Enables static and dynamic checking • Contracts support “squiggles”, views, doc.- generation • Authoring ships in VS 2010, > 50k downloads for tools static intMinIndex(int[] data) { Contract.Requires(data != null); Contract.Ensures(Contract.Result<int>() >= -1); Contract.Ensures(Contract.Result<int>() < data.Length); var result = -1; for (int i = 0; i < data.Length; i++) result = (result<0 || data[i]<data[result]) i: result; return result; }

  9. Pex: Tests as Specifications • Embrace Unit Tests/Test Driven Development • Supports auto. test case gen./environment isolation (Moles) • Uses extended reflection and dynamic symbolic execution • Pex as powertools for VS 2010, Moles for VS 2012, >70k downloads void ReadWrite(string name, string data) {Assume.IsTrue(name != null && data != null); Write(name, data);varreadData = Read(name); Assert.AreEqual(data, readData); }  string name, string data: name ≠ null ⋀ data ≠ null ⇒ equals( ReadResource(name,WriteResource(name,data)),data)

  10. SymDiff: Programs as Specifications • Addresses AppCompat/Versioning problem • Performs static semantic diff of closely related programs • Uses boogie, etc to check where programs are different

  11. Pex4Fun: Programs as Puzzles

  12. Third Catch flaws early:from code to design analysis

  13. Formulafor Modeling Provide a general/intermediate language for capturing model-based abstractions, and support automated model synthesis in any direction. Formal descriptions of design spaces and reachability problems (in progress) Module system for composing specs and crossing abstraction boundaries Core formal specification language (CLP with negation over regular types) Use-case: Formalize domain-specific abstractions Use-case: Combine/relate specs with help from the language Use-case: Design-space exploration / model synthesis

  14. Formula’s Model Synthesis Given a spec and a partial model, then symbolic execution constructs a formula representing the design space. Formula Specification Add symmetry breaking Symbolic Execution Z3 Solver SMT Formula Reconstruct FORMULA model Infer Cardinality bounds on data type instances Encode solution region Try something new Pick next region

  15. Formula: Applications Translate your logic/configuration/constraint /… problem into Formula: • Software/Hardware Mappings: Autozar/Muscle controller • Architectures for the cloud: ECM • Policy management and generic policy engines: Dkal, SecPal, etc • VM provisioning for the cloud: Systemcenter • UML/DSL mappings…

  16. Summary: Usable Verification • Build on the shoulder of giants: Unify and leverage tool chains • Specifications for free: Embrace developer languages • Catch flaws early:From code to design analysis

  17. And use modern media to tell aboutsuccess stories usable verification

More Related