An Integrated Approach to High Integrity Software Verification

Ireland, Andrew; Ellis, Bill J.; Cook, A.; Chapman, Roderick; Barnes, Janet

doi:10.1007/s10817-006-9034-1

Cited by 10 publications

(10 citation statements)

References 41 publications

(46 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Proof planning: also continued to be a constant theme [5,12,22,25] with an additional ingredient of the automatic learning of new proof methods [27,43] from example proofs. Verification: of computer systems was the main application of inductive proof [18,35,38,41,52,58,64], with a continuing interest in the synthesis of programs from their specifications [2,7,24,49] and a new interest in security applications [1,59]. Despite Turing's proof of the undecidability of the halting problem, in practice it has proved possible to prove the termination of most naturally-occurring, wellfounded programs.…”

Section: The Ciao Workhopsmentioning

confidence: 99%

European collaboration on automated reasoning

Bundy

2014

AI Communications

View full text Add to dashboard Cite

I provide a personal perspective of a European collaboration in the area of automated reasoning. I describe the birth and growth of this collaboration and give a snapshot of its current state. My involvement started with a two-way collaboration on inductive theorem proving between my group in Edinburgh and Siekmann's group in Saarbrücken, but this grew to broaden both in research area and geographical area. It focused on several series of workshops/conferences, research grants and bilateral lab visits, and established both new applications and collaborations with researchers outwith automated reasoning.

show abstract

Section: The Ciao Workhopsmentioning

confidence: 99%

European collaboration on automated reasoning

Bundy

2014

AI Communications

View full text Add to dashboard Cite

show abstract

“…For an assignment statement, for instance, the Examiner may generate a verification condition that assigning to the variable a value outside the range defined in the variable declaration is impossible. If this theorem cannot be proved, the program is thought not to be reliable [5,15,23]. The Examiner itself is written in SPARK, and therefore subject to its own analysis.…”

Section: Spark Examiner: An Industrial Examplementioning

confidence: 99%

A Framework for Developing Feature-Rich Software Systems

Tun

Chapman

Haley

et al. 2009

2009 16th Annual IEEE International Conference and Workshop on the Engineering of Computer Based Systems

View full text Add to dashboard Cite

show abstract

“…As mentioned in the introduction, Ellis and Ireland [18] have used proof-planning to identify how to strengthen loop invariants.…”

Section: Invariant Generationmentioning

confidence: 99%

“…Notable earlier work on improving the verification of Spark programs is by Ellis and Ireland [18]. They used a proofplanning and recursion analysis approach to analyse failed proofs of VCs involving loops to identify how to strengthen loop invariants.…”

Section: Introductionmentioning

confidence: 99%

Using SMT solvers to verify high-integrity programs

Jackson

Ellis

Sharp

2007

Proceedings of the Second Workshop on Automated Formal Methods

Self Cite

View full text Add to dashboard Cite

In this paper we report on our experiments in using the currently popular Smt (Sat Modulo Theories) solvers Yices [10] and Cvc3 [1] and the Simplify theorem prover [9] to discharge verification conditions (VCs) from programs written in the Spark language [5]. Spark is a subset of Ada used primarily in high-integrity systems in the aerospace, defence, rail and security industries. Formal verification of Spark programs is supported by tools produced by the UK company Praxis High Integrity Systems. These tools include a VC generator and an automatic prover for VCs.We find that Praxis's prover can prove more VCs than Yices, Cvc3 or Simplify because it can handle some relatively simple non-linear problems, though, by adding some axioms about division and modulo operators to Yices, Cvc3 and Simplify, we can narrow the gap. One advantage of Yices, Cvc3 and Simplify is their ability to produce counterexample witnesses to VCs that are not valid.This work is the first step in a project to increase the fraction of VCs from current Spark programs that can be proved automatically and to broaden the range of properties that can be automatically checked. For example, we are interested in improving support for non-linear arithmetic and automatic loop invariant generation.

show abstract

An Integrated Approach to High Integrity Software Verification

Cited by 10 publications

References 41 publications

European collaboration on automated reasoning

European collaboration on automated reasoning

A Framework for Developing Feature-Rich Software Systems

Using SMT solvers to verify high-integrity programs

Contact Info

Product

Resources

About