Transforming Event B Models into Verified C# Implementations

Méry, Dominique; Monahan, Rosemary

doi:10.29007/9wm9

Cited by 6 publications

(21 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, due to the computation complexity of the software verification, these works only verify a subset of system properties, which means that the correctness is only partially ensured. The correctness of the translation has been addressed in previous studies . Méry and Singh intended to verify the generated and implemented code using meta‐proof and software model checking tools such as Basic Local Alignment Search Tool, which can check temporal safety properties of C program.…”

Section: Related Workmentioning

confidence: 99%

“…At the time of writing, the mentioned idea was not yet implemented by them, and the details on the meta‐proof and the checking of properties were not provided; it is thus difficult to evaluate the limits of this proposal. The work of Méry and Monahan generates verified C# code in a static program verification environment, namely, the Spec# programming system, that is based on deductive verification of function contracts. For a given function f, any individual call of f is proven to respect its contract, that is basically an implication with given precondition and postcondition.…”

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

“…Existing works have proposed partial solutions for the above challenges. Some works provided code generators for various programming languages but did not yet discuss the correctness of the generated code . The correctness issue of the generated code has been partially addressed in the works, but none can completely guarantee the correctness of the generated code due to the above challenges.…”

Section: Introductionmentioning

confidence: 99%

“…(3) Current Event-B method depends on the integer arithmetic. If the target system depends on the floating-point arithmetic (FPA), a verification method for the FPA design is needed to complement the Rodin platform.Existing works 10,11,17,18,24,25,30,34 have proposed partial solutions for the above challenges. Some works provided code generators for various programming languages but did not yet discuss the correctness of the generated code.…”

mentioning

confidence: 99%

See 4 more Smart Citations

Correct‐by‐construction specification to verified code

Dieumegard

Jenn

et al. 2018

J Software Evolu Process

View full text Add to dashboard Cite

Event‐B is a formal notation and method for the systems development. The key feature of this method is to produce correct‐by‐construction system designs. Once the correct design is established, the remaining work is to generate or implement correct code from the design. Two main problems remain in the process from the correct‐by‐construction design to the correct software. First, the Event‐B design is “quasi‐correct” due to some technical limitations. For instance, it is still difficult to prove the liveness properties by the Rodin platform; it is not possible to construct the Event‐B design with floating‐point arithmetic, and sometimes, the Event‐B model is incomplete and must rely on the third‐party libraries. Therefore, a method is needed to complement these modeling and proof gaps. Secondly, proving the correctness of an automatic code generator is very difficult; therefore, a method is needed to guarantee the correctness of the produced code without proving the code generator. In this article, we address the above 2 problems by introducing an intermediate formal language called High‐Level Language (HLL) between the Event‐B models and the C code. The Event‐B model is translated to HLL with an additional schedule configuration, where Event‐B invariants and system invariants (here, deadlock‐freeness and liveness properties) are proved using a SAT‐based model checker called S3. This proof guarantees the correctness of the HLL model with respect to the Event‐B model. The C code is then automatically generated from the HLL model for most functions and is manually implemented for the third‐party ones according to the function contracts defined in Event‐B. The correctness of the generated C code is guaranteed using the equivalence proof, and the correctness of the implemented C code is guaranteed using the conformance proof. Through the article, we use a traffic light controller to illustrate the proposed method; then, we apply the method to an automatic protection function of a 3‐wheeled robot to evaluate its feasibility.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

mentioning

confidence: 99%

See 3 more Smart Citations

Correct‐by‐construction specification to verified code

Dieumegard

Jenn

et al. 2018

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques

Margaria¹,

Steffen²

2016

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We report on our progress-to-date in implementing a software development environment which integrates the efforts of two formal software engineering techniques: program refinement as supported by Event B and program verification as supported by the Spec# programming system. Our objective is to improve the usability of formal verification tools by providing a general framework for integrating these two approaches to software verification. We show how the two approaches Correctness-by-Construction and Post-hoc Verification can be used in a productive way. Here, we focus on the final steps in this process where the final concrete specification is transformed into an executable algorithm. We present EB2RC, a plug-in for the Rodin platform, that reads in an Event B model and uses the control framework introduced during its refinement to generate a graphical representation of the executable algorithm. EB2RC also generates a recursive algorithm that is easily translated into executable code. We illustrate our technique through case studies and their analysis.

show abstract

Refinement-based Construction of Correct Distributed Algorithms

Méry

2021

2021 Second International Conference on Information Systems and Software Technologies (ICI2ST)

Self Cite

View full text Add to dashboard Cite

The verification of distributed algorithms is a challenge for formal techniques supported by tools, as model checkers and proof assistants. The difficulties, even for powerful tools, lie in the derivation of proofs of required properties, such as safety and eventuality, for distributed algorithms. Verification by construction can be achieved by using a formal framework in which models are constructed at different levels of abstraction; each level of abstraction is refined by the one below, and this refinement relationships is documented by an abstraction relation namely a gluing invariant. The highest levels of abstraction are used to express the required behavior in terms of the problem domain and the lowest level of abstraction corresponds to an implementation from which an efficient implementation can be derived automatically. We describe a methodology based on the general concept of refinement and used for developing distributed algorithms satisfying a given list of safety and liveness properties. We will show also how formal models can be used for producing distributed programs of a real programming language. The modelling methodology is defined in the Event-B modelling language using the Rodin Formal IDE.

show abstract

Transforming Event B Models into Verified C# Implementations

Cited by 6 publications

References 11 publications

Correct‐by‐construction specification to verified code

Correct‐by‐construction specification to verified code

Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques

Refinement-based Construction of Correct Distributed Algorithms

Contact Info

Product

Resources

About