Skip to main content
SpringerLink
Log in

Building a push-button RESOLVE verifier: Progress and challenges

  • Original Article
  • Published:
Formal Aspects of Computing

Abstract

A central objective of the verifying compiler grand challenge is to develop a push-button verifier that generates proofs of correctness in a syntax-driven fashion similar to the way an ordinary compiler generates machine code. The software developer’s role is then to provide suitable specifications and annotated code, but otherwise to have no direct involvement in the verification step. However, the general mathematical developments and results upon which software correctness is based may be established through a separate formal proof process in which proofs might be mechanically checked, but not necessarily automatically generated. While many ideas that could conceivably form the basis for software verification have been known “in principle” for decades, and several tools to support an aspect of verification have been devised, practical fully automated verification of full software behavior remains a grand challenge. This paper explains how RESOLVE takes a step towards addressing this challenge by integrating foundational and practical elements of software engineering, programming languages, and mathematical logic into a coherent framework. Current versions of the RESOLVE verifier generate verification conditions (VCs) for the correctness of component-based software in a modular fashion—one component at a time. The VCs are currently verified using automated capabilities of the Isabelle proof assistant, the SMT solver Z3, a minimalist rewrite prover, and some specialized decision procedures. Initial experiments with the tools and further analytic considerations show both the progress that has been made and the challenges that remain.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Aichernig BK, Larson PG (1997) A proof obligation generator for VDM-SL, In: Proc. FME 4, LNCS 1313. Springer, New York

  2. Alkassar E, Hillebrand M, Leinenbach D, Schirmer NW, Starostin A (2008) The Verisoft approach to system verification. In: Proc. VSTTE 2008. Springer, New York

  3. Barnes J (2002) High-integrity Ada: the Spark approach. Addison-Wesley, USA

    Google Scholar 

  4. Barnett M, Chang BYE et al (2006) Boogie: a modular reusable verifier for object-oriented programs. In: de Boer FS, Bonsangue MM, de Roever W-P (eds) Proc. FMCO 4, LNCS 4111. Springer, pp 364–387

  5. Barnett M, Leino KR, Schulte W (2004) The Spec# programming system: an overview. In: Burdy L, Huisman M (eds) Construction and analysis of safe, secure and interoperable smart devices international workshop, LNCS 3362. Springer, pp 49–69

  6. Barrett C, Tinelli C (2007) CVC3. In: Damm W, Hermanns H (eds) Proc. CAV 19, LNCS 4590. Springer, pp 298–302

  7. Bradley A, Manna Z (2007) The calculus of computation: decision procedures with applications to verification. Springer, New York

    MATH  Google Scholar 

  8. Burdy L, Cheon Y, Cok D, Ernst M, Kiniry J, Leavens GT, Leino KRM, Poll E (2005) An overview of JML tools and applications. STTT 7(3): 212–232

    Article  Google Scholar 

  9. Cok D (2008) Adapting JML to generic types and Java 1.6. In: Proc. SAVCBS, pp 27–35. http://www.eecs.ucf.edu/SAVCBS/2008/SAVCBS08-proceedings.pdf

  10. The Coq proof assistant reference manual version v8.1. ftp://ftp.inria.fr/INRIA/coq/current/doc/Reference-Manual.pdf

  11. Darvas Á, Müller P (2006) Reasoning about method calls in interface specifications. J Object Technol (JOT) 5(5): 50–85

    Google Scholar 

  12. de Moura L, Bjørner N (2008) Z3: An efficient SMT solver. In: Proc. TACAS, pp 337–340

  13. Detlefs DL, Leino KRM, Nelson G, Saxe JB (1998) Extended static checking. Research Report 159, Compaq Systems Research Center

  14. Detlefs D, Nelson G, Saxe JB (2005) Simplify: a theorem prover for program checking. JACM 52(2):365–473

    Google Scholar 

  15. Ernst GW, Hookway RJ, Ogden WF (1994) Modular verification of data abstractions with shared realizations. IEEE TSE 20(4): 288–307

    Google Scholar 

  16. Ferro A, Omodeo EG, Schwartz JT (1980) Decision procedures for elementary sublanguages of set theory. I. Multi-level syllogistic and some extensions. Commun Pure Appl Math 33: 599–608

    Article  MathSciNet  MATH  Google Scholar 

  17. Filliâtre J, Marché C (2007) The Why/Krakatoa/Caduceus platform for deductive program verification. In: Damm W, Hermanns H (eds) Proc. CAV 19, LNCS 4590. Springer, New York

  18. Friedman HM (2009) Deciding statements about strings with applications to program verification. OSU-CISRC-8/09-TR42, Department of Computer Science and Engineering, The Ohio State University

  19. Ghilardi S, Nicolini E, Ranise S, Zucchelli D (2007) Decision procedures for extensions of the theory of arrays. Ann Math Artif Intell 50(3–4): 231–254

    Article  MathSciNet  MATH  Google Scholar 

  20. Harrison J (2008) Formal proof—theory and practice. Notices of the AMS 55: 1395–1406

    MATH  Google Scholar 

  21. Harms DE, Weide BW (1991) Copying and swapping: influences on the design of reusable software components. IEEE TSE 17(5): 424–435

    Google Scholar 

  22. Harton HK, Sitaraman M, Krone J (2008) Formal program verification. In: Wah B (eds) Wiley Encyclopedia of Computer Science and Engineering.. Wiley, London

    Google Scholar 

  23. Heym W (1995) Computer program verification: improvements for human reasoning. Ph.D. thesis, The Ohio State University

  24. Hoare CAR (1972) Proof of correctness of data representations. Acta Inform 1: 271–281

    Article  MATH  Google Scholar 

  25. Hoare CAR (2003) The verifying compiler: a grand challenge for computing research. JACM 50: 63–69

    Article  Google Scholar 

  26. Hoare CAR, Misra J, Leavens GT, Shankar N (2007) The verified software initiative: a manifesto, http://qpq.csl.sri.com/vsr/manifesto.pdf/vie.. Accessed December 2008

  27. Hollingsworth JE, Blankenship L, Weide BW (2000) Experience report: using RESOLVE/C++ for commercial software. In: Schneir B (ed) Proc. FSE. ACM, pp 11–19

  28. Jackson D (2006) Software abstractions: logic, language, and analysis. MIT Press, Cambridge

  29. Jones CB (2003) The early search for tractable ways of reasoning about programs. IEEE Ann Hist Comput 25(2): 26–49

    Article  MathSciNet  Google Scholar 

  30. Karabotsos G, Chalin P, James PR, Giannas L (2008) Total correctness of recursive functions using JML4 FSPV. In: Proc. SAVCBS, pp 19–27. http://www.eecs.ucf.edu/SAVCBS/2008/SAVCBS08-proceedings.pdf

  31. King JC (1970) A Program Verifier. Ph.D. dissertation, Carnegie Tech, 261 pp

  32. Kirschenbaum J, Harton HK, Sitaraman M (2008) A case study in automated verification. In: Shankar N (ed) Proc. CAV AFM Workshop

  33. Kirschenbaum J, Adcock B, Bronish D, Smith H, Harton H, Sitaraman M, Weide BW (2009) Verifying component-based software: deep mathematics or simple bookkeeping? In: Edwards SH, Kulczycki G (eds) Proc. ICSR 11, LNCS 5791. Springer, pp 31–40

  34. Krone J (1988) The role of verification in software reusability. Ph.D. Thesis, The Ohio State University

  35. Kulczycki G, Sitaraman M, Yasmin N, Roche K (2008) Formal specification. In: Wah B (eds) Wiley Encyclopedia of Computer Science and Engineering.. Wiley, London

    Google Scholar 

  36. Kulczycki G (2004) Direct reasoning, Ph.D. Dissertation, Clemson University

  37. Kulczycki G, Sitaraman M, Weide BW, Rountev A (2006) A specification-based approach to reasoning about pointers. ACM SIGSOFT Softw Eng Notes 31: 55–62

    Article  Google Scholar 

  38. Leavens GT, Baker AL, Ruby C (2006) Preliminary design of JML: a behavioral interface specification language for Java. ACM Softw Eng Notes 31: 1–38

    Article  Google Scholar 

  39. Leavens GT, Abrial J-R, Batory D, Butler M, Coglio A, Fisler K, Hehner E, Jones C, Miller D, Peyton-Jones S, Sitaraman M, Smith DR, Stump A (2006) Roadmap for enhanced languages and methods to aid verification. In: Proc. GPCE 5. ACM Press, New York, pp 221–236

  40. Leavens GT, Leino KRM, Müller P (2008) Specification and verification challenges for sequential object-oriented programs. Formal Aspects Comput 19(2): 159–189

    Article  Google Scholar 

  41. Leinenbach D, Paul W, Petrova E (2005) Towards the formal verification of a C0 compiler: code generation and implementation correctness. SEFM 3: 2–11

    Google Scholar 

  42. Leino KRM, Müller P, Wallenburg A (2008) Flexible immutability with frozen objects. In: Shankar N (ed) Proc. VSTTE 2008, LNCS 5295. Springer, New York, pp 192–208

  43. Leino KRM, Müller P (2008) Using the Spec# language, methodology, and tools to write bug-free programs. LASER 2007/2008 Lecture Notes, Springer, New York

  44. Leino KRM (2010) Dafny: An automated program verifier for functional correctness. In: Proc. LPAR 16 (in press)

  45. Meyer B (1992) Applying design by contract. Computer 25: 40–51

    Article  Google Scholar 

  46. Müller P, Poetzsch-Heffter A (2000) Modular specification and verification techniques for object-oriented software components. In: Leavens GT, Sitaraman M (eds) Foundations of component-based systems.. Cambridge University Press, London

    Google Scholar 

  47. Nipkow T, Paulson LC, Wenzel M (2002) Isabelle/HOL: a proof assistant for higher-order logic. LNCS 2283. Springer, New York

  48. Owre S, Rajan SP, Rushby JM, Shankar N, Srivas M (1996) PVS: combining specification, proof checking, and model checking. In: Alur R, Henzinger TA (eds) Proc. CAV, LNCS 1102. Springer, Berlin, pp 411–414

  49. Riazanov A, Voronkov A (2002) The design and implementation of VAMPIRE.. AI Commun 15: 91–110

    MATH  Google Scholar 

  50. Schulz S (2004) System abstract: E 0.81. In: Proc. 2nd IJCAR. LNAI 3097. Springer, Berlin, pp 223–228

  51. Sitaraman M, Weide BW (1994) Component-based software using RESOLVE. ACM SIGSOFT Softw Eng Notes 19: 21–67

    Article  Google Scholar 

  52. Sitaraman M, Weide BW, Ogden WF (1997) On the practical need for abstraction relations to verify abstract data type representations. IEEE TSE 23(3): 157–170

    Google Scholar 

  53. Sitaraman M, Atkinson S, Kulczycki G, Weide B, Long T, Bucci P, Pike S, Heym W, Hollingsworth J (2000) Reasoning about software-component behavior. In: Proc. ICSR 6, LCNS 1844. Springer, Berlin, pp 266–283

  54. Smith H, Roche K, Sitaraman M, Krone J, Ogden WF (2008) Integrating math units and proof checking for specification and verification. In: Proc. SAVCBS, pp 59–66. http://www.eecs.ucf.edu/SAVCBS/2008/SAVCBS08-proceedings.pdf

  55. Smith H, Harton H, Frazier D, Mohan R, Sitaraman M (2009) Generating verified Java components through RESOLVE. In: Edwards SH, Kulczycki G (eds) Proc. ICSR 11, LNCS 5791. Springer, Berlin, pp 11–20

  56. Weide BW, Sitaraman M, Harton HK , Adcock B, Bucci P, Bronish D, Heym WD, Kirschenbaum J, Frazier D (2008) Incremental benchmarks for software verification tools and techniques. In: Shankar N (ed) Proc. VSTTE 2008, LNCS 5295. Springer, Berlin, pp 84–98

  57. Weide BW, Heym W (2001) Specification and verification with references. In: Proc. SAVCBS, pp 50–59

  58. Weide BW, Edwards SH, Harms DE, Lamb DA (1994) Design and specification of iterators using the swapping paradigm. IEEE TSE 20(8): 631–643

    Google Scholar 

  59. Wing JM (1990) A specifier’s introduction to formal methods. IEEE Comput 23(9): 8–24

    Google Scholar 

  60. Zee K, Kuncak V, Rinard M C (2008) Full functional verification of linked data structures. In: Proc. PLDI. ACM Press, New York, pp 349–361

  61. Zee K, Kuncak V, Rinard MC (2009) An integrated proof language for imperative programs. In: Proc. PLDI. ACM Press, New York, pp 338–351

Download references

Author information

Authors and Affiliations

  1. School of Computing, Clemson University, Clemson, SC, 29634, USA

    Murali Sitaraman, David Frazier, Heather Harton & Hampton Smith

  2. Department of Computer Science and Engineering, The Ohio State University, Columbus, OH, 43210, USA

    Bruce Adcock, Derek Bronish, Paolo Bucci, Harvey M. Friedman, Wayne Heym, Jason Kirschenbaum & Bruce W. Weide

  3. Department of Philosophy, Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    Jeremy Avigad

  4. Department of Mathematics, The Ohio State University, Columbus, OH, 43210, USA

    Harvey M. Friedman

  5. Department of Mathematics and Computer Science, Denison University, Granville, OH, 43023, USA

    Joan Krone

Authors
  1. Murali Sitaraman
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bruce Adcock
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jeremy Avigad
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Derek Bronish
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Paolo Bucci
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. David Frazier
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Harvey M. Friedman
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Heather Harton
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Wayne Heym
    View author publications

    You can also search for this author in PubMed Google Scholar

  10. Jason Kirschenbaum
    View author publications

    You can also search for this author in PubMed Google Scholar

  11. Joan Krone
    View author publications

    You can also search for this author in PubMed Google Scholar

  12. Hampton Smith
    View author publications

    You can also search for this author in PubMed Google Scholar

  13. Bruce W. Weide
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Murali Sitaraman.

Additional information

T. Margaria, D. Kröning and J. Woodcock

Rights and permissions

Reprints and permissions

About this article

Cite this article

Sitaraman, M., Adcock, B., Avigad, J. et al. Building a push-button RESOLVE verifier: Progress and challenges. Form Asp Comp 23, 607–626 (2011). https://doi.org/10.1007/s00165-010-0154-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00165-010-0154-3

Keywords

Search

Navigation