Are We There Yet? 20 Years of Industrial Theorem Proving with SPARK

  • Roderick Chapman
  • Florian Schanda
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8558)


This paper presents a retrospective of our experiences with applying theorem proving to the verification of SPARK programs, both in terms of projects and the technical evolution of the language and tools over the years.


Formal Methods Program Verification Theorem Proving SPARK 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barnes, J., Chapman, R., Johnson, R., Widmaier, J., Cooper, D., Everett, B.: Engineering the Tokeneer enclave protection software. In: 1st IEEE International Symposium on Secure Software Engineering (March 2006)Google Scholar
  2. 2.
    Barnes, J.: SPARK: The Proven Approach to High Integrity Software. Altran Praxis (2012)Google Scholar
  3. 3.
    Barrett, C., Conway, C.L., Deters, M., Hadarean, L., Jovanović, D., King, T., Reynolds, A., Tinelli, C.: CVC4. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 171–177. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  4. 4.
    Berghofer, S.: Verification of dependable software using SPARK and isabelle. In: SSV, pp. 15–31 (2011)Google Scholar
  5. 5.
    Bobot, F., Filliâtre, J.C., Marché, C., Paskevich, A.: Why3: Shepherd your herd of provers. In: Boogie 2011: First International Workshop on Intermediate Verification Languages, Wrocław, Poland, pp. 53–64 (August 2011),
  6. 6.
    Brain, M., Schanda, F.: A lightweight technique for distributed and incremental program verification. In: Joshi, R., Müller, P., Podelski, A. (eds.) VSTTE 2012. LNCS, vol. 7152, pp. 114–129. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Chapman, R., Botcazou, E., Wallenburg, A.: SPARKSkein: A formal and fast reference implementation of skein. In: Simao, A., Morgan, C. (eds.) SBMF 2011. LNCS, vol. 7021, pp. 16–27. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Conchon, S., Contejean, E., Kanig, J.: Ergo: A theorem prover for polymorphic first-order logic modulo theories (2006),
  9. 9.
    Cullyer, W., Goodenough, S., Wichmann, B.: The choice of computer languages for use in safety-critical systems. Software Engineering Journal 6(2), 51–58 (1991)CrossRefGoogle Scholar
  10. 10.
    D’Silva, V., Haller, L., Kroening, D.: Abstract conflict driven learning. In: POPL, pp. 143–154 (2013)Google Scholar
  11. 11.
    Ferrante, J., Ottenstein, K.J., Warren, J.D.: The program dependence graph and its use in optimization. ACM Trans. Program. Lang. Syst. 9(3), 319–349 (1987), CrossRefzbMATHGoogle Scholar
  12. 12.
    Fitzpatrick, B., et al.: Memcached - a distributed memory object caching system (2003),
  13. 13.
    German, A.: Software static code analysis lessons learned. Crosstalk 16(11) (2003)Google Scholar
  14. 14.
    Horwitz, S., Reps, T., Binkley, D.: Interprocedural slicing using dependence graphs. In: Proceedings of the ACM SIGPLAN 1988 Conference on Programming Language Design and Implementation, PLDI 1988, pp. 35–46. ACM, New York (1988), CrossRefGoogle Scholar
  15. 15.
    Jackson, P.B., Passmore, G.O.: Proving SPARK verification conditions with smt solvers. Technical Report, University of Edinburgh (2009)Google Scholar
  16. 16.
    King, S., Hammond, J., Chapman, R., Pryor, A.: Is proof more cost-effective than testing? IEEE Transactions on Software Engineering 26(8), 675–686 (2000)CrossRefGoogle Scholar
  17. 17.
    Mehta, N.: Cve-2014-0160 (April 2014)Google Scholar
  18. 18.
    Middleton, P., Sutton, J.: Lean Software Strategies: Proven Techniques for Managers and Developers. Productivity Press (2005)Google Scholar
  19. 19.
    O’Neill, I.: Logic Programming Tools and Techniques for Imperative Program Verification. Ph.D. thesis, University of Southampton (1987)Google Scholar
  20. 20.
    Parnas, D.L., Madey, J., Iglewski, M.: Precise documentation of well-structured programs. IEEE Transactions on Software Engineering 20(12), 948–976 (1994)CrossRefGoogle Scholar
  21. 21.
    Rolfe, M.: How technology is transforming air traffic management,
  22. 22.
    RTCA: DO-178C: Software considerations in airborne systems and equipment certification (2011)Google Scholar
  23. 23.
    RTCA: DO-333: Formal methods supplement to do-178c and do-278a (2011)Google Scholar
  24. 24.
    Schanda, F., Brain, M.: Using answer set programming in the development of verified software. In: ICLP (Technical Communications), pp. 72–85 (2012)Google Scholar
  25. 25.
    Schneier, B., Ferguson, N., Lucks, S., Whiting, D., Bellare, M., Kohno, T., Walker, J., Callas, J.: The skein hash function family. Submission to NIST (Round 3) (2010)Google Scholar
  26. 26.
  27. 27.
  28. 28.
    Woodcock, J., Aydal, E.G., Chapman, R.: The Tokeneer Experiments. In: Reflections on the Work of CAR Hoare, pp. 405–430. Springer (2010)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Roderick Chapman
    • 1
  • Florian Schanda
    • 1
  1. 1.Altran UK LimitedBathUnited Kingdom

Personalised recommendations