Advertisement

A Specification Language for Static and Runtime Verification of Data and Control Properties

  • Wolfgang Ahrendt
  • Jesús Mauricio Chimento
  • Gordon J. Pace
  • Gerardo Schneider
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9109)

Abstract

Static verification techniques can verify properties across all executions of a program, but powerful judgements are hard to achieve automatically. In contrast, runtime verification enjoys full automation, but cannot judge future and alternative runs. In this paper we present a novel approach in which data-centric and control-oriented properties may be stated in a single formalism, amenable to both static and dynamic verification techniques. We develop and formalise a specification notation, ppDATE, extending the control-flow property language used in the runtime verification tool Larva with pre/post-conditions and show how specifications written in this notation can be analysed both using the deductive theorem prover KeY and the runtime verification tool Larva. Verification is performed in two steps: KeY first partially proves the data-oriented part of the specification, simplifying the specification which is then passed on to Larva to check at runtime for the remaining parts of the specification including the control-centric aspects. We apply the approach to Mondex, an electronic purse application.

Keywords

Smart Card Code Unit Path Condition Proof Obligation Monitor Variable 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    MasterCard International Inc. Mondex, http://www.mondexusa.com/
  2. 2.
  3. 3.
    Ahrendt, W., Pace, G., Schneider, G.: A Unified Approach for Static and Runtime Verification: Framework and Applications. In: Margaria, T., Steffen, B. (eds.) ISoLA 2012, Part I. LNCS, vol. 7609, pp. 312–326. Springer, Heidelberg (2012)Google Scholar
  4. 4.
    Artho, C., Biere, A.: Combined static and dynamic analysis. In: AIOOL 2005. ENTCS, vol. 131, pp. 3–14 (2005)Google Scholar
  5. 5.
    Barnes, J.: SPARK: The Proven Approach to High Integrity Software. Altran Praxis, UK (2012), http://www.altran.co.uk Google Scholar
  6. 6.
    Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: An overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 49–69. Springer, Heidelberg (2005)Google Scholar
  7. 7.
    Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of Object-Oriented Software. LNCS, vol. 4334. Springer, Heidelberg (2007)Google Scholar
  8. 8.
    Bodden, E., Hendren, L., Lhoták, O.: A staged static program analysis to improve the performance of runtime monitoring. In: Ernst, E. (ed.) ECOOP 2007. LNCS, vol. 4609, pp. 525–549. Springer, Heidelberg (2007)Google Scholar
  9. 9.
    Christakis, M., Müller, P., Wüstholz, V.: Collaborative verification and testing with explicit assumptions. In: Proceedings of the FM2012: Formal Methods - 18th International Symposium, Paris, France, August 27-31, pp. 132–146 (2012)Google Scholar
  10. 10.
    Colombo, C., Pace, G.J., Schneider, G.: Dynamic Event-Based Runtime Monitoring of Real-Time and Contextual Properties. In: Cofer, D., Fantechi, A. (eds.) FMICS 2008. LNCS, vol. 5596, pp. 135–149. Springer, Heidelberg (2009)Google Scholar
  11. 11.
    Colombo, C., Pace, G.J., Schneider, G.: LARVA - A Tool for Runtime Monitoring of Java Programs. In: SEFM 2009, pp. 33–37. IEEE Computer Society (2009)Google Scholar
  12. 12.
    Csallner, C., Smaragdakis, Y.: Check ’n’ crash: combining static checking and testing. In: 27th International Conference on Software Engineering, ICSE 2005, May 15-21, St. Louis, Missouri, USA, pp. 422–431 (2005)Google Scholar
  13. 13.
    Falzon, K., Pace, G.: Combining testing and runtime verification techniques. In: Machado, R.J., Maciel, R.S.P., Rubin, J., Botterweck, G. (eds.) MOMPES 2012. LNCS, vol. 7706, pp. 38–57. Springer, Heidelberg (2013)Google Scholar
  14. 14.
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended Static Checking for Java. In: Knoop, J., Hendren, L.J. (eds.) PLDI 2002, pp. 234–245. ACM (2002)Google Scholar
  15. 15.
    Ge, X., Taneja, K., Xie, T., Tillmann, N.: Dyta: dynamic symbolic execution guided with static verification results. In: Proceedings of the 33rd International Conference on Software Engineering, ICSE 2011, Waikiki, Honolulu, HI, USA, May 21-28, pp. 992–994 (2011)Google Scholar
  16. 16.
    Leavens, G.T., Poll, E., Clifton, C., Cheon, Y., Ruby, C., Cok, D., Müller, P., Kiniry, J., Chalin, P.: JML Reference Manual. Draft 1.200 (2007)Google Scholar
  17. 17.
    Stepney, S., Cooper, D., Woodcock, J.: An Electronic Purse: Specification, Refinement and Proof. Technical monograph PRG-126, Oxford University Computing Laboratory (2000)Google Scholar
  18. 18.
    Tillmann, N., de Halleux, J.: Pex-White Box Test Generation for.NET.. In: Beckert, B. (ed.) TAP. LNCS, vol. 4966, pp. 134–153. Springer, Heidelberg (2008)Google Scholar
  19. 19.
    Tonin, I.: Verifying the Mondex case study. The KeY approach. Technical Report 2007-4, Universität Karlsruhe (2007)Google Scholar
  20. 20.
    Wonisch, D., Schremmer, A., Wehrheim, H.: Zero Overhead Runtime Monitoring. In: Hierons, R.M., Merayo, M.G., Bravetti, M. (eds.) SEFM 2013. LNCS, vol. 8137, pp. 244–258. Springer, Heidelberg (2013)Google Scholar
  21. 21.
    Woodcock, J.: First Steps in the Verified Software Grand Challenge. In: SEW 2006, pp. 203–206. IEEE Computer Society (2006)Google Scholar
  22. 22.
    Zee, K., Kuncak, V., Taylor, M., Rinard, M.C.: Runtime Checking for Program Verification.. In: Sokolsky, O., Taşıran, S. (eds.) RV 2007. LNCS, vol. 4839, pp. 202–213. Springer, Heidelberg (2007)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Wolfgang Ahrendt
    • 1
  • Jesús Mauricio Chimento
    • 1
  • Gordon J. Pace
    • 2
  • Gerardo Schneider
    • 3
  1. 1.Chalmers University of TechnologyGothenburgSweden
  2. 2.University of MaltaMsidaMalta
  3. 3.University of GothenburgGothenburgSweden

Personalised recommendations