The Spec# Programming System: Challenges and Directions

  • Mike Barnett
  • Robert DeLine
  • Manuel Fähndrich
  • Bart Jacobs
  • K. Rustan M. Leino
  • Wolfram Schulte
  • Herman Venter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4171)


The Spec# programming system [4] is a new attempt to increase the quality of general purpose, industrial software. Using old wisdom, we propose the use of specifications to make programmer assumptions explicit. Using modern technology, we propose the use of tools to enforce the specifications. To increase its chances of having impact, we want to design the system so that it can be widely adopted.


Virtual Machine Program System Abstract Interpretation Frame Condition Type Checker 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A Modular Reusable Verifier for Object-Oriented Programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Barnett, M., DeLine, R., Fähndrich, M., Leino, K.R.M., Schulte, W.: Verification of object-oriented programs with invariants. Journal of Object Technology 3(6) (2004),
  3. 3.
    Barnett, M., Leino, K.R.M.: Weakest-precondition of unstructured programs. In: Proceedings of the 2005 ACM SIGPLAN-SIGSOFT Workshop on Program Analysis For Software Tools and Engineering, PASTE 2005, September 2005, ACM, New York (2005)Google Scholar
  4. 4.
    Mike Barnett, K., Rustan, M.: Leino, and Wolfram Schulte. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 49–69. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Barnett, M., Naumann, D.A.: Friends Need a Bit More: Maintaining Invariants Over Shared State. In: Kozen, D. (ed.) MPC 2004. LNCS, vol. 3125, pp. 54–84. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Barnett, M., Naumann, D.A., Schulte, W., Sun, Q.: 99.44% pure: Useful abstractions in specifications. In: Proceedings, 6th workshop on Formal Techniques for Java-like Programs (June 2004)Google Scholar
  7. 7.
    Chang, B.-Y.E., Leino, K.R.M.: Abstract Interpretation with Alien Expressions and Heap Structures. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 147–163. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  8. 8.
    Chang, B.-Y.E., Leino, K.R.M.: Inferring object invariants. In: Proceedings of First International Workshop on Abstract Interpretation of Object-Oriented Languages (AIOOL 2005) (2005)Google Scholar
  9. 9.
    Cheon, Y., Leavens, G.T., Sitaraman, M., Edwards, S.: Model variables: cleanly supporting abstraction in design by contract. Software—Practice and Experience 35(6), 583–599 (2005)CrossRefGoogle Scholar
  10. 10.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conference Record of the Fourth Annual ACM Symposium on Principles of Programming Languages, January 1977, pp. 238–252. ACM, New York (1977)Google Scholar
  11. 11.
    Cousot, P., Halbwachs, N.: Automatic discovery of linear restraints among variables of a program. In: Conference Record of the Fifth Annual ACM Symposium on Principles of Programming Languages, January 1978, pp. 84–96 (1978)Google Scholar
  12. 12.
    DeLine, R., Rustan, K., Leino, M.: BoogiePL: A typed procedural language for checking object-oriented programs. Technical report, Microsoft Research (2005)Google Scholar
  13. 13.
    Evans, D., Guttag, J.V., Horning, J.J., Tan, Y.M.: LCLint: A tool for using specifications to check code. In: Wile, D.S. (ed.) SIGSOFT 1994, Proceedings of the Second ACM SIGSOFT Symposium on Foundations of Software Engineering, December 1994. ACM SIGSOFT Software Engineering Notes, vol. 19(5), pp. 87–96 (1994)Google Scholar
  14. 14.
    Fähndrich, M., Leino, K.R.M.: Declaring and checking non-null types in an object-oriented language. In: Crocker, R., Steele Jr., G.L. (eds.) Proceedings of the 2003 ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications, OOPSLA 2003, October 2003. SIGPLAN Notices, vol. 38(11), pp. 302–312. ACM, New York (2003)Google Scholar
  15. 15.
    Jacobs, B., Leino, K.R.M., Piessens, F., Schulte, W.: Safe concurrency for aggregate objects with invariants. In: Aichernig, B.K., Beckert, B. (eds.) 3rd International Conference on Software Engineering and Formal Methods, September 2005, pp. 137–146. IEEE, Los Alamitos (2005)Google Scholar
  16. 16.
    Jacobs, B., Smans, J., Piessens, F., Schulte, W.: A statically verifiable programming model for concurrent object-oriented programs. In: Liu, Z., He, J. (eds.) ICFEM 2006. LNCS, vol. 4260, pp. 420–439. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  17. 17.
    Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: A behavioral interface specification language for Java. Technical Report 98-06-rev28, Iowa State University, Department of Computer Science, See (2003),
  18. 18.
    Rustan, K., Leino, M., Müller, P.: Object invariants in dynamic contexts. In Martin Odersky. In: Odersky, M. (ed.) ECOOP 2004. LNCS, vol. 3086, pp. 491–516. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  19. 19.
    Rustan, K., Leino, M., Müller, P.: Modular verification of static class invariants. In: Fitzgerald, J.S., Hayes, I.J., Tarlecki, A. (eds.) FM 2005. LNCS, vol. 3582, pp. 26–42. Springer, Heidelberg (2005)Google Scholar
  20. 20.
    Rustan, K., Leino, M., Müller, P.: A verification methodology for model fields. In: Sestoft, P. (ed.) ESOP 2006 and ETAPS 2006. LNCS, vol. 3924, pp. 115–130. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  21. 21.
    Rustan, K., Leino, M., Nelson, G.: Data abstraction and information hiding. ACM Transactions on Programming Languages and Systems 24(5), 491–553 (2002)CrossRefGoogle Scholar
  22. 22.
    Rustan, K., Leino, M., Schulte, W.: Exception safety for C#. In: Cuellar, J.R., Liu, Z. (eds.) SEFM 2004—Second International Conference on Software Engineering and Formal Methods, September 2004, pp. 218–227. IEEE, Los Alamitos (2004)Google Scholar
  23. 23.
    Meyer, B.: Object-oriented Software Construction. Series in Computer Science. Prentice-Hall International, New York (1988)zbMATHGoogle Scholar
  24. 24.
    Meyer, B.: Attached Types and Their Application to Three Open Problems of Object-Oriented Programming. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 1–32. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  25. 25.
    Müller, P.: Modular Specification and Verification of Object-Oriented Programs. LNCS, vol. 2262. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  26. 26.
    Naumann, D.A.: Observational purity and encapsulation. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 190–204. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Mike Barnett
    • 1
  • Robert DeLine
    • 1
  • Manuel Fähndrich
    • 1
  • Bart Jacobs
    • 1
  • K. Rustan M. Leino
    • 1
  • Wolfram Schulte
    • 1
  • Herman Venter
    • 1
  1. 1.Microsoft ResearchRedmondUSA

Personalised recommendations