The Verified Software Challenge: A Call for a Holistic Approach to Reliability

  • Thomas Ball
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4171)


The software analysis community has made a lot of progress in creating software tools for detecting defects and performing proofs of shallow properties of programs. We are witnessing the birth of a virtuous cycle between software tools and their consumers and I, for one, am very excited about this. We understand much better how to engineer program analyses to scale to large code bases and deal with the difficult problem of false errors and reducing their number. We understand better the tradeoffs in sound vs. unsound analyses. The software tools developed and applied over the last eight years have had impact. This list of tools includes Blast [HJMS02], CCured [NMW02], CQual [FTA02], ESC/Java [FLL + 02], ESP [DLS02], Feaver [Hol00], MAGIC [CCG + 04], MC [HCXE02], MOPS [CDW04], Prefast [LBD+04], Prefix [BPS00], SLAM [BR01], Splint [EL02] and Verisoft [God97], to name a few.

This bottom-up approach to improving code quality will continue to be successful because it deals with a concrete artifact (programs) that people produce, has great economic impact and longevity. Furthermore, because many of the tools listed above are specification-based, they are easy to extend to new classes of bugs. Finally, a lot of the science to support the development of these tools has been done; there is now before us a long road of engineering to make these tools truly useful and useable by a wide audience.


  1. [BPS00]
    Bush, W.R., Pincus, J.D., Sielaff, D.J.: A static analyzer for finding dynamic programming errors. Software-Practice and Experience 30(7), 775–802 (2000)Google Scholar
  2. [BR01]
    Ball, T., Rajamani, S.K.: Automatically validating temporal safety properties of interfaces. In: Dwyer, M.B. (ed.) SPIN 2001. LNCS, vol. 2057, Springer, Heidelberg (2001)Google Scholar
  3. [CCG+04]
    Chaki, S., Clarke, E., Groce, A., Jha, S., Veith, H.: Modular verification of software components in C. TSE: Transactions on Software Engineering 30(6), 388–402 (2004)Google Scholar
  4. [CDW04]
    Chen, H., Dean, D., Wagner, D.: Model checking one million lines of C code. In: NDSS: Network and Distributed System Security Symposium, pp. 171–185 (2004)Google Scholar
  5. [DLS02]
    Das, M., Lerner, S., Seigle, M.: ESP: path-sensitive program verifica-tion in polynomial time. In: PLDI 2002: Programming language design and implementation, pp. 57–68. ACM, New York (2002)Google Scholar
  6. [EL02]
    Evans, D., Larochelle, D.: Improving security using extensible lightweight static analysis. IEEE Software 19(1), 42–51 (2002)Google Scholar
  7. [FLL+02]
    Flanagan, C., Leino, K.R.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for java. In: PLDI 2002: Programming Language Design and Implementation, pp. 234–245. ACM, New York (2002)Google Scholar
  8. [FTA02]
    Foster, J.S., Terauchi, T., Aiken, A.: Flow-sensitive type qualifiers. In: PLDI 2002: Programming language design and implementation, pp. 1–12. ACM, New York (2002)Google Scholar
  9. [God97]
    Godefroid, P.: Model checking for programming languages using Verisoft. In: POPL 1997: Principles of Programming Languages, pp. 174–186. ACM, New York (1997)Google Scholar
  10. [HCXE02]
    Hallem, S., Chelf, B., Xie, Y., Engler, D.: Asystem and language for building system-specific, static analyses. In: PLDI 2002: Programming Lan-guage Design and Implementation, pp. 69–82. ACM, New York (2002)Google Scholar
  11. [HJMS02]
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL 2002, pp. 58–70. ACM Press, New York (2002)Google Scholar
  12. [HL04]
    Hunt, G.C., Larus, J.R.: Singularity design motivation. Technical Report MSR-TR-2004-105, Microsoft Research (December 2004)Google Scholar
  13. [Hol00]
    Holzmann, G.J.: Logic verification of ANSI-C code with Spin. In: Havelund, K., Penix, J., Visser, W. (eds.) SPIN 2000. LNCS, vol. 1885, pp. 131–147. Springer, Heidelberg (2000)Google Scholar
  14. [LBD+04]
    Larus, J.R., Ball, T., Das, M., DeLine, R., Fahndrich, M., Pincus, J., Ra-jamani, S.K., Venkatapathy, R.: Righting software. IEEE Software 21(3), 92–100 (2004)Google Scholar
  15. [NMW02]
    Necula, G., McPeak, S., Weimer, W.: CCured: Type-safe retrofitting of legacy code. In: POPL 2002, pp. 128–139. ACM, New York (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Thomas Ball
    • 1
  1. 1.Microsoft ResearchRedmondUSA

Personalised recommendations