BML and Related Tools

  • Jacek Chrząszcz
  • Marieke Huisman
  • Aleksy Schubert
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5751)


The Bytecode Modeling Language (BML) is a specification language for Java bytecode, that provides a high level of abstraction, while not restricting the format of the bytecode. Notably, BML specifications can be stored in class files, so that they can be shipped together with the bytecode. This makes BML particularly suited as property specification language in a proof-carrying code framework. Moreover, BML is designed to be close to the source code level specification language JML, so that specifications (and proofs) developed at — the more intuitive — source code level can be compiled into bytecode level.

This paper describes the BML language and its binary representation. It also discusses the tool set that is available to support BML, containing BMLLib, a library to inspect and edit BML specifications; Umbra, a BML viewer and editor, integrated in Eclipse; JML2BML, a compiler from JML to BML specifications; BML2BPL, a translator from BML to BoogiePL, so that the BoogiePL verification condition generator can be used; and CCT, a tool to store proofs in class files.


Textual Representation Proof Obligation Java Virtual Machine Java Modeling Language Relate Tool 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Appel, A.W.: Foundational proof-carrying code. In: Halpern, J. (ed.) Logic in Computer Science, p. 247. IEEE Press, Los Alamitos (2001); Invited TalkGoogle Scholar
  2. 2.
    Appel, A.W., Felty, A.P.: A semantic model of types and machine instructions for proof-carrying code. In: Principles of Programming Languages. ACM Press, New York (2000)Google Scholar
  3. 3.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A modular reusable verifier for object-oriented programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Barthe, G., Burdy, L., Charles, J., Grégoire, B., Huisman, M., Lanet, J.-L., Pavlova, M.I., Requet, A.: JACK: A tool for validation of security and behaviour of Java applications. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2006. LNCS, vol. 4709, pp. 152–174. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  5. 5.
    Beringer, L., Hofmann, M.O.: A bytecode logic for JML and types. In: Kobayashi, N. (ed.) APLAS 2006. LNCS, vol. 4279, pp. 389–405. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Bjorner, D., Jones, C.B. (eds.): The Vienna Development Method: The Meta-Language. LNCS, vol. 61. Springer, Heidelberg (1978)zbMATHGoogle Scholar
  7. 7.
    Burdy, L., Cheon, Y., Cok, D., Ernst, M., Kiniry, J.R., Leavens, G.T., Leino, K.R.M., Poll, E.: An overview of JML tools and applications. In: Workshop on Formal Methods for Industrial Critical Systems. Electronic Notes in Theoretical Computer Science, vol. 80, pp. 73–89. Elsevier, Amsterdam (2003)Google Scholar
  8. 8.
    Burdy, L., Huisman, M., Pavlova, M.I.: Preliminary design of BML: A behavioral interface specification language for java bytecode. In: Dwyer, M.B., Lopes, A. (eds.) FASE 2007. LNCS, vol. 4422, pp. 215–229. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Burdy, L., Pavlova, M.: Java bytecode specification and verification. In: Symposium on Applied Computing, pp. 1835–1839. ACM Press, New York (2006)Google Scholar
  10. 10.
    Chrząszcz, J., Huisman, M., Schubert, A., Kiniry, J., Pavlova, M., Poll, E.: BML Reference Manual. In: Progress. INRIA and University of Warsaw (December 2008),
  11. 11.
    Darvas, Á., Müller, P.: Formal encoding of JML level 0 specifications in jive. Technical report, ETH Zurich, Annual Report of the Chair of Software Engineering (2007)Google Scholar
  12. 12.
    DeLine, R., Leino, K.R.M.: BoogiePL: A typed procedural language for checking object-oriented programs. Technical Report MSR-TR-2005-70, Microsoft Research (2005)Google Scholar
  13. 13.
    Dijkstra, E.W.: Guarded commands, nondeterminacy and formal derivation of programs. Communications of the ACM 18(8), 453–457 (1975)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Jacobs, B., Poll, E.: A Logic for the Java Modeling Language JML. In: Hussmann, H. (ed.) FASE 2001. LNCS, vol. 2029, pp. 284–299. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  15. 15.
    JSR 175 Expert Group. A metadata facility for the Java programming language. Java Specification Request 175, Java Community Process (September 2004) Final releaseGoogle Scholar
  16. 16.
    JSR 308 Expert Group. Annotations on Java types. Java Specification Request 308, Java Community Process (2007) (in progress)Google Scholar
  17. 17.
    Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary design of JML: A behavioral interface specification language for Java. Technical Report TR 98-06y, Iowa State University (1998) (revised since then 2004)Google Scholar
  18. 18.
    Leavens, G.T., Poll, E., Clifton, C., Cheon, Y., Ruby, C., Cok, D.R., Müller, P., Kiniry, J., Chalin, P., Zimmerman, D.: JML Reference Manual, Department of Computer Science, Iowa State University (February 2008),
  19. 19.
    Lehner, H., Müller, P.: Formal translation of bytecode into BoogiePL. In: Huisman, M., Spoto, F. (eds.) Bytecode Semantics, Verification, Analysis and Transformation. ENTCS (2007)Google Scholar
  20. 20.
    Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Addison-Wesley, Reading (1996)Google Scholar
  21. 21.
    Mallo, O.J.: A translator from BML annotated Java bytecode to BoogiePL. Master’s thesis, Software Component Technology Group, ETH Zrich (2007)Google Scholar
  22. 22.
    MOBIUS Consortium. Deliverable 3.1: Bytecode specification language and program logic (2006),
  23. 23.
    MOBIUS Consortium. Deliverable 4.2: Certificates (2007),
  24. 24.
    Object Management Group. Object Constraint Language. OMG Available Specification, Version 2.0 (May 2006)Google Scholar
  25. 25.
    Pavlova, M.: Java bytecode verification and its applications. Thése de doctorat, spécialité informatique, Université Nice Sophia Antipolis, France (January 2007)Google Scholar
  26. 26.
    Pichardie, D.: Bicolano – Byte Code Language in Coq. In: [22] (2006),
  27. 27.
    Schubert, A., Chrząszcz, J., Batkiewicz, T., Paszek, J., Wąs, W.: Technical aspects of class specification in the byte code of Java language. In: Bytecode 2008. ENTCS. Elsevier, Amsterdam (2008)Google Scholar
  28. 28.
    Schubert, A., Walukiewicz-Chrząszcz, D.: The non-interference protection in a bytecode program logic (submitted, 2009) Google Scholar
  29. 29.
    Sznuk, T.: Introduction of the proof-carrying code technique to Java class. Master’s thesis, Institute of Informatics, The University of Warsaw (2008) (in Polish)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Jacek Chrząszcz
    • 1
  • Marieke Huisman
    • 2
  • Aleksy Schubert
    • 1
  1. 1.Institute of InformaticsUniversity of WarsawWarsawPoland
  2. 2.Faculty EEMCSUniversity of TwenteEnschedeThe Netherlands

Personalised recommendations