Skip to main content

Slang: The Sireum Programming Language

Part of the Lecture Notes in Computer Science book series (LNTCS,volume 13036)

Abstract

This paper presents design goals, development approaches, and applications for Slang – a subset of the Scala programming language designed for engineering high assurance safety/security-critical systems. Rationale is given for specializing Scala for Slang so as to retain Scala’s synergistic blend of imperative, functional, and object-oriented features while omitting and tailoring features that make formal verification and other analyses difficult. Strategies for enhancing the usability of Slang are discussed including integration with the broader Scala/JVM ecosystem, compilers, and development environments. A number of accompanying Slang tools are described including Slang scripting, meta-programming support, and translators to Javascript and native code that enable support for a wide range of deployment platforms. To support deployment on constrained embedded platforms, the Slang Embedded subset and an accompanying C translator generate efficient implementations that avoid garbage-collection and other aspects that hinder deployment and safety/security assurances. We conclude with a discussion of how our experiences with Slang may provide suggestions for the future of programming and programming language design for engineering critical systems.

Work supported in part by the US Defense Advanced Research Projects Agency, US Air Force Research Lab, US Army, and US Department of Homeland Security.

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-89159-6_17
  • Chapter length: 21 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   64.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-89159-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   84.99
Price excludes VAT (USA)

Notes

  1. 1.

    This does not preclude graph algorithms from being written in Slang; in fact, the Slang runtime library provides a graph library (used in [33]), including cycle detection (graphs are realized using indexed node pools with pairs of indices as edges).

  2. 2.

    Memory footprint optimizations in the Scala compiler plugin for Slang include flattening None into null and Some to its contained value internally for object fields, but optional values are used for field accesses.

  3. 3.

    A runtime contract checker (similar to [36]) can be developed in the future for testing purposes (or for contract enforcement with various mitigation options).

  4. 4.

    Aside from extensions in the Slang runtime library for file access (and spawning processes, OS detection, etc.), which are available on JVM and native targets.

  5. 5.

    We initially planned to offer C compilation with garbage collection, but GraalVM or Scala Native can be used instead. We may reconsider such approach in the future.

References

  1. Amtoft, T., et al.: A certificate infrastructure for machine-checked proofs of conditional information flow. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 369–389. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28641-4_20

    CrossRef  Google Scholar 

  2. Amtoft, T., Hatcliff, J., Rodríguez, E., Robby, Hoag, J., Greve, D.A.: Specification and checking of software contracts for conditional information flow. In: Hardin, D.S. (ed.) Design and Verification of Microprocessor Systems for High-Assurance Applications, pp. 341–379. Springer, Cham (2010)

    Google Scholar 

  3. Backes, J., et al.: Semantic-based automated reasoning for AWS access policies using SMT. In: Formal Methods in Computer Aided Design (FMCAD), pp. 1–9 (2018)

    Google Scholar 

  4. Banerjee, A., Danvy, O., Doh, K., Hatcliff, J. (eds.): Semantics, Abstract Interpretation, and Reasoning about Programs: Essays Dedicated to David A. Schmidt [on occasion of his 60th birthday], EPTCS, vol. 129. OPA, September 2013

    Google Scholar 

  5. Barnett, M., Leino, K.R.M., Schulte, W.: The Spec# programming system: an overview. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 49–69. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30569-9_3

    CrossRef  Google Scholar 

  6. Barrett, C., et al.: CVC4. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 171–177. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22110-1_14

    CrossRef  Google Scholar 

  7. Belt, J., Hatcliff, J., Robby, Chalin, P., Hardin, D., Deng, X.: Bakar Kiasan: flexible contract checking for critical systems using symbolic execution. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NASA Formal Methods. NFM 2011. LNCS, vol. 6617, pp. 58–72. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_6

  8. Belt, J., Robby, Deng, X.: Sireum/Topi LDP: a lightweight semi-decision procedure for optimizing symbolic execution-based analyses. In: 7th joint European Software Engineering Conference and ACM SIGSOFT International Symposium on Foundations of Software Engineering (ESEC/FSE), pp. 355–364 (2009)

    Google Scholar 

  9. Blanc, R., Kuncak, V., Kneuss, E., Suter, P.: An overview of the Leon verification system: verification by translation to recursive functions. In: 4th Workshop on Scala, pp. 1:1–1:10 (2013)

    Google Scholar 

  10. Cao, Q., Beringer, L., Gruetter, S., Dodds, J., Appel, A.W.: VST-Floyd: a separation logic tool to verify correctness of C programs. J. Autom. Reason. 61(1–4), 367–422 (2018)

    MathSciNet  MATH  CrossRef  Google Scholar 

  11. Chalin, P., Robby, James, P.R., Lee, J., Karabotsos, G.: Towards an industrial grade IVE for Java and next generation research platform for JML. Int. J. Softw. Tools Technol. Transf. (STTT) 12(6), 429–446 (2010)

    Google Scholar 

  12. Clarke, D., Östlund, J., Sergey, I., Wrigstad, T.: Ownership types: a survey. In: Clarke, D., Noble, J., Wrigstad, T. (eds.) Aliasing in Object-Oriented Programming. Types, Analysis and Verification. LNCS, vol. 7850, pp. 15–58. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36946-9_3

    CrossRef  Google Scholar 

  13. Corbett, J.C., et al.: Bandera: extracting finite-state models from Java source code. In: 22nd International Conference on Software Engineering (ICSE), pp. 439–448 (2000)

    Google Scholar 

  14. Corbett, J.C., Dwyer, M.B., Hatcliff, J., Robby: Expressing checkable properties of dynamic systems: the Bandera Specification Language. Int. J. Softw. Tools Technol. Transf. (STTT) 4(1), 34–56 (2002)

    Google Scholar 

  15. Cuoq, P., Kirchner, F., Kosmatov, N., Prevosto, V., Signoles, J., Yakobowski, B.: Frama-C - a software analysis perspective. In: Eleftherakis, G., Hinchey, M., Holcombe, M. (eds.) SEFM 2012. LNCS, vol. 7504, pp. 233–247. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-33826-7_16

    CrossRef  Google Scholar 

  16. Deng, X., Dwyer, M.B., Hatcliff, J., Jung, G., Robby, Singh, G.: Model-checking middleware-based event-driven real-time embedded software. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.P. (eds.) 1st International Symposium Formal Methods for Components and Objects (FMCO). LNCS, vol. 2852, pp. 154–181. Springer, Heidelberg (2002)

    Google Scholar 

  17. Deng, X., Lee, J., Robby: Efficient and formal generalized symbolic execution. Autom. Softw. Eng. (ASE) 19(3), 233–301 (2012)

    Google Scholar 

  18. Hatcliff, J., Belt, J., Robby, Carpenter, T.: HAMR: an AADL multi-platform code generation toolset. In: Margaria, T., Steffen, B. (eds.) ISoLA 2021. LNCS, vol. 13036, pp. 274–295. Springer, Cham (2021)

    Google Scholar 

  19. Hatcliff, J., Dwyer, M.B., Pasareanu, C.S., Robby: Foundations of the Bandera abstraction tools. In: Mogensen, T.E., Schmidt, D.A., Sudborough, I.H. (eds.) The Essence of Computation. LNCS, vol. 2566, pp. 172–203. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-36377-7_9

  20. Hatcliff, J., Robby, Chalin, P., Belt, J.: Explicating symbolic execution (xSymExe): an evidence-based verification framework. In: 35th International Conference on Software Engineering (ICSE), pp. 222–231 (2013)

    Google Scholar 

  21. International, S.: SAE AS5506 Rev. C Architecture Analysis and Design Language (AADL). SAE International (2017)

    Google Scholar 

  22. Klein, G., et al.: seL4: formal verification of an OS kernel. In: 22nd ACM Symposium on Operating Systems Principles (SOSP), pp. 207–220 (2009)

    Google Scholar 

  23. Leavens, G.T., Baker, A.L., Ruby, C.: JML: a notation for detailed design. In: Kilov, H., Rumpe, B., Simmonds, I. (eds.) Behavioral Specifications of Businesses and Systems. The Springer International Series in Engineering and Computer Science, vol. 523. Springer, Boston (1999). https://doi.org/10.1007/978-1-4615-5229-1_12

  24. Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR 2010. LNCS (LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17511-4_20

    MATH  CrossRef  Google Scholar 

  25. Leroy, X., Blazy, S., Kästner, D., Schommer, B., Pister, M., Ferdinand, C.: CompCert - a formally verified optimizing compiler. In: Embedded Real Time Software and Systems (ERTS) (2016)

    Google Scholar 

  26. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    CrossRef  Google Scholar 

  27. de Moura, L., Kong, S., Avigad, J., van Doorn, F., von Raumer, J.: The lean theorem prover (system description). In: Felty, A.P., Middeldorp, A. (eds.) CADE 2015. LNCS (LNAI), vol. 9195, pp. 378–388. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21401-6_26

    CrossRef  Google Scholar 

  28. Naumann, D.A.: Observational purity and encapsulation. Theor. Comput. Sci. (TCS) 376(3), 205–224 (2007)

    MathSciNet  MATH  CrossRef  Google Scholar 

  29. Robby, Chalin, P.: Preliminary design of a unified JML representation and software infrastructure. In: 11th Formal Techniques for Java-like Programs (FTfJP), pp. 5:1–5:7 (2009)

    Google Scholar 

  30. Robby, Dwyer, M.B., Hatcliff, J.: Bogor: an extensible and highly-modular software model checking framework. In: 11th ACM SIGSOFT Symposium on Foundations of Software Engineering held Jointly with 9th European Software Engineering Conference (ESEC/FSE), pp. 267–276 (2003)

    Google Scholar 

  31. Rodríguez, E., Dwyer, M., Flanagan, C., Hatcliff, J., Leavens, G.T., Robby: Extending JML for modular specification and verification of multi-threaded programs. In: Black, A.P. (eds.) ECOOP 2005 - Object-Oriented Programming. ECOOP 2005. LNCS, vol. 3586, pp. 551–576. Springer, Heidelberg (2005). https://doi.org/10.1007/11531142_24

  32. Thiagarajan, H., Hatcliff, J., Belt, J., Robby: Bakar Alir: supporting developers in construction of information flow contracts in SPARK. In: 12th Source Code Analysis and Manipulation (SCAM), pp. 132–137 (2012)

    Google Scholar 

  33. Thiagarajan, H., Hatcliff, J., Robby: Awas: AADL information flow and error propagation analysis framework. Innovations Syst. Softw. Eng. (ISSE) (2021). https://doi.org/10.1007/s11334-021-00410-w

  34. Wei, F., Roy, S., Ou, X., Robby: Amandroid: a precise and general inter-component data flow analysis framework for security vetting of Android apps. ACM Trans. Priv. Secur. (TOPS) 21(3), 14:1–14:32 (2018)

    Google Scholar 

  35. Wilding, M.M., Greve, D.A., Richards, R.J., Hardin, D.S.: Formal verification of partition management for the AAMP7G microprocessor. In: Hardin, D. (eds.) Design and Verification of Microprocessor Systems for High-Assurance Applications. Springer, Boston (2010). https://doi.org/10.1007/978-1-4419-1539-9_6

  36. Yi, J., Robby, Deng, X., Roychoudhury, A.: Past expression: encapsulating pre-states at post-conditions by means of AOP. In: Aspect-Oriented Software Development (AOSD), pp. 133–144 (2013)

    Google Scholar 

  37. Zhang, Z., Robby, Hatcliff, J., Moy, Y., Courtieu, P.: Focused certification of an industrial compilation and static verification toolchain. In: Cimatti, A., Sirjani, M. (eds.) Software Engineering and Formal Methods. SEFM 2017. LNCS, vol. 10469, pp. 17–34. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66197-1_2

  38. Project Loom. https://openjdk.java.net/projects/loom

  39. Sireum Logika: A program verifier and a natural deduction proof checker for propositional, predicate, and programming logics. http://logika.v3.sireum.org

  40. Slang: The Sireum Programming Language. http://slang.sireum.org

Download references

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Robby or John Hatcliff .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Robby, Hatcliff, J. (2021). Slang: The Sireum Programming Language. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. ISoLA 2021. Lecture Notes in Computer Science(), vol 13036. Springer, Cham. https://doi.org/10.1007/978-3-030-89159-6_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-89159-6_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-89158-9

  • Online ISBN: 978-3-030-89159-6

  • eBook Packages: Computer ScienceComputer Science (R0)