Abstract
We present a method to convert (a) an operational semantics for a given machine language, and (b) an off-the-shelf theorem prover, into a high assurance verification condition generator (VCG). Given a program annotated with assertions at cutpoints, we show how to use the theorem prover directly on the operational semantics to generate verification conditions analogous to those produced by a custom-built VCG. Thus, no separate VCG is necessary, and the theorem prover can be employed both to generate and to discharge the verification conditions. The method handles both partial and total correctness. It is also compositional in that the correctness of a subroutine needs to be proved once, rather than at each call site.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Although we describe all proofs in this book in terms of the ACL2 logic, most of our techniques are portable to other theorem provers. In particular, the derivation of assertional reasoning methods for operational semantics has been formalized by John Matthews in the Isabelle theorem prover.
- 2.
Functions preand posthere take an extra argumentkwhile our generic proofs used unary functions. This is admissible since one can functionally instantiate constraints with concrete functions having extra arguments, as long as such arguments do not affect the parameters (in this cases) involved in the constraints [19].
References
A. W. Appel. Foundational Proof-Carrying Code. InProceedings of the 16th IEEE International Symposium on Logic in Computer Science (LICS 2001), pages 247–258, Washington, DC, 2001. IEEE Computer Society Press.
T. Ball and S. K. Rajamani. Automatically Validating Temporal Safety Properties of Interfaces. In M. B. Dwyer, editor,Proceedings of the 8th International SPIN Workshop on Model Checking of Software, volume 2057 ofLNCS, pages 103–122, Toronta, ON, 2001. Springer-Verlag.
R. S. Boyer, D. Goldshlag, M. Kaufmann, and J. S. Moore. Functional Instantiation in First Order Logic. In V. Lifschitz, editor,Artificial Intelligence and Mathematical Theory of Computation: Papers in Honor of John McCarthy, pages 7–26. Academic Press, 1991.
C. Colby, P. Lee, G. C. Necula, F. Blau, M. Plesko, and K. Cline. A Certifying Compiler for Java. InACM SIGPLAN 2000 Conference on Programming Language Design and Implementation (PLDI 2000), pages 95–107. ACM Press, 2000.
D. L. Detlefs, K. R. M. Leino, G. Nelson, and J. B. Saxe. Extended Static Checking for Java. Technical Report 159, Compaq Systems Research Center, December 1998.
E. W. Dijkstra. Guarded Commands, Non-determinacy and a Calculus for Derivation of Programs.Language Hierarchies and Interfaces, pages 111–124, 1975.
C. Flanagan and J. B. Saxe. Avoiding Exponential Explosion: Generating Compact Verification Conditions. InProceedings of the 28th ACM SIGPLAN-SIGACT symposium on Principles of Programming Languages (POPL 2001), pages 193–205, London, UK, 2001. ACM Press.
R. Floyd. Assigning Meanings to Programs. InMathematical Aspects of Computer Science, Proceedings of Symposia in Applied Mathematcs, volume XIX, pages 19–32, Providence, Rhode Island, 1967. American Mathematical Society.
P. Y. Gloess. Imperative Program Verification in PVS. Technical Report, École Nationale Supérieure Électronique, Informatique et Radiocommunications de bordeaux, 1999. See URL http://-dept-info.labri.-u.bordeaux.fr/-imperative/-index.html.
H. H. Goldstein and J. von Neumann. Planning and Coding Problems for an Electronic Computing Instrument. InJohn von Neumann, Collected Works, Volume V. Pergamon Press, Oxford, 1961.
D. Greve, M. Wilding, and D. Hardin. High-Speed, Analyzable Simulators. In M. Kaufmann, P. Manolios, and J. S. Moore, editors,Computer-Aided Reasoning: ACL2 Case Studies, pages 89–106, Boston, MA, June 2000. Kluwer Academic Publishers.
D. Hardin, E. W. Smith, and W. D. Young. A Robust Machine Code Proof Framework for Highly Secure Applications. In P. Manolios and M. Wilding, editors,Proceedings of the 6th International Workshop on the ACL2 Theorem Prover and Its Applications (ACL2 2006), pages 11–20, Seattle, WA, July 2006. ACM.
C. A. R. Hoare. An Axiomatic Basis for Computer Programming.Communications of the ACM, 12(10):576–583, 1969.
P. Homeier and D. Martin. A Mechanically Verified Verification Condition Generator.The Computer Journal, 38(2):131–141, July 1995.
J. C. King.A Program Verifier. PhD thesis, Carnegie-Melon University, 1969.
P. Manolios and J. S. Moore. Partial Functions in ACL2.Journal of Automated Reasoning, 31(2):107–127, 2003.
J. Matthews, J. S. Moore, S. Ray, and D. Vroon. Verification Condition Generation via Theorem Proving. In M. Hermann and A. Voronkov, editors,Proceedings of the 13th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning (LPAR 2006), volume 4246 ofLNCS, pages 362–376, Phnom Penh, Cambodia, November 2006. Springer.
J. Matthews and D. Vroon. Partial Clock Functions in ACL2. In M. Kaufmann and J. S. Moore, editors,5th International Workshop on the ACL2 Theorem Prover and Its Applications (ACL2 2004), Austin, TX, November 2004.
F. Mehta and T. Nipkow. Proving Pointer Programs in Higher Order Logic. In F. Baader, editor,Proceedings of the 19th International Conference on Automated Deduction (CADE 2003), volume 2741 ofLNAI, pages 121–135, Miami, FL, 2003. Springer-Verlag.
J. S. Moore. Inductive Assertions and Operational Semantics. In D. Geist, editor,Proceedings of the 12th International Conference on Correct Hardware Design and Verification Methods, volume 2860 ofLNCS, pages 289–303, L‘Aquila, Italy, October 2003. Springer-Verlag.
J. S. Moore. Proving Theorems About Java and the JVM with ACL2. In M. Broy and M. Pizka, editors,Models, Algebras, and Logic of Engineering Software, pages 227–290. IOS Press, 2003.
G. Necula.Compiling with Proofs. PhD thesis, Carnegie-Melon University, September 1998.
G. C. Necula. Proof-Carrying Code. InProceedings of the 24th ACM SIGPLAN SIGACT Conference on Principles of Programming Languages (POPL 1997), pages 106–119, Paris, France, 1997. ACM Press.
M. Norrish.C Formalised in HOL. PhD thesis, University of Cambridge, 1998.
B. Schneier.Applied Cryptography (2nd ed.): Protocols, Algorithms, and Source Code in C. John Wiley & Sons, Inc., 1995.
K. Slind and J. Hurd. Applications of Polytypism in Theorem Proving. In D. Basin and B. Wolff, editors,Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics (TPHOLs 2003), volume 2978 ofLNCS, pages 103–119, Rom, Italy, 2003. Springer-Verlag.
D. Toma and D. Borrione. Formal verification of a SHA-1 Circuit Core Using ACL2. In J. Hurd and T. Melham, editors,Proceedings of the 18th International Conference on Theorem Proving in Higher-Order Logics (TPHOLS 2005), volume 3603 ofLNCS, pages 326–341, Oxford, UK, 2005. Springer-Verlag.
A. M. Turing. Checking a Large Routine. InReport of a Conference on High Speed Automatic Calculating Machine, pages 67–69, University Mathematical Laboratory, Cambridge, England, June 1949.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Ray, S. (2010). Operational Semantics and Assertional Reasoning. In: Scalable Techniques for Formal Verification. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5998-0_5
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5998-0_5
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5997-3
Online ISBN: 978-1-4419-5998-0
eBook Packages: EngineeringEngineering (R0)