Course: Formal Methods in Software Development (SS 2006)

Formal Methods in Software Development (326.053, SS 2006)

Time: Thursday, 8:30-11:45.
Room: P 215.
Start: March 9.

Exam: July 6, 10:00-11:30, P215.

This course gives a survey on the use of formal methods for the development of reliable software. More specifically, we deal with

specifying sequential programs and concurrent systems,
computer-supported verification,
extended static checking,
model checking,
proof-carrying code.

The course consists of two parts:

a lecture part where the fundamental issues of the field are taught, and
an exercise part where practical skills are trained using freely available software tools.

The grading of the course will be based on a couple of exercises and a final exam.

To take part in the course, you have to enrol in the KUSSS system. If you also login in Moodle and register as a course participant, you will receive per email all messages posted in the News forum.

News forum

Contents
This is the tentative syllabus of the course which is going to be augmented by the course materials (slides and papers).

Introduction

Introduction (4 on 1)
Example Programs
Fehler im System: Der Traum von Software ohne Bugs (restricted)

Specifying and Verifying Sequential Programs

Specifying and Verifying Programs

Hoare Calculus and Predicate Transformers (4 on 1)
An Axiomatic Basis for Computer Programming (restricted)

Computer-Supported Program Verification with PVS (4 on 1)

Examples: sum1, sum2, quant, arrays1, arrays2, min3, linsearch

Specifying and Verifying Java Programs

Specifying Java Programs

The Java Modeling Language (Part 1) (4 on 1)
The Java Modeling Language (Part 2) (4 on 1)

JML Examples
Proof of Correctness of Data Representations (restricted)

Extended Static Checking with ESC/Java2 (4 on 1)

JML Examples

Verifying Java Programs (4 on 1)

Specifying and Verifying Concurrent Systems

Modeling Concurrent Systems (4 on 1)

Spin Example

Fehler Finden durch Model Checker (restricted)
The Model Checker Spin
Spin Online References

Proof-Carrying Code

This section of the course is given by Hans-Wolfgang Loidl of the University of Munich who has worked in the Mobile Resource Guarantees project and the EmBounded project.

Proof-carrying-code (PCC) is a software mechanism that allows a host system to determine with certainty that it is safe to execute a program supplied by an untrusted source. This is achieved by attaching a condensed version of a formal proof to the program. In this part of the course we will examine the principles of PCC, explore different variants in the design of a PCC infrastructure, and take a closer look at some selected PCC infrastructures. The structure of this part of the course is as follows:

Motivation
Basic Concepts
An Example: CCured
Components of the PCC Architecture
Main challenges
PCC for Resources
Certificate Generation
Summary

Course Slides and Reading List

Additional Material

The password for this section is handed out in class. It is strictly forbidden to forward this password to anyone not participating in the course.

Software
The following software is used in the course:

PVS Specification and Verification System
Java Modeling Language (JML)
Extended Static Checking for Java (ESC/Java2)
Krakatoa Verification Tool
Why Verification Conditions Generator (use Why 1.60 (not 1.83) from the "FTP zone")
KeY Verification Environment
Spin Model Checker

All of this software is freely available under Linux (local copies available, see also the information for MS Windows Users). You can install and run it on your own PC (but I cannot give installation support) or use the software installation in the RISC Environment (supported and recommended).

RISC Environment

MS Windows Users

Course Software for Linux

Exercises
A couple of exercises are distributed throughout the course (partially theoretical, partial practical using the presented software).

Exercise 1 (April 3): exercise1.pvs
Exercise 2 (April 27)
Exercise 3 (May 11): arrays.pvs
Exercise 4 (June 1)
Exercise 5 (July 6)

Exercise Grades (password protected)

Participants