Spec #: An Overview. Mohamed Aly, BSc(Eng)

Similar documents
Boogie: A Modular Reusable Verifier for Object-Oriented Programs

Design by Contract beyond class modelling

Verifying Spec# Delegates. Samuele Gantner

Automated Program Behavior Analysis

Interactive Software Verification

Chair of Software Engineering. Software Verification. Assertion Inference. Carlo A. Furia

DEFINING CONTRACTS WITH DIFFERENT TOOLS IN SOFTWARE DEVELOPMENT

Logistics. Software Testing. Logistics. Logistics. Plan for this week. Before we begin. Project. Final exam. Questions?

Advances in Programming Languages

Software Testing & Analysis (F22ST3): Static Analysis Techniques 2. Andrew Ireland

The best way to get Microsoft Visual Studio 2005 is by purchasing or renewing an MSDN Subscription today.

Data Model Bugs. Ivan Bocić and Tevfik Bultan

Code Contracts User Manual

Department of Computing Science and Mathematics University of Stirling

Chapter 13 Computer Programs and Programming Languages. Discovering Computers Your Interactive Guide to the Digital World

Towards practical reactive security audit using extended static checkers 1

Rigorous Software Engineering Hoare Logic and Design by Contracts

Trusted Components. or Contract-Compliant Components. Kung-Kiu Lau University of Manchester, UK

Computing Concepts with Java Essentials

Outline. 1 Denitions. 2 Principles. 4 Implementation and Evaluation. 5 Debugging. 6 References

Unit-testing with JML

Construct by Contract: Construct by Contract: An Approach for Developing Reliable Software

Introducing Microsoft SQL Server 2012 Getting Started with SQL Server Management Studio

Monitoring Java Code Using ConGu

Querying Microsoft SQL Server

MOOCviz 2.0: A Collaborative MOOC Analytics Visualization Platform

Model Driven Security: Foundations, Tools, and Practice

Continuous integration for databases using

Regression Verification: Status Report

An Easier Way for Cross-Platform Data Acquisition Application Development

SharePoint Training DVD Videos

InvGen: An Efficient Invariant Generator

An Overview of JML Tools and Applications

Security challenges for internet technologies on mobile devices

Querying Microsoft SQL Server 2012

SAML v1.1 for.net Developer Guide

Designing with Exceptions. CSE219, Computer Science III Stony Brook University

Course ID#: W 35 Hrs. Course Content

Course 10774A: Querying Microsoft SQL Server 2012

Course 10774A: Querying Microsoft SQL Server 2012 Length: 5 Days Published: May 25, 2012 Language(s): English Audience(s): IT Professionals

4 PSP DC : An Adaptation of the PSP to Incorporate Verified Design by Contract

The Boogie Verification Debugger (Tool Paper)

Querying Microsoft SQL Server 2012

Dynamic Web Programming BUILDING WEB APPLICATIONS USING ASP.NET, AJAX AND JAVASCRIPT

A Case for Static Analyzers in the Cloud (Position paper)

Specification and Analysis of Contracts Lecture 1 Introduction

On the Relation between Design Contracts and Errors: A Software Development Strategy

Essential Visual Studio Team System

A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation

Dimension Technology Solutions Team 2

Unit Testing. and. JUnit

Java 6 'th. Concepts INTERNATIONAL STUDENT VERSION. edition

Software Engineering Techniques

CSE 504: Compiler Design. Data Flow Analysis

HydroDesktop Overview

SOFTWARE TESTING TRAINING COURSES CONTENTS

Module 1: Getting Started with Databases and Transact-SQL in SQL Server 2008

UML TUTORIALS THE USE CASE MODEL

C#5.0 IN A NUTSHELL. Joseph O'REILLY. Albahari and Ben Albahari. Fifth Edition. Tokyo. Sebastopol. Beijing. Cambridge. Koln.

VDM vs. Programming Language Extensions or their Integration

StaRVOOrS: A Tool for Combined Static and Runtime Verification of Java

Automated Theorem Proving - summary of lecture 1

MOC QUERYING MICROSOFT SQL SERVER

Vérification de bytecode et ses applications

Using JML to protect Java code against SQL injection. Johan Janssen June 26, 2007

The Sun Certified Associate for the Java Platform, Standard Edition, Exam Version 1.0

Environment Modeling for Automated Testing of Cloud Applications


Continuous integration for databases using Redgate tools

USERV Auto Insurance Rule Model in Corticon

Database Programming with PL/SQL: Learning Objectives

Reasoning about Safety Critical Java

A Tutorial on Tablet PC. Simon Fraser University CMPT 354 Fall 2007

CS 111 Classes I 1. Software Organization View to this point:

ZQL. a cryptographic compiler for processing private data. George Danezis. Joint work with Cédric Fournet, Markulf Kohlweiss, Zhengqin Luo

Agile Business Suite: a 4GL environment for.net developers DEVELOPMENT, MAINTENANCE AND DEPLOYMENT OF LARGE, COMPLEX BACK-OFFICE APPLICATIONS

Hoare-Style Monitors for Java

Dsc+Mock: A Test Case + Mock Class Generator in Support of Coding Against Interfaces

Metadata Quality Control for Content Migration: The Metadata Migration Project at the University of Houston Libraries

WHAT'S NEW IN SHAREPOINT 2013 WEB CONTENT MANAGEMENT

Run-Time Monitoring of Goal-Oriented Requirements Specifications

Course 20461C: Querying Microsoft SQL Server Duration: 35 hours

WESTMORELAND COUNTY PUBLIC SCHOOLS Integrated Instructional Pacing Guide and Checklist Computer Math

Constructing Contracts: Making Discrete Mathematics Relevant to Beginning Programmers

Japan Communication India Skill Development Center

Optimizing Database-Backed Applications with Query Synthesis

Formal Verification of Software

Testing the Java Card Applet Firewall

Querying Microsoft SQL Server 20461C; 5 days

In this Lecture you will Learn: Implementation. Software Implementation Tools. Software Implementation Tools

Business Application

A Mind Map Based Framework for Automated Software Log File Analysis

Lecture Notes on Linear Search

Querying Microsoft SQL Server Course M Day(s) 30:00 Hours

Chapter 13: Program Development and Programming Languages

Know or Go Practical Quest for Reliable Software

Programming with the Microsoft.NET Framework Using Microsoft Visual Studio 2005 (VB)

An Approach to Achieve Delegation of Sensitive RESTful Resources on Storage Cloud

WHITE PAPER. TimeScape.NET. Increasing development productivity with TimeScape, Microsoft.NET and web services TIMESCAPE ENTERPRISE SOLUTIONS

BPM vs. SharePoint: Which is Right for Your Business

Transcription:

Spec #: An Overview Mohamed Aly, BSc(Eng)

Outline Motivation Overview Usage Language Examples References

Outline Motivation Overview Usage Language Examples References

Motivation - History Software development is costly and error prone. Software engineering aims for the development of correct and maintainable software. Various attempts (1960s 70s). Correctness of programs are to be ensured via specification and verification.

Motivation - Problem Specifications are usually informal in the form of natural language documentation / standardized library interface descriptions. Programmers assumptions are left unspecified which complicates program maintenance. No guarantee for making sure that the program works under the assumptions the programmer has in mind or that the programmer might have overlooked some assumptions

Motivation Why Spec# A programming language is being adopted widely due to its support, infrastructure, easiness, editing capabilities etc. Spec# is an superset of the existing programming language C# Based on the Microsoft.NET Framework.

Motivation Current Applications The Microsoft Singularity project. Windows Server 2003 helped in discovering 10-13% of bugs in the source code and saved a million of dollars. Microsoft is still hiding it!

Outline Introduction Motivation Overview Usage and Architecture Language Examples References

Overview:.NET Programs Source files (.ssc) Several source files collected into projects (.sscproject) Projects are collected into solutions (.sln) Compiler compiles projects (.exe.dll) Each project can use its own language and compiler.

Overview:.NET Framework VB.NET C# Spec# C++ VB.NET Compiler C# Compiler Spec# Compiler C++ Compiler Microsoft Intermediate Language (MIL) Common Language Runtime (CLR) Class Library (API) Operating System

Overview: What is Spec#? Programming Language: extension of C# with non-null types, checked exceptions and throws clauses, method contracts and object invariants. Compiler: statically enforces non-null types, emits runtime checks for method contracts and invariants, and records the contracts as metadata for consumption by downstream tools. Static Program Verifier: generates logical verification conditions from a Spec# program. Internally, it uses an automatic theorem prover that analyzes the verification conditions to prove the correctness of the program or find errors in it. (Boogie)

Overview: Verifier Spec# Spec# compiler MIL ( bytecode ) static verifier (Boogie tool) Translator Boogie language V.C. generator verification condition SMT solver (Z3) Inference engine correct or list of errors

Overview: Main Contributions of Spec# Extension of a popular language. Specification and reasoning about object invariants even in call backs. Dynamic checking and automatic verification. Smooth adoption paths to aid programmers profit from the benefits of specification.

Outline Introduction Motivation Overview Usage Language Examples References

Usage: Acquiring Spec# Spec# project is hosted at http://research.microsoft.com/en-us/projects/specsharp Lack of documentation Channel 9 of the MSDN has a wiki with some samples (badly maintained as well) Latest versions: v1.0.21125 for Visual Studio 2008 (release notes deadlink)

Usage: Main guidelines Write each class with methods and specification in the same Spec# source file. Invariants may also be included. Compile Run the verifier

Outline Introduction Motivation Overview Usage Language Examples References

Language: Non-null Many errors occur are in the form of null-dereference. Spec# attempts to avoid all such errors. A type X is possibly null. A type X! cannot be null.

Language: Contracts What do we expect? (preconditions) What do we guarantee? (postconditions) What do we maintain? (invariants)

Language: Contracts, Preconditions Precondition is considered to be part of the signature of a method. To use the precondition, we use the requires keyword. A custom exception can be thrown on the failure of the precondition by using the keyword otherwise.

Language: Contracts, Postconditions Postcondition is considered to be part of the signature of a method. To use a postcondition, we use the ensures keyword. The result keyword may be used when referring to the result of the operation. The old keyword can be used when referring the value of the parameter at the beginning of the method.

Language: Contracts, Invariants Spec# adds a boolean field called inv to classes which tells the runtime whether the invariant currently holds. If it does hold, then the object is said to be in a consistent state. While the inv field is true, the fields within the object cannot be modified due to the possibility of breaking any of the invariants.

Language: Contracts, Invariants To declare an invariant we use the invariant keyword. If you need to update any of the invariant fields, Spec# makes you expose the object inside of an expose block.

Language: Contracts, Loop Invariants This invariant specifies conditions that must hold during the execution of a loop. Checked before the loop conditions are checked. The loop condition itself cannot be an invariant due to the last iteration of the loop must return false and that would break an invariant.

Language: Aggregates and Quantifiers sum count product min max forall exists exists unique

Language: Intervals in (0 : n ) half-open interval 0 <= i < n in (0.. n) closed interval 0<= i <= n

Language: Assumptions Assertions are checked at the runtime. Assumptions are meant for the Boogie verifier. Must be careful when using it. Incorrect assumption may prevent the static verifier from doing its job correctly. We use the keyword assume to declare an assumption.

Language: Frame Conditions Restrict which pieces of the state that a particular method is allowed to modify. To declare frame conditions we use the keyword modifies.

Outline Motivation Overview Usage Language Examples References

Outline Motivation Overview Usage Language Examples References

References The Spec# programming system: An overview, Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte. In CASSIS 2004, LNCS vol. 3362, Springer, 2004. Program Verification Using the Spec# Programming System. (Tutorial presented at ETAPS 208 by Rustan Leino and Rosemary Monahan.).NET 3.5, Design by contract and Spec#, Matthew Podwysocki,http://geekswithblogs.net/Podwysocki/archive/2007/12/10/1175 42.aspx, retrieved on 1/1/2009. Expert to Expert: Contract Oriented Programming and Spec#, Interview of some Spec# development team leaders, Channel 9 MSDN, Video, http://beta.channel9.msdn.com/shows/going+deep/expert-to-expert- Contract-Oriented-Programming-and-Spec/?Page=4, retrieved on 1/1/2009.

Questions?

Thank You!

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information