Rigorous Software Development CSCI-GA 3033-009

Similar documents
The Course.

Program Analysis: Theory and Practice

Rigorous Software Development An introduction

A puzzle. Suppose that you want to run some JavaScript programs---all the cool kids are doing it.

Rigorous Software Development CSCI-GA

Model Checking based Software Verification

INF5140: Specification and Verification of Parallel Systems

Rigorous Software Development CSCI-GA

CS4507 Advanced Software Engineering

Specification and Analysis of Contracts Lecture 1 Introduction

Rigorous Software Engineering Hoare Logic and Design by Contracts

How To Develop A Static Analysis System For Large Programs

Formal Verification and Linear-time Model Checking

Sound Verification Techniques for Developing High-Integrity Medical Device Software

Die wichtigsten Use Cases für MISRA, HIS, SQO, IEC, ISO und Co. - Warum Polyspace DIE Embedded Code-Verifikationslösung ist.

CS 6371: Advanced Programming Languages

Static vs. Dynamic Testing How Static Analysis and Run-Time Testing Can Work Together. Outline

Discrete Mathematics I Distance Learning (online) sections

MAT Elements of Modern Mathematics Syllabus for Spring 2011 Section 100, TTh 9:30-10:50 AM; Section 200, TTh 8:00-9:20 AM

Software Testing & Analysis (F22ST3): Static Analysis Techniques 2. Andrew Ireland

Programming Languages

A Static Analyzer for Large Safety-Critical Software. Considered Programs and Semantics. Automatic Program Verification by Abstract Interpretation

CS422 - Programming Language Design

Coverability for Parallel Programs

CSCI E 98: Managed Environments for the Execution of Programs

Motivations 1. What is (or should be) the essential preoccupation of computer scientists?

Automated Theorem Proving - summary of lecture 1

TEACHING MODEL CHECKING TO UNDERGRADUATES

Introduction to Formal Methods. Các Phương Pháp Hình Thức Cho Phát Triển Phần Mềm

HRM 386 HUMAN RESOURCE MANAGEMENT Spring, 2008

Static Analysis of Dynamic Properties - Automatic Program Verification to Prove the Absence of Dynamic Runtime Errors

Secure Software Programming and Vulnerability Analysis

Computer and Information Sciences

Antonio Kung, Trialog. HIJA technical coordinator. Scott Hansen, The Open Group. HIJA coordinator

T Reactive Systems: Introduction and Finite State Automata

Abstract Interpretation-based Static Analysis Tools:

EECS : Formal Methods for Engineering Education. Sanjit A. Seshia EECS, UC Berkeley

Managing and Maintaining Windows Server 2008 Servers

Slides based in part on previous lectures by Mahesh Vishwanathan, and by Gul Agha January 21,

LAKE ELSINORE UNIFIED SCHOOL DISTRICT

Computer Science Information Sheet for entry in What is Computer Science?

Algorithms are the threads that tie together most of the subfields of computer science.

AUBURN UNIVERSITY RAYMOND J. HARBERT COLLEGE OF BUSINESS DEPARTMENT OF FINANCE FINC 3630: ADVANCED CORPORATE FINANCE SPRING 2014

Static analysis: from theory to practice

Rigorous Methods for Software Engineering (F21RS1) High Integrity Software Development

Northeast Blackout of 2003

Finance Life Insurance and Professional Financial Planning Spring, Instructor: Thomas S. Marshall. Office: 350D Friday Building

How To Write A Program Verification And Programming Book

Reasoning about Safety Critical Java

(575) and by prior appointment nmsu. edu

The Model Checker SPIN

sensors and actuators? How do we handle the errors introduced due to noise, quantization etc?

How To Get A Masters Degree In Logistics And Supply Chain Management

Mathematical Reasoning in Software Engineering Education. Peter B. Henderson Butler University

Comprehensive Static Analysis Using Polyspace Products. A Solution to Today s Embedded Software Verification Challenges WHITE PAPER

Model Checking: An Introduction

CS 356 Lecture 28 Internet Authentication. Spring 2013

Safety-Critical Firmware What can we learn from past failures?

Introduction to Database Systems CS4320. Instructor: Christoph Koch CS

SCADE Suite in Space Applications

Introduction to Computer Forensics Course Syllabus Spring 2012

Techniques for Evaluating Game Design

SOUTH TEXAS COLLEGE Bachelor Programs Bachelor of Applied Technology Computer and Information Technologies Fall 2011 Chair s Information:

Course Goals. Solve Non-Technical Customer problem Server side: Ruby on Rails Client side: HTML, CSS, AJAX, JavaScript Deploy using cloud computing

Numerology - A Case Study in Network Marketing Fractions

Quality Management. Lecture 12 Software quality management

Redefining Static Analysis A Standards Approach. Mike Oara CTO, Hatha Systems

CSC 341, section 001 Principles of Operating Systems Spring 2015 Monday/Wednesday 1:00 PM 2:15 PM

EDMS 769L: Statistical Analysis of Longitudinal Data 1809 PAC, Th 4:15-7:00pm 2009 Spring Semester

LEARNING SOLUTIONS website milner.com/learning phone

Model 2.4 Faculty member + student

Fundamentals of Programming Languages

Assessment for Master s Degree Program Fall Spring 2011 Computer Science Dept. Texas A&M University - Commerce

THE UNIVERSITY OF TEXAS AT AUSTIN Department of Aerospace Engineering and Engineering Mechanics. EM 311M - DYNAMICS Spring 2012 SYLLABUS

School of Computing and Information Sciences. Course Title: Computer Programming III Date: April 9, 2014

Microsoft Office Outlook 2013: Part 1

Merritt College Radiologic Science Program updated

Part 2: The Use of Software in Safety Critical Systems

Handout #1: Mathematical Reasoning

Managing and Maintaining Windows Server 2008 Servers (6430) Course length: 5 days

1. What college are you in?

UNDERGRADUATE COMPUTER SCIENCE EDUCATION: A NEW CURRICULUM PHILOSOPHY & OVERVIEW

Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois

BRAZOSPORT COLLEGE LAKE JACKSON, TEXAS SYLLABUS ITNW 2405: NETWORK ADMINISTRATION COMPUTER TECHNOLOGY & OFFICE ADMINISTRATION DEPARTMENT

IT 342 Operating Systems Fundamentals Fall 2014 Syllabus

Intro. to Data Visualization Spring 2016

Spring 2013 CS 6930 Advanced Topics in Web Security and Privacy - 3 Credit Hours Syllabus and Course Policies

CIS 771: Software Specifications. Lecture 1: Course Overview

Small bug, Big bang! Jean-Jacques Lévy Iscas & Inria

Syllabus Systems Analysis and Design Page 1 of 6

Eastern Washington University Department of Computer Science. Questionnaire for Prospective Masters in Computer Science Students

How To Improve Software Quality

COMPARATIVE INTERNATIONAL BUSINESS ECONOMICS 2162B-001 Department of Economics Western University

Security challenges for internet technologies on mobile devices

Software Quality. Learning outcomes and evaluation: Students that successfully complete the course will be able to:

Software security specification and verification

Chesapeake College. Syllabus. MAT 031 Elementary Algebra (silcox87517) John H. Silcox

BRAZOSPORT COLLEGE LAKE JACKSON, TEXAS SYLLABUS IMED 1316: WEB PAGE DESIGN I COMPUTER TECHNOLOGY & OFFICE ADMINISTRATION DEPARTMENT

THE UNIVERSITY OF TEXAS AT TYLER COLLEGE OF NURSING COURSE SYLLABUS NURS 5317 STATISTICS FOR HEALTH PROVIDERS. Fall 2013

Please consult the Department of Engineering about the Computer Engineering Emphasis.

Transcription:

Rigorous Software Development CSCI-GA 3033-009 Instructor: Thomas Wies Spring 2013 Lecture 1

Important Facts Office Hours: Thu 3-4pm, or by appointment Office: CIWW 407 Course web site: http://cs.nyu.edu/wies/teaching/rsd-13 Mailing list: csci_ga_3033_009_sp13@cs.nyu.edu

Prerequisites Discrete structures: sets, relations, functions Basic algorithms (undergraduate level) Mathematical maturity: comfort with notation, understand and write proofs Familiarity with Java-like languages (Moderate) programming experience

Grading Weekly Assignments: 30% (starting 02/03/12) Term Project: 30% Final Exam: 40%

Course Material Software Abstractions: Logic, Language, and Analysis (revised edition). Daniel Jackson, The MIT Press, 2006 The Formal Semantics of Programming Languages. Glynn Winskell, The MIT Press, 1993 Additional material on the course web site

Software Reliability Driving force to use computer systems: Increase the safety of technological artifacts But can we really build safe computer systems? Software and cathedrals are much the same. First we build them, then we pray. Sam Redwine

Maiden Flight of Ariane 5 Rocket Ariane 5 exploded on its first test flight in 1996 Cause: failure of flightcontrol software due to overflow in floating point to integer conversion Financial loss: $500,000,000 (including indirect costs: $2,000,000,000)

Therac-25 Radiation therapy machine Two modes: X-ray electron-beam Race condition in software caused use of electron-beam instead of X-ray six cases of radiation poisoning between 1985 and 1987, three of them fatal

Northeast Blackout in 2003 Cascading failure of power grid due to lightning stroke Race condition in energy control system stalled alarm in control room for > 1 hour Multiple server failures due to unprocessed events 55 million people affected

Economics of Software Errors Estimated annual costs of software errors in the US (2002) $60 billion (0.6% of GDP) Estimated size of the US software industry (2002) $240 billion (50% development) Estimated 50% of each software project is spent on testing

Testing Software validation the old-fashioned way: Create a test suite (set of test cases) Run the test suite Fix the software if test suite fails Ship the software if test suite passes

Program testing can be a very effective way to show the presence of bugs, but is hopelessly inadequate for showing their absence. Edsger W. Dijkstra Very hard to test the portion inside the if" statement! input x if (hash(x) == 10) {... }

Verification Verification: formally prove that a computing system satisfies its specifications Rigor: well established mathematical foundations Exhaustiveness: considers all possible behaviors of the system, i.e., finds all errors Automation: uses computers to build reliable computers Formal Methods: general area of research related to program specification and verification.

Success Stories of Formal Methods Astrée Static Analyzer Developed by Patrick Cousot s group and others Verify absence of runtime errors in C code for Embedded Systems Industrial applications include verification of Airbus fly-by-wire software

Success Stories of Formal Methods Static Driver Verifier, HAVOC, and VCC Developed at Microsoft Research Verification of OS code Applications: Windows Device Drivers Windows File System Windows Hypervisor Resource NodeBQueue Flink Blink NODEA ParentA State NodeALinks Flink Blink ParentA State NodeALinks Flink Blink... ParentA State NodeALinks Flink Blink NODEB NODEB NODEB #define FIRST_CHILD(x) x->nodebqueue.flink #define NEXT_NODE(x) x->nodealinks.flink type_invariant(pnodea x){ ENCL_NODEA(FIRST_CHILD(x))!= x ==> ENCL_NODEB(FIRST_CHILD(x))->ParentA == x } type_invariant(pnodeb y){ NEXT_NODE(y)!= &(y->parenta->nodebqueue) ==> y->parenta == ENCL_NODEB(NEXT_NODE(y))->ParentA }

Beware of bugs in the above code; I have only proved it correct, not tried it. Donald Knuth You can only verify what you have specified. Testing is still important, but can we make it less impromptu?

Rigorous Software Development Driving force to use computer systems: Increase the safety of technological artifacts But can we really build safe computer systems? In this course you will learn how to use software to build reliable software automated testing automated program verification how formal methods tools work under their hoods

Overview Topics Modeling Software Design by Contract Runtime Assertion Checking Automated Test Case Generation Extended Static Checking Semantics of Programming Languages Formal Verification Static Analysis Tools Alloy JML JMLUnit Korat Dafny

Dafny Demo

Daniel Jackson The Alloy Tool http://alloy.mit.edu

Alloy Analyzes micro models of software Helps to identify key properties of a software design find conceptual errors (not implementation errors) Small scope hypothesis: many properties that do not hold have small counterexamples Exhaustively search for errors in all instances of bounded size

Example Applications Security protocols Train controllers File systems Databases Network protocols Software design/testing/repair/sketching Many examples are shipped with Alloy. More can be found on the Alloy website.

Alloy in a Nutshell: A Simple Address Book Name addr Addr

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information