Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download PPT
Transcript
CSE-321 Programming Languages Introduction to Logic in Computer Science 박성우 POSTECH June 11, 2013 Formal Verification Key Question in Software Development Is there an automated tool that locates errors in your software, or confirms the absence of errors in your software? – static analysis tool – formal verification tool 3 Market for Error-free Software • 2010 in the US: – software market: – cost of correcting errors: – cost of software errors: 310 billion dollars 20 billion dollars 60 billion dollars • "Product quality = Software quality" – in every arena: 4 Holy Grail in Software Development Software MRI / fMRI / PET 5 1st Generation - Testing • Methodology: 1. automatically generate test cases 2. run your software on each test case 3. analyze the result • Pros and cons: [+] relatively easy to implement [+] easy to comprehend test cases [-] low level of assurance • The most popular in industry 6 2nd Generation - Static Analysis [1/3] • Methodology: 1. analyze the source code of your software 2. approximate/emulate its run-time behavior 3. detect potential errors * image from http://ropas.snu.ac.kr/sparrow/wpaper.pdf 7 2nd Generation - Static Analysis [2/3] * image from http://ropas.snu.ac.kr/sparrow/wpaper.pdf 8 2nd Generation - Static Analysis [3/3] • Pros and cons: [+] easy to use • little user intervention [+] high level of assurance • If it says 'no bugs,' there are indeed no bugs. [+] can detect fatal bugs • buffer overrun, memory leak, double free, etc. [-] usually produces many false alarms • may not be so helpful to developers in practice. • Currently the most powerful technology 9 3rd Generation - Formal Verification [1/3] • Methodology: 1. write the specification for your software • Ex. "My software computes a solution to the equation ..." 2. formally prove that the source code meets the specification • automatically, using theorem provers • manually, using proof assistants • or using both 10 3rd Generation - Formal Verification [2/3] * image from http://frama-c.com/download/user-manual-Nitrogen-20111001.pdf 11 3rd Generation - Formal Verification [3/3] • Pros and cons [+] the highest level of assurance • A formal proof is produced. [+] can even prove the functional correctness • "The program correctly sorts a given array." [-] requires expertise in formal verification • MS degree at least! • The most advanced technology that is still evolving 12 Coq Programming in CSE-433 LICS Paper-and-Pencil Proof 14 Proof in Coq • Strings of matched parentheses Inductive T : Set := | eps : T | cons : E -> T -> T. Inductive mparen : T -> Prop := ... Inductive lparen : T -> Prop := ... Theorem mparen2lparen : forall s:T, mparen s -> lparen s. Proof. intros s H. induction H. apply Leps. rewrite <- concat_eps. auto using Leps, Lseq. auto using lparenConcat. Qed. 15 Coq Programming in LICS 2010 • Proof of the Pythagoras' theorem Theorem even_is_even_times_even: forall (n : nat), even (n * n) -> even n. Theorem main_thm: forall (n p : nat), n * n = double (p * p) -> p = 0. Definition irrational (x : R) : Prop := forall (p : Z) (q : nat), q <> 0 -> x <> (p / q)%R. Theorem irrational_sqrt_2: irrational (sqrt 2%nat). 16 Coq Programming in LICS 2010 • Proof of determinism of evaluations Theorem eval_deterministic : forall t t' t'', eval t t' -> eval t t'' -> t' = t''. • Proof of type safety in simply-typed lambda-calculus 17 Proof Theory in CSE-433 LICS 19 20 21 감사합니다 [email protected]
