Software Verification 1 Deductive Verification

Preview:

Click to see full reader

DESCRIPTION

Software Verification 1 Deductive Verification. Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik. Example: Binary Search. - PowerPoint PPT Presentation

Citation preview

8.12.2011

Software Verification 1Deductive Verification

Prof. Dr. Holger SchlingloffInstitut für Informatik der Humboldt Universität

und

Fraunhofer Institut für Rechnerarchitektur und Softwaretechnik

http://www.hu-berlin.de/index.html

Folie 2H. Schlingloff, Software Verification I

Example: Binary Search

•Extend the notion of “program variable” to indexed variables (v[i] for 1=1..n)

• Input: a sorted array x[0..n-1] (i (x[i-1]<x[i]) and a value a to search for

•Result: index i s.t. a>x[j] for 0<=j<i and a<=x[j] for i<=j<n

1.12.2011

Folie 3H. Schlingloff, Software Verification I

Binary Search Program

:i=0; k=n;while (i<k) { s=(i+k-1)/2; //integer division if (a>x[s]) i=s+1 else k=s}

1.12.2011

Show{n>=0 i(0<i<n (x[i-1]<x[i])}

{0<=i<=n j(0<=j<i x[j]<a j(i<=j<n

x[j]>=a}

Folie 4H. Schlingloff, Software Verification I

Invariant for Binary Search

• x is sorted 0 : i(0<i<n (x[i-1]<x[i])

• i is changed such that 1 : 0<=i<=n j(0<=j<i x[j]<a)

• k is changed such that 2 : 0<=k<=n j(k<=j<n x[j]>=a)

• additionally 3 : i<=k

Let = 0 1 2 3

8.12.2011

Folie 5H. Schlingloff, Software Verification I

Hoare Proof for Binary Search

{n>=0 i(0<i<n (x[i-1]<x[i])}i=0; k=n;{}while (i<k) { { i<k} s=(i+k-1)/2; //integer division if (a>x[s]) i=s+1 else k=s {}}{ i>=k}{i=k 0<=i<=n j(0<=j<i x[j]<a) j(k<=j<n x[j]>=a)}{0<=i<=n j(0<=j<i x[j]<a j(i<=j<n x[j]>=a)}

8.12.2011

Folie 6H. Schlingloff, Software Verification I

: 0 <= i <= k <= n j(0<=j<i x[j]<a) j(k<=j<n x[j]>=a) { i<k} s=(i+k-1)/2;{ i<k s==(i+k-1)/2}if (a>x[s]) i=s+1else k=s{}

holds since { i<k s=(i+k-1)/2 a>x[s]} {[i:=s+1]} i=s+1 {} { i<k s=(i+k-1)/2 a<=x[s]} {[k:=s]} k=s {}proof: see next

8.12.2011

Folie 7H. Schlingloff, Software Verification I

: 0 <= i <= k <= n j(0<=j<i x[j]<a) j(k<=j<n x[j]>=a)

Show: i<k s=(i+k-1)/2 x[s]<a [i:=s+1] i<k s=(i+k-1)/2 x[s]<a

0<= s+1 <= k <= n j(0<=j< s +1 x[j]<a) i<k s=(i+k-1)/2 x[s]<a

(i+k+1)/2 <= k j(0<=j<= (i+k-1)/2 x[j]<a)

holds since i<k i+k<k+k i+k+1<=2*k (i+k+1)/2<=k x[s]<a j=s x[j]<a 0 x[s]<a j<s x[j]<a

8.12.2011

Folie 8H. Schlingloff, Software Verification I

Last Example: Bubblesort

• Given an array x [0..n-1] of integers, the task is to sort x

• Bubblesort repeatedly exchanges “unordered” elements in x, e.g.: 6 – 3 – 8 – 4 – 1 3 – 6 – 8 – 4 – 1 3 – 6 – 8 – 4 – 1 3 – 6 – 4 – 8 – 1 3 – 6 – 4 – 1 – 8 3 – 6 – 4 – 1 – 8 3 – 4 – 6 – 1 – 8 3 – 4 – 1 – 6 – 8 3 – 1 – 4 – 6 – 8 etc.

8.12.2011

Folie 9H. Schlingloff, Software Verification I

Bubblesort Algorithm

:: i=n;: while (i>1) { : i=i-1; k=0; : while (k!=i){ : k++; : if (x[k-1]>x[k]) swap(x[k-1], x[k]) : }: }:

8.12.2011

Folie 10H. Schlingloff, Software Verification I

Specification of Sortedness

• x is sorted sorted(x): i(0<i<n x[i-1] <= x[i])

• x is a permutation of the input array ?

• For sake of simplicity: assume all elements in x are pairwise unequal:

diff(x): i,j(0<=i != j<n (x[i]!=x[j])} in this case, x is a permutation of y iff

perm(x,y): a(i x[i]==a i y[i]==a)

• Specification{x==y diff(x)} {sorted(x) perm(x,y)}

8.12.2011

Folie 11H. Schlingloff, Software Verification I

Invariant for Bubblesort

Invariant for loop at :after first iteration: x[n-1] at correct positionafter second iteration: x[n-1] and x[n-2] at correct positionafter third iteration: x[n-1] .. x[n-3] at correct position

...ordered(x, i): 1<=i<=n

j(i<=j<n x[j-1] < x[j]) j(0<=j<i <n x[j] <= x[i])

then we have: ordered(x, n) T ordered(x, 1) sorted(x)

I: diff(x) perm(x,y) ordered(x,i)

8.12.2011

Folie 12H. Schlingloff, Software Verification I

Proof of Outer Loop

x==y diff(x) perm(x,y): x==y diff(x) : x==y diff(x) i==n x==y diff(x) i==n diff(x) perm(x,y) ordered(x,i): x==y diff(x) : I

: I : I (i<=1) provided that : I (i>1) : Iperm(x,y) ordered(x,i) (i<=1) perm(x,y) sorted(x): I : sorted(x) perm(x,y)

: x==y diff(x) : perm(x,y) sorted(x)

that is, {x==y diff(x)} {sorted(x) perm(x,y)}

8.12.2011

Folie 13H. Schlingloff, Software Verification I

Inner Invariant

It remains to show: : I (i>1) : I

Invariant for loop at : perm(x,y) ordered(x,i+1) remains stable

goal of the inner loop: maximal element from x[0]...x[i-1] is moved to x[i-1]

after each step: 0<=k<=i j(0<=j<=k x[k]>=x[j])

I: perm(x,y) ordered(x,i+1) 0<=k<=i j(0<=j<=k x[k]>=x[j])

8.12.2011

Folie 14H. Schlingloff, Software Verification I

Proof of Inner Invariant

: I (i>1) : perm(x,y) ordered(x,i+1) k==0

perm(x,y) ordered(x,i+1) k==0 I: I (i>1) : I

: I : I (k==i), provided that : I (k!=i) : I

I (k==i) perm(x,y) ordered(x,i+1) j(0<=j<=i x[i]>=x[j])

: I (i>1) : I

it remains to show: : I (k!=i) : I

• perm(x,y) remains unchanged

• ordered(x,i+1) is not modified : 0<=k<=i j(0<=j<=k x[k]>=x[j]) k!=i

: 0<=k<=i j(0<=j<=k-1 x[k-1]>=x[j]) : I (k!=i) : 0<=k<=i j(0<=j<=k x[k]>=x[j])

8.12.2011

Recommended

Deductive Program Verification - LRI
Documents
Software Verification, весна 2010: Software Verification
Documents
Auto-Active Verification of Software with Timers and Clocks · 2016. 11. 1. · Goal : Formally verify STACs at the source code level using deductive (aka auto-active) verification
Documents
2em Deductive Verification of Programs · Computer Systems and Correctness I Suppose we design a (complex) software system. I We have requirements on how the system should function,
Documents
Amphion/NAV: Deductive Synthesis of State Estimation Software · 2008-06-05 · Amphion/NAV: Deductive Synthesis of State Estimation Software ... a means for a certification body
Documents
Software Verification / Testing
Documents
TMPA-2013 Anureyev: On the Road to Technology of Developing the Means of Deductive Program Verification
Documents
09-Software Validation, Verification
Documents
11.6.2015 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut
Documents
Modularity for Decidability of Deductive Verification …odedp/modularity-for...Modularity for Decidability of Deductive Veriication with Applications to Distributed Systems Marcelo
Documents
Software Engineering Verification and Validation Slide 1 Verification and Validation Software Engineering
Documents
Software requirement verification & validation
Education
Modularity for Decidability of Deductive Verification with
Documents
25.6.2015 Software Verification 1 Deductive Verification Prof. Dr. Holger Schlingloff Institut für Informatik der Humboldt Universität und Fraunhofer Institut
Documents
Algorithmic Software Verification
Documents
Modularity for decidability of deductive verification with …msagiv/ivy_deep18b.pdf · 2018-06-20 · •Satisfiability modulo theories (SMT) –major trend in software verification
Documents
Software Verification and Validation Prof. Lionel Briand ... · Software Verification and Validation Prof. Lionel ... • Founded the first IEEE conference on software verification
Documents
Dagstuhl Seminar "Applied Deductive Verification" November 2003 gretay Symbolically Computing Most-Precise Abstract Operations for Shape
Documents
Software Verification 1 Deductive Verification
Documents
Dependable Software Verification
Documents