Loading…
A formal verification framework for static analysis: As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY
Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a rang...
Saved in:
| Published in: | Software and systems modeling 2016-10, Vol.15 (4), p.987-1012 |
|---|---|
| Main Authors: | , , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Citations: | Items that this one cites |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | cdi_FETCH-LOGICAL-c216y-1cc09dab39078518834c21bfa94e6be65c2db4aaf1e4eb999b7a190e4fd9a0d23 |
| container_end_page | 1012 |
| container_issue | 4 |
| container_start_page | 987 |
| container_title | Software and systems modeling |
| container_volume | 15 |
| creator | Albert, Elvira Bubel, Richard Genaim, Samir Hähnle, Reiner Puebla, Germán Román-Díez, Guillermo |
| description | Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the
tools
, we formally verify the
results
of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with
costa
, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees.
Resource guarantees
allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees. |
| doi_str_mv | 10.1007/s10270-015-0476-y |
| format | article |
| fullrecord | <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_miscellaneous_1845815633</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>4189777541</sourcerecordid><originalsourceid>FETCH-LOGICAL-c216y-1cc09dab39078518834c21bfa94e6be65c2db4aaf1e4eb999b7a190e4fd9a0d23</originalsourceid><addsrcrecordid>eNp1kM1LxDAQxYMouKz7B3grePESnUnTtDkui1-w4EXPIU0TifZjTXaV_vemVEQETzPM-73h8Qg5R7hCgPI6IrASKGBBgZeCjkdkgQIlxbzkxz-7EKdkFaOvATiTkguxIPk6c0PodJt92OCdN3rvhz5zQXf2cwhvk5rFfbqaTPe6HaOPZ-TE6Tba1fdckufbm6fNPd0-3j1s1ltqGIqRojEgG13nEsqqwKrKeRJqpyW3oraiMKypudYOLbe1lLIuNUqw3DVSQ8PyJbmc_-7C8H6wca86H41tW93b4RAVVryosBB5ntCLP-jrcAgp70QxBjyFmCicKROGGIN1ahd8p8OoENTUpJqbVKlJNTWpxuRhsycmtn-x4dfnf01fnON1yQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>1822043903</pqid></control><display><type>article</type><title>A formal verification framework for static analysis: As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY</title><source>Springer Link</source><creator>Albert, Elvira ; Bubel, Richard ; Genaim, Samir ; Hähnle, Reiner ; Puebla, Germán ; Román-Díez, Guillermo</creator><creatorcontrib>Albert, Elvira ; Bubel, Richard ; Genaim, Samir ; Hähnle, Reiner ; Puebla, Germán ; Román-Díez, Guillermo</creatorcontrib><description>Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the
tools
, we formally verify the
results
of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with
costa
, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees.
Resource guarantees
allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees.</description><identifier>ISSN: 1619-1366</identifier><identifier>EISSN: 1619-1374</identifier><identifier>DOI: 10.1007/s10270-015-0476-y</identifier><language>eng</language><publisher>Berlin/Heidelberg: Springer Berlin Heidelberg</publisher><subject>Analyzers ; Compilers ; Computer programs ; Computer Science ; Cost analysis ; Information Systems Applications (incl.Internet) ; Interpreters ; IT in Business ; Programming Languages ; Programming Techniques ; Software ; Software Engineering ; Software Engineering/Programming and Operating Systems ; State of the art ; Static code analysis ; Systems analysis ; Theme Section Paper ; Translations</subject><ispartof>Software and systems modeling, 2016-10, Vol.15 (4), p.987-1012</ispartof><rights>Springer-Verlag Berlin Heidelberg 2015</rights><rights>Springer-Verlag Berlin Heidelberg 2016</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><cites>FETCH-LOGICAL-c216y-1cc09dab39078518834c21bfa94e6be65c2db4aaf1e4eb999b7a190e4fd9a0d23</cites></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27924,27925</link.rule.ids></links><search><creatorcontrib>Albert, Elvira</creatorcontrib><creatorcontrib>Bubel, Richard</creatorcontrib><creatorcontrib>Genaim, Samir</creatorcontrib><creatorcontrib>Hähnle, Reiner</creatorcontrib><creatorcontrib>Puebla, Germán</creatorcontrib><creatorcontrib>Román-Díez, Guillermo</creatorcontrib><title>A formal verification framework for static analysis: As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY</title><title>Software and systems modeling</title><addtitle>Softw Syst Model</addtitle><description>Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the
tools
, we formally verify the
results
of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with
costa
, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees.
Resource guarantees
allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees.</description><subject>Analyzers</subject><subject>Compilers</subject><subject>Computer programs</subject><subject>Computer Science</subject><subject>Cost analysis</subject><subject>Information Systems Applications (incl.Internet)</subject><subject>Interpreters</subject><subject>IT in Business</subject><subject>Programming Languages</subject><subject>Programming Techniques</subject><subject>Software</subject><subject>Software Engineering</subject><subject>Software Engineering/Programming and Operating Systems</subject><subject>State of the art</subject><subject>Static code analysis</subject><subject>Systems analysis</subject><subject>Theme Section Paper</subject><subject>Translations</subject><issn>1619-1366</issn><issn>1619-1374</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2016</creationdate><recordtype>article</recordtype><recordid>eNp1kM1LxDAQxYMouKz7B3grePESnUnTtDkui1-w4EXPIU0TifZjTXaV_vemVEQETzPM-73h8Qg5R7hCgPI6IrASKGBBgZeCjkdkgQIlxbzkxz-7EKdkFaOvATiTkguxIPk6c0PodJt92OCdN3rvhz5zQXf2cwhvk5rFfbqaTPe6HaOPZ-TE6Tba1fdckufbm6fNPd0-3j1s1ltqGIqRojEgG13nEsqqwKrKeRJqpyW3oraiMKypudYOLbe1lLIuNUqw3DVSQ8PyJbmc_-7C8H6wca86H41tW93b4RAVVryosBB5ntCLP-jrcAgp70QxBjyFmCicKROGGIN1ahd8p8OoENTUpJqbVKlJNTWpxuRhsycmtn-x4dfnf01fnON1yQ</recordid><startdate>20161001</startdate><enddate>20161001</enddate><creator>Albert, Elvira</creator><creator>Bubel, Richard</creator><creator>Genaim, Samir</creator><creator>Hähnle, Reiner</creator><creator>Puebla, Germán</creator><creator>Román-Díez, Guillermo</creator><general>Springer Berlin Heidelberg</general><general>Springer Nature B.V</general><scope>AAYXX</scope><scope>CITATION</scope><scope>3V.</scope><scope>7SC</scope><scope>7XB</scope><scope>8AL</scope><scope>8AO</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>8FK</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>GNUQQ</scope><scope>HCIFZ</scope><scope>JQ2</scope><scope>K7-</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>M0N</scope><scope>P5Z</scope><scope>P62</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>Q9U</scope></search><sort><creationdate>20161001</creationdate><title>A formal verification framework for static analysis</title><author>Albert, Elvira ; Bubel, Richard ; Genaim, Samir ; Hähnle, Reiner ; Puebla, Germán ; Román-Díez, Guillermo</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c216y-1cc09dab39078518834c21bfa94e6be65c2db4aaf1e4eb999b7a190e4fd9a0d23</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2016</creationdate><topic>Analyzers</topic><topic>Compilers</topic><topic>Computer programs</topic><topic>Computer Science</topic><topic>Cost analysis</topic><topic>Information Systems Applications (incl.Internet)</topic><topic>Interpreters</topic><topic>IT in Business</topic><topic>Programming Languages</topic><topic>Programming Techniques</topic><topic>Software</topic><topic>Software Engineering</topic><topic>Software Engineering/Programming and Operating Systems</topic><topic>State of the art</topic><topic>Static code analysis</topic><topic>Systems analysis</topic><topic>Theme Section Paper</topic><topic>Translations</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Albert, Elvira</creatorcontrib><creatorcontrib>Bubel, Richard</creatorcontrib><creatorcontrib>Genaim, Samir</creatorcontrib><creatorcontrib>Hähnle, Reiner</creatorcontrib><creatorcontrib>Puebla, Germán</creatorcontrib><creatorcontrib>Román-Díez, Guillermo</creatorcontrib><collection>CrossRef</collection><collection>ProQuest Central (Corporate)</collection><collection>Computer and Information Systems Abstracts</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>Computing Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ProQuest Central (Alumni)</collection><collection>ProQuest Central</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>AUTh Library subscriptions: ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central</collection><collection>ProQuest Central Student</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Computer Science Collection</collection><collection>Computer science database</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>Computing Database</collection><collection>ProQuest advanced technologies & aerospace journals</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>ProQuest Central Basic</collection><jtitle>Software and systems modeling</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Albert, Elvira</au><au>Bubel, Richard</au><au>Genaim, Samir</au><au>Hähnle, Reiner</au><au>Puebla, Germán</au><au>Román-Díez, Guillermo</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>A formal verification framework for static analysis: As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY</atitle><jtitle>Software and systems modeling</jtitle><stitle>Softw Syst Model</stitle><date>2016-10-01</date><risdate>2016</risdate><volume>15</volume><issue>4</issue><spage>987</spage><epage>1012</epage><pages>987-1012</pages><issn>1619-1366</issn><eissn>1619-1374</eissn><abstract>Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the
tools
, we formally verify the
results
of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with
costa
, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees.
Resource guarantees
allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees.</abstract><cop>Berlin/Heidelberg</cop><pub>Springer Berlin Heidelberg</pub><doi>10.1007/s10270-015-0476-y</doi><tpages>26</tpages></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1619-1366 |
| ispartof | Software and systems modeling, 2016-10, Vol.15 (4), p.987-1012 |
| issn | 1619-1366 1619-1374 |
| language | eng |
| recordid | cdi_proquest_miscellaneous_1845815633 |
| source | Springer Link |
| subjects | Analyzers Compilers Computer programs Computer Science Cost analysis Information Systems Applications (incl.Internet) Interpreters IT in Business Programming Languages Programming Techniques Software Software Engineering Software Engineering/Programming and Operating Systems State of the art Static code analysis Systems analysis Theme Section Paper Translations |
| title | A formal verification framework for static analysis: As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-27T07%3A17%3A36IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=A%20formal%20verification%20framework%20for%20static%20analysis:%20As%20well%20as%20its%20instantiation%20to%20the%20resource%20analyzer%20COSTA%20and%20formal%20verification%20tool%20KeY&rft.jtitle=Software%20and%20systems%20modeling&rft.au=Albert,%20Elvira&rft.date=2016-10-01&rft.volume=15&rft.issue=4&rft.spage=987&rft.epage=1012&rft.pages=987-1012&rft.issn=1619-1366&rft.eissn=1619-1374&rft_id=info:doi/10.1007/s10270-015-0476-y&rft_dat=%3Cproquest_cross%3E4189777541%3C/proquest_cross%3E%3Cgrp_id%3Ecdi_FETCH-LOGICAL-c216y-1cc09dab39078518834c21bfa94e6be65c2db4aaf1e4eb999b7a190e4fd9a0d23%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_pqid=1822043903&rft_id=info:pmid/&rfr_iscdi=true |