Course Project

Here you will find documents, files, and information related to the 2015 Software Verification Project.

• Project description (due date: by the end of 27.11.2015)
• Files: SV_AUTOPROOF.e, sv_boogie.bpl
  
  
• Questions and Answers (last modified: Wednesday, 25-Nov-2015 13:39:02 CET)
  
  
• Tools: AutoProof and Boogie

General

News

24.11.2015 — Schedule update! There will no longer be a formal exercise class on 25.11. The assistant, however, will be available for questions immediately after the guest lecture. The exercises on testing will be covered during the first half of the class on 2.12; the second half will cover general exam preparation and any further questions you might have.

27.10.2015 — Video lectures from the recent ETH Workshop on Software Correctness and Reliability are now available online. If you're interested in what's going on at the cutting edge of program verification research, they will certainly be worth a look.

07.10.2015 — The project description is now online. Please remember to register your teams before 14th October!

20.07.2015 — A tentative version of the course schedule is now online.

Course objectives

252-0239-00L Software Verification

After successfully taking this course, students will have a theoretical and practical understanding of:

• The principles behind fundamental software verification techniques, including Hoare-style axiomatic semantics, abstract interpretation, model checking, and testing.
• Application of the principles to the construction of verification tools, in particular program provers.
• Research challenges in these areas.

Course description

The idea of software verification has been around for decades, but only recently have the techniques become mature enough to be implemented and be applicable in practice. Progress has been made possible by the convergence of different techniques, originally developed in isolation.

This course embraces this diversity of approaches, by surveying some of the main ideas, techniques, and results in software verification. These include in particular:

• Axiomatic semantics, which provides a foundation of program correctness proofs by supplying a rigorous semantics of programs.
• Abstract interpretation, which provides a general framework to express and design static techniques for program analysis.
• Model checking, which provides efficient techniques for the exhaustive exploration of state-based models of programs and reactive systems.
• Testing, which provides the counterpart to exhaustive techniques by defining dynamic analyses to detect programming mistakes and correct them.

To demonstrate some of the techniques in practice, the course will offer a practical project requiring the application of verification tools to illustrative examples.

Course books

Some books are available online using your ETH accounts. Links are provided below where known.

Axiomatic semantics:

• Michael Huth and Mark Ryan. Logic in Computer Science: Modelling and Reasoning about Systems, second edition. Cambridge University Press, 2004.
• Aaron Bradley and Zohar Manna. The Calculus of Computation. Springer, 2007.
• David Gries. The Science of Programming. Springer, 1981.
• Bertrand Meyer. Introduction to the Theory of Programming Languages. Prentice Hall, 1990.
• Flemming Nielson and Hanne Riis Nielson. Semantics with Applications: An Appetizer. Springer, 2007.
• Krzysztof R. Apt, Frank S. de Boer, Ernst-Rüdiger Olderog. Verification of Sequential and Concurrent Programs. Springer, 2009.

Abstract interpretation:

• Flemming Nielson, Hanne Riis Nielson, Chris Hankin. Principles of Program Analysis. Springer, 2005.
• Neil D. Jones, Flemming Nielson. Abstract Interpretation: a Semantic-Based Tool for Program Analysis, in: Handbook of logic in computer science (vol. 4). Oxford University Press, 1995

Model checking and real-time:

• Edmund M. Clarke, Orna Grumberg, and Doron A. Peled. Model Checking. MIT Press, 2000.
• Carlo A. Furia, Dino Mandrioli, Angelo Morzenti, and Matteo Rossi. Modeling Time in Computing. Monographs in Theoretical Computer Science. An EATCS series. Springer, 2012.

Testing:

• Mauro Pezzè, Michal Young: Software Testing and Analysis: Process, Principles and Techniques, Wiley, 2007.
• Paul Ammann, Jeff Offutt: Introduction to Software Testing, Cambridge University Press, 2008.

Further reading

Axiomatic semantics:

• Robert Floyd: Assigning meanings to programs. Available online, for example here
• C.A.R. Hoare: An axiomatic basis for computer programming. Online, for example here
• Edsger W. Dijkstra: A discipline of programming. Prentice Hall, Eaglewood Cliffs, 1976.

Separation logic:

• A nice and simple introductory paper is available here.
• For more information, visit the Local Reasoning page of Peter O'Hearn.

Model checking:

• Several detailed presentations of automata-theoretic model-checking are available from Moshe Vardi; see in particular the one about linear temporal logic.

Real-time modeling and verification:

• A not too technical survey by Furia et al. is available here (ACM Computing Surveys, 42(2):1--59, February 2010).

Previous exams

• 2014 Solution
• 2013 Solution
• 2012 Solution
• 2011 Solution
• 2010 Solution
• 2009 Solution
• 2008
• 2007
• 2006 Solution

Lecture

Organisation

A few of the Wednesday classes (1 hour, 14-15) are given by guest speakers on a research topic related to the content of the preceding Monday class.

Dr. Chris Poskitt (CP) is the organising assistant for the course. Please contact him if you have any questions.

Schedule

Day	Time	Location
Monday	10:15-12:00	RZ F 21
Wednesday	14:15-15:00	RZ F 21
Wednesday	15:15-17:00	RZ F 21

Slides, Exercises, and Further Reading

Date	Lecture	Title (Lecturer)	Slides	Readings
Wed. 16.09	L1	Overview (BM)	Slides
Mon. 21.09	L2	Axiomatic semantics: basics (BM)	Slides	Hoare: An axiomatic basis for computer programming (1969) Meyer: Chapter 9: Axiomatic Semantics, Introduction to the Theory of Programming Languages (1990)
Wed. 23.09	L3	Axiomatic semantics: routines, functions, etc. (BM)	Slides
Wed. 23.09	E1	Axiomatic semantics exercises (CP)	Problems Solutions
Mon. 28.09	L4	Weakest preconditions (BM)	—	Dijkstra: A Discipline of Programming (1976) Dijkstra: Guarded commands, nondeterminacy and formal derivation of programs, Communications of the ACM (1975) Meyer: Section 9.8: The Calculus of Weakest Preconditions, Introduction to the Theory of Programming Languages (1990)
Wed. 30.09	L5	Auto-active verification (CP)	Slides	AutoProof and Boogie webpages
Wed. 30.09	E2	Auto-active verification exercises (CP)	Problems Solutions
Mon. 5.10	L6	Data flow analysis (SN)	Slides	Nielson et al.: Sections 1.1-1.3, 1.7, 2.1, 2.3, and 2.4 of Principles of Program Analysis (2005)
Wed. 7.10	L7	Data flow analysis: existence of solutions, slicing (SN)	Slides
Wed. 7.10	E3	Data flow analysis exercises (CP)	Problems Solutions
Mon. 12.10	L8	Abstract interpretation (SN)	Slides	Nielson et al.: Section 1.5, and Chapter 4 (advanced) of Principles of Program Analysis (2005) Jones & Nielson: Abstract interpretation: A semantics-based tool for program analysis (1994) Cousot & Cousot: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints (1977)
Wed. 14.10	G1	Guest talk: Scott West, Google (Software Quality at YouTube)	—
Wed. 14.10	E4	Slicing and abstract interpretation exercises (CP)	Problems Solutions
Mon. 19.10	L9	Model-checking (CAF)	Slides
Wed. 21.10	L10	Model-checking: continued (CAF)	—
Wed. 21.10	E5	Model-checking exercises (CP)	Problems Solutions
Mon. 26.10	L11	Software model-checking (CAF)	Slides
Wed. 28.10	L12	Software model-checking: continued (CAF)	—
Wed. 28.10	E6	Software model-checking exercises (CP)	Problems Solutions
Mon. 2.11	L13	Verification of real-time systems: model-checking with real-time temporal logic (CAF)	Slides
Wed. 4.11	L14	Verification of real-time systems: continued (CAF)	—
Wed. 4.11	E7	Verification of real-time systems exercises (CAF)	Problems Solutions
Mon. 9.11	L15	Separation logic: part 1 of 2 (CP)	Slides	O'Hearn: A primer on separation logic (2012) O'Hearn et al.: Local reasoning about programs that alter data structures (2001)
Wed. 11.11	L16	Separation logic: part 2 of 2 (CP)	Slides
Wed. 11.11	E8	Separation logic exercises (CP)	Problems Solutions
Mon. 16.11	L17	Separation logic for object-orientation (CP)	Slides	Parkinson & Bierman: Separation logic, abstraction and inheritance (2008) Parkinson & Bierman: Separation logic for object-oriented programming (2013)
Wed. 18.11	L18	Separation logic for object-orientation: continued (CP)	—
Wed. 18.11	E9	Program proofs: Hoare logic and separation logic exercises (CP)	Problems Solutions
Mon. 23.11	L19	Theory of Programs (BM)	Slides	Meyer: Theory of Programs (2015)
Wed. 25.11	G2	Guest talk: Alexey Kolesnichenko (AutoTest)	Slides	Project Page: AutoTest
Wed. 25.11		General Q&A session (no formal exercise sheet)	—
Mon. 30.11	L20	Testing (BM)	Slides
Wed. 2.12	G3	Guest talk: Max (Yu) Pei (AutoFix)	Slides	Project Page: AutoFix
Wed. 2.12	E10	Testing exercises and exam preparation (CP)	Problems Solutions
Mon. 7.12	L21	Testing: continued (BM)	—
Wed. 9.12		No exercise session (but office hours available upon request)	—
Mon. 14.12		Written exam	—