Formal Methods in Software Development (WS 2009/10)

Formal Methods in Software Development (WS 2009/10)
(KV3: 326.013, KV4: 326.053)

---

Time: Friday 8:30-11:45.
Room: T111
Start: October 9.

---

This course gives a survey on the use of formal methods for the development of reliable software. More specifically, we deal with

• specifying sequential programs and concurrent systems,
  
• computer-supported verification,
• extended static checking,
• model checking.

It is expected that a guest lecturer will present a special topic.

The course consists of two parts:

1. a lecture part where the fundamental issues of the field are taught, and
2. an exercise part where practical skills are trained using freely available software tools.

The grading of the course will be based on a couple of exercises and a final exam. The course is offered simultaneously as KV3 (for the master program "Software Engineering") and KV4 (for the master program "Computer Mathematics"). The detailed organization will be explained in class.

---

To take part in the course, you have to enrol in the KUSSS system (please make sure to enrol for KV3/326.013 or KV4/326.054, as required by your degree program). Since the exercises will be submitted via Moodle, you also have to login in Moodle and register as a course participant. You will then also receive per email all messages posted in the News forum.

---

Contents

• Computer Programs/Systems as Subjects of Formal Reasoning
  
• Introduction (4 on 1)
• Demonstration Examples
  
• Fehler im System: der Traum von Software ohne Bugs (restricted)
• Retrospective: Hoare: An Axiomatic Basis for Computer Programming (restricted)
• Formal Methods: Practice and Experience (local copy)
  
• The Language of Logic (4 on 1)
  
• Specifying and Verifying Sequential Programs
• Hoare Calculus and Predicate Transformers (4 on 1)
• An Axiomatic Basis for Computer Programming (restricted)
• Computer-Supported Program Verification with the RISC ProofNavigator (4 on 1)
• Demonstration Examples
• binarysearch2.pn
• Specifying and Verifying Java Programs
  
• The Java Modeling Language: Part 1 (4 on 1)
• The Java Modeling Language: Part 2 (4 on 1)
• Demonstration Examples
  
• Proof of Correctness of Data Representations (restricted)
• Formal Verification of Object-Oriented Software
  
• Extended Static Checking with ESC/Java2 (4 on 1)
• Demonstration Examples
  
• Verifying Java Programs with KeY (4 on 1)
• Demonstration Examples
• Specifying and Verifying Concurrent Systems
  
• Modeling Concurrent Systems (4 on 1)
• Demonstration Examples
  
• Specifying Properties of Concurrent Systems (4 on 1)
• Verifying Concurrent Systems (4 on 1)
• Demonstration Examples
  
• Abstrakte Kunst: Fehler finden durch Model Checker (restricted)
• Talking Model Checking Technology (restricted)
  

---

• Special Topic (to be announced)

---

Restricted Area

Software

• RISC ProofNavigator
  
• Java Modeling Language (JML) Tools
• Use the stable release 5.5 from the archive (not the newer release candidates); also note that the JML tools need an installation of Java 1.4.2.
• Extended Static Checking for Java (ESC/Java2)
  
• KeY Verification Environment
  
• Spin Model Checker
• Spin Online References
• Basic Spin Manual
• Concise Promela Reference
• Promela Language Reference
  

Alloy
Alloy is a structural modelling language based on first-order logic, for expressing complex structural constraints and behaviour. The Alloy Analyzer is a constraint solver that provides fully automatic simulation and checking. Unlike a programming language, an Alloy model is declarative: it can describe the effect of a behaviour without giving its mechanism. This allows very succinct and partial models to be constructed and analyzed. It is similar in spirit to the formal specification languages Z, VDM, Larch, B, OBJ, etc, but, unlike all of these, is amenable to fully automatic analysis in the style of a model checker. (Source: FAQ)

• Alloy Site (FAQ)
• Alloy 4 Analyzer
• Alloy 3 Reference Manual
• Alloy Analyzer Quick Guide
• Publications
  
• Alloy: A Lightweight Object Modelling Notation (original version of the language, now outdated)
  
• A Micromodularity Mechanism (revised version of the language)
• Formal Modeling and Analysis of a Flash Filesystem in Alloy
• Software Abstractions: Logic, Language, and Analysis
• Tutorial

Exercises

Exam