Software unit test coverage and adequacy
ACM Computing Surveys (CSUR)
Extended static checking for Java
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
A Simple and Practical Approach to Unit Testing: The JML and JUnit Way
ECOOP '02 Proceedings of the 16th European Conference on Object-Oriented Programming
Houdini, an Annotation Assistant for ESC/Java
FME '01 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods for Increasing Software Productivity
An overview of JML tools and applications
International Journal on Software Tools for Technology Transfer (STTT) - Special section on formal methods for industrial critical systems
Reachability analysis for annotated code
Proceedings of the 2007 conference on Specification and verification of component-based systems: 6th Joint Meeting of the European Conference on Software Engineering and the ACM SIGSOFT Symposium on the Foundations of Software Engineering
The Daikon system for dynamic detection of likely invariants
Science of Computer Programming
Verification-centric realization of electronic vote counting
EVT'07 Proceedings of the USENIX Workshop on Accurate Electronic Voting Technology
Next Generation Java Testing: TestNG and Advanced Concepts
Next Generation Java Testing: TestNG and Advanced Concepts
FM '08 Proceedings of the 15th international symposium on Formal Methods
FoVeOOS'10 Proceedings of the 2010 international conference on Formal verification of object-oriented software
ESC/Java2: uniting ESC/Java and JML
CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
A test suite for safety-critical Java using JML
Proceedings of the 11th International Workshop on Java Technologies for Real-time and Embedded Systems
| Hi-index | 0.00 |
Formal specifications of standard libraries are necessary when statically verifying software that uses those libraries. Library specifications must be both correct, accurately reflecting library behavior, and useful, describing library behavior in sufficient detail to allow static verification of client programs. Specification and verification researchers regularly face the question of whether the library specifications we use are correct and useful, and we have collectively provided no good answers. Over the past few years we have created and refined a software engineering process, which we call the Formal CTD Process (FCTD), to address this problem. Although FCTD is primarily targeted toward those who write Java libraries (or specifications for existing Java libraries) using the Java Modeling Language (JML), its techniques are broadly applicable. The key to FCTD is its novel usage of library conformance test suites. Rather than executing the conformance tests, FCTD uses them to measure the correctness and utility of specifications through static verification. FCTD is beginning to see significant use within the JML community and is the cornerstone process of the JML Spec-a-thons, meetings that bring JML researchers and practitioners together for intensive specification writing sessions. This article describes the Formal CTD Process, its use in small case studies, and its broad application to the standard Java class library.