Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Typestate: A programming language concept for enhancing software reliability
IEEE Transactions on Software Engineering
Completeness and Consistency in Hierarchical State-Based Requirements
IEEE Transactions on Software Engineering - Special issue: best papers of the 17th International Conference on Software Engineering (ICSE-17)
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Enforcing high-level protocols in low-level software
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces
SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
Alloy: a lightweight object modelling notation
ACM Transactions on Software Engineering and Methodology (TOSEM)
Ownership types for safe programming: preventing data races and deadlocks
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Capabilities for Sharing: A Generalisation of Uniqueness and Read-Only
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Formal methods for smart cards: an experience report
Science of Computer Programming - Formal methods for components and objects pragmatic aspects and applications
Preliminary design of JML: a behavioral interface specification language for java
ACM SIGSOFT Software Engineering Notes
Checking JML specifications using an extensible software model checking framework
International Journal on Software Tools for Technology Transfer (STTT)
Modular typestate checking of aliased objects
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Model-Checking the Linux Virtual File System
VMCAI '09 Proceedings of the 10th International Conference on Verification, Model Checking, and Abstract Interpretation
Executing JML specifications of Java card applications: a case study
Proceedings of the 2009 ACM symposium on Applied Computing
Concurrency by default: using permissions to express dataflow in stateful programs
Proceedings of the 24th ACM SIGPLAN conference companion on Object oriented programming systems languages and applications
Seven at one stroke: LTL model checking for high-level specifications in B, Z, CSP, and more
International Journal on Software Tools for Technology Transfer (STTT)
Checking interference with fractional permissions
SAS'03 Proceedings of the 10th international conference on Static analysis
Validating Z specifications using the PROB animator and model checker
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
VeriFast: a powerful, sound, predictable, fast verifier for C and java
NFM'11 Proceedings of the Third international conference on NASA Formal methods
Property specifications for workflow modelling
Science of Computer Programming
Model checking z specifications using SAL
ZB'05 Proceedings of the 4th international conference on Formal Specification and Development in Z and B
| Hi-index | 0.00 |
We present a case study on the verification of the design of a commercial multi-threaded task server (MTTS), developed by the Novabase company, used for massively parallelizing computational tasks. In a first stage, we employed the Plural tool, which is designed to perform lightweight verification of Java programs using a data-flow analysis (DFA) framework, to specify and verify the MTTS. We wrote the Plural specification for the MTTS based on the code developed by Novabase, its informal documentation, and our discussions with Novabase engineers, who validated our understanding of the MTTS application. The Plural specification language is based on typestates and access permissions. In a second stage, we developed the Pulse tool, which enhances the analysis performed by Plural, and used the tool on the MTTS specifications. Pulse translates Plural specifications into an abstract state-machine model that captures the semantics of all the possible concurrent programs implementing the given specifications, and uses the evmdd-smc symbolic model checker to verify the machine model. The experimental results on the MTTS specification show that the exhaustive model-checking approach scales reasonably well and is efficient at finding errors in specifications that were not previously detected with the data-flow analysis (DFA) capabilities of Plural.