Dynamically Discovering Likely Program Invariants to Support Program Evolution
IEEE Transactions on Software Engineering - Special issue on 1999 international conference on software engineering
Enhancing the Pre- and Postcondition Technique for More Expressive Specifications
FM '99 Proceedings of the Wold Congress on Formal Methods in the Development of Computing Systems-Volume II
| Hi-index | 0.00 |
This thesis presents three ideas. First, it presents a novel use of formal specification to promote a programming style based on specified interfaces and data abstraction in a programming language that lacks such supports. Second it illustrates the uses of claims about specifications. Third, it describes a software reengineering process for making existing software easier to maintain and reuse. The process centers around specifying existing software modules and using the specifications to drive the code improvement process. The Larch/C Interface Language, or LCL, is a formal specification language for documenting ANSI C software modules. Although C does not support abstract types, LCL is designed to support abstract types. A lint-like program, LCLint, enforces type discipline in clients of LCL abstract types. LCL is structured in a way that enables LCLint to extract information from an LCL specification for performing some consistency checks between the specification and its implementation. LCL also provides facilities to state claims, or redundant, problem-specific assertions about a specification. Claims enhance the role of specifications as a software documentation tool. Claims can be used to highlight important or unusual properties, promote design coherence of software modules, and aid in program reasoning. In addition, claims about a specification can be used to test the specification by proving that they follow semantically from the specification. A semantics of LCL suitable for reasoning about claims is given. A software reengineering process developed around LCL and claims is effective for improving existing programs. The impact of the process applied to an existing C program is described. The process improved the modularity and robustness of the program with changing its essential functionality or performance. A major product of the process is the specifications of the main modules of the reengineered program. A proof checker was used to verify some claims about the specifications; and in the process, several specifications mistakes were found. The specifications are also used to illustrate specification writing techniques and heuristics