SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Partial Translation Verification for Untrusted Code-Generators
ICFEM '08 Proceedings of the 10th International Conference on Formal Methods and Software Engineering
Deriving Safety Cases for the Formal Safety Certification of Automatically Generated Code
Electronic Notes in Theoretical Computer Science (ENTCS)
Augmenting Counterexample-Guided Abstraction Refinement with Proof Templates
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
PtYasm: Software Model Checking with Proof Templates
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
| Hi-index | 0.00 |
Automated code generation is an enabling technology for model-based software development and promises many benefits, including higher quality and reduced turn-around times. However, the key to realizing these benefits is generator correctness: nothing is gained from replacing manual coding errors with automatic coding errors. Since the direct verification of generators is unfeasible with existing techniques, "correct-by-construction" approaches have been explored. However, these remain difficult to implement and to scale up, and have not seen widespread use. Currently, generators are validated primarily by testing [8], though this cannot guarantee correctness and quickly becomes excessive. Here we follow an alternative approach based on the observation that the correctness of the generator is irrelevant if instead the correctness of the generated programs is shown individually. Similar to proof carrying code [7], we focus on the Hoare-style certification of specific safety properties. This simplifies our task but still leaves the problem of constructing the appropriate logical annotations (i.e., pre-/postconditions and loop invariants), due to their central role in Hoare-style techniques.