Abstract
Runtime assertion checking aspires to a similar level of sound and complete checking of software as does static deductive verification. Furthermore, for the same source language and specification language, runtime and static checking should implement as closely as possible the same semantics. We describe here the architecture used by two different systems to achieve this goal. We accompany that with descriptions of novel designs and implementations that add new capabilities to runtime assertion checking, bringing it closer to the feature coverage of static verification.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
As has abstract-interpretation-based static analysis, but in this paper we focus on proof-based verification.
- 2.
Here we are distinguishing runtime assertion checking from runtime verification [6], which typically deals with temporal properties, e.g. LTL properties.
- 3.
Similarly, runtime checking of JML does not encode unbounded or even very large ranges of quantification, though the language subset supported by RAC in OpenJML is not as precisely defined as E-ACSL is for Frama-C.
- 4.
This is not just a theoretical concern. The state-of-the-art in SMT technology is rapidly evolving, but still does not efficiently handle all the concepts natural to software. Proofs using bit-vector operations on 64-bit numbers and floating-point operations can routinely take tens of minutes if they complete at all; quantified expressions require heuristic algorithms to decide when to instantiate the expressions; recursion is not natural to ground solvers such as SMT tools; dynamic allocations and heterogeneous casts between integers and pointers (in C) require low-level memory models that make proof intractable.
- 5.
- 6.
- 7.
For example at NASA, some containment algorithms are verified at runtime [38].
- 8.
This theoretical limitation says that there is no terminating algorithm that can decide, statically through DV or at runtime through RAC, the equality relation between any pair of numbers that can be computed by Turing machines.
- 9.
See also sections “Software Using MPFR” and “Other Related Free Software” on MPFR’s webpage, https://www.mpfr.org/.
- 10.
References
Abrial, J.-R., Hoare, A., Chapron, P.: The B-Book: Assigning Programs to Meanings. Cambridge University Press, Cambridge (1996)
Ahrendt, W., Beckert, B., Bubel, R., Hähnle, R., Schmitt, P.H., Ulbrich, M. (eds.): Deductive Software Verification – The KeY Book. LNCS, vol. 10001. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-49812-6
Barnes, J.: Spark: The Proven Approach to High Integrity Software. Altran Praxis, UK (2012). http://www.altran.co.uk
Barnett, M., Fähndrich, M., Leino, K.R.M., Müller, P., Schulte, W., Venter, H.: Specification and verification: the Spec# experience. Commun. ACM 54(6), 81–91 (2011)
Barrett, C., Stump, A., Tinelli, C.: The SMT-LIB standard: version 2.0. In: Gupta, A., Kroening, D. (eds.) Proceedings of the 8th International Workshop on Satisfiability Modulo Theories (Edinburgh, England) (2010)
Bartocci, E., Falcone, Y., Francalanza, A., Reger, G.: Introduction to runtime verification. In: Bartocci, E., Falcone, Y. (eds.) Lectures on Runtime Verification. LNCS, vol. 10457, pp. 1–33. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-75632-5_1
Baudin, P., et al.: ACSL: ANSI/ISO C Specification Language
Blazy, S., Bühler, D., Yakobowski, B.: Structuring abstract interpreters through state and value abstractions. In: Bouajjani, A., Monniaux, D. (eds.) VMCAI 2017. LNCS, vol. 10145, pp. 112–130. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52234-0_7
Brahmi, A., Delmas, D., Essoussi, M.H., Randimbivololona, F., Atki, A., Marie, T.: Formalise to automate: deployment of a safe and cost-efficient process for avionics software. In: Embedded Real-Time Software and Systems (ERTS2 2018), January 2018
Burdy, L., et al.: An overview of JML tools and applications. In: Arts, T., Fokkink, W. (eds.) Eighth International Workshop on Formal Methods for Industrial Critical Systems (FMICS 2003). Electronic Notes in Theoretical Computer Science (ENTCS), vol. 80, pp. 73–89. Elsevier, June 2003
Chalin, P.: Logical foundations of program assertions: what do practitioners want? In: Third IEEE International Conference on Software Engineering and Formal Methods (SEFM 2005), pp. 383–393 (2005)
Chalin, P.: A sound assertion semantics for the dependable systems evolution verifying compiler. In: International Conference on Software Engineering (ICSE 2007), pp. 23–33, May 2007
Cok, D.R.: Improved usability and performance of SMT solvers for debugging specifications. STTT 12, 467–481 (2010)
Cok, D.R.: OpenJML: JML for Java 7 by extending OpenJDK. In: Bobaru, M., Havelund, K., Holzmann, G.J., Joshi, R. (eds.) NFM 2011. LNCS, vol. 6617, pp. 472–479. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20398-5_35
Cok, D.R.: OpenJML: software verification for Java 7 using JML, OpenJDK, and Eclipse. In: Workshop on Formal Integrated Development Environment (F-IDE 2014). EPTCS, vol. 149, pp. 79–92, 06 April 2014, Grenoble, France (2014)
Cok, D.R., Kiniry, J.R.: ESC/Java2: uniting ESC/Java and JML. In: Barthe, G., Burdy, L., Huisman, M., Lanet, J.-L., Muntean, T. (eds.) CASSIS 2004. LNCS, vol. 3362, pp. 108–128. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30569-9_6
Correnson, L., Signoles, J.: Combining analyses for C program verification. In: Stoelinga, M., Pinger, R. (eds.) FMICS 2012. LNCS, vol. 7437, pp. 108–130. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32469-7_8
Darulova, E., Kuncak, V.: Sound compilation of reals. In: The 41st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL 2014, San Diego, CA, USA, 20–21 January 2014, pp. 235–248 (2014)
Delahaye, M., Kosmatov, N., Signoles, J.: Common specification language for static and dynamic analysis of C programs. In: Symposium on Applied Computing (SAC 2013), March 2013
Fähndrich, M., Barnett, M., Leijen, D., Logozzo, F.: Integrating a set of contract checking tools into visual studio. In: TOPI@ICSE (2012)
Filliâtre, J.-C., Paskevich, A.: Why3 — where programs meet provers. In: Felleisen, M., Gardner, P. (eds.) ESOP 2013. LNCS, vol. 7792, pp. 125–128. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37036-6_8
Garland, S.J., Guttag, J.V.: A guide to LP, the larch prover. Technical report 82, Digital Equipment Corporation, Systems Research Center, 130 Lytton Avenue, Palo Alto, CA 94301, December 1991. Order from src-report@src.dec.com
Gowland, P., Lester, D.: A survey of exact arithmetic implementations. In: Blanck, J., Brattka, V., Hertling, P. (eds.) CCA 2000. LNCS, vol. 2064, pp. 30–47. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45335-0_3
Hatcliff, J., Leavens, G.T., Leino, K.R.M., Müller, P., Parkinson, M.: Behavioral interface specification languages. Technical report CS-TR-09-01, University of Central Florida, School of EECS, Orlando, FL, March 2009
Jakobsson, A., Kosmatov, N., Signoles, J.: Rester statique pour devenir plus rapide, plus précis et plus mince (French). In: Journées Francophones des Langages Applicatifs, JFLA 2015, January 2015. In French
Kirchner, F., Kosmatov, N., Prevosto, V., Signoles, J., Yakobowski, B.: Frama-C: a software analysis perspective. Formal Aspects Comput. 27(3), 573–609 (2015)
Le, V.H., Correnson, L., Signoles, J., Wiels, V.: Verification coverage for combining test and proof. In: Dubois, C., Wolff, B. (eds.) TAP 2018. LNCS, vol. 10889, pp. 120–138. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92994-1_7
Leino, K.R.M.: Dafny: an automatic program verifier for functional correctness. In: Clarke, E.M., Voronkov, A. (eds.) LPAR 2010. LNCS (LNAI), vol. 6355, pp. 348–370. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17511-4_20
Meyer, B.: Object-oriented Software Construction. Prentice Hall, New York (1988)
Müller, N.T.: The iRRAM: exact arithmetic in C++. In: Blanck, J., Brattka, V., Hertling, P. (eds.) CCA 2000. LNCS, vol. 2064, pp. 222–252. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45335-0_14
Petiot, G., Kosmatov, N., Botella, B., Giorgetti, A., Julliand, J.: Your proof fails? testing helps to find the reason. In: Aichernig, B.K.K., Furia, C.A.A. (eds.) TAP 2016. LNCS, vol. 9762, pp. 130–150. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-41135-4_8
Richardson, D.: Some undecidable problems involving elementary functions of a real variable. J. Symbolic Logic 33(4), 514–520 (1968)
Serebryany, K., Bruening, D., Potapenko, A., Vyukov, D.: AddressSanitizer: a fast address sanity checker. In: Annual Technical Conference (ATC 2012), June 2012
Seward, J., Nethercote, N.: Using valgrind to detect undefined value errors with bit-precision. In: Annual Technical Conference (ATC 2005), April 2005
Signoles, J.: E-ACSL: Executable ANSI/ISO C Specification Language. http://frama-c.com/download/e-acsl/e-acsl.pdf
Signoles, J., Kosmatov, N., Vorobyov, K.: E-ACSL, a runtime verification tool for safety and security of C programs. Tool paper. In: International Workshop on Competitions, Usability, Benchmarks, Evaluation, and Standardisation for Runtime Verification Tools (RV-CuBES 2017), September 2017
Spivey, J.M.: The Z notation: A Reference Manual. Prentice Hall International (UK) Ltd. (1992)
Titolo, L., Muñoz, C.A., Feliu, M.A., Moscato, M.M.: Eliminating Unstable Tests in Floating-Point Programs. ArXiv e-prints, August 2018. To appear in the proceedings of LOPSTR 2018
Alan Mathison Turing: On computable numbers, with an application to the entscheidungsproblem. Proc. Lond. Math. Soc. 2(1), 230–265 (1937)
Vorobyov, K., Kosmatov, N., Signoles, J.: Detection of security vulnerabilities in C code using runtime verification: an experience report. In: Dubois, C., Wolff, B. (eds.) TAP 2018. LNCS, vol. 10889, pp. 139–156. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-92994-1_8
Vorobyov, K., Signoles, J., Kosmatov, N.: Shadow state encoding for efficient monitoring of block-level properties. In: International Symposium on Memory Management (ISMM 2017), pp. 47–58, June 2017
OpenJDK. http://www.openjdk.org
Acknowledgements
This work is done in the context of project VESSEDIA, which has received funding from the European Union’s 2020 Research and Innovation Program under grant agreement No. 731453.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Maurica, F., Cok, D.R., Signoles, J. (2018). Runtime Assertion Checking and Static Verification: Collaborative Partners. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Verification. ISoLA 2018. Lecture Notes in Computer Science(), vol 11245. Springer, Cham. https://doi.org/10.1007/978-3-030-03421-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-030-03421-4_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03420-7
Online ISBN: 978-3-030-03421-4
eBook Packages: Computer ScienceComputer Science (R0)