Skip to main content

Improving JML: For a Safer and More Effective Language

  • Conference paper
  • First Online:
FME 2003: Formal Methods (FME 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2805))

Included in the following conference series:

Abstract

An unusually high number of published JML specifications are invalid or inconsistent, including cases from the security critical area of smart card applications. We claim that these specification errors are due to a mismatch between user expectations and the current JML semantics of expressions over numeric types. At the heart of the problem is JML’s language design decision to assign to arithmetic operators the same semantics as in Java. Consequently, JML arithmetic is bounded in precision and more importantly loss of precision occurs stealthily. After a short discussion of JML language design goals and objectives, we introduce JMLa, an adaptation of JML supporting primitive arbitrary precision numeric types. To support our claim that the identified specification errors are due to JML’s divergence from user expectations, we demonstrate that the invalidities and inconsistencies disappear under JMLa semantics with either no, or minor syntactic changes to the specifications. Other advantages of JMLa are illustrated including safety – how it allows an automated static checker like ESC/Java to detect more specification and implementation errors. We also briefly illustrate how these issues are applicable to other assertion-based languages like Eiffel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Bowen, J.: WWW Virtual Library: Formal Methods (February 2003), http://www.afm.sbu.ac.uk

  2. Breunesse, C.-B., van den Berg, J., Jacobs, B.: Specifying and verifying a decimal representation in Java for smart cards. In: Kirchner, H., Ringeissen, C. (eds.) AMAST 2002. LNCS, vol. 2422, pp. 304–318. Springer, Heidelberg (2002), www.cs.kun.nl/indexes/~ceesb/decimal/Decimal.java

    Chapter  Google Scholar 

  3. Chalin, P., Grogono, P., Radhakrishnan, T.: Identification of and solutions to shortcomings of LCL, a Larch/C interface specification language. In: Gaudel, M.-C., Woodcock, J.C.P. (eds.) FME 1996. LNCS, vol. 1051, pp. 385–404. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  4. Cataño, N., Huisman, M.: Formal specification of Gemplus’ electronic purse case study. In: Eriksson, L.-H., Lindsay, P.A. (eds.) FME 2002. LNCS, vol. 2391, pp. 272–289. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  5. Chalin, P.: Back to Basics: Language Support and Semantics of Basic Infinite Integer Types in JML and Larch. Technical Report 2002-003.3, Computer Science Department, Concordia University (April 2003) (Previous revisions: March 2003, October 2002)

    Google Scholar 

  6. Evans, D., Larochelle, D.: Improving Security Using Extensible Lightweight Static Analysis. IEEE Software (January/ February 2002)

    Google Scholar 

  7. Finkel, R.A.: Advanced Programming Language Design. Addison-Wesley, Reading (1996)

    MATH  Google Scholar 

  8. Flanagan, C., Leino, R.K.M., Lillibridge, M., Nelson, G., Saxe, J.B., Stata, R.: Extended static checking for Java. In: Norris, C., Fenwick, J.B. (eds.) Proceedings of Conference on Programming Language Design and Implementation (PLDI 2002), June 17–19. ACM SIGPLAN, vol. 37(5), pp. 234–245 (2002)

    Google Scholar 

  9. Gemplus Purse applet, http://www.gemplus.com/smart/r_d/publications/casestudy

  10. Guttag, J.V., Horning, J.J. (eds.): Larch: Languages and Tools for Formal Specification. Texts and Monographs in Computer Science. Springer, Heidelberg (1993); With Garland, S.J., Jones, K.D., Modet, A., Wing, J.M.

    MATH  Google Scholar 

  11. Gosling, J., Joy, B., Steele, G., Bracha, G.: The JavaTM Language Specification, 2nd edn. Addison-Wesley, Reading (2000), Also java.sun.com/docs/books/jls/second_edition/html

    Google Scholar 

  12. Hubbers, E., Poll, E.: jml.javacard.framework.Util.jml . University of Nijmegen (2002), http://www.cs.kun.nl/indexes/~erikpoll/publications/jc211_specs/jml/javacard/framework/Util.jml

  13. Jacobs, B., Poll, E.: A Logic for the Java Modeling Language JML. In: Hussmann, H. (ed.) FASE 2001. LNCS, vol. 2029, pp. 284–299. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  14. Kiniry, J., Poll, E.: Opportunities and challenges for formal specification of Java programs. In: Trusted Components Workshop, Prato, Italy (January 2003)

    Google Scholar 

  15. Kahrs, S., Sannella, D., Tarlecki, A.: The definition of Extended ML: A gentle introduction. Theoretical Computer Science 173(2), 445–484 (1997)

    Article  MathSciNet  Google Scholar 

  16. Leavens, G.T., Baker, A.L., Ruby, C.: Preliminary Design of JML: A Behavioral Interface Specification Language for Java. Department of Computer Science, Iowa State University, TR #98-06t (December 2002)

    Google Scholar 

  17. Leavens, G.T., Baker, A.L., Ruby, C.: JML: A Notation for Detailed Design. In: Kilov, H., Rumpe, B., Simmonds, I. (eds.) Behavioral Specifications of Businesses and Systems. Ch. 12, pp. 175–188. Kluwer, Dordrecht (1999)

    Chapter  Google Scholar 

  18. Larch/C++ web page, www.cs.iastate.edu/~leavens/larchc++.html and www.cs.iastate.edu/~leavens/LarchC++.gif

  19. Leavens, G.T., Rustan, K., Leino, M., Poll, E., Ruby, C., Jacobs, B.: JML: notations and tools supporting detailed design in Java. In: OOPSLA 2000 Companion, Minneapolis, Minnesota, pp. 105–106 (2000)

    Google Scholar 

  20. Leavens, G.T.: A Java Modeling Language, slides from presentation given at Clemson University, May 31 (2002)

    Google Scholar 

  21. Leavens, G.T.: Larch/C++ Reference Manual, Iowa State University, Version 5.41 (April 1999)

    Google Scholar 

  22. Rustan, K., Leino, M.: Toward Reliable Modular Programs. PhD thesis, California Institute of Technology, Available as Technical Report Caltech-CSTR-95-03 (1995)

    Google Scholar 

  23. McIver, L., Conway, D.: Seven Deadly Sins of Introductory Programming Language Design. In: Proceedings, Software Engineering: Education & Practice 1996, pp. 309–316 (1996)

    Google Scholar 

  24. Meyer, B.: Eiffel: The Language. Object-Oriented Series. Prentice Hall, New York (1992)

    MATH  Google Scholar 

  25. Owre, S., Rajan, S., Rushby, J.M., Shankar, N., Srivas, M.: PVS: Combining specification, proof checking, and model checking. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 411–414. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  26. Parnas, D.L.: Description and Specification. In: Hoffman, D.M., Weiss, D.M. (eds.) Software Fundamentals: Collected Papers by David L. Parnas, pp. 1–6. Addison-Wesley, Reading (2001)

    Google Scholar 

  27. Poll, E., van den Berg, J., Jacobs, B.: Specification of the JavaCard API in JML. In: Fourth Smart Card Research and Advanced Application IFIP Conference, CARDIS 2000 (2000)

    Google Scholar 

  28. Poll, E., van den Berg, J., Jacobs, B.: Formal Specification of the JavaCard API in JML: the APDU class. Computer Networks 36(4), 407–421 (2001)

    Article  Google Scholar 

  29. Ruby, C., Leavens, G.T.: Safely Creating Correct Subclasses without Seeing Superclass Code. In: OOPSLA 2000 Conference Proceedings, October 2000. ACM SIGPLAN Notices, vol. 35(10), pp. 208–228 (2000)

    Google Scholar 

  30. Java Card 2.2 Virtual Machine Specification. Sun Microsystems. May 13 (2002)

    Google Scholar 

  31. van den Berg, J., Jacobs, B.: The LOOP compiler for Java and JML. In: Margaria, T., Yi, W. (eds.) TACAS 2001. LNCS, vol. 2031, pp. 299–312. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  32. Wing, J.M.: Writing Larch interface language specifications. ACM Transactions on Programming Languages and Systems 9(1), 1–24 (1987)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chalin, P. (2003). Improving JML: For a Safer and More Effective Language. In: Araki, K., Gnesi, S., Mandrioli, D. (eds) FME 2003: Formal Methods. FME 2003. Lecture Notes in Computer Science, vol 2805. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45236-2_25

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45236-2_25

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40828-4

  • Online ISBN: 978-3-540-45236-2

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics