chapter

The First Fifteen Years of the Verified Software Project

Theories of Programming: The Life and Works of Tony HoareOctober 2021Pages 93–124https://doi.org/10.1145/3477355.3477362

Published:02 October 2021Publication History

Theories of Programming: The Life and Works of Tony Hoare

Pages 93–124

References

J. Abrial. 1996. The B-Book—Assigning Programs to Meanings. Cambridge University Press. DOI: .Google ScholarCross Ref
J. R. Abrial. 1980. The Specification Language Z: Syntax and Semantics. Programming Research Group, Oxford University, Oxford, UK.Google Scholar
J. Abrial, S. A. Schuman, and B. Meyer. 1980. Specification language. In R. M. McKeag and A. M. Macnaghten (Eds.), On the Construction of Programs. Cambridge University Press, 343–410.Google Scholar
J. Alglave, D. Kroening, V. Nimal, and M. Tautschnig. 2013. Software verification for weak memory via program transformation. In M. Felleisen and P. Gardner (Eds.), Programming Languages and Systems—22nd European Symposium on Programming, ESOP 2013, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2013 (March 16–24, 2013). Proceedings, Vol. 7792 of Lecture Notes in Computer Science. Springer, Rome, Italy, 512–532. ISBN 978-3-642-37035-9. DOI: .Google ScholarDigital Library
R. Alur, C. Courcoubetis, and D. L. Dill. 1993. Model-checking in dense real-time. Inf. Comput. 104, 1, 2–34. DOI: .Google ScholarDigital Library
R. Alur, C. Courcoubetis, N. Halbwachs, T. A. Henzinger, P.-H. Ho, X. Nicollin, A. Olivero, J. Sifakis, and S. Yovine. 1995. The algorithmic analysis of hybrid systems. Theor. Comput. Sci. 138, 1, 3–34. DOI: .Google ScholarDigital Library
A. L. Ambler, D. I. Good, J. C. Browne, W. F. Burger, R. M. Cohen, C. G. Hoch, and R. E. Wells. Mar. 1977. Gypsy: A language for specification and implementation of verifiable programs. In D. B. Wortman (Ed.), Proceedings of an ACM Conference on Language Design for Reliable Software. ACM, 1–10. DOI: .Google ScholarDigital Library
V. Astrauskas, P. Müller, F. Poli, and A. J. Summers. 2019. Leveraging Rust types for modular specification and verification. In Object-Oriented Programming Systems, Languages, and Applications (OOPSLA), Vol. 3. ACM, 147:1–147:30. DOI: .Google ScholarDigital Library
M. F. Atig, A. Bouajjani, and G. Parlato. 2011. Getting rid of store-buffers in TSO analysis. In Gopalakrishnan and Qadeer [2011]. 99–115. ISBN 978-3-642-22109-5. DOI: .Google ScholarCross Ref
B. E. Aydemir, A. Bohannon, M. Fairbairn, J. N. Foster, B. C. Pierce, P. Sewell, D. Vytiniotis, G. Washburn, S. Weirich, and S. Zdancewic. 2005. Mechanized metatheory for the masses: The POPLMark challenge. In J. Hurd and T. F. Melham (Eds.), TPHOLs, Vol. 3603 of Lecture Notes in Computer Science. Springer, 50–65. ISBN 3-540-28372-2. DOI: .Google ScholarCross Ref
R. Back and J. von Wright. 1998. Refinement Calculus: A Systematic Introduction. Springer.Google ScholarCross Ref
M. Barnett, B.-Y. E. Chang, R. DeLine, B. Jacobs, and K. R. M. Leino. 2005. Boogie: A modular reusable verifier for object-oriented programs. In International Symposium on Formal Methods for Components and Objects. Springer, 364–387.Google Scholar
M. Barnett, M. Fähndrich, K. R. M. Leino, P. Müller, W. Schulte, and H. Venter. June 2011. Specification and verification: The Spec# experience. Commun. ACM 54, 6, 81–91. DOI: .Google ScholarDigital Library
C. Barrett, L. de Moura, and A. Stump. 2005. Design and results of the 1st Satisfiability Modulo Theories Competition (SMT-COMP 2005). J. Autom. Reason. 35, 4, 373–390. DOI: .Google ScholarDigital Library
C. W. Barrett, C. L. Conway, M. Deters, L. Hadarean, D. Jovanovic, T. King, A. Reynolds, and C. Tinelli. 2011. In Gopalakrishnan and Qadeer [2011]. CVC4. 171–177. ISBN 978-3-642-22109-5. DOI: .Google ScholarCross Ref
G. Barthe, B. Grégoire, and S. Z. Béguelin. 2009. Formal certification of code-based cryptographic proofs. In Shao and Pierce [2009]. 90–101. ISBN 978-1-60558-379-2. DOI: .Google ScholarDigital Library
G. Barthe, P. R. D’Argenio, and T. Rezk. 2011. Secure information flow by self-composition. Math. Struct. Comput. Sci. 21, 6, 1207–1252. DOI: .Google ScholarDigital Library
G. Barthe, C. Fournet, B. Grégoire, P.-Y. Strub, N. Swamy, and S. Zanella-Béguelin. 2014. Probabilistic relational verification for cryptographic implementations. ACM SIGPLAN Not. 49, 1, 193–205. DOI: .Google ScholarDigital Library
N. Benton. 2004. Simple relational correctness proofs for static analyses and program transformations. In N. D. Jones and X. Leroy (Eds.), Proceedings of the 31st ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages, POPL 2004 (January 14–16, 2004). ACM, Venice, Italy, 14–25. ISBN 1-58113-729-X. DOI: .Google ScholarDigital Library
J. Berdine, C. Calcagno, and P. W. O’Hearn. 2005. Symbolic execution with separation logic. In K. Yi (Ed.), Programming Languages and Systems, Third Asian Symposium, APLAS 2005 (November 2–5, 2005). Proceedings, Vol. 3780 of Lecture Notes in Computer Science. Springer, Tsukuba, Japan, 52–68. ISBN 3-540-29735-9. DOI: .Google ScholarDigital Library
Y. Bertot and P. Castéran. 2004. Interactive Theorem Proving and Program Development—Coq ’Art: The Calculus of Inductive Constructions. Texts in Theoretical Computer Science. An EATCS Series. Springer. ISBN 978-3-642-05880-6. DOI: .Google ScholarCross Ref
W. R. Bevier, W. A. Hunt Jr, J. S. Moore, and W. D. Young. Dec. 1989. An approach to systems verification. J. Autom. Reason. 5, 4, 411–428.Google ScholarDigital Library
A. Biere and R. Bloem (Eds.), 2014. Computer Aided Verification—26th International Conference, CAV 2014, Held as Part of the Vienna Summer of Logic, VSL 2014 (July 18–22, 2014). Proceedings, Vol. 8559 of Lecture Notes in Computer Science. Springer, Vienna, Austria. ISBN 978-3-319-08866-2. DOI: .Google ScholarCross Ref
L. Birkedal, N. Torp-Smith, and H. Yang. 2005. Semantics of separation-logic typing and higher-order frame rules. In 20th IEEE Symposium on Logic in Computer Science (LICS 2005) (26–29 June 2005), Proceedings. IEEE Computer Society, Chicago, IL, 260–269. ISBN 0-7695-2266-1. DOI: .Google ScholarDigital Library
D. Bjørner and C. B. Jones (Eds.), 1978. The Vienna Development Method: The Meta-Language, Vol. 61 of Lecture Notes in Computer Science. Springer. ISBN 3-540-08766-4. DOI: .Google ScholarCross Ref
N. Bjørner, A. Gurfinkel, K. McMillan, and A. Rybalchenko. 2015. Horn clause solvers for program verification. In Fields of Logic and Computation II. Springer, 24–51. DOI: .Google ScholarCross Ref
A. Blanchard, F. Loulergue, and N. Kosmatov. 2019. Towards full proof automation in Frama-C using auto-active verification. In J. M. Badger and K. Y. Rozier (Eds.), NASA Formal Methods (NFM), Vol. 11460 of Lecture Notes in Computer Science. Springer, 88–105. DOI: .Google ScholarCross Ref
S. Blom, S. Darabi, M. Huisman, and W. Oortwijn. 2007. The VerCors tool set: Verification of parallel and concurrent software. In N. Polikarpova and S. Schneider (Eds.), Integrated Formal Methods (IFM), Vol. 10510 of Lecture Notes in Computer Science. Springer, 102–110. DOI: .Google ScholarCross Ref
M. G. Bobaru, K. Havelund, G. J. Holzmann, and R. Joshi (Eds.), 2011. NASA Formal Methods—Third International Symposium, NFM 2011 (April 18–20, 2011). Proceedings, Vol. 6617 of Lecture Notes in Computer Science. Springer, Pasadena, CA. ISBN 978-3-642-20397-8. DOI: .Google ScholarCross Ref
R. S. Boyer and J. S. Moore. 1979. A Computational Logic Handbook, Vol. 23 of Perspectives in Computing. Academic Press. ISBN 978-0-12-122952-8.Google Scholar
R. S. Boyer and J. S. Moore. 1998. A Computational Logic Handbook, Second Edition. Academic Press International Series in Formal Methods. Academic Press. ISBN 978-0-12-122955-9.Google Scholar
J. Boyland. 2003. Checking interference with fractional permissions. In R. Cousot (Ed.), Static Analysis, 10th International Symposium, SAS 2003 (June 11–13, 2003). Proceedings, Vol. 2694 of Lecture Notes in Computer Science. Springer, San Diego, CA, 55–72. ISBN 3-540-40325-6. DOI: .Google ScholarCross Ref
A. R. Bradley. 2011. SAT-based model checking without unrolling. In R. Jhala and D. A. Schmidt (Eds.), Verification, Model Checking, and Abstract Interpretation—12th International Conference, VMCAI 2011 (January 23–25, 2011). Proceedings, Vol. 6538 of Lecture Notes in Computer Science. Springer, Austin, TX, 70–87. ISBN 978-3-642-18274-7. DOI: .Google ScholarCross Ref
J. R. Burch, E. M. Clarke, K. L. McMillan, D. L. Dill, and L. J. Hwang. 1990. Symbolic model checking: 1020 states and beyond. In Proceedings of the Fifth Annual Symposium on Logic in Computer Science (LICS’90) (June 4–7, 1990). IEEE Computer Society, Philadelphia, PA, 428–439. ISBN 0-8186-2073-0. DOI: .Google ScholarCross Ref
R. Butler, G. Hagen, J. Maddalon, C. Muñoz, A. Narkawicz, and G. Dowek. April 2010. How formal methods impels discovery: A short history of an air traffic management project. In C. Muñoz (Ed.), Proceedings of the Second NASA Formal Methods Symposium (NFM 2010), NASA/CP-2010-216215. NASA, Langley Research Center, Hampton VA 23681-2199, 34–46.Google Scholar
C. Cadar, D. Dunbar, and D. R. Engler. 2008. KLEE: Unassisted and automatic generation of high-coverage tests for complex systems programs. In R. Draves and R. van Renesse (Eds.), 8th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2008 (December 8–10, 2008), Proceedings. USENIX Association, San Diego, CA, 209–224. ISBN 978-1-931971-65-2. http://www.usenix.org/events/osdi08/tech/full_papers/cadar/cadar.pdf.Google Scholar
C. Calcagno and D. Distefano. 2011. Infer: An automatic program verifier for memory safety of C programs. In Bobaru et al. [2011]. 459–465. ISBN 978-3-642-20397-8. DOI: .Google ScholarCross Ref
C. Calcagno, D. Distefano, P. W. O’Hearn, and H. Yang. 2009. Compositional shape analysis by means of bi-abduction. In Shao and Pierce [2009]. 289–300. ISBN 978-1-60558-379-2. DOI: .Google ScholarDigital Library
Q. Cao, L. Beringer, S. Gruetter, J. Dodds, and A. W. Appel. 2018. VST-Floyd: A separation logic tool to verify correctness of C programs. J. Autom. Reason. 61, 1–4, 367–422. DOI: .Google ScholarDigital Library
M. Carter, S. He, J. Whitaker, Z. Rakamaric, and M. Emmi. 2016. SMACK software verification toolchain. In L. K. Dillon, W. Visser, and L. Williams (Eds.), International Conference on Software Engineering (ICSE). ACM, 589–592. DOI: .Google ScholarDigital Library
H. Chen, D. Ziegler, T. Chajed, A. Chlipala, M. F. Kaashoek, and N. Zeldovich. 2015. Using Crash Hoare logic for certifying the FSCQ file system. In Proceedings of the 25th Symposium on Operating Systems Principles. 18–37. DOI: .Google ScholarDigital Library
M. Christakis and P. Godefroid. 2015. Proving memory safety of the ANI Windows image parser using compositional exhaustive testing. In D. D’Souza, A. Lal, and K. G. Larsen (Eds.), Verification, Model Checking, and Abstract Interpretation—16th International Conference, VMCAI 2015 (January 12–14, 2015). Proceedings, Vol. 8931 of Lecture Notes in Computer Science. Springer, Mumbai, IN, 373–392. ISBN 978-3-662-46080-1. DOI: .Google ScholarDigital Library
E. M. Clarke and E. A. Emerson. 1981. Design and synthesis of synchronization skeletons using branching-time temporal logic. In D. Kozen (Ed.), Logics of Programs, Workshop, Yorktown Heights (May 1981), Vol. 131 of Lecture Notes in Computer Science. Springer, New York, 52–71. ISBN 3-540-11212-X. DOI: .Google ScholarCross Ref
E. M. Clarke, E. A. Emerson, and A. P. Sistla. 1983. Automatic verification of finite state concurrent systems using temporal logic specifications: A practical approach. In J. R. Wright, L. Landweber, A. J. Demers, and T. Teitelbaum (Eds.), Conference Record of the Tenth Annual ACM Symposium on Principles of Programming Languages (January 1983). ACM Press, Austin, TX, 117–126. ISBN 0-89791-090-7. DOI: .Google ScholarDigital Library
E. M. Clarke, E. A. Emerson, and A. P. Sistla. Apr. 1986. Automatic verification of finite-state concurrent systems using temporal logic specifications. ACM Trans. Program. Lang. Syst. 8, 2, 244–263.Google ScholarDigital Library
E. M. Clarke, A. Biere, R. Raimi, and Y. Zhu. 2001. Bounded model checking using satisfiability solving. Form. Methods Syst. Des. 19, 1, 7–34. DOI: .Google ScholarDigital Library
E. M. Clarke, T. A. Henzinger, H. Veith, and R. Bloem (Eds.), 2018. Handbook of Model Checking. Springer.Google Scholar
E. Cohen, M. Moskal, W. Schulte, and S. Tobies. 2010. Local verification of global invariants in concurrent programs. In T. Touili, B. Cook, and P. Jackson (Eds.), Computer Aided Verification (CAV), Vol. 6174 of Lecture Notes in Computer Science. Springer, 480–494. DOI: .Google ScholarDigital Library
R. L. Constable, S. F. Allen, H. M. Bromley, W. R. Cleaveland, J. F. Cremer, R. W. Harper, D. J. Howe, T. B. Knoblock, N. P. Mendler, P. Panangaden, J. T. Sasaki, and S. F. Smith. 1986. Implementing Mathematics with the Nuprl Proof Development System. Prentice Hall, Englewood Cliffs, NJ. Nuprl home page: http://www.nuprl.org/.Google Scholar
P. Cousot and R. Cousot. 1977. Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In R. M. Graham, M. A. Harrison, and R. Sethi (Eds.), Conference Record of the Fourth ACM Symposium on Principles of Programming Languages (January 1977). ACM, Los Angeles, CA, 238–252. DOI: .Google ScholarDigital Library
L. M. de Moura and N. Bjørner. 2008. Z3: An efficient SMT solver. In C. R. Ramakrishnan and J. Rehof (Eds.), Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008 (March 29–April 6, 2008). Proceedings, Vol. 4963 of Lecture Notes in Computer Science. Springer, Budapest, Hungary, 337–340. ISBN 978-3-540-78799-0. DOI: .Google ScholarCross Ref
A. Delignat-Lavaud, C. Fournet, M. Kohlweiss, J. Protzenko, A. Rastogi, N. Swamy, S. Z. Béguelin, K. Bhargavan, J. Pan, and J. K. Zinzindohoue. 2017. Implementing and proving the TLS 1.3 record layer. In 2017 IEEE Symposium on Security and Privacy, SP 2017 (May 22–26, 2017). IEEE Computer Society, San Jose, CA, 463–482. ISBN 978-1-5090-5533-3. DOI: .Google ScholarCross Ref
D. Detlefs, G. Nelson, and J. B. Saxe. 2005. Simplify: A theorem prover for program checking. J. ACM 52, 3, 365–473. DOI: .Google ScholarDigital Library
D. L. Detlefs, K. R. M. Leino, G. Nelson, and J. B. Saxe. 1998. Extended Static Checking. Technical Report 159, COMPAQ Systems Research Center.Google Scholar
E. W. Dijkstra. 1975. Guarded commands, nondeterminacy and formal derivation of programs. Commun. ACM 18, 8, 453–457. DOI: .Google ScholarDigital Library
E. W. Dijkstra. Dec. 1989. On the cruelty of really teaching computing science. Commun. ACM 32, 1, 1398–1404.Google Scholar
T. Dinsdale-Young, M. Dodds, P. Gardner, M. J. Parkinson, and V. Vafeiadis. 2010. Concurrent abstract predicates. In T. D’Hondt (Ed.), ECOOP 2010—Object-Oriented Programming, 24th European Conference (June 21–25, 2010). Proceedings, Vol. 6183 of Lecture Notes in Computer Science. Springer, Maribor, Slovenia, 504–528. ISBN 978-3-642-14106-5. DOI: .Google ScholarCross Ref
D. Distefano, M. Fähndrich, F. Logozzo, and P. W. O’Hearn. 2019. Scaling static analyses at Facebook. Commun. ACM 62, 8, 62–70. DOI: .Google ScholarDigital Library
B. Dutertre. 2014. Yices 2.2. In Biere and Bloem [2014]. 737–744. ISBN 978-3-319-08866-2. DOI: .Google ScholarDigital Library
N. Eén, A. Mishchenko, and R. K. Brayton. 2011. Efficient implementation of property directed reachability. In P. Bjesse and A. Slobodová (Eds.), International Conference on Formal Methods in Computer-Aided Design, FMCAD ’11 (October 30–November 02, 2011). FMCAD, Inc., Austin, TX, 125–134. ISBN 978-0-9835678-1-3. http://dl.acm.org/citation.cfm?id=2157675.Google Scholar
M. Eilers and P. Müller. 2018. Nagini: A static verifier for Python. In H. Chockler and G. Weissenbacher (Eds.), Computer Aided Verification (CAV), Vol. 10982 of Lecture Notes in Computer Science. Springer, 596–603.Google Scholar
B. Elspas, K. N. Levitt, R. J. Waldinger, and A. Waksman. 1972. An assessment of techniques for proving program correctness. ACM Comput. Surv. 4, 2, 97–147. ISSN 0360-0300. DOI: .Google ScholarDigital Library
X. Feng, R. Ferreira, and Z. Shao. 2007. On the relationship between concurrent separation logic and assume–guarantee reasoning. In R. D. Nicola (Ed.), ESOP: Programming Languages and Systems. Springer, 173–188.Google Scholar
J.-C. Filliâtre and C. Marché. 2007. The Why/Krakatoa/Caduceus platform for deductive program verification. In W. Damm and H. Hermanns (Eds.), Computer Aided Verification (CAV), Vol. 4590 of Lecture Notes in Computer Science. Springer, 173–177.Google Scholar
J.-C. Filliâtre and A. Paskevich. 2013. Why3—Where programs meet provers. In M. Felleisen and P. Gardner (Eds.), Programming Languages and Systems (ESOP), Vol. 7792 of Lecture Notes in Computer Science. Springer, 125–128.Google Scholar
R. W. Floyd. 1967. Assigning meanings to programs. In Mathematical Aspects of Computer Science, Vol. 19. American Mathematical Society, 19–32.Google ScholarCross Ref
P. Fonseca, K. Zhang, X. Wang, and A. Krishnamurthy. 2017. An empirical study on the correctness of formally verified distributed systems. In G. Alonso, R. Bianchini, and M. Vukolic (Eds.), Proceedings of the Twelfth European Conference on Computer Systems, EuroSys 2017 (April 23–26, 2017). ACM, Belgrade, Serbia, 328–343. ISBN 978-1-4503-4938-3. DOI: .Google ScholarDigital Library
T. Gehr, M. Mirman, D. Drachsler-Cohen, P. Tsankov, S. Chaudhuri, and M. T. Vechev. 2018. AI2: Safety and robustness certification of neural networks with abstract interpretation. In 2018 IEEE Symposium on Security and Privacy, SP 2018, Proceedings (21–23 May 2018). IEEE Computer Society, San Francisco, CA, 3–18. ISBN 978-1-5386-4353-2. DOI: .Google ScholarCross Ref
S. L. Gerhart, D. R. Musser, D. H. Thompson, D. A. Baker, R. L. Bates, R. W. Erickson, R. L. London, D. G. Taylor, and D. S. Wile. Oct. 1980. An overview of AFFIRM: A specification and verification system. In S. H. Lavington (Ed.), Proceedings of IFIP Congress 80. North-Holland, Tokyo, Japan, 343–347.Google Scholar
P. Godefroid, N. Klarlund, and K. Sen. 2005. DART: Directed automated random testing. In V. Sarkar and M. W. Hall (Eds.), Proceedings of the ACM SIGPLAN 2005 Conference on Programming Language Design and Implementation (June 12–15, 2005). ACM, Chicago, IL, 213–223. ISBN 1-59593-056-6. DOI: .Google ScholarDigital Library
P. Godefroid, M. Y. Levin, and D. A. Molnar. 2012. SAGE: Whitebox fuzzing for security testing. Commun. ACM 55, 3, 40–44. DOI: .Google ScholarDigital Library
G. Gopalakrishnan and S. Qadeer (Eds.), 2011. Computer Aided Verification—23rd International Conference, CAV 2011 (July 14–20, 2011). Proceedings, Vol. 6806 of Lecture Notes in Computer Science. Springer, Snowbird, UT. ISBN 978-3-642-22109-5. DOI: .Google ScholarCross Ref
M. J. C. Gordon and T. F. Melham (Eds.), 1993. Introduction to HOL: A Theorem Proving Environment for Higher-Order Logic. Cambridge University Press, Cambridge, UK. HOL home page: http://www.cl.cam.ac.uk/Research/HVG/HOL/.Google Scholar
R. Gu, Z. Shao, H. Chen, X. N. Wu, J. Kim, V. Sjöberg, and D. Costanzo. 2016. CertiKOS: An extensible architecture for building certified concurrent OS kernels. In K. Keeton and T. Roscoe (Eds.), 12th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2016 (November 2–4, 2016). USENIX Association, Savannah, GA, 653–669. https://www.usenix.org/conference/osdi16/technical-sessions/presentation/gu.Google Scholar
A. Gurfinkel, T. Kahsai, A. Komuravelli, and J. A. Navas. 2015. The SeaHorn verification framework. In D. Kroening and C. S. Pasareanu (Eds.), Computer Aided Verification—27th International Conference, CAV 2015 (July 18–24, 2015). Proceedings, Part I, Vol. 9206 of Lecture Notes in Computer Science. Springer, San Francisco, CA, 343–361. ISBN 978-3-319-21689-8. DOI: .Google ScholarCross Ref
J. V. Guttag, J. J. Horning, S. J. Garland, K. D. Jones, A. Modet, and J. M. Wing. 1993. Larch: Languages and Tools for Formal Specification. Texts and Monographs in Computer Science. Springer. ISBN 978-1-4612-7636-4. DOI: .Google ScholarCross Ref
C. Hawblitzel, J. Howell, J. R. Lorch, A. Narayan, B. Parno, D. Zhang, and B. Zill. 2014. Ironclad Apps: End-to-end security via automated full-system verification. In J. Flinn and H. Levy (Eds.), 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI’14 (October 6–8, 2014). USENIX Association, Broomfield, CO, 165–181. https://www.usenix.org/conference/osdi14/technical-sessions/presentation/hawblitzel.Google Scholar
C. Hawblitzel, J. Howell, M. Kapritsos, J. R. Lorch, B. Parno, M. L. Roberts, S. T. V. Setty, and B. Zill. 2015. IronFleet: Proving practical distributed systems correct. In E. L. Miller and S. Hand (Eds.), Proceedings of the 25th Symposium on Operating Systems Principles, SOSP 2015 (October 4–7, 2015). ACM, Monterey, CA, 1–17. ISBN 978-1-4503-3834-9. DOI: .Google ScholarDigital Library
C. A. R. Hoare. 1969. An axiomatic basis for computer programming. Commun. ACM 12, 10, 576–580. DOI: .Google ScholarDigital Library
C. A. R. Hoare. 1972. Proof of correctness of data representations. Acta Inform. 1, 271–281. DOI: .Google ScholarDigital Library
C. A. R. Hoare. 2002. Towards the verifying compiler. In B. K. Aichernig and T. S. E. Maibaum (Eds.), Formal Methods at the Crossroads. From Panacea to Foundational Support, 10th Anniversary Colloquium of UNU/IIST, the International Institute for Software Technology of the United Nations University (March 18–20, 2002), Revised Papers, Vol. 2757 of Lecture Notes in Computer Science. Springer, Lisbon, Portugal, 151–160. ISBN 3-540-20527-6. DOI: .Google ScholarCross Ref
B. Jacobs, J. Smans, P. Philippaerts, F. Vogels, W. Penninckx, and F. Piessens. 2011. VeriFast: A powerful, sound, predictable, fast verifier for C and Java. In Bobaru et al. [2011]. 41–55. ISBN 978-3-642-20397-8. DOI: .Google ScholarCross Ref
C. B. Jones. 1980. Software Development: A Rigorous Approach. Prentice Hall International, Englewood Cliffs, NJ.Google Scholar
C. B. Jones. 1981. Developing Methods for Computer Programs Including a Notion of Interference. Ph.D. thesis. University of Oxford, UK. http://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.259064.Google Scholar
C. B. Jones. 1983. Tentative steps toward a development method for interfering programs. ACM Trans. Program. Lang. Syst. 5, 4, 596–619.Google ScholarDigital Library
D. Kapur, G. Sivakumar, and H. Zhang. 1986. RRL: A rewrite rule laboratory. In J. H. Siekmann (Ed.), 8th International Conference on Automated Deduction (July 27–August 1, 1986). Proceedings, Vol. 230 of Lecture Notes in Computer Science. Springer, Oxford, England, 691–692. ISBN 3-540-16780-3. DOI: .Google ScholarCross Ref
I. T. Kassios. 2006. Dynamic frames: Support for framing, dependencies and sharing without restrictions. In J. Misra, T. Nipkow, and E. Sekerinski (Eds.), FM 2006: Formal Methods, 14th International Symposium on Formal Methods (August 21–27, 2006). Proceedings, Vol. 4085 of Lecture Notes in Computer Science. Springer, Hamilton, Canada, 268–283. ISBN 3-540-37215-6. DOI: .Google ScholarDigital Library
R. Kemmerer. 1980. FDM—A Specification and Verification Methodology. Technical Report SP-4088, System Development Corporation.Google Scholar
J. C. King. 1970. A Program Verifier. Ph.D. thesis. Carnegie Mellon University.Google Scholar
V. Klebanov, P. Müller, N. Shankar, G. T. Leavens, V. Wüstholz, E. Alkassar, R. Arthan, D. Bronish, R. Chapman, E. Cohen, M. Hillebrand, B. Jacobs, K. R. M. Leino, R. Monahan, F. Piessens, N. Polikarpova, T. Ridge, J. Smans, S. Tobies, T. Tuerk, M. Ulbrich, and B. Weiss. 2011. The 1st Verified Software Competition: Experience report. In M. Butler and W. Schulte (Eds.), Formal Methods (FM), Vol. 6664 of Lecture Notes in Computer Science. 154–168.Google Scholar
G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. 2009. seL4: Formal verification of an OS kernel. In J. N. Matthews and T. E. Anderson (Eds.), Proceedings of the 22nd ACM Symposium on Operating Systems Principles 2009, SOSP 2009 (October 11–14, 2009). ACM, Big Sky, MT, 207–220. ISBN 978-1-60558-752-3. DOI: .Google ScholarDigital Library
L. Kovács and A. Voronkov. 2013. First-order theorem proving and vampire. In N. Sharygina and H. Veith (Eds.), Computer Aided Verification—25th International Conference, CAV 2013 (July 13–19, 2013). Proceedings, Vol. 8044 of Lecture Notes in Computer Science. Springer, Saint Petersburg, Russia, 1–35. ISBN 978-3-642-39798-1. DOI: .Google ScholarCross Ref
R. Kumar, M. O. Myreen, M. Norrish, and S. Owens. 2014. CakeML: A verified implementation of ML. In S. Jagannathan and P. Sewell (Eds.), The 41st Annual ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages, POPL’14 (January 20–21, 2014). ACM, San Diego, CA, 179–192. ISBN 978-1-4503-2544-8. DOI: .Google ScholarDigital Library
M. Kusano and C. Wang. 2017. Thread-modular static analysis for relaxed memory models. In E. Bodden, W. Schäfer, A. van Deursen, and A. Zisman (Eds.), Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2017 (September 4–8, 2017). ACM, Paderborn, Germany, 337–348. ISBN 978-1-4503-5105-8. DOI: .Google ScholarDigital Library
S. K. Lahiri, C. Hawblitzel, M. Kawaguchi, and H. Rebêlo. 2012. SYMDIFF: A language-agnostic semantic diff tool for imperative programs. In P. Madhusudan and S. A. Seshia (Eds.), Computer Aided Verification (CAV), Vol. 7358 of Lecture Notes in Computer Science. Springer, 712–717.Google Scholar
A. Lal and S. Qadeer. 2014. Powering the static driver verifier using Corral. In S. Cheung, A. Orso, and M. D. Storey (Eds.), Foundations of Software Engineering (FSE). ACM, 202–212.Google Scholar
A. Lal, S. Qadeer, and S. K. Lahiri. 2012. A solver for reachability modulo theories. In P. Madhusudan and S. A. Seshia (Eds.), Computer Aided Verification (CAV), Vol. 7358 of Lecture Notes in Computer Science. Springer, 427–443.Google Scholar
L. Lamport. 1994. The temporal logic of actions. ACM Trans. Program. Lang. Syst. 16, 3, 872–923. DOI: .Google ScholarDigital Library
C. Lattner and V. Adve. 2004. LLVM: A compilation framework for lifelong program analysis & transformation. In International Symposium on Code Generation and Optimization, 2004. CGO 2004. IEEE, 75–86.Google Scholar
K. R. M. Leino. 2008. This is Boogie 2. Available from http://research.microsoft.com/en-us/um/people/leino/papers/krml178.pdf.Google Scholar
K. R. M. Leino. 2010. Dafny: An automatic program verifier for functional correctness. In E. M. Clarke and A. Voronkov (Eds.), Logic for Programming, Artificial Intelligence, and Reasoning—16th International Conference, LPAR-16 (April 25–May 1, 2010). Revised Selected Papers, Vol. 6355 of Lecture Notes in Computer Science. Springer, Dakar, Senegal, 348–370. ISBN 978-3-642-17510-7. DOI: .Google ScholarCross Ref
K. R. M. Leino and P. Müller. 2004. Object invariants in dynamic contexts. In M. Odersky (Ed.), European Conference on Object-Oriented Programming (ECOOP), Vol. 3086 of Lecture Notes in Computer Science. Springer, 491–516.Google Scholar
K. R. M. Leino and P. Müller. 2009. A basis for verifying multi-threaded programs. In G. Castagna (Ed.), European Symposium on Programming (ESOP), Vol. 5502 of Lecture Notes in Computer Science. Springer, 378–393.Google Scholar
X. Leroy. 2009. Formal verification of a realistic compiler. Commun. ACM 52, 7, 107–115. DOI: .Google ScholarDigital Library
R. J. Lipton. 1975. Reduction: A new method of proving properties of systems of processes. In R. M. Graham, M. A. Harrison, and J. C. Reynolds (Eds.), Conference Record of the Second ACM Symposium on Principles of Programming Languages (January 1975). ACM Press, Palo Alto, CA, 78–86. DOI: .Google ScholarDigital Library
B. Liskov and J. M. Wing. 1994. A behavioral notion of subtyping. ACM Trans. Program. Lang. Syst. 16, 6, 1811–1841. DOI: .Google ScholarDigital Library
S. M. Loos, A. Platzer, and L. Nistor. 2011. Adaptive cruise control: Hybrid, distributed, and now formally verified. In International Symposium on Formal Methods. Springer, 42–56.Google Scholar
J. R. Lorch, Y. Chen, M. Kapritsos, B. Parno, S. Qadeer, U. Sharma, J. R. Wilcox, and X. Zhao. 2020. Armada: Low-effort verification of high-performance concurrent programs. In A. F. Donaldson and E. Torlak (Eds.), Proceedings of the 41st ACM SIGPLAN International Conference on Programming Language Design and Implementation, PLDI 2020 (June 15–20, 2020). ACM, London, UK, 197–210. ISBN 978-1-4503-7613-6. DOI: .Google ScholarDigital Library
D. C. Luckham, S. M. German, F. W. von Henke, R. A. Karp, P. W. Milne, D. C. Oppen, W. Polak, and W. L. Scherlis. Mar. 1979. Stanford Pascal Verifier User Manual. CSD Report STAN-CS-79-731, Stanford University, Stanford, CA.Google Scholar
Z. Manna and R. J. Waldinger. 1980. A deductive approach to program synthesis. ACM Trans. Program. Lang. Syst. 2, 1, 90–121. DOI: .Google ScholarDigital Library
Z. Manna and P. Wolper. 1984. Synthesis of communicating processes from temporal logic specifications. ACM Trans. Program. Lang. Syst. 6, 1, 68–93. ISSN 0164-0925. DOI: .Google ScholarDigital Library
J. P. Marques Silva and K. A. Sakallah. 1999. GRASP: A search algorithm for propositional satisfiability. IEEE Trans. Comput. 48, 5, 506–521. DOI: .Google ScholarDigital Library
B. Meyer. 1991. Eiffel: The Language. Prentice-Hall. ISBN 0-13-247925-7. http://www.eiffel.com/doc/#etl.Google ScholarDigital Library
B. Meyer and J. Woodcock (Eds.), 2008. Verified Software: Theories, Tools, Experiments, First IFIP TC 2/WG 2.3 Conference, VSTTE 2005 (October 10–13, 2005), Revised Selected Papers and Discussions, Vol. 4171 of Lecture Notes in Computer Science. Springer, Zurich, Switzerland. ISBN 978-3-540-69147-1. DOI: .Google ScholarCross Ref
C. Morgan. 1990. Programming from Specifications. Prentice Hall.Google ScholarDigital Library
M. W. Moskewicz, C. F. Madigan, Y. Zhao, L. Zhang, and S. Malik. 2001. Chaff: Engineering an efficient SAT solver. In Design Automation Conference. IEEE, 530–535.Google Scholar
P. Müller. 2002. Modular Specification and Verification of Object-Oriented Programs, Vol. 2262 of Lecture Notes in Computer Science. Springer.Google ScholarCross Ref
P. Müller, M. Schwerhoff, and A. J. Summers. 2016. Viper: A verification infrastructure for permission-based reasoning. In B. Jobstmann and K. R. M. Leino (Eds.), Verification, Model Checking, and Abstract Interpretation (VMCAI), Vol. 9583 of Lecture Notes in Computer Science. Springer, 41–62.Google ScholarCross Ref
P. Naur and B. Randell. 1969. Software Engineering: Report of a Conference Sponsored by the NATO Science Committee. Technical report, NATO Scientific Affairs Division.Google Scholar
G. C. Necula, S. McPeak, S. P. Rahul, and W. Weimer. 2002. CIL: Intermediate language and tools for analysis and transformation of C programs. In International Conference on Compiler Construction. Springer, 213–228.Google Scholar
G. Nelson and D. C. Oppen. 1979. Simplification by cooperating decision procedures. ACM Trans. Program. Lang. Syst. 1, 2, 245–257. DOI: .Google ScholarDigital Library
T. Nipkow, L. C. Paulson, and M. Wenzel. 2002. Isabelle/HOL: A Proof Assistant for Higher-Order Logic. Springer. Isabelle home page: http://isabelle.in.tum.de/.Google Scholar
P. W. O’Hearn. 2004. Resources, concurrency and local reasoning. In P. Gardner and N. Yoshida (Eds.), CONCUR 2004—Concurrency Theory, 15th International Conference (August 31–September 3, 2004). Proceedings, Vol. 3170 of Lecture Notes in Computer Science. Springer, London, UK, 49–67. ISBN 3-540-22940-X. DOI: .Google ScholarCross Ref
P. W. O’Hearn, J. C. Reynolds, and H. Yang. 2001. Local reasoning about programs that alter data structures. In L. Fribourg (Ed.), Computer Science Logic, 15th International Workshop, CSL 2001. 10th Annual Conference of the EACSL (September 10–13, 2001). Proceedings, Vol. 2142 of Lecture Notes in Computer Science. Springer, Paris, France, 1–19. ISBN 3-540-42554-3. DOI: .Google ScholarCross Ref
S. S. Owicki and D. Gries. 1976. Verifying properties of parallel programs: An axiomatic approach. Commun. ACM 19, 5, 279–285. DOI: .Google ScholarDigital Library
S. Owre, J. M. Rushby, and N. Shankar. 1992. PVS: A prototype verification system. In D. Kapur (Ed.), Automated Deduction—CADE-11, 11th International Conference on Automated Deduction (June 15–18, 1992). Proceedings, Vol. 607 of Lecture Notes in Computer Science. Springer, Saratoga Springs, NY, 748–752. ISBN 3-540-55602-8. DOI: .Google ScholarCross Ref
M. J. Parkinson and G. M. Bierman. 2005. Separation logic and abstraction. In J. Palsberg and M. Abadi (Eds.), Proceedings of the 32nd ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages, POPL 2005 (January 12–14, 2005). ACM, Long Beach, CA, 247–258. ISBN 1-58113-830-X. DOI: .Google ScholarDigital Library
L. C. Paulson. 1994. Isabelle—A Generic Theorem Prover (with a contribution by T. Nipkow), Vol. 828 of Lecture Notes in Computer Science. Springer. ISBN 3-540-58244-4. DOI: .Google ScholarCross Ref
R. Piskac, T. Wies, and D. Zufferey. 2014. Automating separation logic with trees and data. In Biere and Bloem [2014]. 711–728. ISBN 978-3-319-08866-2. DOI: .Google ScholarDigital Library
A. Pnueli. 1977. The temporal logic of programs. In 18th Annual Symposium on Foundations of Computer Science, Providence (31 October–1 November 1977). IEEE Computer Society, Rhode Island, 46–57. DOI: .Google ScholarDigital Library
J. Protzenko, B. Parno, A. Fromherz, C. Hawblitzel, M. Polubelova, K. Bhargavan, B. Beurdouche, J. Choi, A. Delignat-Lavaud, C. Fournet, T. Ramananandro, A. Rastogi, N. Swamy, C. Wintersteiger, and S. Z. Béguelin. 2019. EverCrypt: A fast, verified, cross-platform cryptographic provider. IACR Cryptol. ePrint Arch. 2019, 757. https://eprint.iacr.org/2019/757.Google Scholar
Z. Shao and B. C. Pierce (Eds.), 2009. Proceedings of the 36th ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages, POPL 2009 (January 21–23, 2009). ACM, Savannah, GA. ISBN 978-1-60558-379-2. http://dl.acm.org/citation.cfm?id=1480881.Google Scholar
R. E. Shostak. Jan. 1984. Deciding combinations of theories. J. ACM 31, 1, 1–12.Google ScholarDigital Library
R. E. Shostak, R. L. Schwartz, and P. M. Melliar-Smith. 1982. STP: A mechanized logic for specification and verification. In D. W. Loveland (Ed.), 6th Conference on Automated Deduction (June 7–9, 1982). Proceedings, Vol. 138 of Lecture Notes in Computer Science. Springer, New York, 32–49. DOI: .Google ScholarCross Ref
B. A. Silverberg, L. Robinson, and K. N. Levitt. June 1979. The HDM Handbook. SRI International, Computer Science Laboratory. Three Volumes.Google Scholar
J. M. Spivey. 1988. Understanding Z: A Specification Language and its Formal Semantics. Cambridge Tracts in Theoretical Computer Science 3. Cambridge University Press, Cambridge, UK.Google ScholarDigital Library
N. Swamy, C. Hritcu, C. Keller, A. Rastogi, A. Delignat-Lavaud, S. Forest, K. Bhargavan, C. Fournet, P. Strub, M. Kohlweiss, J. K. Zinzindohoue, and S. Z. Béguelin. 2016. Dependent types and multi-monadic effects in F*. In R. Bodk and R. Majumdar (Eds.), Proceedings of the 43rd Annual ACM SIGPLAN–SIGACT Symposium on Principles of Programming Languages, POPL 2016 (January 20 –22, 2016). ACM, St. Petersburg, FL, 256–270. ISBN 978-1-4503-3549-2. DOI: .Google ScholarDigital Library
V. Vafeiadis. 2007. Modular Fine-Grained Concurrency Verification. Ph.D. thesis. University of Cambridge.Google Scholar
V. Vafeiadis and C. Narayan. 2013. Relaxed separation logic: A program logic for C11 concurrency. In A. L. Hosking, P. T. Eugster, and C. V. Lopes (Eds.), Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications, OOPSLA 2013, part of SPLASH 2013 (October 26–31, 2013). ACM, Indianapolis, IN, 867–884. ISBN 978-1-4503-2374-1. DOI: .Google ScholarDigital Library
M. Y. Vardi and P. Wolper. 1986. Automata-theoretic techniques for modal logics of programs. J. Comput. Syst. Sci. 32, 2, 183–221.Google ScholarDigital Library
F. W. von Henke, J. S. Crow, R. Lee, J. M. Rushby, and R. A. Whitehurst. Oct. 1988. The EHDM verification environment: An overview. In Proceedings 11th National Computer Security Conference. NBS/NCSC, Baltimore, MD, 147–155.Google Scholar

Index Terms

The First Fifteen Years of the Verified Software Project
1. Software and its engineering
2. Theory of computation
  1. Semantics and reasoning
    1. Program reasoning

Index terms have been assigned to the content through auto-classification.

Recommendations

Fifteen Years of Formal Property Verification in Intel
25 Years of Model Checking

Model checking technologies have been applied to hardware verification in the last 15 years. Pioneering work has been conducted in Intel since 1990 using model checking technologies to build industrial hardware verification systems. This paper reviews ...
Read More
Verified software: theories, tools and experiments

The importance of verification for software products is being increasingly appreciated in industry, although still not to the level to make it a standard approach to high quality software in industry. Since 2005, a global initiative has been underway, ...
Read More
First Steps in the Verified Software Grand Challenge

The computer science research community is collaborating to develop verification technology that will demonstrably enhance the productivity and reliability with which software is designed, developed, integrated, and maintained.

Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Chapter

Published in
Theories of Programming: The Life and Works of Tony Hoare
October 2021
450 pages
ISBN:9781450387286
DOI:10.1145/3477355
Editors:
Cliff B. Jones
Newcastle University, UK
,
Jayadev Misra
The University of Texas at Austin, US
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 2 October 2021
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- chapter
Conference

Appears In
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 2
  Total Citations
  View Citations
- 29
  Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

The First Fifteen Years of the Verified Software Project

Theories of Programming: The Life and Works of Tony Hoare

References

Cited By

Index Terms

Recommendations

Fifteen Years of Formal Property Verification in Intel

Verified software: theories, tools and experiments

First Steps in the Verified Software Grand Challenge

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Appears In

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

The First Fifteen Years of the Verified Software Project

Theories of Programming: The Life and Works of Tony Hoare

References

Cited By

Index Terms

Recommendations

Fifteen Years of Formal Property Verification in Intel

Verified software: theories, tools and experiments

First Steps in the Verified Software Grand Challenge

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Appears In

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media