Software Specification, Verification and Validation CIS 775

1
Software Specification, Verification and
Validation (CIS 775)

• Elsa L Gunter
• 4303 GITC
• NJIT, http//www.cs.njit.edu/elsa/775-fall2004

2
Contact Information

• Office 4303 GITC
• Office hours
• Tuesdays 1130 230
• Thursdays by appointment
• Email elsa_at_cis.njit.edu

3
Course Structure

• Text Software Reliability Methods by Doron
  Peled, Springer
• Credit
• Homework 35 (submitted in class)
• Project or paper report 65
• Includes presentation of work
• Projects may be joint
• No Final Exam

4
Project or Paper Report

• Projects should
• Explore some examples using tools.
• Implement a simple algorithm.
• Papers should
• Deal with new material.
• Will post a list of suggested projects and a list
  of possible papers
• Can choose one of these, or propose something of
  your choosing

5
Project or Paper Report

• Submit proposal by Monday 8 March
• Final Report due Monday 3 May
• 2-3 pages code, or 6-10 pages, typeset
• Presentations during finals week - by default at
  time of final exam
• We can negotiate it, but I want all present
• Dry run individually in my office

6
Example topics

• Project
• Verify some example using some tools.
• Communication protocols.
• Mutual exclusion.
• Implement algorithm
• Type checking
• Model checking algorithm
• Basic theorem prover

• Advanced topics
• Abstractions.
• Reductions.
• Partitions.
• Static analysis.
• Verifying pushdown automata.
• Verifying security protocols.

7
Goal software reliability

• Use software engineering methodologies to develop
  the code.

• Use formal methods during code development

8
What are formal methods?

• Techniques for analyzing systems, based on some
  mathematics.
• This does not mean that the user must be a
  mathematician.
• Some of the work is done in an informal way, due
  to complexity.

9
Examples for FM

• Deductive verificationUsing some logical
  formalism, prove formally that the software
  satisfies its specification.
• Eg. Floyd - Hoare Logic
• Type checking
• Model checkingUse some software to
  automatically check that the software satisfies
  its specification.
• TestingCheck executions of the software
  according to some coverage scheme.

10
Typical situation

• Boss Mark, I want that the new internet
  marketing software will be flawless. OK?
• Mark Hmmm. Well, ..., Aham, Oh! Ah??? Where do I
  start?
• Bob I have just the solution for you. It would
  solve everything.

11
Some concerns

• Which technique?
• Which tool?
• Which experts?
• What limitations?
• At which points?
• How expensive?
• How many people?

• Needed expertise?
• Kind of training?
• Size limitations?
• Exhaustiveness?
• Reliability?
• Expressiveness?
• Support?

12
Badmouth

• Formal methods can only be used by
  mathematicians.
• The verification process is itself prone to
  errors, so why bother?
• Using formal methods will slow down the project.

13
Some answers...

• Formal methods can only be used by
  mathematicians.
• Wrong. They are based on some math but the user
  should not care.
• The verification process is itself prone to
  errors, so why bother?
• We opt to reduce the errors, not eliminate them.
• Using formal methods will slow down the project.
• Maybe it will speed it up, once errors are found
  earlier.

14
Some exaggerations

• Automatic verification can always find errors.
• Deductive verification can show that the software
  is completely safe.
• Testing is the only industrial practical method.

15
Our approach

• Learn several methods (deductive verification,
  model checking, testing, process algebra).
• Learn advantages and limitations, in order to
  choose the right methods and tools.
• Learn how to combine existing methods.

16
Emphasis

• The processSelecting the tools,
  Modeling,Verification, Locating errors.
• Use of toolsHands on. DOVE, Isabelle or HOL,
  SPIN
• Visual notationStatecharts, MSCs, UML.

17
Where do we start?

• Boss Mark, can you verify this for me?
• Mark OK, first I have to ...

18
Things to do

• Check the kind ofsoftware to analyze.
• Choose methods and tools.
• Express system properties.
• Model the software.

• Apply methods.
• Obtain verification results.
• Analyze results.
• Identify errors.
• Suggest correction.

19
Different types of software

• Software Kinds
• Sequential.
• Concurrent.
• Distributed.
• Reactive.

• Aspect Modeled
• Protocols.
• Abstract algorithms.
• Finite state.

20
SpecificationInformal, textual, visual

• The value of x will be between 1 and 5, until
  some point where it will become 7. In any case it
  will never be negative.
• (1ltxlt5 U x7) /\ xgt0

X7
1ltxlt5
Xgt0
21
Verification methods

• Finite state machines. Apply model checking.
• Apply deductive verification (theorem proving).
• Program too big, too complicated.Apply testing
  techniques.
• Apply a combination of the above!

22
Modeling - Different Approaches

• Use the program text.
• Translate to a programming language embedded in
  some proof system.
• Translate to some notation (transition system).
• Translate to finite automata.
• Use visual notation.
• Special case black box system.