Abstract

Correctness-by-Construction (CbC) is an approach to incrementally create formally correct programs guided by pre- and postcondition specifications. A program is created using refinement rules that guarantee the resulting implementation is correct with respect to the specification. Although CbC is supposed to lead to code with a low defect rate, it is not prevalent, especially because appropriate tool support is missing. To promote CbC, we provide tool support for CbC-based program development. We present CorC, a graphical and textual IDE to create programs in a simple while-language following the CbC approach. Starting with a specification, our open source tool supports CbC developers in refining a program by a sequence of refinement steps and in verifying the correctness of these refinement steps using the theorem prover KeY. We evaluated the tool with a set of standard examples on CbC where we reveal errors in the provided specification. The evaluation shows that our tool reduces the verification time in comparison to post-hoc verification.

Highlights

  • Correctness-by-Construction (CbC) [12,13,19,23] is a methodology to construct formally correct programs guided by a specification

  • Aside from the side conditions of refinement rules, only the leaf nodes of the refinement tree which contain basic Hoare triples with skip or assignment statements need to be verified by a prover, while all composite statements are correct by construction of their conditions

  • We measured the verification time and the proof nodes that KeY needed to close the proofs for both approaches

Read more

Summary

Introduction

Correctness-by-Construction (CbC) [12,13,19,23] is a methodology to construct formally correct programs guided by a specification. Another issue is that the programmer mindset is often tailored to the prevalent post-hoc verification approach. The specifications and code developed using the CbC approach can be used to bootstrap the post-hoc verification process and allow for an easier post-hoc verification as the method constructed using CbC generally is of a structure that is more amenable to verification [29]. We present CorC, a tool designed to develop programs following the CbC approach. We add CbC as another application area to KeY, which opens the possibility for KeY users to adopt the CbC approach This could spread the constructive CbC approach to areas where post-hoc verification is prevalent. We found benefits of CorC compared to paper-and-pencil-based application of CbC and compared to post-hoc verification

Foundations of Correctness-by-Construction
Correctness-by-Construction by Example
Tool Support in CorC
Graphical Editor
Textual Editor
23 JavaVariables
Verification of CorC Programs
Implementation as Eclipse Plugin
Evaluation
Related Work
Conclusion and Future Work
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call