Why Hi-Lite Ada?
نویسندگان
چکیده
Use of formal methods in verification activities for critical software development is a promising solution to increase the level of confidence compared to the current practice based on testing, for increasingly complex programs, at a lower cost than the current approach. Concretely, the upcoming standard DO-178C for software development in avionics gives credit to formal verification for supporting verification activities. In project Hi-Lite, we pursue the integration of formal proofs with unit testing, for selected parts of a larger C or Ada software development. This integration relies crucially on a common language of specification between testing and formal proofs, where both share the same assertion semantics. For Ada, this language of specification based on subprogram contracts is part of the upcoming standardized version Ada 2012 of the language. In this paper, we describe the specifics of our translation from Ada to the intermediate verification language Why, noting which features of Why we used in our translation, and from which extensions of Why we could benefit in the future.
منابع مشابه
Hi-Lite - Verification by Contract
Formal methods and testing are often considered as disjoint technologies. The Hi-Lite project wants to show that both are actually complementary. The central concept are subprogram contracts, part of the upcoming Ada 2012 standard. A contract, which consists of preand postcondition, describes the specification of a subprogram, in the same syntax as Ada expressions. These contracts can be seen e...
متن کاملIntegrating Formal Program Verification with Testing
Verification activities mandated for critical software are essential to achieve the required level of confidence expected in life-critical or business-critical software. They are becoming increasingly costly as, over time, they require the development and maintenance of a large body of functional and robustness tests on larger and more complex applications. Formal program verification offers a ...
متن کاملTokeneer: Beyond Formal Program Verification
Tokeneer is a small-sized (10 kloc) security system which was formally developed and verified by Praxis at the request of NSA, using SPARK technology. Since its open-source release in 2008, only two problems were found, one by static analysis, one by code review. In this paper, we report on experiments where we systematically applied various static analysis tools (compiler, bug-finder, proof to...
متن کاملVisibility of Tinted Chlorhexidine Gluconate Skin Preparation on Varied Skin Pigmentations.
Preoperative skin preparation with antimicrobial agents decreases the risk of surgical site infection, but concerns have been raised about the visibility of a common surgical preparatory agent (ChloraPrep; Becton, Dickinson & Co, Franklin Lakes, New Jersey), depending on skin pigmentation. Poor visibility may lead to failure to identify inadequately prepared skin, increasing the risk of surgica...
متن کاملHypoxic–ischemic brain injury stimulates inflammatory response and enzymatic activities in the hippocampus of neonatal rats
Brain damage from neonatal hypoxia-ischemia (HI) plays a major role in neonatal mortality and morbidity. Using the Rice-Vannucci model of HI in rats, we verified that 8 days after HI injury, adenosine deaminase (ADA), N-acetyl-glucosaminidase (NAG) and myeloperoxidase (MPO) activities increased in the left hemisphere hippocampus (HI group); however, the activity of 5'-nucleotidase (5'NT) remain...
متن کامل