Extended Static Checking: A Ten-Year Perspective
نویسنده
چکیده
A powerful approach to finding errors in computer software is to translate a given program into a verification condition, a logical formula that is valid if and only if the program is free of the classes of errors under consideration. Finding errors in the program is then done by mechanically searching for counterexamples to the verification condition. This paper gives an overview of the technology that goes into such program checkers, reports on some of the progress and lessons learned in the past ten years, and identifies some remaining challenges.
منابع مشابه
Checking JML Specification Soundness Using ESC/Java2
This report describes the work completed in the Final Year Project “Checking JML Specification Soundness Using ESC/Java2.” It introduces some of the basics of Design by Contract and the Java Modelling Language (JML). This paper primarily deals with the Extended Static Checker ESC/Java2, one of the many powerful tools that understand JML. It describes techniques for extending the functionality o...
متن کاملEdit and verify
Automated theorem provers are used in extended static checking, where they are the performance bottleneck. Extended static checkers are run typically after incremental changes to the code. We propose to exploit this usage pattern to improve performance. We present two approaches of how to do so and a full solution.
متن کاملConsistency Checking for Workflows with an Ontology-Based Data Perspective
Static analysis techniques for consistency checking of workflows allow to avoid runtime errors. This is in particular crucial for long running workflows where errors detected late can cause high costs. Checking techniques can analyse the control flow of individual tasks as well as the consistency of how data of the workflow is represented, collected and utilized. In many classes of workflows, t...
متن کاملExtended Static Checking by Calculation Using the Pointfree Transform
The pointfree transform offers to the predicate calculus what the Laplace transform offers to the differential/integral calculus: the possibility of changing the underlying mathematical space so as to enable agile algebraic calculation. This paper addresses the foundations of the transform and its application to a calculational approach to extended static checking (ESC) in the context of abstra...
متن کاملSecurity Audit using Extended Static Checking: Is It Cost-effective Yet?
This paper describes our experience of doing variation analysis of known security vulnerabilities in C++ projects including core operating system and browser COM components, using an extended static checker HAVOC-LITE. We describe the extensions made to the tool to be applicable on such large components, along with our experience of using an extended static checker in the large. We argue that t...
متن کامل