Formal verification of Ada programs

Author

Guaspari, David ; Marceau, Carla ; Polak, Wolfgang

Author_Institution

Odyssey Res. Associates Inc., Ithaca, NY, USA

Volume

16

Issue

9

fYear

1990

fDate

9/1/1990 12:00:00 AM

Firstpage

1058

Lastpage

1075

Abstract

The Penelope verification editor and its formal basis are described. Penelope is a prototype system for the interactive development and verification of programs that are written in a rich subset of sequential Ada. Because it generates verification conditions incrementally, Penelope can be used to develop a program and its correctness proof in concert. If an already-verified program is modified, one can attempt to prove the modified version by replaying and modifying the original sequence of proof steps. Verification conditions are generated by predicate transformers whose logical soundness can be proven by establishing a precise formal connection between predicate transformation and denotational definitions in the style of continuation semantics. Penelope´s specification language, Larch/Ada, belongs to the family of Larch interface languages. It scales up properly, in the sense that one can demonstrate the soundness of decomposing an implementation hierarchically and reasoning locally about the implementation of each node in the hierarchy

Keywords

Ada; program verification; software engineering; Ada programs; Penelope verification editor; correctness proof; formal basis; interactive development; interface languages; logical soundness; predicate transformers; prototype system; Buildings; Error correction; Formal specifications; Formal verification; Manuals; Mathematical model; Programming; Prototypes; Specification languages; Transformers;

fLanguage

English

Journal_Title

Software Engineering, IEEE Transactions on

Publisher

ieee

ISSN

0098-5589

Type

jour

DOI

10.1109/32.58790

Filename

58790