Exploiting refactoring in formal verification

Author

Yin, Xiang ; Knight, John ; Weimer, Westley

Author_Institution

Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA

fYear

2009

fDate

June 29 2009-July 2 2009

Firstpage

53

Lastpage

62

Abstract

In previous work, we introduced Echo, a new approach to the formal verification of the functional correctness of software. Part of what makes Echo practical is a technique called verification refactoring. The program to be verified is mechanically refactored specifically to facilitate verification. After refactoring, the program is documented with low-level annotations, and a specification is extracted mechanically. Proofs that the semantics of the refactored program are equivalent to those of the original program, that the code conforms to the annotations, and that the extracted specification implies the program´s original specification constitute the verification argument. In this paper, we discuss verification refactoring and illustrate it with a case study of the verification of an optimized implementation of the advanced encryption standard (AES) against its official specification. We compare the practicality of verification using refactoring with traditional correctness proofs and refinement, and we assess its efficacy using seeded defects.

Keywords

cryptography; formal specification; program verification; software maintenance; AES; advanced encryption standard; echo approach; formal specification; formal verification; official specification; software refactoring; Application software; Computer science; Concrete; Cryptography; Formal verification; Humans; Programming; Software systems; Software tools; Timing;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems & Networks, 2009. DSN '09. IEEE/IFIP International Conference on

Conference_Location

Lisbon

Print_ISBN

978-1-4244-4422-9

Electronic_ISBN

978-1-4244-4421-2

Type

conf

DOI

10.1109/DSN.2009.5270355

Filename

5270355