发布求助
文献互助 智能选刊 最新文献

2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)最新文献

筛选
英文 中文
Checking temporal patterns of API usage without code execution 在不执行代码的情况下检查API使用的临时模式
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00015
Erick Raelijohn, Michalis Famelis, H. Sahraoui
{"title":"Checking temporal patterns of API usage without code execution","authors":"Erick Raelijohn, Michalis Famelis, H. Sahraoui","doi":"10.1109/FormaliSE52586.2021.00015","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00015","url":null,"abstract":"In theory, Application Programming Interfaces (APIs) allow developers to write client code that reuses library code without needing to know its internals. In practice, correctly using APIs requires respecting explicit and implicit constraints and usage temporal patterns. Ignoring such patterns could lead to errors and design flaws. These often cannot be detected prior to integration and system testing. We propose the Temporal Usage PAttern Checker (Tupac) for APIs, an interprocedural static analysis approach that can verify that client code conforms to temporal API usage patterns as it is being developed. We evaluated the effectiveness of our approach on 4 projects with 4 different APIs. Our evaluation shows that Tupac allows to accurately check the conformance of the client code to the patterns in under 1 second. This means that Tupac can realistically be deployed in an IDE without stalling the regular coding rhythm.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133184076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Runtime Verification Under Access Restrictions 访问限制下的运行时验证
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00010
Rania Taleb, R. Khoury, Sylvain Hallé
{"title":"Runtime Verification Under Access Restrictions","authors":"Rania Taleb, R. Khoury, Sylvain Hallé","doi":"10.1109/FormaliSE52586.2021.00010","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00010","url":null,"abstract":"We define a logical framework that permits runtime verification to take place when a monitor has incomplete or uncertain information about the underlying trace. Uncertainty is modeled as a stateful access control proxy that has the capacity to turn events into sets of possible events, resulting in what we call a “multi-trace”. We describe a model of both proxy and monitor as extensions of Mealy machines, and provide an algorithm to lift a classical monitor into a sound, loss-tolerant monitor. Experiments on various scenarios show that the approach can account for various types of data degradation and access limitations, provides a tighter verdict than existing works in some cases, and preserves scalable performance of the model.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"171 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114585898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Quantifying Faultiness: What Does It Mean to Have N Faults? 量化缺陷:有N个缺陷意味着什么?
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00013
Besma Khaireddine, A. Mili
{"title":"Quantifying Faultiness: What Does It Mean to Have N Faults?","authors":"Besma Khaireddine, A. Mili","doi":"10.1109/FormaliSE52586.2021.00013","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00013","url":null,"abstract":"It is common to see software testing experiments where a benchmark program is seeded with N benchmark mutations, then declared to have N faults. We argue that in the absence of a formal definition of what is a fault, let alone what are N faults, it is difficult to assign a meaning to such claims. We further argue that in order to assign a meaning to such a claim we must refer to five parameters, which we introduce and justify. To illustrate our ideas, we consider the tcas component of the Siemens benchmark, which we seed with eight mutations, and we find that not only is it wrong to claim that tcas has eight faults, it is also wrong to measure faultiness by the number of faults in a program.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":" 5-6","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120833254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
How much Specification is Enough? Mutation Analysis for Software Contracts 多少规格才足够?软件合同的突变分析
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00011
Alexander Knüppel, Leon Schaer, Ina Schaefer
{"title":"How much Specification is Enough? Mutation Analysis for Software Contracts","authors":"Alexander Knüppel, Leon Schaer, Ina Schaefer","doi":"10.1109/FormaliSE52586.2021.00011","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00011","url":null,"abstract":"Design-by-contract is a light-weight formal development paradigm, in which object-oriented software is specified with so-called software contracts. Contracts are annotations in the source code that explicitly document intended functional behavior and can be used for verifying correctness of a particular implementation or as test oracles during automatic test case generation. As writing strong specifications is an expensive and error-prone activity due to lack of expertise and tool support, developers are often only willing to write simpler specifications, covering only a fraction of all functional properties. As a consequence, software quality is lowered, or even worse, potential bugs remain undetected during software verification. To give developers a sense of specification coverage, we propose a methodology that considers the degree of incomplete specifications by means of mutation analysis. We consider Java programs annotated with JML and employ the deductive program verifier KEY-2.6.3 to show that this approach is applicable to numerous open-source JML projects from the literature.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"1684 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127451253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Formally Verified Credentials Management for Industrial Control Systems 正式认证证书管理工业控制系统
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00014
T. Kulik, Jalil Boudjadar, Diego F. Aranha
{"title":"Formally Verified Credentials Management for Industrial Control Systems","authors":"T. Kulik, Jalil Boudjadar, Diego F. Aranha","doi":"10.1109/FormaliSE52586.2021.00014","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00014","url":null,"abstract":"The field of industrial automation is experiencing growth in interconnectivity and digital interaction. This growth is slower than in a consumer segment due to often critical nature of industrial control systems. Security of such systems is an important aspect as malicious behaviors could lead to potential system malfunction, injuries or financial losses. As control networks are becoming more complex, having a robust credential management for system operators and users that could interact with the system components is an essential need. One way of assuring the robustness of the credential management is by using formal methods. In this paper we present a formally verified credential management system for use within industrial control systems. We demonstrate that the credential management can use centralized credential storage with secret passwords available only to system administrators. We use UPPAAL to formally analyze security properties based on requirements defined by our industrial partner and present the viability of formal verification to a real-world industrial case study.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115071325","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Feasibility of Spatial Model Checking for Nevus Segmentation 空间模型检测在痣分割中的可行性
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00007
G. Belmonte, Giovanna Broccia, V. Ciancia, D. Latella, M. Massink
{"title":"Feasibility of Spatial Model Checking for Nevus Segmentation","authors":"G. Belmonte, Giovanna Broccia, V. Ciancia, D. Latella, M. Massink","doi":"10.1109/FormaliSE52586.2021.00007","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00007","url":null,"abstract":"Recently developed spatial model checking techniques have a wide range of application domains, among which large scale distributed systems as well as signal and image analysis. In the latter domain, automatic and semi-automatic contouring in Medical Imaging has shown to be a very promising and versatile application. In the present paper we address the contouring of 2D images of nevi. One of the challenges of contouring nevi is that they show considerable inhomogeneity in shape, colour, texture and size. These images often include extraneous elements such as hairs, patches and rulers. In order to deal with these challenges we explore the use of a texture similarity operator in combination with spatial logic operators. We investigate the feasibility of this technique on dermoscopic images of a large public database. To that purpose, we compare our segmentation results with the ground truth segmentation provided by domain experts; the results are very promising, both from the quality and from the performance point of view.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126469107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Methodology for Specification and Verification of High-Level Requirements with MetAcsl 使用MetAcsl规范和验证高级需求的方法
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00012
Virgile Robles, N. Kosmatov, V. Prevosto, Louis Rilling, P. L. Gall
{"title":"Methodology for Specification and Verification of High-Level Requirements with MetAcsl","authors":"Virgile Robles, N. Kosmatov, V. Prevosto, Louis Rilling, P. L. Gall","doi":"10.1109/FormaliSE52586.2021.00012","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00012","url":null,"abstract":"Specification and formal verification of high-level properties (such as security properties, like data integrity or confidentiality) over a large software product remains an important challenge for the industrial practice. Recent work introduced METACSL, a plugin of the FRAMA-C verification platform, that allows the user to specify high-level properties, called HIgh-Level ACSL REquirements or HILARE, for C programs and transform them into assertions that can then be verified by classic deductive verification. This paper presents a methodology of specification and verification of a wide range of high-level properties with METACSL and illustrates it on several examples. The goal is to provide verification practitioners with detailed methodological guidelines for common patterns of properties in order to facilitate their everyday work and to avoid some frequent pitfalls. The illustrating examples are inspired by very usual kinds of properties and illustrated on two use cases. One of them—on the real-life code of the bootloader module of the secure storage device Wookey—was fully verified using the described approach, demonstrating its capacity to scale to real-life code. The other one—on a microkernel of an OS—was added to illustrate other common properties, where the description of the system was intentionally left very generic.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121311583","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Permission-Based Verification of Red-Black Trees and Their Merging 基于权限的红黑树验证及其合并
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00017
Lukas Armborst, M. Huisman
{"title":"Permission-Based Verification of Red-Black Trees and Their Merging","authors":"Lukas Armborst, M. Huisman","doi":"10.1109/FormaliSE52586.2021.00017","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00017","url":null,"abstract":"This paper presents a verification case study, focussing on red-black trees. In particular, we verify a parallel algorithm for merging red-black trees, which uses lists as intermediate representations and which an industrial partner uses to efficiently manage tables of IP addresses. To verify the algorithm, we use the tool VERCORS, which uses permission-based separation logic as its logical foundation. Thus, we first needed a suitable specification of the data structure, using that logic. This specification relies on the magic wand operator (a.k.a. separating implication), which is a connective often neglected when discussing separation logic. This paper describes that specification, as well as the verification of the parallel algorithm. It is an interesting case connecting the more academic endeavour of verifying a data structure with the practical one of verifying industrial code.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122055523","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
GUIDO: Automated Guidance for the Configuration of Deductive Program Verifiers GUIDO:演绎程序验证器配置的自动指导
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-05-01 DOI: 10.1109/FormaliSE52586.2021.00018
Alexander Knüppel, Thomas Thüm, Ina Schaefer
{"title":"GUIDO: Automated Guidance for the Configuration of Deductive Program Verifiers","authors":"Alexander Knüppel, Thomas Thüm, Ina Schaefer","doi":"10.1109/FormaliSE52586.2021.00018","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00018","url":null,"abstract":"The software industry is still in its infancy to widely adopt program verification tools as part of their daily software engineering processes. One key challenge is that many of today’s program verifiers intent to cover numerous bug classes and are therefore manually configurable to support users with their varying verification projects. However, configuring a program verifier for a given verification problem requires extensive expertise, as an ill-chosen configuration may either unnecessarily slow down the verification process or even hinder a successful verification at all. In particular for configurable deductive program verifiers, this problem is barely addressed by current research. We propose GUIDO, a framework incorporating statistical hypothesis testing to compute promising configurations automatically. With GUIDO, domain experts channel their knowledge by formalizing hypotheses about the impact of choosing configuration options and let normal developers benefit.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"108 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114901017","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Formal characterization and efficient verification of a biological robustness property 生物鲁棒性的正式表征和有效验证
2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE) Pub Date : 2021-04-28 DOI: 10.1109/FormaliSE52586.2021.00008
Lucia Nasti, R. Gori, P. Milazzo
{"title":"Formal characterization and efficient verification of a biological robustness property","authors":"Lucia Nasti, R. Gori, P. Milazzo","doi":"10.1109/FormaliSE52586.2021.00008","DOIUrl":"https://doi.org/10.1109/FormaliSE52586.2021.00008","url":null,"abstract":"Robustness is an observable property for which a chemical reaction network (CRN) can maintain its functionalities despite the influence of different perturbations. In general, to verify whether a network is robust, it is necessary to consider all the possible parameter configurations. This is a process that can entail a massive computational effort. In the work of Rizk et al., the authors propose a definition of robustness in linear temporal logic (LTL) through which, on the basis of multiple numerical timed traces obtained by considering different parameter configurations, they verify the robustness of a reaction network. In this paper, we focus on a notion of initial concentration robustness $(alpha -$robustness), that is related to the influence of the perturbation of the initial concentration of one species (i.e., the input) on the concentration of another species (i.e., the output) at the steady state. We characterize this notion of robustness in the framework proposed by Rizk et al., and we show that, for monotonic reaction networks, this allows us to drastically reduce the number of traces necessary to verify robustness of the CRN.","PeriodicalId":123481,"journal":{"name":"2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133999493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信