Filters








1,282 Hits in 3.1 sec

Recursive Data Structures in SPARK [chapter]

Claire Dross, Johannes Kanig
2020 Lecture Notes in Computer Science  
In this paper, we present a recent extension of the SPARK language and toolset to support pointers.  ...  In particular, we consider pointer-based recursive data structures, and discuss how they are supported in SPARK.  ...  Pointers are handled in the verification model of the SPARK proof tool as maybe, or option types: access objects are either null, or they contain a value.  ... 
doi:10.1007/978-3-030-53291-8_11 fatcat:awiwdmdahfafvl7ksfksnlyj3i

Borrowing Safe Pointers from Rust in SPARK [article]

Georges-Axel Jaloyan, Yannick Moy, Andrei Paskevich
2018 arXiv   pre-print
In the field of deductive software verification, programs with pointers present a major challenge due to pointer aliasing.  ...  In this paper, we introduce pointers to SPARK, a well-defined subset of the Ada language, intended for formal verification of mission-critical software.  ...  This will make it possible to use formal verification with SPARK on industrial programs with pointers, something that was long believed to be impossible.  ... 
arXiv:1805.05576v1 fatcat:gt42syswofbrnixhrioeejes5i

Software vulnerabilities precluded by spark

Joyce L. Tokar PhD, F. David Jones, Paul E. Black PhD, Chris E. Dupilka
2011 ACM SIGAda Ada Letters  
These cannot even be expressed in syntactically correct SPARK code.  ...  verification and assurance available with SPARK.  ...  . • Class 2: Weaknesses that Can Be Certainly Excluded These may exist in a SPARK program, but are detected by the SPARK toolset, which generates verification conditions (VCs).  ... 
doi:10.1145/2070336.2070356 fatcat:wzt6nhijnzea5jmfbzuisxgmby

Verification and testing of mobile robot navigation algorithms: A case study in SPARK

Piotr Trojanek, Kerstin Eder
2014 2014 IEEE/RSJ International Conference on Intelligent Robots and Systems  
Our re-implementation of three robot navigation algorithms in SPARK revealed bugs that for years have not been detected in their original code in C/C ++ .  ...  We demonstrate that the choice of programming language is essential both for finding bugs in the code and for proving their absence.  ...  ACKNOWLEDGEMENT We would like to thank Claire Dross for support in getting the formal containers library to work, the SPARK developers for their excellent tools, and the authors of the original C/C++ implementations  ... 
doi:10.1109/iros.2014.6942753 dblp:conf/iros/TrojanekE14 fatcat:yxroyqj7gvc65bxub4457hxsya

Can C++ be made as safe as SPARK?

David Crocker
2014 Proceedings of the 2014 ACM SIGAda annual conference on High integrity language technology - HILT '14  
SPARK offers a way to develop formally-verified software in a language (Ada) that is designed with safety in mind and is further restricted by the SPARK language subset.  ...  However, much critical embedded software is developed in C or C++.  ...  The SPARK tool set allows the annotated program to be analyzed, in particular it can generate verification conditions and attempt to prove them.  ... 
doi:10.1145/2663171.2663179 dblp:conf/sigada/Crocker14 fatcat:sj6r75l5o5gs5os7ya3yy7tezy

Can C++ be made as safe as SPARK?

David Crocker
2014 ACM SIGAda Ada Letters  
SPARK offers a way to develop formally-verified software in a language (Ada) that is designed with safety in mind and is further restricted by the SPARK language subset.  ...  However, much critical embedded software is developed in C or C++.  ...  The SPARK tool set allows the annotated program to be analyzed, in particular it can generate verification conditions and attempt to prove them.  ... 
doi:10.1145/2692956.2663179 fatcat:gbtsq552vne4nl7gcwuokde7bq

Program Verification in SPARK and ACSL: A Comparative Case Study [chapter]

Eduardo Brito, Jorge Sousa Pinto
2010 Lecture Notes in Computer Science  
This case-study, together with other investigations not detailed here, allows us to establish a comparison in terms of specification effort and degree of automation obtained with each toolset. nat count  ...  the fact that both are extensively used in safety-critical development: SPARK and C/ACSL.  ...  Prompted by this fact, we present in this paper an attempt to compare SPARK with C in terms of the programming and annotation languages, as well as the currently available verification tools.  ... 
doi:10.1007/978-3-642-13550-7_7 fatcat:5yfizy6mlrewjch4hcwspcfbii

SPARK by Example

Léo Creuse, Joffrey Huguet, Christophe Garion, Jérôme Hugues
2019 ACM SIGAda Ada Letters  
This paper presents SPARK by Example [10], a guide for people wanting to get involved in formal verification of SPARK programs.  ...  A comparison between ACSL and SPARK is done in the light of proof performance and ease of use.  ...  ACKNOWLEDGMENTS The authors would like to thank Claire Dross and Yannick Moy from AdaCore for their meaningful comments and help on SPARK by Example.  ... 
doi:10.1145/3375408.3375415 fatcat:5isbbpjntzhb7fz76vwdwhvyze

The SPARK way to correctness is via abstraction

John Barnes
2000 ACM SIGAda Ada Letters  
Programs are therefore compiled with a normal Ada compiler and in addition are examined with independent SPARK tools which also analyse the annotations.  ...  Programs do things by changing the state of objects in a general sense. In Ada, state is typically held in the form of variables in packages.  ... 
doi:10.1145/369264.369271 fatcat:l2knuysvo5aojblcw2nn7mcj2i

Cooperative reasoning for automatic software verification

Andrew Ireland
2007 Proceedings of the second workshop on Automated formal methods - AFM '07  
as an extension to Hoare logic [22] , with the aim of simplifying pointer program verification proofs [43, 46] .  ...  that work cooperatively with the program analyzer in order to automatically verify the correctness of pointer programs, both iterative and recursive. • Evaluate the effectiveness of the cooperation in  ... 
doi:10.1145/1345169.1345175 fatcat:2c5i67mz4fguzogyeoflfoe2li

Development and Verification of a Flight Stack for a High-Altitude Glider in Ada/SPARK 2014 [article]

Martin Becker, Emanuel Regnath, Samarjit Chakraborty
2017 arXiv   pre-print
SPARK 2014 is a modern programming language and a new state-of-the-art tool set for development and verification of high-integrity software.  ...  In this process we have identified several limitations and pitfalls of software design and verification in SPARK, for which we give workarounds and protective actions to avoid them.  ...  Acknowledgements Thanks to the SPARK 2014 team of AdaCore for their guidance and insights.  ... 
arXiv:1707.00945v1 fatcat:5f6fj3r7krhgdpdgcqrq4gpchq

Static versus Dynamic Verification in Why3, Frama-C and SPARK 2014 [chapter]

Nikolai Kosmatov, Claude Marché, Yannick Moy, Julien Signoles
2016 Lecture Notes in Computer Science  
Why3 is an environment for static verification, generic in the sense that it is used as an intermediate tool by different front-ends for the verification of Java, C or Ada programs.  ...  Yet, the choices made when designing the specification languages provided by those front-ends differ significantly, in particular with respect to the executability of specifications.  ...  Such a check is quite easy to perform in the context of SPARK because there are strict coding rules for an Ada program to be in the SPARK fragment: pointers are forbidden, aliasing is forbidden, and a  ... 
doi:10.1007/978-3-319-47166-2_32 fatcat:7lzkiav36ndsrkkhal6phvnwam

Climbing the Software Assurance Ladder - Practical Formal Verification for Reliable Software

Yannick Moy
2019 Electronic Communications of the EASST  
Formal verification with SPARK has been used for years to get as close as possible to zero-defect software.  ...  Experience of both long-term and new users helped us define adoption and usage guidelines for SPARK based on five levels of increasing assurance that map well with industrial needs in practice.  ...  We would like to thank the anonymous referees for their useful remarks, as well as our colleagues at AdaCore, Altran and Thales for their reviews on earlier drafts of this article. Bibliography  ... 
doi:10.14279/tuj.eceasst.76.1069 dblp:journals/eceasst/Moy18 fatcat:sz6t37y4nfg37dylrkrnv22z34

Sequential circuits for program analysis

Fadi Zaraket, Adnan Aziz, Sarfraz Khurshid
2007 Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering - ASE '07  
A number of researchers have proposed the use of Boolean satisfiability solvers for verifying C programs.  ...  The SAT approach has been shown to find subtle bugs with reasonable resources. However, it does not scale well; in particular, it lacks the ability to handle larger bounds.  ...  We introduced the use of sequential circuits instead of pure combinational Boolean formulas to encode bounded ANSI-C programs and thus enabled the use of sequential solvers with reduction potentials that  ... 
doi:10.1145/1321631.1321650 dblp:conf/kbse/ZaraketAK07 fatcat:haznzm2hvvhrxl5mxqtcgnxida

Auto-Active Proof of Red-Black Trees in SPARK [chapter]

Claire Dross, Yannick Moy
2017 Lecture Notes in Computer Science  
Formal program verification can guarantee that a program is free from broad classes of errors (like reads of uninitialized data and run-time errors) and that it complies with its specification.  ...  We have chosen in SPARK to rely on the techniques of auto-active verification for providing cost effective formal verification of functional properties.  ...  Our implementation of red-black trees, with all the code for auto-active verification, is publicly available in the repository of SPARK. 1 Preliminaries SPARK 2014 SPARK is a subset of the Ada programming  ... 
doi:10.1007/978-3-319-57288-8_5 fatcat:klwkekpotrdc5l7j7sylanogqy
« Previous Showing results 1 — 15 out of 1,282 results