Cartesian hoare logic for verifying k-safety properties

Marcelo Sousa, Isil Dillig
2016 SIGPLAN notices  
Unlike safety properties which require the absence of a "bad" program trace, k-safety properties stipulate the absence of a "bad" interaction between k traces. Examples of k-safety properties include transitivity, associativity, anti-symmetry, and monotonicity. This paper presents a sound and relatively complete calculus, called Cartesian Hoare Logic (CHL), for verifying k-safety properties. Our program logic is designed with automation and scalability in mind, allowing us to formulate a
more » ... ation algorithm that automates reasoning in CHL. We have implemented our verification algorithm in a fully automated tool called DESCARTES, which can be used to analyze any k-safety property of Java programs. We have used DESCARTES to analyze user-defined relational operators and demonstrate that DESCARTES is effective at verifying (or finding violations of) multiple k-safety properties.
doi:10.1145/2980983.2908092 fatcat:n7ytzy2vmbfjtfqb6ol63bbow4