Abstract idea to a carefully crafted, precise realization
Along the way, there are lots of little puzzles to solve
Verification takes it to a whole new level
Have you ever written perfect code?
It feels really good!
Debugging is really hard.
Brian Kernighan has been attributed to saying, “Debugging is twice
as hard as writing the code in the first place. Therefore, if you
write the code as cleverly as possible, you are by definition, not
smart enough to debug it.”
Have you ever spent weeks debugging, running your code over and over again?
And never found the bug?
Forensics reports
Introductions
What is verification?
Spec <-> Impl
Beware fuzzy/colloquial use of “verification”
Contrast with testing, bug finding, model checking.
Key difference is soundness
Example: Not sound or complete: ESC Java (checking for Null, integer ranges). Called out to Simplify.
Benefits
Correctness
Understanding
Identifying assumptions
Safety net to take risks!
Certification (e.g., for government purposes)
Encourage better design and modularity
Instill confidence
Politics (teams agreeing on what each will provide)a
Expectations
Grad course ==> Less structure. Expected to do some independent learning
Warning: All of the tools we will be using are research quality tools!
Set expectations accordingly
Major course themes
Trusted computing base (TCB)
De Brujin: “De Brown”
Proof techniques:
Induction
Forward/backward simulation
Translation validation
Automation
Efficiency vs Decideable vs Undecideable
Barriers to adoption
Challenges of writing specifications
Typically lack of support for mainstream languages
Proving code correct is hard and time consuming
Example: KVM project
How large in the market for perfect software?
Guarantees
Correctness?
Safety
Liveness
Security
Metrics
- What guarantee do we get?
Trusted computing base (TCB)
- Simplicity/readability/trustworthiness of the spec
- Spec:Impl ratio
Performance
Effort
- Is it worth it?
- Would other techniques give equally good (or almost as good) results more cheaply?
Administrative
Did everyone get emails for Piazza and Survey?
Did everyone complete the survey?
Anyone still on the waitlist?
Link for sign-up sheet is in Piazza.
Please complete by Friday
Everyone must do 1. Bonus participation points for signing up for 2
Start searching for teammates! Suggest using Piazza
Look for complementary strengths, e.g., PL + security
Project proposals due 2/10
Academic integrity!
Work-Life Balance
Can be accommodating, esp. if it comes up early
Don’t wait to the last minute to start things
Course info
Learning and practicing with tools
Covering the latest uses
Focus on the applied side
This is where verification has struggled
Tips and tricks for doing research: reading papers, reviewing papers, giving presentations