TY - GEN
T1 - Certification support for automatically generated programs
AU - Schumann, J.
AU - Fischer, B.
AU - Whalen, M.
AU - Whittle, J.
PY - 2003/1/1
Y1 - 2003/1/1
N2 - Although autocoding techniques promise large gains in software development productivity, their "real-world" application has been limited, particularly in safety-critical domains. Often, the major impediment is the missing trustworthiness of these systems: demonstrating - let alone formally certifying - the trustworthiness of automatic code generators is extremely difficult due to their complexity and size. We develop an alternative product-oriented certification approach which is based on five principles: (1) trustworthiness of the generator is reduced to the safety of each individual generated program; (2) program safety is defined as adherence to an explicitly formulated safety policy; (3) the safety policy is formalized by a collection of logical program properties; (4) Hoare-style program verification is used to show that each generated program satisfies the required properties; (5) the code generator itself is extended to automatically produce the code annotations required for verification. The approach is feasible because the code generator has full knowledge about the program under construction and about the properties to be verified. It can thus generate all auxiliary code annotations a theorem prover needs to discharge all emerging verification obligations fully automatically. Here we report how this approach is used in a certification extension for AutoBayes, an automatic program synthesis system which generates data analysis programs (e.g., for clustering and time-series analysis) from declarative specifications. In particular, we describe how a variable-initialization-before-use safety policy can be encoded and certified.
AB - Although autocoding techniques promise large gains in software development productivity, their "real-world" application has been limited, particularly in safety-critical domains. Often, the major impediment is the missing trustworthiness of these systems: demonstrating - let alone formally certifying - the trustworthiness of automatic code generators is extremely difficult due to their complexity and size. We develop an alternative product-oriented certification approach which is based on five principles: (1) trustworthiness of the generator is reduced to the safety of each individual generated program; (2) program safety is defined as adherence to an explicitly formulated safety policy; (3) the safety policy is formalized by a collection of logical program properties; (4) Hoare-style program verification is used to show that each generated program satisfies the required properties; (5) the code generator itself is extended to automatically produce the code annotations required for verification. The approach is feasible because the code generator has full knowledge about the program under construction and about the properties to be verified. It can thus generate all auxiliary code annotations a theorem prover needs to discharge all emerging verification obligations fully automatically. Here we report how this approach is used in a certification extension for AutoBayes, an automatic program synthesis system which generates data analysis programs (e.g., for clustering and time-series analysis) from declarative specifications. In particular, we describe how a variable-initialization-before-use safety policy can be encoded and certified.
UR - http://www.scopus.com/inward/record.url?scp=84969579928&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84969579928&partnerID=8YFLogxK
U2 - 10.1109/HICSS.2003.1174914
DO - 10.1109/HICSS.2003.1174914
M3 - Conference contribution
AN - SCOPUS:84969579928
T3 - Proceedings of the 36th Annual Hawaii International Conference on System Sciences, HICSS 2003
BT - Proceedings of the 36th Annual Hawaii International Conference on System Sciences, HICSS 2003
A2 - Sprague, Ralph H.
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 36th Annual Hawaii International Conference on System Sciences, HICSS 2003
Y2 - 6 January 2003 through 9 January 2003
ER -