Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
129 tokens/sec
GPT-4o
28 tokens/sec
Gemini 2.5 Pro Pro
42 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Lessons from Formally Verified Deployed Software Systems (Extended version) (2301.02206v3)

Published 5 Jan 2023 in cs.SE

Abstract: The technology of formal software verification has made spectacular advances, but how much does it actually benefit the development of practical software? Considerable disagreement remains about the practicality of building systems with mechanically-checked proofs of correctness. Is this prospect confined to a few expensive, life-critical projects, or can the idea be applied to a wide segment of the software industry? To help answer this question, the present survey examines a range of projects, in various application areas, that have produced formally verified systems and deployed them for actual use. It considers the technologies used, the form of verification applied, the results obtained, and the lessons that the software industry should draw regarding its ability to benefit from formal verification techniques and tools. Note: this version is the extended article, covering all the systems identified as relevant. A shorter version, covering only a selection, is also available.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (39)
  1. Matlab Stateflow User Guide. http://www.mathworks.com/products/stateflow/
  2. Safe to the Last Instruction: Automated Verification of a Type-Safe Operating System (2021), https://www.cs.cmu.edu/~jyang2/talks/pldi2010_verve.pdf
  3. Isolate security-critical applications on zynq ultrascale+ devices. Tech. rep., XLINX (2020)
  4. Armv7-a architecture reference manual (2021), http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.ddi0406c
  5. Authority, C.A.: SW01—Regulatory objectives for software safety assurance in ATS equipment in part B (generic requirements and guidance) of CAP670—Air traffic services safety requirements (2001)
  6. Barnes, J.G.P.: High integrity software: the spark approach to safety and security: sample chapters. Pearson Education (2003)
  7. CakeML repository (2021), https://github.com/CakeML/cakeml
  8. Anatomy of the cloudant dbaas (2021), https://www.ibm.com/cloud/cloudant
  9. Common vulnerabilities and exposures (2019), http://cve.mitre.org/
  10. List of companies using formal verification methods in soft. eng. (2021), https://github.com/ligurio/practical-fm
  11. CompCert Webpage (2021), https://compcert.org/
  12. Coq Proof Assistant (2021), https://coq.inria.fr/
  13. Flover: A certificate checker for roundoff error bounds (2021), https://gitlab.mpi-sws.org/AVA/FloVer
  14. Gernot Heiser: The seL4 microkernel - an introduction. Tech. rep., The seL4 Foundation (2020)
  15. Hacl*: A high-assurance cryptographic library (2021), https://github.com/project-everest/hacl-star
  16. HOL interactive theorem prover (2021), https://hol-theorem-prover.org/
  17. Isabelle (2021), https://isabelle.in.tum.de/
  18. Cloudflare reverse proxies are dumping uninitialized memory (2017), https://bugs.chromium.org/p/project-zero/issues/detail?id=1139
  19. Klein, G.: Proof engineering considered essential. In: Int. Symp. on Formal Methods. pp. 16–21. Springer (2014)
  20. Leino, K.R.M.: This is Boogie 2. Manuscript KRML (2008)
  21. Leino, K.R.M.: Dafny: An automatic program verifier for functional correctness. In: Int. Conf. on Logic for Programming Artificial Intelligence and Reasoning. pp. 348–370. Springer (2010)
  22. Lescuyer, S.: ProvenCore: Towards a verified isolation micro-kernel. In: MILS@ HiPEAC (2015)
  23. Letouzey, P.: A new extraction for Coq. In: Int. Work. on Types for Proofs and Programs. pp. 200–219. Springer (2002)
  24. Lmbench - tools for performance analysis (2013), http://lmbench.sourceforge.net/
  25. mCertiKOS Hypervisor (2021), https://flint.cs.yale.edu/certikos/mcertikos.html#mcertikos
  26. Metamath zero (2021), https://github.com/digama0/mm0
  27. Myreen, M.O.: A minimalistic verified bootstrapped compiler (proof pearl). In: Int. Conf. on Certified Programs and Proofs. pp. 32–45. ACM (2021)
  28. How technology is transforming air traffic management (2013), https://nats.aero/blog/2013/07/how-technology-is-transforming-air-traffic-management/
  29. Provenrun website (2021), https://www.provenrun.com/
  30. Quark: A web browser with a formally verified kernel (2021), https://github.com/Conservatory/quark
  31. Formally Verified Systems Questionnaire (2021), https://bit.ly/2LMxbZB
  32. s2n github repository (2021), https://github.com/aws/s2n-tls
  33. Simulink (2021), https://www.mathworks.com/products/simulink.html
  34. Travis ci official website (2021), https://www.travis-ci.com/
  35. Trustzone (2021), http://www.arm.com/products/processors/technologies/trustzone/index.php
  36. Wikipedia: Common Criteria (2022), https://en.wikipedia.org/wiki/Common_Criteria
  37. Wikipedia: Kernel (operating system) (2022), https://en.wikipedia.org/wiki/Kernel_(operating_system)
  38. Wikipedia: L4 microkernel family (2022), https://en.wikipedia.org/wiki/L4_microkernel_family
  39. Wikipedia: Principle of least privilege (2022), https://en.wikipedia.org/wiki/Principle_of_least_privilege

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets