Methodology for Specification and Verification of High-Level Requirements with MetAcsl

Virgile Robles; Nikolai Kosmatov; Virgile Prevosto; Louis Rilling; Pascale Le Gall

doi:10.1109/FormaliSE52586.2021.00012

Methodology for Specification and Verification of High-Level Requirements with MetAcsl

Virgile Robles, Nikolai Kosmatov, Virgile Prevosto, Louis Rilling, Pascale Le Gall

Université Paris-Saclay

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Specification and formal verification of high-level properties (such as security properties, like data integrity or confidentiality) over a large software product remains an important challenge for the industrial practice. Recent work introduced METACSL, a plugin of the FRAMA-C verification platform, that allows the user to specify high-level properties, called HIgh-Level ACSL REquirements or HILARE, for C programs and transform them into assertions that can then be verified by classic deductive verification. This paper presents a methodology of specification and verification of a wide range of high-level properties with METACSL and illustrates it on several examples. The goal is to provide verification practitioners with detailed methodological guidelines for common patterns of properties in order to facilitate their everyday work and to avoid some frequent pitfalls. The illustrating examples are inspired by very usual kinds of properties and illustrated on two use cases. One of them - on the real-life code of the bootloader module of the secure storage device Wookey - was fully verified using the described approach, demonstrating its capacity to scale to real-life code. The other one - on a microkernel of an OS - was added to illustrate other common properties, where the description of the system was intentionally left very generic.

Original language	English
Title of host publication	Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	54-67
Number of pages	14
ISBN (Electronic)	9781665439138
DOIs	https://doi.org/10.1109/FormaliSE52586.2021.00012
Publication status	Published - 1 May 2021
Externally published	Yes
Event	9th IEEE/ACM International Conference on Formal Methods in Software Engineering, FormaliSE 2021 - Virtual, Online, Spain Duration: 17 May 2021 → 21 May 2021

Publication series

Name	Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021

Conference

Conference	9th IEEE/ACM International Conference on Formal Methods in Software Engineering, FormaliSE 2021
Country/Territory	Spain
City	Virtual, Online
Period	17/05/21 → 21/05/21

Keywords

C programming language
high level
methodology
specification
verification

Access to Document

10.1109/FormaliSE52586.2021.00012

Cite this

Robles, V., Kosmatov, N., Prevosto, V., Rilling, L., & Gall, P. L. (2021). Methodology for Specification and Verification of High-Level Requirements with MetAcsl. In Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021 (pp. 54-67). (Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/FormaliSE52586.2021.00012

Robles, Virgile ; Kosmatov, Nikolai ; Prevosto, Virgile et al. / Methodology for Specification and Verification of High-Level Requirements with MetAcsl. Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 54-67 (Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021).

@inproceedings{397f2baf862d4d348f50c8cf22864f47,

title = "Methodology for Specification and Verification of High-Level Requirements with MetAcsl",

abstract = "Specification and formal verification of high-level properties (such as security properties, like data integrity or confidentiality) over a large software product remains an important challenge for the industrial practice. Recent work introduced METACSL, a plugin of the FRAMA-C verification platform, that allows the user to specify high-level properties, called HIgh-Level ACSL REquirements or HILARE, for C programs and transform them into assertions that can then be verified by classic deductive verification. This paper presents a methodology of specification and verification of a wide range of high-level properties with METACSL and illustrates it on several examples. The goal is to provide verification practitioners with detailed methodological guidelines for common patterns of properties in order to facilitate their everyday work and to avoid some frequent pitfalls. The illustrating examples are inspired by very usual kinds of properties and illustrated on two use cases. One of them - on the real-life code of the bootloader module of the secure storage device Wookey - was fully verified using the described approach, demonstrating its capacity to scale to real-life code. The other one - on a microkernel of an OS - was added to illustrate other common properties, where the description of the system was intentionally left very generic.",

keywords = "C programming language, high level, methodology, specification, verification",

author = "Virgile Robles and Nikolai Kosmatov and Virgile Prevosto and Louis Rilling and Gall, \{Pascale Le\}",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 9th IEEE/ACM International Conference on Formal Methods in Software Engineering, FormaliSE 2021 ; Conference date: 17-05-2021 Through 21-05-2021",

year = "2021",

month = may,

day = "1",

doi = "10.1109/FormaliSE52586.2021.00012",

language = "English",

series = "Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "54--67",

booktitle = "Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021",

}

Robles, V, Kosmatov, N, Prevosto, V, Rilling, L & Gall, PL 2021, Methodology for Specification and Verification of High-Level Requirements with MetAcsl. in Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021. Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021, Institute of Electrical and Electronics Engineers Inc., pp. 54-67, 9th IEEE/ACM International Conference on Formal Methods in Software Engineering, FormaliSE 2021, Virtual, Online, Spain, 17/05/21. https://doi.org/10.1109/FormaliSE52586.2021.00012

Methodology for Specification and Verification of High-Level Requirements with MetAcsl. / Robles, Virgile; Kosmatov, Nikolai; Prevosto, Virgile et al.
Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 54-67 (Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Methodology for Specification and Verification of High-Level Requirements with MetAcsl

AU - Robles, Virgile

AU - Kosmatov, Nikolai

AU - Prevosto, Virgile

AU - Rilling, Louis

AU - Gall, Pascale Le

PY - 2021/5/1

Y1 - 2021/5/1

N2 - Specification and formal verification of high-level properties (such as security properties, like data integrity or confidentiality) over a large software product remains an important challenge for the industrial practice. Recent work introduced METACSL, a plugin of the FRAMA-C verification platform, that allows the user to specify high-level properties, called HIgh-Level ACSL REquirements or HILARE, for C programs and transform them into assertions that can then be verified by classic deductive verification. This paper presents a methodology of specification and verification of a wide range of high-level properties with METACSL and illustrates it on several examples. The goal is to provide verification practitioners with detailed methodological guidelines for common patterns of properties in order to facilitate their everyday work and to avoid some frequent pitfalls. The illustrating examples are inspired by very usual kinds of properties and illustrated on two use cases. One of them - on the real-life code of the bootloader module of the secure storage device Wookey - was fully verified using the described approach, demonstrating its capacity to scale to real-life code. The other one - on a microkernel of an OS - was added to illustrate other common properties, where the description of the system was intentionally left very generic.

AB - Specification and formal verification of high-level properties (such as security properties, like data integrity or confidentiality) over a large software product remains an important challenge for the industrial practice. Recent work introduced METACSL, a plugin of the FRAMA-C verification platform, that allows the user to specify high-level properties, called HIgh-Level ACSL REquirements or HILARE, for C programs and transform them into assertions that can then be verified by classic deductive verification. This paper presents a methodology of specification and verification of a wide range of high-level properties with METACSL and illustrates it on several examples. The goal is to provide verification practitioners with detailed methodological guidelines for common patterns of properties in order to facilitate their everyday work and to avoid some frequent pitfalls. The illustrating examples are inspired by very usual kinds of properties and illustrated on two use cases. One of them - on the real-life code of the bootloader module of the secure storage device Wookey - was fully verified using the described approach, demonstrating its capacity to scale to real-life code. The other one - on a microkernel of an OS - was added to illustrate other common properties, where the description of the system was intentionally left very generic.

KW - C programming language

KW - high level

KW - methodology

KW - specification

KW - verification

U2 - 10.1109/FormaliSE52586.2021.00012

DO - 10.1109/FormaliSE52586.2021.00012

M3 - Conference contribution

AN - SCOPUS:85114454237

T3 - Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021

SP - 54

EP - 67

BT - Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 9th IEEE/ACM International Conference on Formal Methods in Software Engineering, FormaliSE 2021

Y2 - 17 May 2021 through 21 May 2021

ER -

Robles V, Kosmatov N, Prevosto V, Rilling L, Gall PL. Methodology for Specification and Verification of High-Level Requirements with MetAcsl. In Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 54-67. (Proceedings - 2021 IEEE/ACM 9th International Conference on Formal Methods in Software Engineering, FormaliSE 2021). doi: 10.1109/FormaliSE52586.2021.00012

Methodology for Specification and Verification of High-Level Requirements with MetAcsl

Abstract

Publication series

Conference

Keywords

Access to Document

Fingerprint

Cite this