22c:181 Formal Methods in Software Engineering

Course introduction and administration. Introduction to formal methods.

• Course overview
• Course introduction

• [Clar96] A survey of the state of the art in formal methods in 1996. Although the survey proper is now dated, the paper still provides a good overview of the field.
• [vLam00] An introduction to formal specifications, and a survey of formal specification approaches.

Introduction to Lustre. Simulating Lustre programs with Luke. A working example: traffic light.

• Lustre and Luke Overview
• Lustre/Luke Examples

• [Halb02] A tutorial of Lustre.
• [Halb91] The main reference paper for Lustre.

Specifying simple reactive systems. Implementing them in Lustre and debugging them with Luke.
A working example: the traffic light.

• Lustre/Luke Examples

• [Halb02] A tutorial of Lustre.
• [Halb91] The main reference paper for Lustre.

Checking properties with synchronous observers. Useful temporal operators.
A few examples.

• Lecture notes
• Lustre/Luke Examples

• [Halb99] Explains the use of synchronous observers in Lustre.

Verifying safety properties of Lustre programs by temporal induction. Simple induction. Basic k-induction. Enhancements.

• Lecture notes

Exercises on specifying systems and properties. The elevator case study.

• See the elevator problem in Exercise 3.

Overview of the KeY system and its software development methodology.

• Lecture notes

• [Haeh07] Chapter 1 of [Beck07], the KeY book.

Introduction to UML. Syntax and semantics of Class, Object, Use Case and Sequence diagrams.

• Lecture notes

• [Brau01], [Mill03] A couple of UML tutorials.
• [OMG07] Infrastructure specification document for UML, Version 2.1.2.

Introduction to OCL.

• Lecture notes

• [OMG03] Object Constraint Language Specification document, Version 1.5.
• [Roth07] Chapter 5 of [Beck07], the KeY book. Sections 5.1 and 5.2 are the relevant ones.

More on OCL. Exercises on formulating OCL constraints for class diagrams. The university example.

From OCL to first order logic. Review of propositional logic. Checking validity of formulas by means of logical calculi. A propositional sequent calculus.
Discussion of Mini-project grading and solutions.

• Lecture notes

No lectures. Spring break.

Introduction to typed first-order logic. A OO type system. Signatures, terms and formulas. Semantics: first-order models.

• Lecture notes

Midterm.

More on the semantics of typed first-order logic. Evaluating terms and formula in a model. Validity relation. Examples of models and evaluations.

• Lecture notes

• [Gies07] Chapter 2 of [Beck07], the KeY book.

Translating OCL constraints to formulas in typed first-order logic. Motivation and main ideas of the translation.
Discussion on the midterm and illustration of some sample solutions.

• Lecture notes

• [Roth07] Chapter 5 of [Beck07], the KeY book. Sections 5.2.3 is the relevant one.

More on the translation from OCL to typed first-order logic. Demo on using KeY to prove simple propositional and first-order formulas.

• Lecture notes

Exercise on using Together to write UML diagrams and OCL constraints.

• Together project built in class (zip file).

Introduction to Dynamic Logic. Syntax and semantics.

• Lecture notes

No class.

More on the semantics of Dynamic Logic. Overview of the Dynamic Logic calculus.

• Lecture notes

More on Dynamic Logic calculus. The induction rule.
Updates and their use to provide a better semantics for assignments. Examples of proof in the DL calculus in Key.
Discussion of Midterm Problem 3 and its solution.

• Lecture notes

A few notes on OCL modeling in Together.
More on Midterm Problem 3 and its solution.
More examples of verifying simple programs in Key.

• KeY examples seen in class

Automatic test case generation. The black box approach. Generating test cases from formal specifications.

• Lecture notes by R. Haenle

Automatic test case generation. The white box approach. Generating test cases from symbolic execution.
Discussion of Project 2 solutions.

• Lecture notes by R. Haenle