The University of Southampton
University of Southampton Institutional Repository

Constructing a safety case for automatically generated code from formal program verification

Constructing a safety case for automatically generated code from formal program verification
Constructing a safety case for automatically generated code from formal program verification
Formal methods can in principle provide the highest levels of assurance of code safety by providing formal proofs as explicit evidence for the assurance claims. However, the proofs are often complex and difficult to relate to the code, in particular if it has been generated automatically. They may also be based on assumptions and reasoning principles that are not justified. This causes concerns about the trustworthiness of the proofs and thus the assurance claims. Here we present an approach to systematically construct safety cases from information collected during a formal verification of the code, in particular from the construction of the logical annotations necessary for a formal, Hoare-style safety certification. Our approach combines a generic argument that is instantiated with respect to the certified safety property (i.e., safety claims) with a detailed, program-specific argument that can be derived systematically because its structure directly follows the course the annotation construction takes through the code. The resulting safety cases make explicit the formal and informal reasoning principles, and reveal the top-level assumptions and external dependencies that must be taken into account. However, the evidence still comes from the formal safety proofs. Our approach is independent of the given safety property and program, and consequently also independent of the underlying code generator. Here, we illustrate it for the AutoFilter system developed at NASA Ames.
249-262
Springer Berlin, Heidelberg
Basir, N.
10c027b2-6fdd-46db-ab74-83d526522558
Denney, E.
ea98c398-f905-4e8f-8a1c-0a47b49e0abd
Fischer, B.
0c9575e6-d099-47f1-b3a2-2dbc93c53d18
Harrison, Michael Douglas
Sujan, Mark-Alexander
Basir, N.
10c027b2-6fdd-46db-ab74-83d526522558
Denney, E.
ea98c398-f905-4e8f-8a1c-0a47b49e0abd
Fischer, B.
0c9575e6-d099-47f1-b3a2-2dbc93c53d18
Harrison, Michael Douglas
Sujan, Mark-Alexander

Basir, N., Denney, E. and Fischer, B. (2008) Constructing a safety case for automatically generated code from formal program verification. Harrison, Michael Douglas and Sujan, Mark-Alexander (eds.) In Computer Safety, Reliability, and Security. : 27th International Conference, SAFECOMP 2008 Newcastle upon Tyne, UK, September 22-25, 2008 Proceedings. vol. 5219, Springer Berlin, Heidelberg. pp. 249-262 .

Record type: Conference or Workshop Item (Paper)

Abstract

Formal methods can in principle provide the highest levels of assurance of code safety by providing formal proofs as explicit evidence for the assurance claims. However, the proofs are often complex and difficult to relate to the code, in particular if it has been generated automatically. They may also be based on assumptions and reasoning principles that are not justified. This causes concerns about the trustworthiness of the proofs and thus the assurance claims. Here we present an approach to systematically construct safety cases from information collected during a formal verification of the code, in particular from the construction of the logical annotations necessary for a formal, Hoare-style safety certification. Our approach combines a generic argument that is instantiated with respect to the certified safety property (i.e., safety claims) with a detailed, program-specific argument that can be derived systematically because its structure directly follows the course the annotation construction takes through the code. The resulting safety cases make explicit the formal and informal reasoning principles, and reveal the top-level assumptions and external dependencies that must be taken into account. However, the evidence still comes from the formal safety proofs. Our approach is independent of the given safety property and program, and consequently also independent of the underlying code generator. Here, we illustrate it for the AutoFilter system developed at NASA Ames.

This record has no associated files available for download.

More information

Published date: 2008
Organisations: Electronic & Software Systems

Identifiers

Local EPrints ID: 269071
URI: http://eprints.soton.ac.uk/id/eprint/269071
PURE UUID: cc203ba2-cc41-4788-bb8f-8c26e40dc327

Catalogue record

Date deposited: 21 Apr 2010 07:46
Last modified: 20 Feb 2024 11:09

Export record

Contributors

Author: N. Basir
Author: E. Denney
Author: B. Fischer
Editor: Michael Douglas Harrison
Editor: Mark-Alexander Sujan

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×