Ralph L. London

An Introduction to the Construction and Verification of Alphard Programs

The programming language Alphard is designed to provide support for both the methodologies of “well-structured” programming and the techniques of formal program verification. Language constructs allow a programmer to isolate an abstraction, specifying its behavior publicly while localizing knowledge about its implementation. The verification of such an abstraction consists of showing that its implementation behaves in accordance with its public specifications; the abstraction can then be used with confidence in constructing other programs, and the verification of that use employs only the public specifications. This paper introduces Alphard by developing and verifying a data structure definition and a program that uses it. It shows how each language construct contributes to the development of the abstraction and discusses the way the language design and the verification methodology were tailored to each other. It serves not only as an introduction to Alphard, but also as an example of the symbiosis between verification and methodology in language design. The strategy of program structuring, illustrated for Alphard, is also applicable to most of the “data abstraction” mechanisms now appearing.

Automatic program verification I: A logical basis and its implementation

SummaryDefining the semantics of programming languages by axioms and rules of inference yields a deduction system within which proofs may be given that programs satisfy specifications. The deduction system herein is shown to be consistent and also deduction complete with respect to Hoares system. A subgoaler for the deduction system is described whose input is a significant subset of Pascal programs plus inductive assertions. The output is a set of verification conditions or lemmas to be proved. Several non-trivial arithmetic and sorting programs have been shown to satisfy specifications by using an interactive theorem prover to automatically generate proofs of the verification conditions. Additional components for a more powerful verification system are under construction.

Abstraction and verification in Alphard: defining and specifying iteration and generators

The Alphard “form” provides the programmer with a great deal of control over the implementation of abstract data types. In this paper the abstraction techniques are extended from simple data representation and function definition to the iteration statement, the most important point of interaction between data and the control structure of the language itself. A means of specializing Alphards loops to operate on abstract entities without explicit dependence on the representation of those entities is introduced. Specification and verification techniques that allow the properties of the generators for such iterations to be expressed in the form of proof rules are developed. Results are obtained that for common special cases of these loops are essentially identical to the corresponding constructs in other languages. A means of showing that a generator will terminate is also provided.

Proof rules for the programming language Euclid

SummaryIn the spirit of the previous axiomatixation of the programming language Pascal, this paper describes Hoare-style proof rules for Euclid, a programming language intended for the expression of system programs which are to be verified. All constructs of Euclid are covered except for storage allocation and machine dependencies.

Abstraction and Verification in Alphard: Introduction to Language and Methodology

Alphard is a programming language whose goals include supporting both the development of well-structured programs and the formal verification of these programs. This paper attempts to capture the symbiotic influence of these two goals on the design of the language. To that end the language description is interleaved with the presentation of a proof technique and discussion of programming methodology. Examples to illustrate both the language and the verification technique are included.

A view of program verification

One persons perspectives of program verification and its relation to some aspects of reliable software are presented. The main verification method of inductive assertions is illustrated with several variations of one detailed example; a second example shows a surprisingly simple inductive assertion proof of an iterative tree traversal example. Briefly discussed also are the implicit assumptions of most verifications, proving termination, the creating of assertions, and languages in which to write assertions. An abstract overview is given of existing program verification systems together with a sample list of verified programs. A short bibliography is included.

Abstraction and Verification in Alphard: Iteration and Generators

The Alphard form provides the programmer with a great deal of control over the implementation of abstract data types. In this report we extend the abstraction techniques from simple data representation and function definition to the iteration statement, the most important point of interaction between data and the control structure of the language itself. We introduce a means of specializing Alphard’s loops to operate on abstract entities without explicit dependence on the representation of those entities. We develop specification and verification techniques that allow the properties of such iterations to be expressed in the form of proof rules. We also provide a means of showing that a generator will terminate and obtain results for common special cases that are essentially identical to the corresponding constructs in other languages.

Abstraction and Verification in Alphard: A Symbol Table Example

The design of the Alphard programming language has been strongly influenced by ideas from the areas of programming methodology and formal program verification. In this paper we design, implement, and verify a general symbol table mechanism. This example is rich enough to allow us to illustrate the use as well as the definition of programmer-defined abstractions. The verification illustrates the power of the form to simplify proofs by providing strong specifications of such abstractions.

An interactive program verification system

This paper is an initial progress report on the development of an interactive system for verifying that computer programs meet given formal specifications. The system is based on the conventional inductive assertion method: given a program and its specifications, the object is to generate the verification conditions, simplify them, and prove what remains. The important feature of the system is that the human user has the opportunity and obligation to help actively in the simplifying and proving. A general description is given of the overall design philosophy, structure, and functional components of the system, and a simple sorting program is used to illustrate both the behavior of major system components and the type of user interaction the system provides.

Preliminary) An Informal Definition of Alphard

The Alphard language was designed to support the joint goals of facilitating contemporary programming methodology, encouraging formal specification of programs and verification of those specifications, allowing the programmer to exercise control over details that affect performance, and being able to compile compact, efficient code. This report presents the informal definition of the complete language.