Geodesic
Proving properties of discrete-valued functions using deductive proof: application to the square root
Modelirovanie i analiz informacionnyh sistem, Tome 26 (2019) no. 4, pp. 520-533.

Voir la notice de l'article provenant de la source Math-Net.Ru

For many years, automotive embedded systems have been validated only by testing. In the near future, Advanced Driver Assistance Systems (ADAS) will take a greater part in the car’s software design and development. Furthermore, their increasing critical level may lead authorities to require a certification for those systems. We think that bringing formal proof in their development can help establishing safety properties and get an efficient certification process. Other industries (e.g. aerospace, railway, nuclear) that produce critical systems requiring certification also took the path of formal verification techniques. One of these techniques is deductive proof. It can give a higher level of confidence in proving critical safety properties and even avoid unit testing. In this paper, we chose a production use case: a function calculating a square root by linear interpolation. We use deductive proof to prove its correctness and show the limitations we encountered with the off-the-shelf tools. We propose approaches to overcome some limitations of these tools and succeed with the proof. These approaches can be applied to similar problems, which are frequent in the automotive embedded software.
Keywords: formal methods, deductive proof, proving discrete-valued functions. 
@article{MAIS_2019_26_4_a4,
     author = {V. Todorov and S. Taha and F. Boulanger and A. Hernandez},
     title = {Proving properties of discrete-valued functions using deductive proof: application to the square root},
     journal = {Modelirovanie i analiz informacionnyh sistem},
     pages = {520--533},
     publisher = {mathdoc},
     volume = {26},
     number = {4},
     year = {2019},
     language = {en},
     url = {http://geodesic.mathdoc.fr/item/MAIS_2019_26_4_a4/}
}
TY  - JOUR
AU  - V. Todorov
AU  - S. Taha
AU  - F. Boulanger
AU  - A. Hernandez
TI  - Proving properties of discrete-valued functions using deductive proof: application to the square root
JO  - Modelirovanie i analiz informacionnyh sistem
PY  - 2019
SP  - 520
EP  - 533
VL  - 26
IS  - 4
PB  - mathdoc
UR  - http://geodesic.mathdoc.fr/item/MAIS_2019_26_4_a4/
LA  - en
ID  - MAIS_2019_26_4_a4
ER  - 
%0 Journal Article
%A V. Todorov
%A S. Taha
%A F. Boulanger
%A A. Hernandez
%T Proving properties of discrete-valued functions using deductive proof: application to the square root
%J Modelirovanie i analiz informacionnyh sistem
%D 2019
%P 520-533
%V 26
%N 4
%I mathdoc
%U http://geodesic.mathdoc.fr/item/MAIS_2019_26_4_a4/
%G en
%F MAIS_2019_26_4_a4
V. Todorov; S. Taha; F. Boulanger; A. Hernandez. Proving properties of discrete-valued functions using deductive proof: application to the square root. Modelirovanie i analiz informacionnyh sistem, Tome 26 (2019) no. 4, pp. 520-533. http://geodesic.mathdoc.fr/item/MAIS_2019_26_4_a4/

[1] Aagaard M. D., Jones R. B., Kaivola R., Kohatsu K. R., Seger C.-J. H., “Formal Verification of Iterative Algorithms in Microprocessors”, Proceedings of the 37th Annual Design Automation Conference, DAC 2000, 2000, 201–206 | DOI

[2] Hoare A., Chapron P., Abrial J. R., The B-book: Assigning Programs to Meanings, Cambridge University Press, New York, NY, USA, 1996 | MR | Zbl

[3] Barnett M., Leino K. R. M., “Weakest-Precondition of Unstructured Programs”, Softw. Eng. Notes, 31:1 (2005), 82–87 | DOI | MR

[4] Barrett C., Conway C. L., Deters M., Hadarean L., Jovanovi'c D., King T., Reynolds A., Tinelli C., “Cvc4”, Computer Aided Verification, CAV 2011, LNCS, 6806, 2011, 171–177 | MR

[5] Barrett C. et al., The SMT-LIB Standard: Version 2.0, Tech. rep., 2010

[6] Bertot Y., Magaud N., Zimmermann P., “A Proof of GMP Square Root”, Journal of Automated Reasoning, 29:3-4 (2002), 225–252 | DOI | MR | Zbl

[7] Chapman R., “Industrial Experience with SPARK”, ACM SIGAda Ada Letters, 20:4 (2000), 64–68 | DOI

[8] Conchon S., Coquereau A., Iguernlala M., Mebsout A., “Alt-Ergo 2.2”, SMT Workshop: International Workshop on SMT (Oxford, United Kingdom, 2018)

[9] De Moura L., Bjørner N., “Z3: An Efficient SMT Solver”, TACAS'08/ETAPS'08, Lecture Notes in Computer Science, 4963, Springer-Verlag, Berlin–Heidelberg, 2008, 337–340 | DOI

[10] Dijkstra E. W., “Guarded Commands, Nondeterminacy and Formal Derivation of Programs”, Communications of ACM, 18:8 (1975), 453–457 | DOI | MR | Zbl

[11] Dutertre B., “Yices 2.2”, International Conference on Computer Aided Verification, Springer, Cham, 2014, 737–744

[12] Ferguson W. E., Bingham J., Erkök L., Harrison J. R., Leslie-Hurd J., “Digit Serial Methods with Applications to Division and Square Root”, IEEE Transactions on Computers, 67:3 (2017), 449–456 | DOI | MR

[13] Flanagan C., Flanagan C., Saxe J. B., “Avoiding Exponential Explosion: Generating Compact Verification Conditions”, ACM SIGPLAN Not., 36:3 (2001), 193–205 | DOI

[14] Harrison J., “Formal Verification of Square Root Algorithms”, Formal Methods in System Design, 22:2 (2003), 143–153 | DOI | Zbl

[15] Hoare C. A. R., “An Axiomatic Basis for Computer Programming”, Communications of the ACM, 12:10 (1969), 576–580 | DOI | MR | Zbl

[16] Kirchner F., Kosmatov N., Prevosto V., Signoles J., Yakobowski B., “Frama-C: A Software Analysis Perspective”, Formal Aspects of Computing, 27:3 (2015), 573–609 | DOI | MR

[17] Kuliamin V. V., “Standardization and Testing of Implementations of Mathematical Functions in Floating Point Numbers”, Programming and Computer Software, 33:3 (2007), 154–173 | DOI | MR | Zbl

[18] Mauborgne L., “Astrée: Verification of Absence of Runtime Error”, Building the Information Society, 156, ed. Jacquart R., IFIP International Federation for Information Processing, 2004, 385–392 | DOI

[19] Melquiond G., Rieu-Helft R., “Formal Verification of a State-of-the-Art Integer Square Root”, IEEE 26th Symposium on Computer Arithmetic (ARITH) (Kyoto, Japan, 2019), 183–186

[20] Moy Y., Ledinot E., Delseny H., Wiels V., Monate B., “Testing or Formal Verification: DO-178C Alternatives and Industrial Experience”, IEEE Soft, 30:3 (2013), 50-57 | DOI

[21] Rager D. L., Ebergen J., Nadezhin D., Lee A., Chau C. K., Selfridge B., “Formal Verification of Division and Square Root Implementations, an Oracle Report”, Formal Methods in Computer-Aided Design (FMCAD), 2016, 149–152 | DOI

[22] Randimbivololona F., Souyris J., Baudin P., Pacalet A., Raguideau J., Schoen D., “Applying Formal Proof Techniques to Avionics Software: A Pragmatic Approach”, Formal Methods, FM 1999, Lecture Notes in Computer Science, 1709, eds. Wing J. M., Woodcock J., Davies J., 1999, 1798–1815 | DOI

[23] Russinoff D. M., “A Mechanically Checked Proof of Correctness of the AMD K5 Floating Point Square Root Microcode”, Formal Methods in System Design, 14:1 (1999), 75–125 | DOI | MR

[24] Russinoff D. M., “A Mechanically Checked Proof of IEEE Compliance of the Floating Point Multiplication, Division and Square Root Algorithms of the AMD-K7$^\mathrm{TM}$ Processor”, LMS J. Comput. Math. (UK), 1 (1998), 148–200 | DOI | MR | Zbl

[25] Sawada J., Gamboa R., “Mechanical Verification of a Square Root Algorithm Using Taylor's Theorem”, Formal Methods in Computer-Aided Design, FMCAD 2002, LNCS, 2517, 2002, 274–291 | Zbl

[26] Shelekhov V. I., “Verification and Synthesis of Addition Programs under the Rules of Correctness of Statements”, Automatic Control and Computer Sciences, 45:7 (2011), 421–427 | DOI

[27] Shilov N. V., Anureev I. S., Bodin E. V., “Generation of Correctness Conditions for Imperative Programs”, Programming and Computer Software, 34:6 (2008), 307–321 | DOI | MR | Zbl

[28] Shilov N. V., Kondratyev D. A., Anureev I. S., Bodin E. V., Promsky A. V., “Platform-Independent Specification and Verification of the Standard Mathematical Square Root Function”, Modeling and Analysis of Information Systems, 25:6 (2018), 637-666 (in Russian) | MR

[29] Todorov V., Boulanger F., Taha S., “Formal Verification of Automotive Embedded Software”, Proceedings of the 6th Conference on Formal Methods in Software Engineering, ACM, New York, USA, 2018, 84–87