Results 1  10
of
45
Simple Relational Correctness Proofs for Static Analyses and Program Transformations
, 2004
"... We show how some classical static analyses for imperative programs, and the optimizing transformations which they enable, may be expressed and proved correct using elementary logical and denotational techniques. The key ingredients are an interpretation of program properties as relations, rather tha ..."
Abstract

Cited by 104 (9 self)
 Add to MetaCart
(Show Context)
We show how some classical static analyses for imperative programs, and the optimizing transformations which they enable, may be expressed and proved correct using elementary logical and denotational techniques. The key ingredients are an interpretation of program properties as relations, rather than predicates, and a realization that although many program analyses are traditionally formulated in very intensional terms, the associated transformations are actually enabled by more liberal extensional properties.
NetKAT: Semantic foundations for networks
 In POPL
, 2014
"... Recent years have seen growing interest in highlevel languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network hardware than by foundational principles. The lack of a semantic foundation ha ..."
Abstract

Cited by 34 (15 self)
 Add to MetaCart
(Show Context)
Recent years have seen growing interest in highlevel languages for programming networks. But the design of these languages has been largely ad hoc, driven more by the needs of applications and the capabilities of network hardware than by foundational principles. The lack of a semantic foundation has left language designers with little guidance in determining how to incorporate new features, and programmers without a means to reason precisely about their code. This paper presents NetKAT, a new network programming language that is based on a solid mathematical foundation and comes equipped with a sound and complete equational theory. We describe the design of NetKAT, including primitives for filtering, modifying, and transmitting packets; union and sequential composition operators; and a Kleene star operator that iterates programs. We show that NetKAT is an instance of a canonical and wellstudied mathematical structure called a Kleene algebra with tests (KAT) and prove that its equational theory is sound and complete with respect to its denotational semantics. Finally, we present practical applications of the equational theory including syntactic techniques for checking reachability, proving noninterference properties that ensure isolation between programs, and establishing the correctness of compilation algorithms.
Kleene algebra with tests and program schematology
, 2001
"... The theory of flowchart schemes has a rich history going back to Ianov [6]; see Manna [22] for an elementary exposition. A central question in the theory of program schemes is scheme equivalence. Manna presents several examples of equivalence proofs that work by simplifying the schemes using various ..."
Abstract

Cited by 23 (8 self)
 Add to MetaCart
(Show Context)
The theory of flowchart schemes has a rich history going back to Ianov [6]; see Manna [22] for an elementary exposition. A central question in the theory of program schemes is scheme equivalence. Manna presents several examples of equivalence proofs that work by simplifying the schemes using various combinatorial transformation rules. In this paper we present a purely algebraic approach to this problem using Kleene algebra with tests (KAT). Instead of transforming schemes directly using combinatorial graph manipulation, we regard them as a certain kind of automaton on abstract traces. We prove a generalization of Kleene’s theorem and use it to construct equivalent expressions in the language of KAT. We can then give a purely equational proof of the equivalence of the resulting expressions. We prove soundness of the method and give a detailed example of its use. 1
Equational verification of cache blocking in lu decomposition using kleene algebra with tests
, 2002
"... In a recent paper of Mateev et al. (2001), a new technique for program analysis called fractal symbolic analysis was introduced and applied to verify the correctness of a series of sourcelevel transformations for cache blocking in LU decomposition with partial pivoting. It was argued in that paper ..."
Abstract

Cited by 16 (7 self)
 Add to MetaCart
(Show Context)
In a recent paper of Mateev et al. (2001), a new technique for program analysis called fractal symbolic analysis was introduced and applied to verify the correctness of a series of sourcelevel transformations for cache blocking in LU decomposition with partial pivoting. It was argued in that paper that traditional techniques are inadequate because the transformations break definitionuse dependencies. We show how the task can be accomplished purely equationally using Kleene algebra with tests. 1
From Kleene Algebra to Refinement Algebra
, 2002
"... KAT (Kleene Algebra with Tests) have proved to be useful for reasoning about programs in a partial correctness framework. We describe DRA (demonic Refinement Algebra), a variation of KAT for total correctness and illustrate its modeling and reasoning power with a number of applications and examples. ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
KAT (Kleene Algebra with Tests) have proved to be useful for reasoning about programs in a partial correctness framework. We describe DRA (demonic Refinement Algebra), a variation of KAT for total correctness and illustrate its modeling and reasoning power with a number of applications and examples.
Deductive Runtime Certification
 In Proceedings of the 2004 Workshop on Runtime Verification
, 2004
"... This paper introduces a notion of certified computation whereby an algorithm not only produces a result r for a given input x, but also proves that r is a correct result for x. This can greatly enhance the credibility of the result: if we trust the axioms and inference rules that are used in the pro ..."
Abstract

Cited by 13 (8 self)
 Add to MetaCart
(Show Context)
This paper introduces a notion of certified computation whereby an algorithm not only produces a result r for a given input x, but also proves that r is a correct result for x. This can greatly enhance the credibility of the result: if we trust the axioms and inference rules that are used in the proof, then we can be assured that r is correct. Typically, the reasoning used in a certified computation is much simpler than the computation itself. We present and analyze two examples of certifying algorithms. We have developed...
KATML: An interactive theorem prover for Kleene Algebra with Tests
 University of Manchester
, 2003
"... Abstract. We describe an implementation of an interactive theorem prover for Kleene algebra with tests (KAT). The system is designed to reflect the natural style of reasoning with KAT that one finds in the literature. We illustrate its use with some examples. 1 ..."
Abstract

Cited by 13 (1 self)
 Add to MetaCart
(Show Context)
Abstract. We describe an implementation of an interactive theorem prover for Kleene algebra with tests (KAT). The system is designed to reflect the natural style of reasoning with KAT that one finds in the literature. We illustrate its use with some examples. 1
On the elimination of hypotheses in Kleene algebra with tests
, 2002
"... The validity problem for certain universal Horn formulas of Kleene algebra with tests (KAT) can be efficiently reduced to the equational theory. This reduction is known as elimination of hypotheses. Hypotheses are used to describe the interaction of atomic programs and tests and are an essential com ..."
Abstract

Cited by 11 (5 self)
 Add to MetaCart
(Show Context)
The validity problem for certain universal Horn formulas of Kleene algebra with tests (KAT) can be efficiently reduced to the equational theory. This reduction is known as elimination of hypotheses. Hypotheses are used to describe the interaction of atomic programs and tests and are an essential component of practical program verification with KAT. The ability to eliminate hypotheses of a certain form means that the Horn theory with premises of that form remains decidable in PSPACE. It was known (Cohen 1994, Kozen and Smith 1996, Kozen 1997) how to eliminate hypotheses of the form q =0. In this paper we show how to eliminate hypotheses of the form cp = c for atomic p. Hypotheses of this form are useful in eliminating redundant code and arise quite often in the verification of compiler optimizations (Kozen and Patron 2000). 1
Correctness of Classical Compiler Optimizations using CTL
 In Proc. of Compiler Optimization meets Compiler Verificaiton (COCV) 2002, Electronic Notes in Theoretical Computer Science (ENTCS
, 2001
"... ..."
(Show Context)