Leo Freitas | Newcastle University (original) (raw)
Papers by Leo Freitas
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
arXiv (Cornell University), Mar 30, 2023
Bookmarks Related papers MentionsView impact
arXiv (Cornell University), Mar 28, 2023
Bookmarks Related papers MentionsView impact
Formal Aspects of Computing, Feb 1, 2009
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Abstract. We describe our experiences in mechanising the specification, refinement, and proof of ... more Abstract. We describe our experiences in mechanising the specification, refinement, and proof of the Mondex Electronic Purse using the Z/Eves theorem prover. We took a conservative approach and mechanised the original L ATEX sources without changing their technical content, except to correct errors. We found problems in the original specification and some missing invariants in the refinements. Based on these experiences, we present novel and detailed guidance on how to drive Z/Eves successfully. The work contributes to the Repository for the Verified Software Grand Challenge.
Bookmarks Related papers MentionsView impact
Cornell University - arXiv, Mar 28, 2020
Bookmarks Related papers MentionsView impact
Formal Aspects of Component Software, 2017
Bookmarks Related papers MentionsView impact
This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kern... more This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kernel. We discuss tools and techniques currently employed and outline future directions of research.
Bookmarks Related papers MentionsView impact
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 9... more Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 pages in total. This includes the body of the report (without blank pages) and Appendix A, but not Appendices B, C, D, E and F. 1Updated transactional operation proofs, 21st September 2009. A separation kernel is an architecture for secure applications, which benefits from inherent security of distributed systems. Due to its small size and usage in high-integrity environments, it makes a good target for formal modelling and verification. This project presents results from mechanisation and modelling of separation kernel components: a process table, a process queue and a scheduler. The results have been developed as a part of the pilot project within the international Grand Challenge in Verified Software. This thesis covers full development life-cycle from project initiation through design and evaluation to successful completion. Important findings about kernel properties, formal modell...
Bookmarks Related papers MentionsView impact
EPiC Series in Computing
This paper sets out the on-going research in a project which isinvestigating how to learn from on... more This paper sets out the on-going research in a project which isinvestigating how to learn from one interactive proof so that other similar proofscan be completed automatically.
Bookmarks Related papers MentionsView impact
This position paper outlines the background and current approaches taken within AI4FM, a 4-year r... more This position paper outlines the background and current approaches taken within AI4FM, a 4-year research project aimed at combining AI methodologies to aid proof discovery of certain families of interest. Namely, those repeated proofs often appearing in the application of verification to industrial applications. 1
Bookmarks Related papers MentionsView impact
Dagstuhl Reports, 2013
This report documents the program and the outcomes of Dagstuhl Seminar 13372 "Integration of... more This report documents the program and the outcomes of Dagstuhl Seminar 13372 "Integration of Tools for Rigorous Software Construction and Analysis". The 32 participants came from 10 countries: Australia, Austria, Brazil, Canada, Denmark, France, Germany, Great Britain, Italy, Norway. The aim of the seminar was to bring together researchers and tool developers from different state- and machine-based formal methods communities in order to share expertise and promote the joint use of modelling tool technologies. Indeed, each of these communities -- from Abstract State Machines, to B, TLA, VDM, Z -- has valuable tools and technologies which would be beneficial also for the other formal approaches. Understanding and clarifying their commonalities and differences is a key factor to achieve a possible integration or integrated use of these related approaches for accomplishing, in a rigorous way, the various modelling and analysis tasks to construct reliable high quality software ...
Bookmarks Related papers MentionsView impact
Rigorous State-Based Methods, 2020
Bookmarks Related papers MentionsView impact
This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kern... more This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kernel. We discuss tools and techniques currently em- ployed and outline future directions of research. FreeRTOS (Bar11) is an operating system (OS) kernel for embedded real-time applications. It has recently been proposed as case study in the context of the grand challenge on software verific- ation (JOW06). For this purpose, FreeRTOS is particularly interesting because it is open-source, reasonably small in size, yet relatively complex with respect to the functionality it provides. It features memory management, I/O-device control, tasks management and scheduling, commu- nication and synchronisation directives, and real-time event handling. FreeRTOS has been ported to a range of computing platforms and compilers. The kernel comprises of roughly 3,000 lines of C code with a small fraction of assembly code. The core of FreeRTOS is its scheduler. It implements different policies for schedulin...
Bookmarks Related papers MentionsView impact
Abstract We propose a unifying theory of undefined expressions in logics used for formally specif... more Abstract We propose a unifying theory of undefined expressions in logics used for formally specifying software systems. We show how to use classical logic to prove facts in a monotonic partial logic with guards, and we exhibit guards for several different semantical systems. We show how classical logic can be used to prove semi-classical facts. The mechanical theorem prover Z/Eves is used to prove facts about semi-classical Z specifications, although it uses classical logic; it does this with guards from McCarthy logic ...
Bookmarks Related papers MentionsView impact
The EMVCoorganisation (i.e. MasterCard, Visa, etc.) protocols facilitate worldwide interoperabili... more The EMVCoorganisation (i.e. MasterCard, Visa, etc.) protocols facilitate worldwide interoperability of secure electronic payments. Despite recent advances, it has proved difficult for academia to provide an acceptable solution to construction of secure applications within industry’s constraints. In this paper, we describe a methodology we have applied to EMV1. It involves domain specific languages and verification tools targeting different analysis of interest. We are currently collaborating with EMVCo on their upcoming EMV R ©2nd Generation (EMV2) specifications.
Bookmarks Related papers MentionsView impact
The EMV® (EMV® is a registered trademark or trademark of EMVCo, LLC in the US and other countries... more The EMV® (EMV® is a registered trademark or trademark of EMVCo, LLC in the US and other countries.) organisation specify payment protocols to facilitate worldwide interoperability of secure electronic payments. This paper is about the application and scalability of formal methods to a current and complex industry application. We describe the use of VDM to model EMV® \(2^{nd}\) Generation Kernel (A preliminary version of this paper was presented at the \(16^{th}\) Overture Workshop, Oxford July 2018, where papers became a Newcastle Technical Report.). VDM is useful for both formal specification, as well as simulation, test coverage, and proof obligation generation for functional correctness.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
arXiv (Cornell University), Mar 30, 2023
Bookmarks Related papers MentionsView impact
arXiv (Cornell University), Mar 28, 2023
Bookmarks Related papers MentionsView impact
Formal Aspects of Computing, Feb 1, 2009
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact
Abstract. We describe our experiences in mechanising the specification, refinement, and proof of ... more Abstract. We describe our experiences in mechanising the specification, refinement, and proof of the Mondex Electronic Purse using the Z/Eves theorem prover. We took a conservative approach and mechanised the original L ATEX sources without changing their technical content, except to correct errors. We found problems in the original specification and some missing invariants in the refinements. Based on these experiences, we present novel and detailed guidance on how to drive Z/Eves successfully. The work contributes to the Repository for the Verified Software Grand Challenge.
Bookmarks Related papers MentionsView impact
Cornell University - arXiv, Mar 28, 2020
Bookmarks Related papers MentionsView impact
Formal Aspects of Component Software, 2017
Bookmarks Related papers MentionsView impact
This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kern... more This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kernel. We discuss tools and techniques currently employed and outline future directions of research.
Bookmarks Related papers MentionsView impact
Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 9... more Number of words = 45327, as counted by detex <report.tex> | wc-w. This report consists of 98 pages in total. This includes the body of the report (without blank pages) and Appendix A, but not Appendices B, C, D, E and F. 1Updated transactional operation proofs, 21st September 2009. A separation kernel is an architecture for secure applications, which benefits from inherent security of distributed systems. Due to its small size and usage in high-integrity environments, it makes a good target for formal modelling and verification. This project presents results from mechanisation and modelling of separation kernel components: a process table, a process queue and a scheduler. The results have been developed as a part of the pilot project within the international Grand Challenge in Verified Software. This thesis covers full development life-cycle from project initiation through design and evaluation to successful completion. Important findings about kernel properties, formal modell...
Bookmarks Related papers MentionsView impact
EPiC Series in Computing
This paper sets out the on-going research in a project which isinvestigating how to learn from on... more This paper sets out the on-going research in a project which isinvestigating how to learn from one interactive proof so that other similar proofscan be completed automatically.
Bookmarks Related papers MentionsView impact
This position paper outlines the background and current approaches taken within AI4FM, a 4-year r... more This position paper outlines the background and current approaches taken within AI4FM, a 4-year research project aimed at combining AI methodologies to aid proof discovery of certain families of interest. Namely, those repeated proofs often appearing in the application of verification to industrial applications. 1
Bookmarks Related papers MentionsView impact
Dagstuhl Reports, 2013
This report documents the program and the outcomes of Dagstuhl Seminar 13372 "Integration of... more This report documents the program and the outcomes of Dagstuhl Seminar 13372 "Integration of Tools for Rigorous Software Construction and Analysis". The 32 participants came from 10 countries: Australia, Austria, Brazil, Canada, Denmark, France, Germany, Great Britain, Italy, Norway. The aim of the seminar was to bring together researchers and tool developers from different state- and machine-based formal methods communities in order to share expertise and promote the joint use of modelling tool technologies. Indeed, each of these communities -- from Abstract State Machines, to B, TLA, VDM, Z -- has valuable tools and technologies which would be beneficial also for the other formal approaches. Understanding and clarifying their commonalities and differences is a key factor to achieve a possible integration or integrated use of these related approaches for accomplishing, in a rigorous way, the various modelling and analysis tasks to construct reliable high quality software ...
Bookmarks Related papers MentionsView impact
Rigorous State-Based Methods, 2020
Bookmarks Related papers MentionsView impact
This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kern... more This paper reports on ongoing work towards verifying the FreeRTOS real-time operating system kernel. We discuss tools and techniques currently em- ployed and outline future directions of research. FreeRTOS (Bar11) is an operating system (OS) kernel for embedded real-time applications. It has recently been proposed as case study in the context of the grand challenge on software verific- ation (JOW06). For this purpose, FreeRTOS is particularly interesting because it is open-source, reasonably small in size, yet relatively complex with respect to the functionality it provides. It features memory management, I/O-device control, tasks management and scheduling, commu- nication and synchronisation directives, and real-time event handling. FreeRTOS has been ported to a range of computing platforms and compilers. The kernel comprises of roughly 3,000 lines of C code with a small fraction of assembly code. The core of FreeRTOS is its scheduler. It implements different policies for schedulin...
Bookmarks Related papers MentionsView impact
Abstract We propose a unifying theory of undefined expressions in logics used for formally specif... more Abstract We propose a unifying theory of undefined expressions in logics used for formally specifying software systems. We show how to use classical logic to prove facts in a monotonic partial logic with guards, and we exhibit guards for several different semantical systems. We show how classical logic can be used to prove semi-classical facts. The mechanical theorem prover Z/Eves is used to prove facts about semi-classical Z specifications, although it uses classical logic; it does this with guards from McCarthy logic ...
Bookmarks Related papers MentionsView impact
The EMVCoorganisation (i.e. MasterCard, Visa, etc.) protocols facilitate worldwide interoperabili... more The EMVCoorganisation (i.e. MasterCard, Visa, etc.) protocols facilitate worldwide interoperability of secure electronic payments. Despite recent advances, it has proved difficult for academia to provide an acceptable solution to construction of secure applications within industry’s constraints. In this paper, we describe a methodology we have applied to EMV1. It involves domain specific languages and verification tools targeting different analysis of interest. We are currently collaborating with EMVCo on their upcoming EMV R ©2nd Generation (EMV2) specifications.
Bookmarks Related papers MentionsView impact
The EMV® (EMV® is a registered trademark or trademark of EMVCo, LLC in the US and other countries... more The EMV® (EMV® is a registered trademark or trademark of EMVCo, LLC in the US and other countries.) organisation specify payment protocols to facilitate worldwide interoperability of secure electronic payments. This paper is about the application and scalability of formal methods to a current and complex industry application. We describe the use of VDM to model EMV® \(2^{nd}\) Generation Kernel (A preliminary version of this paper was presented at the \(16^{th}\) Overture Workshop, Oxford July 2018, where papers became a Newcastle Technical Report.). VDM is useful for both formal specification, as well as simulation, test coverage, and proof obligation generation for functional correctness.
Bookmarks Related papers MentionsView impact
Bookmarks Related papers MentionsView impact