Rosemary Monahan | National University of Ireland, Maynooth (original) (raw)

Papers by Rosemary Monahan

Research paper thumbnail of Comparing Differentiable Logics for Learning Systems: A Research Preview

Electronic proceedings in theoretical computer science, Nov 14, 2023

Extensive research on formal verification of machine learning (ML) systems indicates that learnin... more Extensive research on formal verification of machine learning (ML) systems indicates that learning from data alone often fails to capture underlying background knowledge. A variety of verifiers have been developed to ensure that a machine-learnt model satisfies correctness and safety properties, however, these verifiers typically assume a trained network with fixed weights. ML-enabled autonomous systems are required to not only detect incorrect predictions, but should also possess the ability to self-correct, continuously improving and adapting. A promising approach for creating ML models that inherently satisfy constraints is to encode background knowledge as logical constraints that guide the learning process via so-called differentiable logics. In this research preview, we compare and evaluate various logics from the literature in weakly-supervised contexts, presenting our findings and highlighting open problems for future work. Our experimental results are broadly consistent with results reported previously in literature; however, learning with differentiable logics introduces a new hyperparameter that is difficult to tune and has significant influence on the effectiveness of the logics.

Research paper thumbnail of Computational Thinking Resources Inspired by Bebras

The resources are derived from tasks from the Bebras international computational thinking initiat... more The resources are derived from tasks from the Bebras international computational thinking initiative. The different modalities work together throughout the school year to provide initial exposure to computational thinking, and include an obstacle course, seasonal tasks, and a workbook.

Research paper thumbnail of A Computational Thinking Obstacle Course Based on Bebras Tasks for K-12 Schools

This paper describes an unplugged computational thinking (CT) resource for primary and secondary ... more This paper describes an unplugged computational thinking (CT) resource for primary and secondary schools developed from Bebras tasks. In Ireland, CT is not part of the primary school curriculum or mandatory in secondary schools. However, the National Council for Curriculum and Assessment is in the process of revising the primary school curriculum to include aspects of CT. Our aim for creating this CT Obstacle Course is to introduce teachers (and pupils) without formal computer science training to the subject of CT. This is done in a manner that informs and motivates, and gives them the confidence to deliver CT materials in the classroom. We also want to find out from teachers how useful and important this type of resource is for developing problem-solving skills, and if our unplugged activity can support learning at various skill levels. Our CT Obstacle Course includes 14 Bebras tasks for primary schools and an additional 6 Bebras tasks for secondary schools. The activity is suitable for indoors and outdoors and is completed in groups, promoting teamwork and communication. We have delivered it to 146 primary school classes during 38 school visits between May 2021 and June 2022. It has been undertaken by 3,445 pupils and 195 teachers and other school staff. This paper describes our CT resource in detail, and reports teacher feedback from primary schools.

Research paper thumbnail of Repositioning Tiered HotSpot Execution Performance Relative to the Interpreter

arXiv (Cornell University), Apr 13, 2023

Although the advantages of just-in-time compilation over traditional interpretive execution are w... more Although the advantages of just-in-time compilation over traditional interpretive execution are widely recognised, there needs to be more current research investigating and repositioning the performance differences between these two execution models relative to contemporary workloads. Specifically, there is a need to examine the performance differences between Java Runtime Environment (JRE) Java Virtual Machine (JVM) tiered execution and JRE JVM interpretive execution relative to modern multicore architectures and modern concurrent and parallel benchmark workloads. This article aims to fill this research gap by presenting the results of a study that compares the performance of these two execution models under load from the Renaissance Benchmark Suite. This research is relevant to anyone interested in understanding the performance differences between just-in-time compiled code and interpretive execution. It provides a contemporary assessment of the interpretive JVM core, the entry and starting point for bytecode execution, relative to just-in-time tiered execution. The study considers factors such as the JRE version, the GNU GCC version used in the JRE build toolchain, and the garbage collector algorithm specified at runtime, and their impact on the performance difference envelope between interpretive and tiered execution. Our findings indicate that tiered execution is considerably more efficient than interpretive execution, and the performance gap has increased, ranging from 4 to 37 times more efficient. On average, tiered execution is approximately 15 times more efficient than interpretive execution. Additionally, the performance differences between interpretive and tiered execution are influenced by workload category, with narrower performance differences observed for web-based workloads and more significant differences for functional and Scala-type workloads.

Research paper thumbnail of Building Specifications in the Event-B Institution

Logical Methods in Computer Science, Nov 9, 2022

This paper describes a formal semantics for the Event-B specification language using the theory o... more This paper describes a formal semantics for the Event-B specification language using the theory of institutions. We define an institution for Event-B, EVT , and prove that it meets the validity requirements for satisfaction preservation and model amalgamation. We also present a series of functions that show how the constructs of the Event-B specification language can be mapped into our institution. Our semantics sheds new light on the structure of the Event-B language, allowing us to clearly delineate three constituent sub-languages: the superstructure, infrastructure and mathematical languages. One of the principal goals of our semantics is to provide access to the generic modularisation constructs available in institutions, including specification-building operators for parameterisation and refinement. We demonstrate how these features subsume and enhance the corresponding features already present in Event-B through a detailed study of their use in a worked example. We have implemented our approach via a parser and translator for Event-B specifications, eb2evt, which also provides a gateway to the Hets toolkit for heterogeneous specification.

Research paper thumbnail of Building Specifications in the Event-B Institution: A Summary

Lecture Notes in Computer Science, 2023

Research paper thumbnail of PACT:An initiative to introduce computational thinkingto second-level education in Ireland

PACT (Programming ∧ Algorithms ⇒ Computational Thinking) is a partnership between researchers in ... more PACT (Programming ∧ Algorithms ⇒ Computational Thinking) is a partnership between researchers in the Department of Computer Science at Maynooth University and teachers at selected post-primary schools around Ireland. Starting in September 2013, seven Irish secondary schools took part in a pilot study, delivering material prepared by the PACT team to Transition Year students. Three areas of Computer Science were identified as being key to delivering a successful course in computational thinking, namely, programming, algorithms and computability. An overview of the PACT module is provided, as well as analysis of the feedback obtained from students and teachers involved in delivering the initial pilot.

Research paper thumbnail of CSP2Turtle: Verified Turtle Robot Plans

Zenodo (CERN European Organization for Nuclear Research), Feb 23, 2023

Research paper thumbnail of Building Specifications in the Event-B Institution

Logical Methods in Computer Science

This paper describes a formal semantics for the Event-B specification language using the theory o... more This paper describes a formal semantics for the Event-B specification language using the theory of institutions. We define an institution for Event-B, EVT, and prove that it meets the validity requirements for satisfaction preservation and model amalgamation. We also present a series of functions that show how the constructs of the Event-B specification language can be mapped into our institution. Our semantics sheds new light on the structure of the Event-B language, allowing us to clearly delineate three constituent sub-languages: the superstructure, infrastructure and mathematical languages. One of the principal goals of our semantics is to provide access to the generic modularisation constructs available in institutions, including specification-building operators for parameterisation and refinement. We demonstrate how these features subsume and enhance the corresponding features already present in Event-B through a detailed study of their use in a worked example. We have impleme...

Research paper thumbnail of A Requirements-Driven Methodology: Formal Modelling and Verification of an Aircraft Engine Controller

Lecture Notes in Computer Science, 2022

Research paper thumbnail of Modelling the Turtle Python library in CSP

Electronic Proceedings in Theoretical Computer Science

Software verification is an important tool in establishing the reliability of critical systems. O... more Software verification is an important tool in establishing the reliability of critical systems. One potential area of application is in the field of robotics, as robots take on more tasks in both day-today areas and highly specialised domains. Robots are usually given a plan to follow, if there are errors in this plan the robot will not perform reliably. The capability to check plans for errors in advance could prevent this. Python is a popular programming language in the robotics domain, through the use of the Robot Operating System (ROS) and various other libraries. Python's Turtle package provides a mobile agent, which we formally model here using Communicating Sequential Processes (CSP). Our interactive toolchain CSP2Turtle with CSP model and Python components, enables Turtle plans to be verified in CSP before being executed in Python. This means that certain classes of errors can be avoided, and provides a starting point for more detailed verification of Turtle programs and more complex robotic systems. We illustrate our approach with examples of robot navigation and obstacle avoidance in a 2D grid-world.

Research paper thumbnail of CSP2Turtle: Verified Turtle Robot Plans

Robotics

Software verification is an important approach to establishing the reliability of critical system... more Software verification is an important approach to establishing the reliability of critical systems. One important area of application is in the field of robotics, as robots take on more tasks in both day-to-day areas and highly specialised domains. Our particular interest is in checking the plans that robots are expected to follow to detect errors that would lead to unreliable behaviour. Python is a popular programming language in the robotics domain through the use of the Robot Operating System (ROS) and various other libraries. Python’s Turtle package provides a mobile agent, which we formally model here using Communicating Sequential Processes (CSP). Our interactive toolchain CSP2Turtle with CSP models and Python components enables plans for the turtle agent to be verified using the FDR model-checker before being executed in Python. This means that certain classes of errors can be avoided, providing a starting point for more detailed verification of Turtle programs and more compl...

Research paper thumbnail of Machine-Assisted Proofs for Institutions in Coq

Lecture Notes in Computer Science, 2022

Research paper thumbnail of A computational thinking module for secondary students and pre-service teachers using Bebras-style tasks

The United Kingdom and Ireland Computing Education Research (UKICER) Conference

Research paper thumbnail of Accidental Choices—How JVM Choice and Associated Build Tools Affect Interpreter Performance

Computers

Considering the large number of optimisation techniques that have been integrated into the design... more Considering the large number of optimisation techniques that have been integrated into the design of the Java Virtual Machine (JVM) over the last three decades, the Java interpreter continues to persist as a significant bottleneck in the performance of bytecode execution. This paper examines the relationship between Java Runtime Environment (JRE) performance concerning the interpreted execution of Java bytecode and the effect modern compiler selection and integration within the JRE build toolchain has on that performance. We undertook this evaluation relative to a contemporary benchmark suite of application workloads, the Renaissance Benchmark Suite. Our results show that the choice of GNU GCC compiler version used within the JRE build toolchain statistically significantly affects runtime performance. More importantly, not all OpenJDK releases and JRE JVM interpreters are equal. Our results show that OpenJDK JVM interpreter performance is associated with benchmark workload. In addit...

Research paper thumbnail of Test Case Generation for Programming Language Metamodels

One of the central themes in software language engineering is the specification of programming la... more One of the central themes in software language engineering is the specification of programming languages, and domain-specific languages, using a metamodel. One problem associated with the use of programming language metamodels, and metamodels in general, is determining whether or not they are correct. In this context, the question addressed by our research is: given a programming language metamodel, how can we generate an appropriate test suite to show that it is valid

Research paper thumbnail of Creating new Program Proofs by Combining Abductive and Deductive Reasoning

We describe recent work on the Aris system that creates and verifies new formal specifications fo... more We describe recent work on the Aris system that creates and verifies new formal specifications for pre-existing source code. We describe Aris in terms of the abductive reasoning system that suggest possible specifications and then uses an existing deductive verifier to evaluate these creations. This paper focuses on the abduction system that creates new formal specifications by leveraging a small set of inspiring artefacts to augment a subset of candidate problems. This employs knowledge graphs to represent the raw data (i.e., source code), discovering latent similarities between graphs using a graph-matching process. Results are presented for the C# programming language with novel creations and its sister language called Code Contracts. We outline ampliative creativity, whereby newly created artefacts drive subsequent creative episodes beyond the initially perceived limitations. We also outline some recent work towards transferring specifications between the C# and Java programming...

Research paper thumbnail of On Two Friends for Getting Correct Programs

Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques, 2016

We report on our progress-to-date in implementing a software de- velopment environment which inte... more We report on our progress-to-date in implementing a software de- velopment environment which integrates the efforts of two formal software engineering techniques: program refinement as supported by Event B and program verification as supported by the Spec# programming system. Our objective is to improve the usability of formal verification tools by providing a general framework for integrating these two approaches to software veri- fication. We show how the two approaches Correctness-by-Construction and Post-hoc Verification can be used in a productive way. Here, we focus on the final steps in this process where the final concrete specification is transformed into an executable algorithm. We present EB2RC,a plug-in for the Rodin platform, that reads in an Event B model and uses the control framework introduced during its refinement to generate a graphical representation of the executable algorithm. EB2RC also generates a recursive algorithm that is eas- ily translated into executable code. We illustrate our technique through case studies and their analysis.

Research paper thumbnail of 3 Verification Communities : Remarks on Commonalities , Differences , and Terminology

This report documents the program and the outcomes of Dagstuhl Seminar 14171 “Evaluating Software... more This report documents the program and the outcomes of Dagstuhl Seminar 14171 “Evaluating Software Verification Systems: Benchmarks and Competitions”. The seminar brought together a large group of current and future competition organizers and participants, benchmark maintainers, as well as practitioners and researchers interested in the topic. The seminar was conducted as a highly interactive event, with a wide spectrum of contributions from participants, including talks, tutorials, posters, tool demstrations, hands-on sessions, and a live competition. Seminar April 21–25, 2014 – http://www.dagstuhl.de/14171 1998 ACM Subject Classification D.2.4 Software/Program Verification, F.3.1 Specifying and Verifying and Reasoning about Programs

Research paper thumbnail of The Spec# Programming System

The clams are first subjected to a shearing action in the first unit which is a rotating perforat... more The clams are first subjected to a shearing action in the first unit which is a rotating perforated drum having inwardly extending spokes with a rotating rotor disposed within the drum and off-set with respect to the drum axis. The rotor has outwardly extending spokes in intermeshing relationship with the drum spokes. In the first treating unit, the clams are partitioned into uneviscerated tongues, muscles, straps, siphons and occasional spines and then conveyed onto a classifier which separates the tongues from the remaining parts of the clams and discharges the spines to waste. The uneviscerated tongues are then fed into an eviscerator, which is identical in construction to the first unit but is operated at higher relative rotation between the drum and the rotor, where the tongues are flexed and subjected to shearing forces to expel the viscera. The eviscerated tongues and the viscera are introduced into a rotating reel provided with openings of sufficient size to discharge the vi...

Research paper thumbnail of Comparing Differentiable Logics for Learning Systems: A Research Preview

Electronic proceedings in theoretical computer science, Nov 14, 2023

Extensive research on formal verification of machine learning (ML) systems indicates that learnin... more Extensive research on formal verification of machine learning (ML) systems indicates that learning from data alone often fails to capture underlying background knowledge. A variety of verifiers have been developed to ensure that a machine-learnt model satisfies correctness and safety properties, however, these verifiers typically assume a trained network with fixed weights. ML-enabled autonomous systems are required to not only detect incorrect predictions, but should also possess the ability to self-correct, continuously improving and adapting. A promising approach for creating ML models that inherently satisfy constraints is to encode background knowledge as logical constraints that guide the learning process via so-called differentiable logics. In this research preview, we compare and evaluate various logics from the literature in weakly-supervised contexts, presenting our findings and highlighting open problems for future work. Our experimental results are broadly consistent with results reported previously in literature; however, learning with differentiable logics introduces a new hyperparameter that is difficult to tune and has significant influence on the effectiveness of the logics.

Research paper thumbnail of Computational Thinking Resources Inspired by Bebras

The resources are derived from tasks from the Bebras international computational thinking initiat... more The resources are derived from tasks from the Bebras international computational thinking initiative. The different modalities work together throughout the school year to provide initial exposure to computational thinking, and include an obstacle course, seasonal tasks, and a workbook.

Research paper thumbnail of A Computational Thinking Obstacle Course Based on Bebras Tasks for K-12 Schools

This paper describes an unplugged computational thinking (CT) resource for primary and secondary ... more This paper describes an unplugged computational thinking (CT) resource for primary and secondary schools developed from Bebras tasks. In Ireland, CT is not part of the primary school curriculum or mandatory in secondary schools. However, the National Council for Curriculum and Assessment is in the process of revising the primary school curriculum to include aspects of CT. Our aim for creating this CT Obstacle Course is to introduce teachers (and pupils) without formal computer science training to the subject of CT. This is done in a manner that informs and motivates, and gives them the confidence to deliver CT materials in the classroom. We also want to find out from teachers how useful and important this type of resource is for developing problem-solving skills, and if our unplugged activity can support learning at various skill levels. Our CT Obstacle Course includes 14 Bebras tasks for primary schools and an additional 6 Bebras tasks for secondary schools. The activity is suitable for indoors and outdoors and is completed in groups, promoting teamwork and communication. We have delivered it to 146 primary school classes during 38 school visits between May 2021 and June 2022. It has been undertaken by 3,445 pupils and 195 teachers and other school staff. This paper describes our CT resource in detail, and reports teacher feedback from primary schools.

Research paper thumbnail of Repositioning Tiered HotSpot Execution Performance Relative to the Interpreter

arXiv (Cornell University), Apr 13, 2023

Although the advantages of just-in-time compilation over traditional interpretive execution are w... more Although the advantages of just-in-time compilation over traditional interpretive execution are widely recognised, there needs to be more current research investigating and repositioning the performance differences between these two execution models relative to contemporary workloads. Specifically, there is a need to examine the performance differences between Java Runtime Environment (JRE) Java Virtual Machine (JVM) tiered execution and JRE JVM interpretive execution relative to modern multicore architectures and modern concurrent and parallel benchmark workloads. This article aims to fill this research gap by presenting the results of a study that compares the performance of these two execution models under load from the Renaissance Benchmark Suite. This research is relevant to anyone interested in understanding the performance differences between just-in-time compiled code and interpretive execution. It provides a contemporary assessment of the interpretive JVM core, the entry and starting point for bytecode execution, relative to just-in-time tiered execution. The study considers factors such as the JRE version, the GNU GCC version used in the JRE build toolchain, and the garbage collector algorithm specified at runtime, and their impact on the performance difference envelope between interpretive and tiered execution. Our findings indicate that tiered execution is considerably more efficient than interpretive execution, and the performance gap has increased, ranging from 4 to 37 times more efficient. On average, tiered execution is approximately 15 times more efficient than interpretive execution. Additionally, the performance differences between interpretive and tiered execution are influenced by workload category, with narrower performance differences observed for web-based workloads and more significant differences for functional and Scala-type workloads.

Research paper thumbnail of Building Specifications in the Event-B Institution

Logical Methods in Computer Science, Nov 9, 2022

This paper describes a formal semantics for the Event-B specification language using the theory o... more This paper describes a formal semantics for the Event-B specification language using the theory of institutions. We define an institution for Event-B, EVT , and prove that it meets the validity requirements for satisfaction preservation and model amalgamation. We also present a series of functions that show how the constructs of the Event-B specification language can be mapped into our institution. Our semantics sheds new light on the structure of the Event-B language, allowing us to clearly delineate three constituent sub-languages: the superstructure, infrastructure and mathematical languages. One of the principal goals of our semantics is to provide access to the generic modularisation constructs available in institutions, including specification-building operators for parameterisation and refinement. We demonstrate how these features subsume and enhance the corresponding features already present in Event-B through a detailed study of their use in a worked example. We have implemented our approach via a parser and translator for Event-B specifications, eb2evt, which also provides a gateway to the Hets toolkit for heterogeneous specification.

Research paper thumbnail of Building Specifications in the Event-B Institution: A Summary

Lecture Notes in Computer Science, 2023

Research paper thumbnail of PACT:An initiative to introduce computational thinkingto second-level education in Ireland

PACT (Programming ∧ Algorithms ⇒ Computational Thinking) is a partnership between researchers in ... more PACT (Programming ∧ Algorithms ⇒ Computational Thinking) is a partnership between researchers in the Department of Computer Science at Maynooth University and teachers at selected post-primary schools around Ireland. Starting in September 2013, seven Irish secondary schools took part in a pilot study, delivering material prepared by the PACT team to Transition Year students. Three areas of Computer Science were identified as being key to delivering a successful course in computational thinking, namely, programming, algorithms and computability. An overview of the PACT module is provided, as well as analysis of the feedback obtained from students and teachers involved in delivering the initial pilot.

Research paper thumbnail of CSP2Turtle: Verified Turtle Robot Plans

Zenodo (CERN European Organization for Nuclear Research), Feb 23, 2023

Research paper thumbnail of Building Specifications in the Event-B Institution

Logical Methods in Computer Science

This paper describes a formal semantics for the Event-B specification language using the theory o... more This paper describes a formal semantics for the Event-B specification language using the theory of institutions. We define an institution for Event-B, EVT, and prove that it meets the validity requirements for satisfaction preservation and model amalgamation. We also present a series of functions that show how the constructs of the Event-B specification language can be mapped into our institution. Our semantics sheds new light on the structure of the Event-B language, allowing us to clearly delineate three constituent sub-languages: the superstructure, infrastructure and mathematical languages. One of the principal goals of our semantics is to provide access to the generic modularisation constructs available in institutions, including specification-building operators for parameterisation and refinement. We demonstrate how these features subsume and enhance the corresponding features already present in Event-B through a detailed study of their use in a worked example. We have impleme...

Research paper thumbnail of A Requirements-Driven Methodology: Formal Modelling and Verification of an Aircraft Engine Controller

Lecture Notes in Computer Science, 2022

Research paper thumbnail of Modelling the Turtle Python library in CSP

Electronic Proceedings in Theoretical Computer Science

Software verification is an important tool in establishing the reliability of critical systems. O... more Software verification is an important tool in establishing the reliability of critical systems. One potential area of application is in the field of robotics, as robots take on more tasks in both day-today areas and highly specialised domains. Robots are usually given a plan to follow, if there are errors in this plan the robot will not perform reliably. The capability to check plans for errors in advance could prevent this. Python is a popular programming language in the robotics domain, through the use of the Robot Operating System (ROS) and various other libraries. Python's Turtle package provides a mobile agent, which we formally model here using Communicating Sequential Processes (CSP). Our interactive toolchain CSP2Turtle with CSP model and Python components, enables Turtle plans to be verified in CSP before being executed in Python. This means that certain classes of errors can be avoided, and provides a starting point for more detailed verification of Turtle programs and more complex robotic systems. We illustrate our approach with examples of robot navigation and obstacle avoidance in a 2D grid-world.

Research paper thumbnail of CSP2Turtle: Verified Turtle Robot Plans

Robotics

Software verification is an important approach to establishing the reliability of critical system... more Software verification is an important approach to establishing the reliability of critical systems. One important area of application is in the field of robotics, as robots take on more tasks in both day-to-day areas and highly specialised domains. Our particular interest is in checking the plans that robots are expected to follow to detect errors that would lead to unreliable behaviour. Python is a popular programming language in the robotics domain through the use of the Robot Operating System (ROS) and various other libraries. Python’s Turtle package provides a mobile agent, which we formally model here using Communicating Sequential Processes (CSP). Our interactive toolchain CSP2Turtle with CSP models and Python components enables plans for the turtle agent to be verified using the FDR model-checker before being executed in Python. This means that certain classes of errors can be avoided, providing a starting point for more detailed verification of Turtle programs and more compl...

Research paper thumbnail of Machine-Assisted Proofs for Institutions in Coq

Lecture Notes in Computer Science, 2022

Research paper thumbnail of A computational thinking module for secondary students and pre-service teachers using Bebras-style tasks

The United Kingdom and Ireland Computing Education Research (UKICER) Conference

Research paper thumbnail of Accidental Choices—How JVM Choice and Associated Build Tools Affect Interpreter Performance

Computers

Considering the large number of optimisation techniques that have been integrated into the design... more Considering the large number of optimisation techniques that have been integrated into the design of the Java Virtual Machine (JVM) over the last three decades, the Java interpreter continues to persist as a significant bottleneck in the performance of bytecode execution. This paper examines the relationship between Java Runtime Environment (JRE) performance concerning the interpreted execution of Java bytecode and the effect modern compiler selection and integration within the JRE build toolchain has on that performance. We undertook this evaluation relative to a contemporary benchmark suite of application workloads, the Renaissance Benchmark Suite. Our results show that the choice of GNU GCC compiler version used within the JRE build toolchain statistically significantly affects runtime performance. More importantly, not all OpenJDK releases and JRE JVM interpreters are equal. Our results show that OpenJDK JVM interpreter performance is associated with benchmark workload. In addit...

Research paper thumbnail of Test Case Generation for Programming Language Metamodels

One of the central themes in software language engineering is the specification of programming la... more One of the central themes in software language engineering is the specification of programming languages, and domain-specific languages, using a metamodel. One problem associated with the use of programming language metamodels, and metamodels in general, is determining whether or not they are correct. In this context, the question addressed by our research is: given a programming language metamodel, how can we generate an appropriate test suite to show that it is valid

Research paper thumbnail of Creating new Program Proofs by Combining Abductive and Deductive Reasoning

We describe recent work on the Aris system that creates and verifies new formal specifications fo... more We describe recent work on the Aris system that creates and verifies new formal specifications for pre-existing source code. We describe Aris in terms of the abductive reasoning system that suggest possible specifications and then uses an existing deductive verifier to evaluate these creations. This paper focuses on the abduction system that creates new formal specifications by leveraging a small set of inspiring artefacts to augment a subset of candidate problems. This employs knowledge graphs to represent the raw data (i.e., source code), discovering latent similarities between graphs using a graph-matching process. Results are presented for the C# programming language with novel creations and its sister language called Code Contracts. We outline ampliative creativity, whereby newly created artefacts drive subsequent creative episodes beyond the initially perceived limitations. We also outline some recent work towards transferring specifications between the C# and Java programming...

Research paper thumbnail of On Two Friends for Getting Correct Programs

Leveraging Applications of Formal Methods, Verification and Validation: Foundational Techniques, 2016

We report on our progress-to-date in implementing a software de- velopment environment which inte... more We report on our progress-to-date in implementing a software de- velopment environment which integrates the efforts of two formal software engineering techniques: program refinement as supported by Event B and program verification as supported by the Spec# programming system. Our objective is to improve the usability of formal verification tools by providing a general framework for integrating these two approaches to software veri- fication. We show how the two approaches Correctness-by-Construction and Post-hoc Verification can be used in a productive way. Here, we focus on the final steps in this process where the final concrete specification is transformed into an executable algorithm. We present EB2RC,a plug-in for the Rodin platform, that reads in an Event B model and uses the control framework introduced during its refinement to generate a graphical representation of the executable algorithm. EB2RC also generates a recursive algorithm that is eas- ily translated into executable code. We illustrate our technique through case studies and their analysis.

Research paper thumbnail of 3 Verification Communities : Remarks on Commonalities , Differences , and Terminology

This report documents the program and the outcomes of Dagstuhl Seminar 14171 “Evaluating Software... more This report documents the program and the outcomes of Dagstuhl Seminar 14171 “Evaluating Software Verification Systems: Benchmarks and Competitions”. The seminar brought together a large group of current and future competition organizers and participants, benchmark maintainers, as well as practitioners and researchers interested in the topic. The seminar was conducted as a highly interactive event, with a wide spectrum of contributions from participants, including talks, tutorials, posters, tool demstrations, hands-on sessions, and a live competition. Seminar April 21–25, 2014 – http://www.dagstuhl.de/14171 1998 ACM Subject Classification D.2.4 Software/Program Verification, F.3.1 Specifying and Verifying and Reasoning about Programs

Research paper thumbnail of The Spec# Programming System

The clams are first subjected to a shearing action in the first unit which is a rotating perforat... more The clams are first subjected to a shearing action in the first unit which is a rotating perforated drum having inwardly extending spokes with a rotating rotor disposed within the drum and off-set with respect to the drum axis. The rotor has outwardly extending spokes in intermeshing relationship with the drum spokes. In the first treating unit, the clams are partitioned into uneviscerated tongues, muscles, straps, siphons and occasional spines and then conveyed onto a classifier which separates the tongues from the remaining parts of the clams and discharges the spines to waste. The uneviscerated tongues are then fed into an eviscerator, which is identical in construction to the first unit but is operated at higher relative rotation between the drum and the rotor, where the tongues are flexed and subjected to shearing forces to expel the viscera. The eviscerated tongues and the viscera are introduced into a rotating reel provided with openings of sufficient size to discharge the vi...