PhD Course - Program Verification

February 2 - June 17

Organizers:

Jesper Bengtson (Associate Professor, course lead)
Willard Rafnsson (Assistant Professor)
Dawit Tirore (PhD student, TA)

Course advertisement: https://learnit.itu.dk/local/coursebase/view.php?ciid=945

Lecturer(s):

Jesper Bengtson
Willard Rafnsson

Date(s) of the course:

2022-02-02 – 2022-06-17

Time:

14-16 (lectures)
16-18 (exercises)

Room: 2A20

Course description:

This is a hands-on course that teaches you how to prove that programs are correct. You will get in-depth experience with tools for this task, as well as an understanding of the theory behind them. This course thus equips you to pursue a career in writing safety-critical systems, or in pursuing higher studies in this area.

You will predominately be working with two industry-grade tools for program verification in this course -- Coq and Spark.

The course culminates with a one-month project. As a PhD student you are expected to find a piece of software or a theorem that ties into your thesis work to a significant degree and that you want to prove correct using Coq and/or Spark ADA. Ideally this project should lay the foundations for a publication.

Intended Learning Outcomes

Characterise recent developments in programming languages and verification technology
Create programs and their specifications using Coq and Spark
Construct interactive proofs that show that programs follow their specifications
Compare models of programs with their real-life counterparts
Assess accuracy of models and make precise what impact any imprecisions have on any proofs made
Apply and reflect on theories for modelling, analyzing and constructing programs, specifications, and their proofs of correctness
Relate automated and interactive proof assistants and make precise the advantages and disadvantages of both types of systems

Reading list

Reading list:

Software Foundations Volume 1, Chapters Logical Foundations (Benjamin C. Pierce et al.)

https://softwarefoundations.cis.upenn.edu/lf-current/index.html

Software Foundations Volume 3, Verified Functional Algorithms (Andrew W. Appel)
https://softwarefoundations.cis.upenn.edu/vfa-current/index.html

The SPARK reference manual (exact parts TBD)

https://docs.adacore.com/spark2014-docs/html/lrm/

The Why3 Platform (exact parts TBD) (François Bobot et al.)

http://why3.lri.fr/doc/

Programme

Programme:

This course is offered to regular students, and to PhD students. This is the first time this course has its own elective but I have taught it for the past ten years as part of other courses, and frequently for PhD students from ITU, DTU and KU.

Regardless of student level this is a difficult course with a heavy focus on logics and mathematics. It is not likely that students have come across large parts of the curriculum or the tools that we use (Coq and Spark ADA) before, so joint lectures make sense. The level of the mathematics required depends heavily on what type of software it is you want to prove correct. The weekly exercises in the reading material are substantial and can be trimmed to fit the level of the student.

The level of the course largely depends on the application of the curriculum and the tools we use. PhD students will leverage their previous degrees to formalise more advanced mathematics, and prove correctness of more complicated programs, than the other students. For PhD students this means in practice that:

They are not allowed to work in groups for the weekly assignment
The weekly assignments are larger and cover a wider curriculum than for the other students in order to prepare them for more advanced projects.
The mini-project requires that they verify a much more complicated data structure than the other students (red-black threes as opposed to binary search trees and/or insertion sort)
Their final larger project must be relevant to their research. This means that, unless the students happen to work in the same research group, the projects must be individual. Regardless, the scope of the project scales with the number of participants.

All lectures will have a 15-minute break. Exercise sessions allow students to take breaks as required.

Wednesday 2022-02-02: Basics/Induction

Wednesday 2022-02-09: Polymorphism and higher-order functions (weekly assignment 1)

Wednesday 2022-02-16: Logic in Coq (weekly assignment 2)

Wednesday 2022-02-23: Inductively Defined Propositions (weekly assignment 3)

Wednesday 2022-03-02: Induction Principles (weekly assignment 4)

Wednesday 2022-03-09: Curry-Howard and program extraction (weekly assignment 5)

mini-project start, (Software Foundations Volume 3)

Regular students: Insertion sort and/or binary search trees
PhD students: red-black trees

Wednesday 2022-03-16: Big-step operational semantics and Hoare Logic

Wednesday 2022-03-23: Automated proof assistants

Wednesday 2022-03-30: SPARK Ada: Verifying imperative programs (mini-project submission)

Wednesday 2022-04-06: The Why3 Platform (weekly submission 6)

Wednesday 2022-04-13: Spring break

Wednesday 2022-04-20: Project (weekly submission 7)

Project start

Wednesday 2022-04-27: Project

Wednesday 2022-05-04: Project

Wednesday 2022-05-11: Project

Wednesday 2022-05-18: Project

Wednesday 2022-05-25: Project submission LearnIT

Thursday 2022-06-16: Oral Exam

Friday 2022-06-17: Oral Exam

Prerequisites:

Functional Programming
Discrete Mathematics
Algorithms and Data Structures

Exam:

Project connected to their PhD thesis (most likely individual unless students come from the same research group)
Oral exam

Credits: 7.5 ECTS

Amount of hours the student is expected to use on the course:

Preparation for lectures: 10h

Lectures: 20h

Exercise sessions: 20h

Weekly Exercises (outside exercise sessions): 54h

Mini project: 30h

Main Project: 60h

Exam preparation: 10h

How to sign up:

Send email to Jesper Bengtson: bengtson@itu.dk