CS250r :  Topics in Programming Language Design and Implementation

The focus of CS250r for Spring 2007 is on integrating specification and verification into programming langauge environments.  Our goal is to study proposed extensions to programming languages that move beyond standard type-checking to provide greater degrees of assurance.  Some proposals, such as dynamic contracts, are relatively simple but extremely effective.  Others, such as the application of dependent type theory, provide an impressive range of power, but are perhaps too difficult for the average programmer to effectively utilize.  Still others, such as the work on extended static checking, seem to strike a middle ground, sacrificing expressiveness for increased automation. 

Students need a firm grounding in programming languages (CS152) and ideally, programming language implementation (CS153).  Class time will be spent discussing papers.  Students will be required to present one of the papers shown below in class, and lead discussion regarding the paper.  Students will also be required to (a) design and implement one of the extensions discussed in class, and (b) put together a poster and presentation on the project, and (c) write a final report on the extension area. 

Homeworks:

• Reading for Tue, Feb 27: Specification and verification challenges for sequential object-oriented programs and also Extended Static Checking for Java.
• Reading for Thu, Mar 1: The Spec# programming system: An overview and also The Spec# programming system:  Challenges and directions.
• Reminder:  there will e no class on Tue, Mar 6.
• Reading for Thu, Mar 8:   Boogie: A Modular Reusable Verifier for Object-Oriented Programs.
  
• Reading for Tue, Mar 13:  Dependent Types in Practical Programming,
• Reading for Thu, Mar 15:  ATSLF:  A Type System for Constructing Proofs as Total Functional Programs
• Reading for Tue, Mar 20:  Polymorphism and Separation in Hoare Type Theory
• Mar 22:  project proposal is due
• Tue, Apr 3:  continued discussion of Ynot and Separation Logic
• Thu, Apr 5: Concoqtion:  Indexed types now!
  
• Tue, Apr 10:  Type-Level Computation Using Narrowing in Omega.
• Thu, Apr 12:  Verification of Non-Functional Programs Using Interpretations in Type Theory
• Tue, Apr 17:  Simplify:  A theorem prover for program checking.
• Thu, Apr 19:  Smallfoot: Modular Automatic Assertion Checking with Separation Logic.
• for background on separation logic, you might read the notes of John Reynolds and his original LICS'02 survey.
  
• Tue, Apr 24:  Resources, Concurrency and Local Reasoning
• Thu, Apr 26:  project updates
  

Some of the Papers to Prefetch and Read:

• Contracts
• An Axiomatic Basis for Computer Programming, C.A.R. Hoare, CACM 12(10):576-585, October 1969.
  
• Design by Contract:  The Lessons of Ariane,  Jean-Marc Jézéquel and Bertrand Meyer, IEEE Computer 30(2):129-130.
  
• A Practical Approach to Programming with Assertions.  D.S. Rosenblum, IEEE Trans. on Software Engineering, 21(1):19-31, Jan 1995.
• Design by Contract with JML.  Gary T. Leavens and Yoonsik Cheon.
• Preliminary Design of JML  A Behavioral Interface Specification Language for Java.  Gary T. Leavens, Albert L. Baker, and Clyde Ruby, ACM SIGSOFT Software Engineering Notes, 31(3):1-38, March 2006.
  
• Contracts for Higher-Order Functions.  Robert B. Findler and Matthias Felleisen, ICFP 2002, Pittsburgh, PA, pp 48-59.
• Hybrid Type Checking.  Cormac Flanagan, POPL 2006, Charleston, SC, pp 245-256.
  
• Extended Static Checking
• Specification and verification challenges for sequential object-oriented programs. Gary T. Leavens, K. Rustan M. Leino, and Peter Müller.  To appear, Formal Aspects of Computing.
• The Spec# programming system: An overview.  Mike Barnett, K. Rustan M. Leino, and Wolfram Schulte.
  In CASSIS 2004 post-proceedings.
• The Spec# programming system:  Challenges and directions.  Mike Barnett, Robert DeLine, Bart Jacobs, Manuel Fähndrich, K. Rustan M. Leino, Wolfram Schulte, and Herman Venter.
• Boogie: A Modular Reusable Verifier for Object-Oriented Programs.  Mike Barnett, Bor-Yuh Evan Chang, Robert DeLine, Bart Jacobs, and K. Rustan M. Leino.  FMCO 2005.
• Verification of Non-Functional Programs Using Interpretations in Type Theory.  Jean-Christophe Filliatre, JFP 13(4):709-745, July 2003. 
  
• Static Extended Checking for Cyclone
• Static Extended Checking for Haskell
  
• Provers for Extended Static Checking
  
• Proof Generation in the Touchstone Theorem Prover, George C. Necula, Peter Lee. In Proceedings of the 17th International Conference on Automated Deduction, Pittsburgh, 13 June 2000.
• Simplification by Cooperating Decision Procedures. Greg Nelson, Derek C. Oppen.  ACM Trans. Program. Lang. Syst. 1(2): 245-257 (1979)
• Simplify:  A theorem prover for program checking.  Technical Report HPL-2-3-148, HP Laboratories, Palo Alto, CA 2003.
• Implementing an Efficient Theorem Prover, Alexandre Riazanov, Ph.D Thesis, University of Manchaster, 2003.
• Deconstructing Shostak, Harald Rueß & Dr. Natarajan Shankar, LICS 2001.
  
• Dependently-Typed Programming Languages
• First-Class Phantom Types, James Cheney and Ralf Hinze.  Cornell Technical Report TR2003-1901.
  
• Why Dependent Types Matter, Thorsten Altenkirch, Conor McBride, and James McKinna. 
  
• Dependent Types in Practical Programming, Hongwi Xi and Frank Pfenning, POPL 1999, pp 214-227.
  
• Cayenne --- A Language with Dependent Types, Lennart Augustsson, ICFP 1998, pp.239--250.
• ATSLF:  A Type System for Constructing Proofs as Total Functional Programs, Chiyan Chen and Hongwei Xi, December 2004.
• Formal Certification of a Compiler Back-End or:  Programming a Compiler with a Proof Assistant.  Xavier Leroy, POPL 2006, Charleston, SC. 
  

Some Notes from Class:

• Static Extended Checking for Cyclone
• Ynot

Example projects ideas:

• Implement a Nelson-Oppen-style, witness-producing theorem prover.
• Construct an ESC-X for your favorite language X which generates verification conditions given specifications.
• Implement a contract extension to your favorite language X.
• Implement a decision procedure for a restricted logic.