Formal verification of software. Q&A session

Transcript

1. Rostislav Yavorskiy, Exactpro Head of Research VERIFICATION OF SMART CONTRACTS

   ON THE ETHEREUM BLOCKCHAIN Q&A session #1 Formal verification of software 11 April 2022

2. 2 Lecture slides questions and comments

3. 3 https://www.q-files.com/ Axiomatic method (verification proof engine) Users don’t have

   to know what’s inside. Yet that is fascinating!

4. Pros and Contras 4 Testing (by executing) Formal Verification Simple

   and straightforward Laborious and difficult Teachable and accessible Knowledgeable and competent Always applicable Domain formalization is necessary Never complete Convincing and complete Hardly reusable Prove once, use forever Definitely, one can reuse - bug reports - test cases - domain knowledge but not the testing results.

5. Proof of termination 5 A triple describes how the execution

   of a piece of code changes the state of the computation: precondition postcondition program Meaning: when the precondition is met, executing the command establishes the postcondition

6. Proof of termination ⦅p=a⦆ foo() ⦅p<a⦆ 6 then while(B){foo()} always

   terminates in at most p steps.

7. Proof of termination ⦅p=a⦆ foo() ⦅p<a⦆ 7 then while(B){foo()} always

   terminates in at most p steps. Decreasing integer parameter

8. Automated theorem provers 8 Name Developer(s) Implementation language Features Higher-orde

   r logic Dependent types Proof automation Code generation ACL2 Matt Kaufmann and J Strother Moore Common Lisp No Untyped Yes Executable Agda Ulf Norell, Nils Anders Danielsson, and Andreas Abel (Chalmers and Gothenburg) Haskell Yes Yes No Already executable Coq INRIA OCaml Yes Yes Yes Yes F* Microsoft Research and INRIA F* Yes Yes Yes Yes HOL Light John Harrison OCaml Yes No Yes No HOL4 Michael Norrish, Konrad Slind, and others Standard ML Yes No Yes Yes Isabelle Larry Paulson (Cambridge), Tobias Nipkow (München) and Makarius Wenzel Standard ML, Scala Yes No Yes Yes Lean Microsoft Research C++ Yes Yes Yes Un known LEGO Randy Pollack (Edinburgh) Standard ML Yes Yes No No Mizar Białystok University Free Pascal Partial Yes No No NuPRL Cornell University Common Lisp Yes Yes Yes Yes PVS SRI International Common Lisp Yes Yes Yes Un known

9. Automated theorem provers 9 Name Developer(s) Implementation language Features Higher-orde

   r logic Dependent types Proof automation Code generation ACL2 Matt Kaufmann and J Strother Moore Common Lisp No Untyped Yes Executable Agda Ulf Norell, Nils Anders Danielsson, and Andreas Abel (Chalmers and Gothenburg) Haskell Yes Yes No Already executable Coq INRIA OCaml Yes Yes Yes Yes F* Microsoft Research and INRIA F* Yes Yes Yes Yes HOL Light John Harrison OCaml Yes No Yes No HOL4 Michael Norrish, Konrad Slind, and others Standard ML Yes No Yes Yes Isabelle Larry Paulson (Cambridge), Tobias Nipkow (München) and Makarius Wenzel Standard ML, Scala Yes No Yes Yes Lean Microsoft Research C++ Yes Yes Yes Un known LEGO Randy Pollack (Edinburgh) Standard ML Yes Yes No No Mizar Białystok University Free Pascal Partial Yes No No NuPRL Cornell University Common Lisp Yes Yes Yes Yes PVS SRI International Common Lisp Yes Yes Yes Un known Next generation AI?

10. Proofs or counterexamples For all x holds P(x) is equivalent

    to Not exists x such that “not P(x)” holds 10

11. Proofs or counterexamples For all x holds P(x) is equivalent

    to Not exists x such that “not P(x)” holds So, in order to “find proof for P(x)” we ask “find model for not P(x)” 11

12. Proofs or counterexamples For all x holds P(x) is equivalent

    to Not exists x such that “not P(x)” holds So, in order to “find proof for P(x)” we ask “find model for not P(x)” 12 Proof by contradiction

13. 13 Theory test

14. https://forms.gle/Fz7GDqsTgfvfxEj76 Theory test #1

15. 15 Practical z3 task

16. 16 https://compsys-tools.ens-lyon.fr/z3 a, b, c are integer variables (a >

    0) & (b > 0) & (c > 0) & (a2 + b2 = c2) Check if exist values a, b, c which satisfy the constraint. If yes, provide a solution

17. The arithmetic constraint z3 task 17 • Check in Z3

    if for any integer x and y the following holds, or provide a counterexample: (2x + y > 3) and (x + y >2) → (y > -3) or (x > -3)

18. The arithmetic constraint z3 task 18 • Let’s prove it

    by contradiction. We try to find x, y such that “(2x + y > 3) and (x + y >2) → (y > -3) or (x > -3)” is false • Implication is false whenever the premise is correct and the conclusion is false. So, the counterexample has to fulfil the conditions: 2x + y > 3 x + y > 2 y ≤ -3 x ≤ -3

19. The arithmetic constraint z3 task 19 (declare-fun x () Int)

    (declare-fun y () Int) (assert (> (+ (* 2 x) y) 3)) (assert (> (+ x y) 2)) (assert (<= y -3)) (assert (<= x -3)) (check-sat) (get-model) 2x + y > 3 x + y > 2 y ≤ -3 x ≤ -3 https://compsys-tools.ens-lyon.fr/z3

20. Thank you! 20