Timothy Alberdingk Thijm
Skip Abstract Section
Abstract
Monolithic control plane verification cannot scale to hyperscale network architectures with tens of thousands of nodes, heterogeneous network policies and thousands of network changes a day. Instead, modular verification offers improved scalability, reasoning over diverse behaviors, and robustness following policy updates. We introduce Timepiece, a new modular control plane verification system. While one class of verifiers, starting with Minesweeper, were based on analysis of stable paths, we show that such models, when deployed naïvely for modular verification, are unsound. To rectify the situation, we adopt a routing model based around a logical notion of time and develop a sound, expressive, and scalable verification engine.
Our system requires that a user specifies interfaces between module components. We develop methods for defining these interfaces using predicates inspired by temporal logic, and show how to use those interfaces to verify a range of network-wide properties such as reachability or access control. Verifying a prefix-filtering policy using a non-modular verification engine times out on an 80-node fattree network after 2 hours. However, Timepiece verifies a 2,000-node fattree in 2.37 minutes on a 96-core virtual machine. Modular verification of individual routers is embarrassingly parallel and completes in seconds, which allows verification to scale beyond non-modular engines, while still allowing the full power of SMT-based symbolic reasoning.
- Anubhavnidhi Abhashkumar, Aaron Gember-Jacobson, and Aditya Akella. 2020. Tiramisu: Fast multilayer network verification. In NSDI. USENIX Association, Santa Clara, CA, USA. 201–219. https://www.usenix.org/system/files/nsdi20-paper-abhashkumar.pdf
Google Scholar
- Anubhavnidhi Abhashkumar, Kausik Subramanian, Alexey Andreyev, Hyojeong Kim, Nanda Kishore Salem, Jingyi Yang, Petr Lapukhov, Aditya Akella, and Hongyi Zeng. 2021. Running BGP in Data Centers at Scale. In 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21). USENIX Association, USA. 65–81. isbn:978-1-939133-21-2 https://www.usenix.org/conference/nsdi21/presentation/abhashkumar
Google Scholar
- Mohammad Al-Fares, Alexander Loukissas, and Amin Vahdat. 2008. A Scalable, Commodity Data Center Network Architecture. In SIGCOMM. ACM, Seattle, WA, USA. 63–74. https://doi.org/10.1145/1402946.1402967
Google ScholarDigital Library
- Timothy Alberdingk Thijm and Ryan Beckett. 2023. Timepiece. https://github.com/alberdingk-thijm/Timepiece
Google Scholar
- Timothy Alberdingk Thijm and Ryan Beckett. 2023. Timepiece. https://zenodo.org/record/7799158
Google Scholar
- Timothy Alberdingk Thijm, Ryan Beckett, Aarti Gupta, and David Walker. 2022. Kirigami, the Verifiable Art of Network Cutting. In 2022 IEEE 30th International Conference on Network Protocols (ICNP). IEEE, Lexington, KY, USA. 1–12. https://doi.org/10.1109/ICNP55882.2022.9940333
Google ScholarCross Ref
- Timothy Alberdingk Thijm, Ryan Beckett, Aarti Gupta, and David Walker. 2022. Modular Control Plane Verification via Temporal Invariants. https://doi.org/10.48550/arXiv.2204.10303 arxiv:2204.10303.
Google Scholar
- Rajeev Alur and Thomas A Henzinger. 1999. Reactive modules. Formal methods in system design, 15, 1 (1999), 7–48. https://doi.org/10.1023/A:1008739929481
Google ScholarDigital Library
- Clark Barrett and Cesare Tinelli. 2018. Satisfiability modulo theories. In Handbook of model checking. Springer, Cham, Switzerland. 305–343. https://doi.org/10.1007/978-3-319-10575-8_11
Google ScholarCross Ref
- Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2017. A General Approach to Network Configuration Verification. In SIGCOMM. ACM, New York, NY, USA. 155–168. https://doi.org/10.1145/3098822.3098834
Google ScholarDigital Library
- Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2018. Control Plane Compression. In SIGCOMM. ACM, Budapest, Hungary. 476–489. isbn:978-1-4503-5567-4 https://doi.org/10.1145/3230543.3230583
Google ScholarDigital Library
- Ryan Beckett, Aarti Gupta, Ratul Mahajan, and David Walker. 2019. Abstract Interpretation of Distributed Network Control Planes. Proc. ACM Program. Lang., 4, POPL (2019), Article 42, dec, 27 pages. https://doi.org/10.1145/3371110
Google ScholarDigital Library
- Ryan Beckett and Ratul Mahajan. 2020. A General Framework for Compositional Network Modeling. In Proceedings of the 19th ACM Workshop on Hot Topics in Networks. Association for Computing Machinery, New York, NY, USA. 8–15. https://doi.org/10.1145/3422604.3425930
Google ScholarDigital Library
- Ryan Beckett, Ratul Mahajan, Todd Millstein, Jitendra Padhye, and David Walker. 2016. Don’T Mind the Gap: Bridging Network-wide Objectives and Device-level Configurations. In SIGCOMM. ACM, New York, NY, USA. 328–341. https://doi.org/10.1145/2934872.2934909
Google ScholarDigital Library
- Ryan Beckett, Ratul Mahajan, Todd Millstein, Jitu Padhye, and David Walker. 2017. Network Configuration Synthesis with Abstract Topologies. In PLDI. ACM, New York, NY, USA. 437–451. https://doi.org/10.1145/3062341.3062367
Google ScholarDigital Library
- Mihaela Gheorghiu Bobaru, Corina S. Pasareanu, and Dimitra Giannakopoulou. 2008. Automated Assume-Guarantee Reasoning by Abstraction Refinement. In CAV (Lecture Notes in Computer Science, Vol. 5123). Springer-Verlag, Berlin, Heidelberg. 135–148. https://doi.org/10.1007/978-3-540-70545-1_14
Google ScholarDigital Library
- CISCO. 2005. Using BGP Community Values to Control Routing Policy in Upstream Provider Network. https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/28784-bgp-community.html
Google Scholar
- Edmund M. Clarke, Orna Grumberg, Somesh Jha, Yuan Lu, and Helmut Veith. 2000. Counterexample-Guided Abstraction Refinement. In CAV. Springer, Berlin, Heidelberg. 154–169. https://doi.org/10.1007/10722167_15
Google ScholarCross Ref
- Jamieson M. Cobleigh, Dimitra Giannakopoulou, and Corina S. Pasareanu. 2003. Learning Assumptions for Compositional Verification. In Tools and Algorithms for the Construction and Analysis of Systems, TACAS, Proceedings (Lecture Notes in Computer Science, Vol. 2619). Springer, Berlin, Heidelberg. 331–346. https://doi.org/10.1007/3-540-36577-X_24
Google ScholarCross Ref
- Ariel Cohen and Kedar S. Namjoshi. 2007. Local Proofs for Global Safety Properties. In Computer Aided Verification (CAV), Proceedings (Lecture Notes in Computer Science, Vol. 4590). Springer, USA. 55–67. https://doi.org/10.5555/1519231.1519265
Google ScholarDigital Library
- Matthew L Daggitt, Alexander JT Gurney, and Timothy G Griffin. 2018. Asynchronous convergence of policy-rich distributed Bellman-Ford routing protocols. In SIGCOMM. ACM, Budapest, Hungary. 103–116. https://doi.org/10.1145/3230543.3230561
Google ScholarDigital Library
- Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In TACAS. Springer, Berlin, Heidelberg. 337–340. https://doi.org/10.1007/978-3-540-78800-3_24
Google ScholarCross Ref
- Ankush Desai, Amar Phanishayee, Shaz Qadeer, and Sanjit A. Seshia. 2018. Compositional programming and testing of dynamic distributed systems. PACMPL, 2, OOPSLA (2018), 159:1–159:30. https://doi.org/10.1145/3276529
Google ScholarDigital Library
- Karam Abd Elkader, Orna Grumberg, Corina S. Pasareanu, and Sharon Shoham. 2018. Automated circular assume-guarantee reasoning. Formal Aspects of Computing, 30, 5 (2018), 571–595. https://doi.org/10.1007/s00165-017-0436-0
Google ScholarDigital Library
- Seyed K. Fayaz, Tushar Sharma, Ari Fogel, Ratul Mahajan, Todd Millstein, Vyas Sekar, and George Varghese. 2016. Efficient Network Reachability Analysis using a Succinct Control Plane Representation. In OSDI. USENIX Association, Savannah, GA, USA. 217–232. https://dl.acm.org/doi/10.5555/3026877.3026895
Google Scholar
- Nick Feamster and Hari Balakrishnan. 2005. Detecting BGP Configuration Faults with Static Analysis. In NSDI. USENIX Association, USA. 43–56. https://doi.org/10.5555/1251203.1251207
Google ScholarDigital Library
- Cormac Flanagan and Shaz Qadeer. 2003. Thread-modular model checking. In International SPIN Workshop on Model Checking of Software. Springer, Berlin, Heidelberg. 213–224. https://doi.org/10.1007/3-540-44829-2_14
Google ScholarCross Ref
- Ari Fogel, Stanley Fung, Luis Pedrosa, Meg Walraed-Sullivan, Ramesh Govindan, Ratul Mahajan, and Todd Millstein. 2015. A General Approach to Network Configuration Analysis. In NSDI. USENIX Association, USA. 469–483. https://doi.org/10.5555/2789770.2789803
Google ScholarDigital Library
- Aaron Gember-Jacobson, Raajay Viswanathan, Aditya Akella, and Ratul Mahajan. 2016. Fast Control Plane Analysis Using an Abstract Representation. In SIGCOMM. ACM, USA. 300–313. https://doi.org/10.1145/2934872.2934876
Google ScholarDigital Library
- Dimitra Giannakopoulou, Kedar S Namjoshi, and Corina S Păsăreanu. 2018. Compositional reasoning. In Handbook of Model Checking. Springer, Cham, Switzerland. 345–383. https://doi.org/10.1007/978-3-319-10575-8_12
Google ScholarCross Ref
- Nick Giannarakis, Devon Loehr, Ryan Beckett, and David Walker. 2020. NV: An Intermediate Language for Verification of Network Control Planes. In PLDI. Association for Computing Machinery, New York, NY, USA. 958–973. isbn:9781450376136 https://doi.org/10.1145/3385412.3386019
Google ScholarDigital Library
- Timothy G. Griffin, F. Bruce Shepherd, and Gordon Wilfong. 2002. The Stable Paths Problem and Interdomain Routing. IEEE/ACM Trans. Networking, 10, 2 (2002), April, 232–243. https://ieeexplore.ieee.org/abstract/document/993304
Google ScholarDigital Library
- Timothy G. Griffin and Joäo Luís Sobrinho. 2005. Metarouting. In SIGCOMM. ACM, New York, NY, USA. 1–12. https://doi.org/10.1145/1080091.1080094
Google ScholarDigital Library
- Orna Grumberg and David E Long. 1994. Model checking and modular verification. ACM Transactions on Programming Languages and Systems (TOPLAS), 16, 3 (1994), 843–871. https://doi.org/10.1145/177492.177725
Google ScholarDigital Library
- Ashutosh Gupta, Corneliu Popeea, and Andrey Rybalchenko. 2011. Threader: A Constraint-Based Verifier for Multi-threaded Programs. In Computer Aided Verification (CAV). Proceedings (Lecture Notes in Computer Science, Vol. 6806). Springer, Berlin, Heidelberg. 412–417. https://doi.org/10.1007/978-3-642-22110-1_32
Google ScholarCross Ref
- Chris Hawblitzel, Jon Howell, Manos Kapritsos, Jacob R. Lorch, Bryan Parno, Michael L. Roberts, Srinath T. V. Setty, and Brian Zill. 2015. IronFleet: proving practical distributed systems correct. In SOSP. ACM, New York, NY, USA. 1–17. https://doi.org/10.1145/2815400.2815428
Google ScholarDigital Library
- C. Hedrick. 1988. Routing Information Protocol. Internet Request for Comments. https://datatracker.ietf.org/doc/html/rfc1058
Google Scholar
- Thomas A Henzinger, Shaz Qadeer, and Sriram K Rajamani. 1998. You assume, we guarantee: Methodology and case studies. In International Conference on Computer Aided Verification. Springer, Berlin, Heidelberg. 440–451. https://doi.org/10.1007/BFb0028765
Google ScholarCross Ref
- Thomas A. Henzinger, Shaz Qadeer, and Sriram K. Rajamani. 2000. Decomposing Refinement Proofs Using Assume-Guarantee Reasoning. In Proceedings of the 2000 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). IEEE Computer Society, San Jose, CA, USA. 245–252. https://doi.org/10.5555/602902.602958
Google ScholarDigital Library
- Thomas A. Henzinger, Shaz Qadeer, Sriram K. Rajamani, and Serdar Tasiran. 2002. An assume-guarantee rule for checking simulation. ACM Transactions on Programming Languages and Systems, 24, 1 (2002), 51–64. https://doi.org/10.1145/509705.509707
Google ScholarDigital Library
- Internet2. 2013. About Internet2. https://meetings.internet2.edu/media/medialibrary/2013/08/01/AboutInternet2.pdf
Google Scholar
- Karthick Jayaraman, Nikolaj Bjørner, Jitu Padhye, Amar Agrawal, Ashish Bhargava, Paul-Andre C Bissonnette, Shane Foster, Andrew Helwer, Mark Kasten, Ivan Lee, Anup Namdhari, Haseeb Niaz, Aniruddha Parkhi, Hanukumar Pinnamraju, Adrian Power, Neha Milind Raje, and Parag Sharma. 2019. Validating Datacenters at Scale. In SIGCOMM. Association for Computing Machinery, Beijing, China. 200–213. isbn:9781450359566 https://doi.org/10.1145/3341302.3342094
Google ScholarDigital Library
- Karthick Jayaraman, Nikolaj Bjørner, Jitu Padhye, Amar Agrawal, Ashish Bhargava, Paul-Andre C Bissonnette, Shane Foster, Andrew Helwer, Mark Kasten, Ivan Lee, Anup Namdhari, Haseeb Niaz, Aniruddha Parkhi, Hanukumar Pinnamraju, Adrian Power, Neha Milind Raje, and Parag Sharma. 2019. Validating Datacenters at Scale (Presentation at SIGCOMM 2019). https://conferences.sigcomm.org/sigcomm/2019/files/slides/paper_5_1.pptx
Google Scholar
- Ralf Jung, David Swasey, Filip Sieczkowski, Kasper Svendsen, Aaron Turon, Lars Birkedal, and Derek Dreyer. 2015. Iris: Monoids and Invariants as an Orthogonal Basis for Concurrent Reasoning. In POPL. ACM, New York, NY, USA. 637–650. https://doi.org/10.1145/2775051.2676980
Google ScholarDigital Library
- Peyman Kazemian, Michael Chang, Hongyi Zeng, George Varghese, Nick McKeown, and Scott Whyte. 2013. Real Time Network Policy Checking Using Header Space Analysis. In NSDI. USENIX Association, USA. 99–112. https://doi.org/10.5555/2482626.2482638
Google ScholarDigital Library
- Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey. 2013. VeriFlow: Verifying Network-Wide Invariants in Real Time. In NSDI. USENIX Association, USA. 15–28. https://doi.org/10.5555/2482626.2482630
Google ScholarDigital Library
- R. P. Kurshan. 1988. Reducibility in analysis of coordination. In Discrete Event Systems: Models and Applications (LNCIS, Vol. 103). Springer, Berlin, Heidelberg. 19–39. https://doi.org/10.1007/BFb0042302
Google ScholarCross Ref
- K Rustan M Leino. 2010. Dafny: An automatic program verifier for functional correctness. In International Conference on Logic for Programming Artificial Intelligence and Reasoning. Springer, Berlin, Heidelberg. 348–370. https://doi.org/10.1007/978-3-642-17511-4_20
Google ScholarCross Ref
- Alessio Lomuscio, Ben Strulo, Nigel Walker, and Peng Wu. 2010. Assume-guarantee reasoning with local specifications. In ICFEM. Springer, Berlin, Heidelberg. 204–219. https://doi.org/10.1007/978-3-642-16901-4_15
Google ScholarCross Ref
- Nuno P. Lopes, Nikolaj Bjørner, Patrice Godefroid, Karthick Jayaraman, and George Varghese. 2015. Checking Beliefs in Dynamic Networks. In NSDI. USENIX Association, Oakland, CA. 499–512. https://doi.org/10.5555/2789770.2789805
Google ScholarDigital Library
- Nuno P Lopes and Andrey Rybalchenko. 2019. Fast BGP simulation of large datacenters. In VMCAI. Springer, Cham, Switzerland. 386–408. https://doi.org/10.1007/978-3-030-11245-5_18
Google ScholarCross Ref
- K. Lougheed and Y. Rekhter. 1991. A Border Gateway Protocol 3 (BGP-3). Internet Request for Comments. https://datatracker.ietf.org/doc/html/rfc1267
Google Scholar
- Haojun Ma, Aman Goel, Jean-Baptiste Jeannin, Manos Kapritsos, Baris Kasikci, and Karem A. Sakallah. 2019. I4: incremental inference of inductive invariants for verification of distributed protocols. In SOSP. ACM, Huntsville, ON, Canada. 370–384. https://doi.org/10.1145/3341301.3359651
Google ScholarDigital Library
- Kenneth L. McMillan. 1997. A Compositional Rule for Hardware Design Refinement. In Computer Aided Verification (CAV), Proceedings (Lecture Notes in Computer Science, Vol. 1254). Springer, Berlin, Heidelberg. 24–35. https://doi.org/10.1007/3-540-63166-6_6
Google ScholarCross Ref
- Microsoft. 2021. Introduction to PLINQ. https://docs.microsoft.com/en-us/dotnet/standard/parallel-programming/introduction-to-plinq
Google Scholar
- Ron Miller. 2022. As overall cloud infrastructure market growth dips to 24%, AWS reports slowdown. https://techcrunch.com/2022/10/28/as-overall-cloud-infrastructure-market-growth-dips-to-24-aws-reports-slowdown/
Google Scholar
- Jayadev Misra and K. Mani Chandy. 1981. Proofs of Networks of Processes. IEEE Transactions on Software Engineering, 7, 4 (1981), 417–426. https://doi.org/10.1109/TSE.1981.230844
Google ScholarDigital Library
- J. Moy. 1998. Open Shortest Path First Protocol Version 2. Internet Request for Comments. https://datatracker.ietf.org/doc/html/rfc2328
Google Scholar
- D. Oran. 1990. OSI IS-IS Intra-domain Routing Protocol. Internet Request for Comments. https://datatracker.ietf.org/doc/html/rfc1142
Google Scholar
- Susan S. Owicki and David Gries. 1976. Verifying Properties of Parallel Programs: An Axiomatic Approach. Commun. ACM, 19, 5 (1976), 279–285. https://doi.org/10.1145/360051.360224
Google ScholarDigital Library
- Oded Padon, Kenneth L. McMillan, Aurojit Panda, Mooly Sagiv, and Sharon Shoham. 2016. Ivy: safety verification by interactive generalization. In PLDI. ACM, New York, NY, USA. 614–630. https://doi.org/10.1145/2908080.2908118
Google ScholarDigital Library
- Ivan Pepelnjak. 2018. Valley-Free Routing in Data Center Fabrics. https://blog.ipspace.net/2018/09/valley-free-routing-in-data-center.html
Google Scholar
- Amir Pnueli. 1984. In Transition From Global to Modular Temporal Reasoning about Programs. In Logics and Models of Concurrent Systems - Conference proceedings (NATO ASI Series, Vol. 13). Springer, Berlin, Heidelberg. 123–144. https://doi.org/10.1007/978-3-642-82453-1_5
Google ScholarCross Ref
- Santhosh Prabhu, Kuan Yen Chou, Ali Kheradmand, Brighten Godfrey, and Matthew Caesar. 2020. Plankton: Scalable network configuration verification through model checking. In NSDI. USENIX Association, Santa Clara, CA, USA. 953–967. isbn:9781939133137 https://doi.org/10.5555/3388242.3388310
Google ScholarDigital Library
- Ilya Sergey, James R. Wilcox, and Zachary Tatlock. 2018. Programming and proving with distributed protocols. Proceedings of ACM Programming Languages, 2, POPL (2018), 28:1–28:30. https://doi.org/10.1145/3158116
Google ScholarDigital Library
- SMT-LIB. 2010. ArraysEx. https://smtlib.cs.uiowa.edu/theories-ArraysEx.shtml
Google Scholar
- SMT-LIB. 2010. FixedSizeBitVectors. https://smtlib.cs.uiowa.edu/theories-FixedSizeBitVectors.shtml
Google Scholar
- SMT-LIB. 2010. Ints. https://smtlib.cs.uiowa.edu/theories-Ints.shtml
Google Scholar
- SMT-LIB. 2020. Unicode Strings. http://smtlib.cs.uiowa.edu/theories-UnicodeStrings.shtml
Google Scholar
- João Luís Sobrinho. 2005. An Algebraic Theory of Dynamic Network Routing. IEEE/ACM Trans. Netw., 13, 5 (2005), October, 1160–1173. https://ieeexplore.ieee.org/abstract/document/1528502
Google ScholarDigital Library
- Tom Strickx and Jeremy Hartman. 2022. Cloudflare outage on June 21, 2022. https://blog.cloudflare.com/cloudflare-outage-on-june-21-2022/
Google Scholar
- Alan Tang, Ryan Beckett, Karthick Jayaraman, Todd Millstein, and George Varghese. 2022. LIGHTYEAR: Using Modularity to Scale BGP Control Plane Verification. arxiv:2204.09635. arxiv:2204.09635
Google Scholar
- Brandon Vigliarolo. 2022. After config error takes down Rogers, it promises to spend billions on reliability. https://www.theregister.com/2022/07/25/canadian_isp_rogers_outage/
Google Scholar
- Konstantin Weitz. 2016. Getting Started With Bagpipe. http://www.konne.me/bagpipe/started.html
Google Scholar
- Konstantin Weitz, Doug Woos, Emina Torlak, Michael D. Ernst, Arvind Krishnamurthy, and Zachary Tatlock. 2016. Scalable Verification of Border Gateway Protocol Configurations with an SMT Solver. In OOPSLA. Association for Computing Machinery, New York, NY, USA. 765–780. isbn:9781450344449 https://doi.org/10.1145/2983990.2984012
Google ScholarDigital Library
- Jianan Yao, Runzhou Tao, Ronghui Gu, Jason Nieh, Suman Jana, and Gabriel Ryan. 2021. DistAI: Data-Driven Automated Invariant Learning for Distributed Protocols. In OSDI. USENIX Association, USA. 405–421. https://www.usenix.org/conference/osdi21/presentation/yao
Google Scholar
- Fangdan Ye, Da Yu, Ennan Zhai, Hongqiang Harry Liu, Bingchuan Tian, Qiaobo Ye, Chunsheng Wang, Xin Wu, Tianchen Guo, Cheng Jin, Duncheng She, Qing Ma, Biao Cheng, Hui Xu, Ming Zhang, Zhiliang Wang, and Rodrigo Fonseca. 2020. Accuracy, Scalability, Coverage: A Practical Configuration Verifier on a Global WAN. In SIGCOMM (SIGCOMM ’20). Association for Computing Machinery, New York, NY, USA. 599–614. https://doi.org/10.1145/3387514.3406217
Google ScholarDigital Library
- Peng Zhang, Aaron Gember-Jacobson, Yueshang Zuo, Yuhao Huang, Xu Liu, and Hao Li. 2022. Differential Network Analysis. In NSDI. USENIX Association, Renton, WA, USA. 601–615. https://www.usenix.org/conference/nsdi22/presentation/zhang-peng
Google Scholar
Index Terms
- Modular Control Plane Verification via Temporal Invariants
Recommendations
Procedure-modular verification of control flow safety properties
FTFJP '10: Proceedings of the 12th Workshop on Formal Techniques for Java-Like ProgramsThis paper describes a novel technique for fully automated procedure-modular verification of Java programs equipped with method-local and global assertions that specify safety properties of sequences of method invocations. Modularity of verification is ...
An automata-theoretic approach to modular model checking
In modular verification the specification of a module consists of two part. One part describes the guaranteed behavior of the module. The other part describes the assumed behavior of the system in which the module is interacting. This is called the ...
An Interface Theory for Program Verification
Leveraging Applications of Formal Methods, Verification and Validation: Verification PrinciplesAbstractProgram verification is the problem, for a given program and a specification , of constructing a proof of correctness for the statement “program satisfies specification ” () or a proof of violation ([inline-graphic not available: see fulltext]). ...
Comments