Showing papers by "James Noble published in 2022"
TL;DR: Necessity is a language for specifying robustness, based on novel necessity operators capturing temporal implication, and a proof logic that derives explicit robustness specifications from functional specifications.
Abstract: Robust modules guarantee to do only what they are supposed to do – even in the presence of untrusted malicious clients, and considering not just the direct behaviour of individual methods, but also the emergent behaviour from calls to more than one method. Necessity is a language for specifying robustness, based on novel necessity operators capturing temporal implication, and a proof logic that derives explicit robustness specifications from functional specifications. Soundness and an exemplar proof are mechanised in Coq.
02 May 2022
TL;DR: The redeveloped software correctness course was redeveloped by taking a programming intensive approach, using the solver-aided language Dafny to provide instant formative feedback via automated assessment and resulted in the best evaluation for the course for at least ten years.
Abstract: . Formal methods for software correctness are critical to the future of software engineering — and so must be an essential part of software engineering education. Unfortunately, formal methods are often resisted by students due to perceived difficulty, mathematicity, and practical irrelevance. We redeveloped our software correctness course by taking a programming intensive approach, using the solver-aided language Dafny to provide instant formative feedback via automated assessment. Our redeveloped course increased student retention and resulted in the best evaluation for the course for at least ten years. Abstract Formal Modelling: We also considered taking an approach based on abstract formal modelling. High-level tools, such as TLA+ [33], Alloy Alloy [27] or SPIN [26], support reasoning and mechanised checking of systems’ properties, based on abstract models of those systems, rather than actual programming and source code. It is clear that these kinds of abstract formal models can play an important role in software engineering projects, at least in project’s the early stages,
TL;DR: In this article , the authors sketch how more "local" ownership could be added to Rust, permitting multiple mutable references to objects, provided each reference is bounded by the object's lifetime.
Abstract: . Rust successfully applies ownership types to control memory allocation. This restricts the programs’ topologies to the point where doubly-linked lists cannot be programmed in Safe Rust. We sketch how more flexible “local” ownership could be added to Rust, permitting multiple mutable references to objects, provided each reference is bounded by the object’s lifetime. To maintain thread-safety, locally owned objects must remain thread-local; to maintain memory safety, local objects can be deallocated when their owner’s lifetime expires.