tags:

views:

118

answers:

6
+7  Q: 

Languages specifically designed to make static verification easier

A lot of languages (perhaps all of them) are designed to make writing programs easier. They all have different domains, and aim to simplify developing programs in these domains (C makes developing low-level programs easier, Java makes developing complex business logic easier, et al.). Perhaps other purposes are sacrificed in sake of writing and maintaining programs in an easier, more natural, less error-prone way.

Are there any languages specifically designed to make verification of source code--i.e. static analysis--easier? Of course, capability to write common programs for modern machines should also persist.

+4  A: 

One of the design goals of Ada was to support a certian amount of formal verification. It was moderately successful, but verification didn't exactly take off like they were hoping. Luckily Ada is good for far more than that. Sadly, that hasn't helped it much either...

There's an Ada subset called Spark that keeps this alive today. Praxis sells a development suite built around it.

T.E.D.  2010-07-02 18:19:52
A: 

There is SAIL, the Static Analysis Intermediate Language or Flexibo

jdehaan  2010-07-02 18:21:11
The purpose of "Inermediate languages" is usually to mediate between different "production languages" and verification tools. This doesn't make verification any better, since it doesn't constrain the original programs in any way.
Pavel Shved  2010-07-02 19:11:30
A: 

I haven’t used it myself, so I can’t speak with any authority, but I understand that the Eiffel programming language was designed to use Code by Contracts, which would make static analysis much easier. I don’t know if that counts or not.

Jeffrey L Whitledge  2010-07-02 18:25:51
Specifying contracts is related (and, perhaps, required), but is not sufficient for the language(s) I ask about.
Pavel Shved  2010-07-02 18:55:25
+1  A: 

Are there any languages specifically designed to make verification of source code easier?

This was a vague goal of both the CLU and ML languages, but the only language design I know that takes static verification really seriously is Spark Ada.

Dijkstra's language of guarded commands (as described in Discipline of Programming) was designed to support static verification, but it was explicitly not supposed to be implemented.

Gerard Holzmann's Promela language was also designed for static analysis by the model checker SPIN, but again it's not executable.

Norman Ramsey  2010-07-02 22:59:31
+1  A: 

One has two problems in "making verification of source code easier". One is languages in which you don't do gross things such as arbitrary cases (such as C). Another is specifying what you want to verify, for that you need a good assertions languages.

While many languages have proposed such assertions languages, I think the EDA community has been pushing the envelope most effectively with temporal specifications. The "Property Specification Language" is a standard; you can learn more from P1850 Standard for PSL: Property Specification Language (IEEE-1850). One idea behind PSL is that you can add it to existing EDA languages; I think the EDA community has been incorporating into the EDA langauges as time goes by.

I've often wished for something like PSL to embed in conventional computer software.

Ira Baxter  2010-07-02 23:10:26
A: 

Auditors in the E language provide a built-in means of writing code analyses within the language itself and requiring that some section of code pass some static check. You might also be interested in the related-work part of the paper.

Darius Bacon  2010-07-11 23:56:42

related questions

Checkstyle vs. PMD
Coverity for Java static analysis
How to setup VS2008 for efficient C++ development
How to find unused attributes/methods in Visual C++ 2008
What open source C++ static analysis tools are available?
Tool to optimize C# using statements?
What is effect of "__callback" SAL annotation?
Using Pylint with Django
How do you count your Lines of Code?
Can Resharper be set to warn if IDisposable not handled correctly?
Code Analysis In Python
Static Analysis tool recommendation for Java?
C++ static code analysis tool on Windows
Maven plugins for javascript
A static analysis project/product with rules for enforcing Effective Java advice?
What is stopping you from using static analysis tools?
Integrating static analysis tools with each other?
Race Condition Analysers for .NET
What is static code analysis?
How to start using ndepend?
What static analysis tools are available for C#?
Are there any static analysis tools for Python?
How does one implement FxCop / static analysis on an existing code base
Any good java source code analyzing and modifying libraries?
What code analysis tools do you use for your Java projects?