Programming using Automata and Transducers

Course introductionCS703 Program verification and synthesisLoris DAntoni

1Introduce yourselfNameWhat yearWho do you work withWhat do you work onAny hobby

Example:Hi everyone, Im Loris DAntoni, Im a new professor here at UW (just came from UPenn). I work with many people and I do research in programming languages and formal methods.Among other things I like biking, playing volleyball, and performing magic tricks.2Logistics: Course structureTwo parts:Program verification (established topic)Program synthesis (new topic and recent papers)

For every lectureI will assign material to read before the lectureI will present the material in class and we will discuss it together

3Logistics: What do you have to do?30% : HW assignments there will be 3-4 problem sets40% : Research project10% : Paper reviews (only for second part of course)10% : Class participation10% : Project presentation4Logistics: Homework AssignmentsOn paper (please type them so I can read them)Have to be done individually

Submission detailsSend me an email with the solutionDue the midnight on the posted due dateLate penalty 10% of grade each day up to 4 days max5Logistics: ProjectMost important part of the course

Teams of 1 or 2 peopleExpectations commensurate with size of team

DeliverablesOct 2: Email me a list of 3 project ideasOct 16: Project proposalNov 1: Description of progress 1Nov 22: Description of progress 2Dec 7-14:Presentation to the classDec 15:Final write-up

6Logistics: What project to choose?Something that excites you!A theoretical problem (related to formal methods)Extend one of the models we studySynthesize some programming taskApply the concepts learnt in class to a new domain

Something you can show to other people later and brag about!If the project is good and new we can turn it into a research paper!7Logistics: When and WhereLecture: M-W 10.30-12 (ENGR 2345)Do you have any conflicts?Question: Friday and shorter semester?

Office hours:Thursdays 10.30-12 but in general just email meQuestions about HW assignments, project, material

Course websitepages.cs.wisc.edu/~loris/cs703.htmlI might setup something for paper reviews8What is this course about?910

Credit: S. A. SeshiaAriane disaster, 1996$500 million software failure

FDIV error, 1994$500 million

Estimated worst-case worm cost:> $50 billionBugs cost Time, Money, Lives, For many years researchers have been trying to improve programmers productivity by answering this question.How do we build reliable software?Given some piece of code we would like some techniques thatTell us whether our code does more or less what we intend it to do

The techniques developed towards this goal can be divided into 2 classes:Those that target general programs and try to answer questions such asAnd techniques that target restricted domains such asIn this domains one can try to build simpler but complete abstractions to perform powerful analysis10Solutions11Program verificationDoes my program do what it is supposed to do?Program synthesisCan you generate a program that does what I have in mind and does not contain bugs?Program verificationIn 4 slides12What is program verification?13

ProgramPropertyNo null pointer exception is ever triggeredVerifier

YESProofNOCounterexampleInputOutputUNDECIDABLEAre we screwed?Even the easiest verification problem is NP-Complete (SAT)14

Never give up15

Reasons behind success16Wonderful theoryEngineering effortsDomain-specific knowledgeWell see some in this classProgramming device driversMalware fingerprintingXML queryingRouter filteringSecurity protocolsString encoding

SAT solversSMT solversMicrosoftProgram synthesis17What is program synthesis?18

When someone says "I want a programming language in which I need only say what I wish done," give him a lollipop.-Allan Perlis 1982

What is software synthesisThe hubris is best captured by this quote from Allan Perlis from the early eighties.

Since then, and in particular in the last 8 years, the technology for synthesis has advanced a lot, but one could argue that Perlis quote is still current. Beyond a certain level of complexity, it is unreasonable to expect a synthesizer to derive from scratch algorithms that have taken years to develop by the best minds in our field.

In addition to the harness question, there was a second critique to the Dreams=>Programs agenda: dreams dont make very good specs. 19What is program synthesis?20User intentDomain knowledgeProgram can only use:Length(x), if(x)then y else z, x[i],Synthesizer

InputOutputProgram1 -> 0340 -> 300568 -> 500Function f(x){If(length(x)