Advancing Practical Specification Techniques for Modern Software Systems
                                  by
			  John L. Singleton

			     CS-TR-18-01

			    April 16, 2018

			       ABSTRACT

The pervasive nature of software (and the tendency for it to contain
errors) has long been a concern of theoretical computer
scientists. Many investigators have endeavored to produce theories,
tools, and techniques for verifying the behavior of software
systems. One of the most promising lines of research is that of formal
specification, which is a subset of the larger field of formal
methods.  In formal specification, one composes a precise mathematical
description of a software system and uses tools and techniques to
ensure that the software that has been written conforms to this
specification. Examples of such systems are Z notation, the Java
Modeling Language, and many others. However, a fundamental problem
that plagues this line of research is that the specifications
themselves are often costly to produce and difficult to reuse. If the
field of formal specification is to advance, we must develop sound
techniques for reducing the cost of producing and reusing software
specifications. The work presented in this dissertation lays out a
path to producing sophisticated, automated tools for inferring large,
complex code bases, tools for allowing engineers to share and reuse
specifications, and specification languages for specifying information
flow policies that can be written separately from program code. This
dissertation introduces three main lines of research. First, I discuss
a system that facilitates the authoring, sharing, and reuse of
software specifications. Next, I discuss a technique which aims to
reduce the cost of producing specifications by automatically inferring
them. Finally, I discuss a specification language called Evidently
which aims to make information flow security policies easier to write,
maintain, and enforce by untangling them from the code to which they
are applied.

Keywords: Deductive verification, Java Modeling Language,
specification inference, verification, formal methods, predicate
transformers, Strongarm, Spekl, Evidently, information flow
2013 CR Categories: D.2.4 [Software Engineering]
    Software/Program Verification — Formal methods, programming by contract;
    F.3.1 [Logics and Meanings of Programs]
    Specifying and Verifying and Reasoning about Programs—Assertions,
    logics of programs, pre- and post-conditions, specification techniques