VSTTE 2019

11th Working Conference on Verified Software: Theories, Tools, and Experiments

July 13-14, 2019, New York City, USA
Co-located with the 31th International Conference on Computer-Aided Verification (CAV 2019).


Submissions | Important Dates | Registration | Program | Invited Speakers | Program Chairs | Program Committee | Previous Editions

Overview

The goal of the VSTTE conference series is to advance the state of the art in the science and technology of software verification, through the interaction of theory development, tool evolution, and experimental validation.

The Verified Software Initiative (VSI), spearheaded by Tony Hoare and Jayadev Misra, is an ambitious research program for making large-scale verified software a practical reality. The Working Conference on Verified Software: Theories, Tools and Experiments (VSTTE) is the main forum for advancing the initiative. VSTTE brings together experts spanning the spectrum of software verification in order to foster international collaboration on the critical research challenges. The theoretical work includes semantic foundations and logics for specification and verification, and verification algorithms and methodologies. The tools cover specification and annotation languages, program analyzers, model checkers, interactive verifiers and proof checkers, automated theorem provers and SAT/SMT solvers, and integrated verification environments. The experimental work drives the research agenda for theory and tools by taking on significant specification/verification exercises covering hardware, operating systems, compilers, computer security, parallel computing, and cyber-physical systems.

We welcome submissions describing significant advances in the production of verified software, i.e., software that has been proved to meet its functional specifications. Submissions of theoretical, practical, and experimental contributions are equally encouraged, including those that focus on specific problems or problem domains. We are especially interested in submissions describing large-scale verification efforts that involve collaboration, theory unification, tool integration, and formalized domain knowledge. We also welcome papers describing novel experiments and case studies evaluating verification techniques and technologies.

Topics of interest for this conference include education, requirements modeling, specification languages, specification/verification/certification case studies, formal calculi, software design methods, automatic code generation, refinement methodologies, compositional analysis, verification tools (e.g., static analysis, dynamic analysis, model checking, theorem proving, satisfiability), tool integration, benchmarks, challenge problems, and integrated verification environments.

Work on diverse verification technologies, e.g., static analysis, dynamic analysis, model checking, theorem proving, satisfiability, are particularly encouraged.

Paper Submissions

VSTTE 2019 will accept both long (limited to 16 pages, references not included) and short (limited to 10 pages, references not included) paper submissions. Short submissions also cover Verification Pearls describing an elegant proof or proof technique. Submitted research papers and system descriptions must be original and not submitted for publication elsewhere. Each submission will be evaluated by at least three members of the Program Committee. We expect that one author of every accepted paper will present their work at the conference.

Download a PDF version of the call for papers.

Papers will be submitted via EasyChair at the VSTTE 2019 conference page . Submissions that arrive late, are not in the proper format, or are too long will not be considered. The post-conference proceedings of VSTTE 2019 will be published by Springer-Verlag in the LNCS series. Authors of accepted papers will be requested to sign a form transferring copyright of their contribution to Springer-Verlag. The use of LaTeX and the Springer llncs class files (http://www.springer.de/comp/lncs/authors.html) is strongly encouraged.

Preliminary Program

Saturday, July 13

9:00-10:00 Invited speaker: Antoine Miné, Sorbonne Université
Combinations of reusable abstract domains for a multilingual static analysis

Abstract: We discuss the design of MOPSA, an ongoing effort to design a novel semantic static analyzer by abstract interpretation. MOPSA strives to achieve a high degree of modularity and extensibility by considering value abstractions for numeric, pointer, objects, arrays, etc. as well as syntax-driver iterators and control-flow abstractions uniformly as domain modules, which offer a unified signature and loose coupling, so that they can be combined and reused at will. Moreover, domains can dynamically rewrite expressions, which simplifies the design of relational abstractions, encourages a design based on layered semantics, and enables domain reuse across different analyses and different languages. We present preliminary applications of MOPSA analyzing simple programs in subsets of the C and Python programming languages, checking them for run-time errors and uncaught exceptions.

Bio: Antoine Miné is a Professor of Computer Science at Sorbonne Université (Paris, France) and Institut Universitaire de France, and formerly a researcher at CNRS and École Normale Supérieure. His researches focus on improving the safety of software by developing static analysis and automated program verification methods based on the principles of abstract interpretation. He contributed to the design of Astrée, a static analyzer for C used in the embedded critical industry. He is now striving to extend the scope of sound semantic static analysis to more diverse software and programming languages, such as Python.

10:00-10:30 Coffee Break
Session 1
10:30-11:05 Yuepeng Wang, Shuvendu K. Lahiri, Shuo Chen, Rong Pan, Isil Dillig, Cody Born and Immad Naseer
Formal Verification of Workflow Policies for Smart Contracts in Azure Blockchain
11:05-11:40 Ákos Hajdu and Dejan Jovanović
solc-verify: A Modular Verifier for Solidity Smart Contracts
11:40-12:15 Mukesh Tiwari, Dirk Pattinson and Thomas Haines
Verifiable Homomorphic Tallying for the Schulze Vote Counting Scheme
12:30-14:30 Lunch Break
14:30-15:30 Invited speaker: Marsha Chechik, University of Toronto
Software Assurance in an Uncertain World

Abstract: From financial services platforms to social networks to vehicle control, software has come to mediate many activities of daily life. Governing bodies and standards organizations have responded to this trend by creating regulations and standards to address issues such as safety, security and privacy. In this environment, the compliance of software development to standards and regulations has emerged as a key requirement. Compliance claims and arguments are often captured in assurance cases, with linked evidence of compliance. Evidence can come from testcases, verification proofs, human judgement, or a combination of these. That is, we try to build (safety-critical) systems carefully according to well justified methods and articulate these justifications in an assurance case that is ultimately judged by a human. Yet software is deeply rooted in uncertainty making pragmatic assurance more inductive than deductive: most of complex open-world functionality is either not completely specifiable (due to uncertainty) or it is not cost-effective to do so, and deductive verification cannot happen without specification. Inductive assurance, achieved by sampling or testing, is easier but generalization from finite set of examples cannot be formally justified. And of course the recent popularity of constructing software via machine learning only worsens the problem. Then how can we successfully argue about safety and security of software under all this uncertainty, and without fully sound and complete methods? This talk will aim to tease apart the ultimately intertwined notions of argument and uncertainty in order to identify research opportunities to make progress with software assurance.

Bio: Marsha Chechik is Professor in the Department of Computer Science at the University of Toronto. She received her Ph.D. from the University of Maryland in 1996. Prof. Chechik’s research interests are in the application of formal methods to improve the quality of software. She has authored numerous papers in formal methods, software specification and verification, computer safety and security and requirements engineering. In 2002-2003, Prof. Chechik was a visiting scientist at Lucent Technologies in Murray Hill, NY and at Imperial College, London UK, and in 2013 – at Stonybrook University. She is a member of IFIP WG 2.9 on Requirements Engineering and an Associate Editor of Journal on Software and Systems Modeling. She is has been an associate editor of IEEE Transactions on Software Engineering 2003-2007, 2010-2013. She regularly serves on program committees of international conferences in the areas of software engineering and automated verification. Marsha Chechik has been Program Committee Co- Chair of the International Conference in Software Engineering (ICSE18). She has been a PC Co-Chair of the 2016 International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), the 2016 Working Conference on Verified Software: Theories, Tools, and Experiments (VSTTE16), the 2014 International Conference on Automated Software Engineering (ASE), Co-Chair of the 2008 International Conference on Concurrency Theory (CONCUR), PC Co-Chair of the 2008 International Conference on Computer Science and Software Engineering (CASCON), and PC Co-Chair of the 2009 International Conference on Formal Aspects of Software Engineering (FASE). She is a Member of ACM SIGSOFT and the IEEE Computer Society.

16:00-16:30 Coffee Break
Session 2
16:30-17:05 Sarah Grebing, Jonas Klamroth and Mattias Ulbrich
Seamless Interactive Program Verification
17:05-17:40 Benedikt Becker and Claude Marché
Ghost Code in Action: Automated Verification of a Symbolic Interpreter

Sunday, July 14

9:00-10:00 Invited speaker: Aarti Gupta, Princeton University
Verifying Network Control Planes

Abstract: The last decade has seen tremendous advances in applying formal methods to verification of computer networks. In this talk, I will describe two recent efforts that target network control planes, i.e., the complex distributed systems comprising various protocols for exchanging messages between routers and selecting paths for routing traffic. In the first effort, we develop a general-purpose, symbolic model of the network control and data planes that encodes the stable states of a network as a satisfying assignment to an SMT formula. Using this model, we show how to verify a wide variety of properties including reachability, fault-tolerance, router equivalence, and load balancing. Our second effort focuses on leveraging symmetry in control planes to find network abstractions that achieve compression in size while preserving many properties of interest. This is joint work with Ryan Beckett, Ratul Mahajan, and David Walker

Bio: Aarti Gupta is a Professor in the Department of Computer Science at Princeton University. She received a PhD in Computer Science from Carnegie Mellon University. Her research interests are in the areas of formal verification of programs and systems, automatic decision procedures, and electronic design automation. She has served on the technical program committees of many leading conferences and is currently serving on the Steering Committee of CAV (Computer Aided Verification) Conference. She is an ACM Fellow

10:00-10:30 Coffee Break
Session 3
10:30-11:05 Amol Wakankar, Paritosh Pandya and Raj Mohan Matteplackel
DCSynth: Guided Reactive Synthesis with Soft Requirements
11:05-11:40 Jonathan Homburg and Parasara Sridhar Duggirala
Incremental Minimization of Symbolic Automata
11:40-12:15 Rohit Dureja, Jianwen Li, Geguang Pu, Kristin Yvonne Rozier and Moshe Vardi
Intersection and Rotation of Assumption Literals Boosts Bug-Finding
12:30-14:30 Lunch Break
14:30-15:30 Invited speaker: Tevfik Bultan, University of California, Santa Barbara
Side Channel Analysis Using a Model Counting Constraint Solver and Symbolic Execution

Abstract: A crucial problem in computer security is detecting information leakage via side channels. Information gained by observing non-functional properties of program executions (such as execution time or memory usage) can enable attackers to infer secret information accessed by the program. In this talk, I will discuss how symbolic execution, combined with a model counting constraint solver, can be used for detecting and quantifying side-channel leakage in programs, and also for identifying input sequences that can be used to recover secrets. I will also discuss how we implemented this approach as an extension to the symbolic execution tool SPF using our model counting constraint solver ABC.

Bio: Tevfik Bultan is a professor in the Department of Computer Science at the University of California, Santa Barbara (UCSB). His research interests are in software verification, program analysis, software engineering, and computer security. He co-chaired the program committees of the 20th International Symposium on the Foundations of Software Engineering (FSE 2012), the 28th IEEE/ACM International Conference on Automated Software Engineering (ASE 2013), and the 41st ACM/IEEE International Conference on Software Engineering (ICSE 2019). He was the general chair of the 2017 ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2017). He has been an Associate Editor of the IEEE Transactions on Software Engineering (TSE) and the ACM Transactions on Software Engineering (TOSEM). He received a NATO Science Fellowship from the Scientific and Technical Research Council of Turkey (TUBITAK) in 1993, a Regents' Junior Faculty Fellowship from the University of California, Santa Barbara in 1999, a Faculty Early Career Development (CAREER) Award from the National Science Foundation in 2000, the ACM SIGSOFT Distinguished Paper Award and the Best Paper Award at the 20th IEEE/ACM International Conference on Automated Software Engineering (ASE 2005), the ACM SIGSOFT Distinguished Paper Award at the 29th IEEE/ACM International Conference on Automated Software Engineering (ASE 2014), and the UCSB Academic Senate Outstanding Graduate Mentor Award in 2016. He was recognized as an ACM Distinguished Scientist in 2016.

Session 4
15:30-16:05 Maxwell Shinn
Refinement type contracts for verification of scientific investigative software
16:05-16:30 Coffee Break

Important Dates

Registration

Registration to VSTTE is part of the CAV registration process. If you want to register only for VSTTE, proceed as follows:

  1. Log in to the registration site and click on Register Online button.
  2. Select Workshop - 2 Days button and click on Next page button.
  3. Select VSTTE both for Saturday and Sunday and click on Next page button.
  4. Continue with the registration process by providing personal data and credit card information

Invited Speakers and Tutorials

General Chair

Program Chairs

Program Committee

Previous Editions