Extended static checking (ESC) is a collective name in computer science for a range of techniques for statically checking the correctness of various program constraints.[1] ESC can be thought of as an extended form of type checking. As with type checking, ESC is performed automatically at compile time (i.e. without human intervention). This distinguishes it from more general approaches to the formal verification of software, which typically rely on human-generated proofs. Furthermore, it promotes practicality over soundness, in that it aims to dramatically reduce the number of false positives (overestimated errors that are not real errors, that is, ESC over strictness) at the cost of introducing some false negatives (real ESC underestimation error, but that need no programmer's attention, or are not targeted by ESC).[2][3] ESC can identify a range of errors that are currently outside the scope of a type checker, including division by zero, array out of bounds, integer overflow and null dereferences.
Extended static checkers typically operate by propagating strongest postconditions (respectively weakest preconditions) intraprocedurally through a method starting from the precondition (respectively postcondition). At each point during this process an intermediate condition is generated that captures what is known at that program point. This is combined with the necessary conditions of the program statement at that point to form a verification condition. An example of this is a statement involving a division, whose necessary condition is that the divisor be non-zero. The verification condition arising from this effectively states: given the intermediate condition at this point, it must follow that the divisor is non-zero. All verification conditions must be shown to be false (hence correct by means of excluded third) in order for a method to pass extended static checking (or "unable to find more errors"). Typically, some form of automated theorem prover is used to discharge verification conditions.
Extended static checking was pioneered in ESC/Modula-3[4] and, later, ESC/Java. Its roots originate from more simplistic static checking techniques, such as static debugging[5] or lint and FindBugs. A number of other languages have adopted ESC, including Spec# and SPARKada and VHDL VSPEC. However, there is currently no widely used software programming language that provides extended static checking in its base development environment.
^C. Flanagan, K.R.M. Leino, M. Lillibridge, G. Nelson, J. B. Saxe and R. Stata. "Extended static checking for Java". In Proceedings of the Conference on Programming Language Design and Implementation, pages 234-245, 2002. doi: http://doi.acm.org/10.1145/512529.512558
^Babic, Domagoj; Hu, Alan J. (2008). Calysto: Scalable and Precise Extended Static Checking. Proceedings of the International Conference on Software Engineering (ICSE). ACM Press. doi:10.1145/1368088.1368118.
^Rustan, K.; Leino, M.; Nelson, Greg (1998). "An extended static checker for modula-3". Lecture Notes in Computer Science - International Conference on Compiler Construction. Springer. pp. 302–305. doi:10.1007/bfb0026441. ISBN978-3-540-64304-3. ISSN 0302-9743.
^Flanagan, Cormac; Flatt, Matthew; Krishnamurthi, Shriram; Weirich, Stephanie; Felleisen, Matthias (1996). "Catching bugs in the web of program invariants" (PDF). ACM SIGPLAN Notices. 31 (5). Association for Computing Machinery (ACM): 23–32. doi:10.1145/249069.231387. ISSN 0362-1340.
Further readingedit
Cormac Flanagan; K. Rustan M. Leino, Mark Lillibridge, Greg Nelson, James B. Saxe, Raymie Stata (2002). "Extended static checking for Java". Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation. p. 234. doi:10.1145/512529.512558. ISBN978-1581134636. S2CID 47141042.{{cite book}}: CS1 maint: multiple names: authors list (link)
Babic, Domagoj; Hu, Alan J. (2008). "Calysto". Proceedings of the 13th international conference on Software engineering - ICSE '08. p. 211. doi:10.1145/1368088.1368118. ISBN9781605580791. S2CID 62868643.
Chess, B.V. (2002). "Improving computer security using extended static checking". Proceedings 2002 IEEE Symposium on Security and Privacy. pp. 160–173. CiteSeerX10.1.1.15.2090. doi:10.1109/SECPRI.2002.1004369. ISBN978-0-7695-1543-4. S2CID 12067758.
Rioux, Frédéric; Chalin, Patrice (2006). "Improving the Quality of Web-based Enterprise Applications with Extended Static Checking: A Case Study". Electronic Notes in Theoretical Computer Science. 157 (2): 119–132. doi:10.1016/j.entcs.2005.12.050. ISSN 1571-0661.
James, Perry R.; Chalin, Patrice (2009). "Faster and More Complete Extended Static Checking for the Java Modeling Language". Journal of Automated Reasoning. 44 (1–2): 145–174. CiteSeerX10.1.1.165.7920. doi:10.1007/s10817-009-9134-9. ISSN 0168-7433. S2CID 14996225.
Xu, Dana N. (2006). "Extended static checking for haskell". Proceedings of the 2006 ACM SIGPLAN workshop on Haskell. p. 48. CiteSeerX10.1.1.377.3777. doi:10.1145/1159842.1159849. ISBN978-1595934895. S2CID 1340468.
Leino, K. Rustan M. (2001). "Extended Static Checking: A Ten-Year Perspective". Informatics. Lecture Notes in Computer Science. Vol. 2000. pp. 157–175. doi:10.1007/3-540-44577-3_11. ISBN978-3-540-41635-7.
Detlefs, David L.; Leino, K. Rustan M.; Nelson, Greg; Saxe, James B. (1998). "Extended Static Checking". Compaq SRC Research Report (159).
April 12, 2024
extended, static, checking, collective, name, computer, science, range, techniques, statically, checking, correctness, various, program, constraints, thought, extended, form, type, checking, with, type, checking, performed, automatically, compile, time, withou. Extended static checking ESC is a collective name in computer science for a range of techniques for statically checking the correctness of various program constraints 1 ESC can be thought of as an extended form of type checking As with type checking ESC is performed automatically at compile time i e without human intervention This distinguishes it from more general approaches to the formal verification of software which typically rely on human generated proofs Furthermore it promotes practicality over soundness in that it aims to dramatically reduce the number of false positives overestimated errors that are not real errors that is ESC over strictness at the cost of introducing some false negatives real ESC underestimation error but that need no programmer s attention or are not targeted by ESC 2 3 ESC can identify a range of errors that are currently outside the scope of a type checker including division by zero array out of bounds integer overflow and null dereferences The techniques used in extended static checking come from various fields of computer science including static program analysis symbolic simulation model checking abstract interpretation SAT solving and automated theorem proving and type checking Extended static checking is generally performed only at an intraprocedural rather than interprocedural level in order to scale to large programs 2 Furthermore extended static checking aims to report errors by exploiting user supplied specifications in the form of pre and post conditions loop invariants and class invariants Extended static checkers typically operate by propagating strongest postconditions respectively weakest preconditions intraprocedurally through a method starting from the precondition respectively postcondition At each point during this process an intermediate condition is generated that captures what is known at that program point This is combined with the necessary conditions of the program statement at that point to form a verification condition An example of this is a statement involving a division whose necessary condition is that the divisor be non zero The verification condition arising from this effectively states given the intermediate condition at this point it must follow that the divisor is non zero All verification conditions must be shown to be false hence correct by means of excluded third in order for a method to pass extended static checking or unable to find more errors Typically some form of automated theorem prover is used to discharge verification conditions Extended static checking was pioneered in ESC Modula 3 4 and later ESC Java Its roots originate from more simplistic static checking techniques such as static debugging 5 or lint and FindBugs A number of other languages have adopted ESC including Spec and SPARKada and VHDL VSPEC However there is currently no widely used software programming language that provides extended static checking in its base development environment See also editJava Modeling Language JML References edit C Flanagan K R M Leino M Lillibridge G Nelson J B Saxe and R Stata Extended static checking for Java In Proceedings of the Conference on Programming Language Design and Implementation pages 234 245 2002 doi http doi acm org 10 1145 512529 512558 a b Extended Static Checking UWTV Retrieved 2012 02 01 permanent dead link Babic Domagoj Hu Alan J 2008 Calysto Scalable and Precise Extended Static Checking Proceedings of the International Conference on Software Engineering ICSE ACM Press doi 10 1145 1368088 1368118 Rustan K Leino M Nelson Greg 1998 An extended static checker for modula 3 Lecture Notes in Computer Science International Conference on Compiler Construction Springer pp 302 305 doi 10 1007 bfb0026441 ISBN 978 3 540 64304 3 ISSN 0302 9743 Flanagan Cormac Flatt Matthew Krishnamurthi Shriram Weirich Stephanie Felleisen Matthias 1996 Catching bugs in the web of program invariants PDF ACM SIGPLAN Notices 31 5 Association for Computing Machinery ACM 23 32 doi 10 1145 249069 231387 ISSN 0362 1340 Further reading editCormac Flanagan K Rustan M Leino Mark Lillibridge Greg Nelson James B Saxe Raymie Stata 2002 Extended static checking for Java Proceedings of the ACM SIGPLAN 2002 conference on Programming language design and implementation p 234 doi 10 1145 512529 512558 ISBN 978 1581134636 S2CID 47141042 a href Template Cite book html title Template Cite book cite book a CS1 maint multiple names authors list link Babic Domagoj Hu Alan J 2008 Calysto Proceedings of the 13th international conference on Software engineering ICSE 08 p 211 doi 10 1145 1368088 1368118 ISBN 9781605580791 S2CID 62868643 Chess B V 2002 Improving computer security using extended static checking Proceedings 2002 IEEE Symposium on Security and Privacy pp 160 173 CiteSeerX 10 1 1 15 2090 doi 10 1109 SECPRI 2002 1004369 ISBN 978 0 7695 1543 4 S2CID 12067758 Rioux Frederic Chalin Patrice 2006 Improving the Quality of Web based Enterprise Applications with Extended Static Checking A Case Study Electronic Notes in Theoretical Computer Science 157 2 119 132 doi 10 1016 j entcs 2005 12 050 ISSN 1571 0661 James Perry R Chalin Patrice 2009 Faster and More Complete Extended Static Checking for the Java Modeling Language Journal of Automated Reasoning 44 1 2 145 174 CiteSeerX 10 1 1 165 7920 doi 10 1007 s10817 009 9134 9 ISSN 0168 7433 S2CID 14996225 Xu Dana N 2006 Extended static checking for haskell Proceedings of the 2006 ACM SIGPLAN workshop on Haskell p 48 CiteSeerX 10 1 1 377 3777 doi 10 1145 1159842 1159849 ISBN 978 1595934895 S2CID 1340468 Leino K Rustan M 2001 Extended Static Checking A Ten Year Perspective Informatics Lecture Notes in Computer Science Vol 2000 pp 157 175 doi 10 1007 3 540 44577 3 11 ISBN 978 3 540 41635 7 Detlefs David L Leino K Rustan M Nelson Greg Saxe James B 1998 Extended Static Checking Compaq SRC Research Report 159 Retrieved from https en wikipedia org w index php title Extended static checking amp oldid 1177776019, wikipedia, wiki, book, books, library,
