Los Alamos National Laboratory

Science >  LANL Institutes

National Security Education Center


Institute for Reliable High Performance Information Technology Software Engineering Talk

November 13, 2007
Time: 01:30 PM
Location: Study Center Jemez Room

Prospects for Intent-Based Software Assurance

Analysis, design intent, and assurance for concurrency
William L Scherlis, Carnegie Mellon University School of Computer Science Pittsburgh PA, USA



There is a new generation of analysis-based tools to assist programmers in assuring software at scale. These tools emphasize program properties that tend to defy traditional testing and inspection—typically properties that involve non-determinism or that may have a non-local character, in the sense that there may be no single place in the code associated with errors. Concurrency errors are the perfect storm of non-determinism and non-locality, and so have received attention from analysis and verification researchers for some time. Additionally, concurrency is of increasing importance because software exploitation of multicore processors is an emerging gateway to continued movement up the curve of Moore's Law.

In this talk, we survey some recent progress in advanced software assurance tools, with emphasis on concurrency, including both static and dynamic analysis. Our focus is on the effective exploitation of design intent to assist developers in achieving verification related to state consistency and thread confinement. We consider lock-based approaches, using both lexical-style locking, as with Java's "synchronized," and dynamic lock acquisition and release, as with Doug Lea’s java.util.concurrent library. We also consider policy-based approaches that avoid explicit locking, as used in most GUI frameworks and in many simulation and data management systems.

We summarize the results of a number of field trials in major commercial companies to assess our ideas related to adoptability by working developers and scalability to realistic large systems.


William L. Scherlis is professor in the School of Computer Science at Carnegie Mellon and director of CMU's Institute for Software Research. He leads CMU’s Fluid project on software assurance and evolution. Results from this project led to the Fall 2006 creation of SureLogic, a Carnegie Mellon spin-off. He led the High Dependability Computing Project (HDCP), in which CMU and five other universities worked with NASA to address long-term software dependability challenges. Dr. Scherlis completed a PhD at Stanford, a year at the University of Edinburgh as a John Knox Fellow, and an A.B. at Harvard. Scherlis chairs the National Research Council (NRC) study committee on defense software producibility and is a member of the NRC study committee on cybersecurity. He has testified before Congress regarding IT innovation and federal IT management, and he has been an advisor to major IT companies. He has served as program chair for conferences including ACM FSE and PEPM and has more than 70 scientific publications.

<< Back to calendar
Operated by Los Alamos National Security, LLC for the U.S. Department of Energy's NNSA
Inside | © Copyright 2008-09 Los Alamos National Security, LLC All rights reserved | Disclaimer/Privacy | Web Contact