This course provides a hands-on introduction to formal methods for software engineering. The purpose of formal methods is to enable the construction of highly reliable software. Their foundation is the precise specification of run-time properties that a software system is expected to satisfy. Formal methods are concerned with specifications that are precise for being stated in languages endowed with a formal syntax, semantics, and theory. Formality helps the specification process in at least two ways:
As we will see, formal specification techniques allow for the construction of highly automated verification tools that help software developers analyze specifications and corresponding code, looking for errors in requirements, models, designs, and implementations.
In this course, we will study a collection of techniques for formal software development, spanning the whole development process: from high-level semantic modeling to coding and debugging. The study will not be done in the abstract, however, but through the use of actual tools supporting these techniques.
Students should be prepared to put in considerable time and effort into reading to become familiar with the course's topics, and into homework and exercises to gain experience with the techniques seen in class.
Tue and Thu, 3:30am - 4:45pm, Zoom Room 929 5320 5161 (password available on ICON and Piazza)
Prof. Cesare Tinelli (instructor)
(319) 335-0735
cesare-tinelli + @ + uiowa.edu
Office hours: Zoom Room 884 316 858, Mon 3:15pm-4:45pm, Wed 11:30am-12:30pm, and by appointment.
Andrew Marmaduke (TA)
andrew-marmaduke + @ + uiowa.edu
Office hours: Zoom Room 940 1380 1505, Mon, Fri 1:00pm-2:00pm, Thu 11:00am-12:00noon, and by appointment.
CS:2810 or ECE:3330, or equivalent.
Most of the information about the class, including handouts and assignments, will be available from the class web site:
We will also use Piazza, a class discussion service, for announcements, questions and discussions, and ICON for homework submissions and grade posting. Lectures will be recorded and recordings will be available to registered students on UICapture.
Note that lecture recordings are the intellectual property of the instructor, and they may not be shared, reproduced, or uploaded to any online environment without the explicit, written consent of the instructor. Doing so is a breach of the Code of Student Conduct and, in some cases, a violation of the Federal Education Rights and Privacy Act (FERPA).
Students are expected to check both the class web site and the Piazza discussion board on a regular basis (at least every other day) for announcements regarding the course.
The required textbook for this course is Program Proofs by Rustan Leino. The book has not been published yet. However, a draft of the book is available in paper back format at lulu.com at a moderate price. Please make sure you order it as soon possible. You will need it for the second half of the class.
For the first half have we will use a variety of reading materials all of which will be made available through the course web site. This includes several papers on formal software specification and verification, a number of papers on how to use the specification/verification tools adopted in the course, and various class notes and handouts.
The formalisms used in this class are ultimately based on propositional logic and on first-order logic (aka, predicate calculus). Links to background reading material on that will also be available on the course website.
You may need to use your account on the CS remote servers which have a working installation of some of the software tools used in this course. Instructions on how to access those machines, on-site or remotely, and use the installed software will be provided on the course website.
Alternatively, you are welcome to use your own computer for course work but you are responsible for installing any necessary software. We regret that will not be able to provide assistance for any problems with your own installation.
Several exercises will be given during the course of the semester, some of them during lecture, covering the material from the readings and the lectures. These exercises are required but will not be collected or graded.
For each main topic there will be two graded homework assignments: an introductory assignment and a graded mini-project, both to be done in teams of 2 people. Every team member will be expected to be involved in all aspects of an assignment (no dividing up the work). The whole team is responsible for the work submitted. Although the work is shared, each students will received an individualized grade. Team members will be asked to submit an evaluation of how well they and their teammates performed as team members. Each evaluation is confidential and will be be incorporated into the calculation of the individual grade.
Each student is responsible for contacting other students and form a team. The discussion forum on Piazza can be use to establish initial contacts. It is okay to form different teams for each assignment/project. Teams of 1 are accepted but not encouraged. In particular, no reduction of work will be granted to them.
There will be one midterm exam and one final exam. The midterm will be held during class time. The final exam will be held during exam week as per university schedule. Both exams will be online and will use the Respondus LockDown Browser.
The weighting of items in grade determination will be the following:
| Item | Weight |
|---|---|
| Intro Assignments | 15% |
| Mini Projects | 20% |
| Midterm | 30% |
| Final Exam | 35% |
The following cutoffs will be used to determine letter grades. In the ranges below, x stands for your total score at the end of the semester. Final scores near a cutoff will be individually considered for the next higher grade. Plus(+) and minus(-) grades will also be given; their cutoffs will be determined at the end of the semester.
| Score | Grade |
|---|---|
| 88 <= x < 100 | A |
| 75 <= x < 88 |
B |
| 60 <= x < 75 | C |
| 50 <= x < 60 | D |
| 00 <= x < 50 | F |
Grades are not curved in this course. It is theoretically possible for everyone in the class to get an A (or an F). Your final grade depends only on your own final score and not on that of others.
The University of Iowa expects students to set high academic standards vfor themselves and work hard towards achieving them. You can achieve true academic excellence only through dedicated work. An average workload of 6 hours a week besides class attendance should be considered the norm for this course. More effort might be needed depending on your background, predisposition and academic ambition.
Academic dishonesty will not be tolerated. In particular, under no circumstances should you pass off someone else's work as your own. This also applies to code or other material that you might find on the Internet.
Graded Homework:
Sharing solutions of graded homework (assignments and project) between teams
or copying someone else's work,
including posted solutions from previous editions of the course,
is not allowed.
Doing that will result in a zero on the assignment
and a report to the CS Department's chair and the College.
You are allowed and encouraged to discuss with students in other teams concepts
and ideas that relate to the class and the homework assignments.
However, it is important to ensure that these discussions do not lead
to the actual exchange of written material.
All members of a team are responsible for the submitted team work and
will be disciplined equally in case of academic dishonesty.
So make sure you are fully aware of what is being submitted
if you are not the submitter.
Exams: The midterm and final exams are individual tests. Each student must complete them without any help from others. Exam answers showing strong similarities and/or duplication will receive a fail grade and the students involved will be reported to the Department and the College.
If you are unclear about what constitutes academic dishonesty bit is your responsibility to contact the instructors or consult the CLAS policy (online version). Be aware that repeated academic dishonesty offenses lead to suspension or expulsion from the University.
Communicating with the Instructors:
We welcome questions related to the course.
Students are strongly encouraged to post their class-related questions
on Piazza (publicly or privately, as appropriate) rather than emailing questions
to the teaching staff.
Questions sent by email will receive lower priority.
We are committed to answer all questions posted on Piazza
within 24 hours.
We will make any course-related announcements on Piazza and will occasionally send
direct email notifications to all students in the class.
As a reminder, students are responsible for all official correspondence sent
to their Hawkmail address
(see General CLAS Policies on electronic communication below).
Assigned Readings: Students are expected to study all the material assigned as required readings, even if that material is not explicitly discussed in class or in the homework.
Additional Readings and Discussions: Students are encouraged to go over any specifically suggested readings and consult any relevant materials beyond those provided on the course's web site. They are also encouraged to discuss the course topics with their classmates. It is a genuinely helpful learning activity having to formulate one's own thoughts about the material well enough to express them to others.
Attendance: Lectures will be taught online in synchronous mode, with frequent (ungraded) in-class exercises and other forms of active participation. Students are expected to attend all lectures and, in case they cannot attend a lecture, timely watch its recorded version. Their knowledge and therefore their grade depends on this. Students are responsible for all announcements made in class and material covered there regardless of whether they attended/watched the lecture or not.
Extra Credit: No extra-credit assignments or tests will be given on an individual basis, although they maybe given to the whole class.
Make-up Exams: Make-up exams will be offered only if there is a serious, documented reason for not being able to take a scheduled exam, and if the request is made at least a week before the exam.
Regrading: Students thinking a graded assignment or test has been misgraded and deserves a regrading are invited to let the instructor know. The instructor welcomes and will give full consideration to all well motivated regrading requests.