Supported Java Features
Java is a very complex language which massively evolved over the time. KeY does not support all Java features. Some of those, like floating-point arithmetic, are in principle hard to handle from a theorem-proving point of view; others, like Generics and Lambdas, could be considered in future versions of the system. The following (incomplete) table gives an overview about the state of selected Java features in the current KeY version. Features shaded in green are supported, those in red are unsupported; features in yellow are in principle not supported, but can be treated with restrictions by a workaround supplied by KeY. A list of supported JML features is available here.| Feature | State |
|---|---|
| Basic Java 1.2 features | KeY supports Integer arithmetic (for both mathematical Integers and actual Integer types with overflows), Strings, inheritance, dynamic dispatch, loops, recursion, … |
| Enhanced “for” loops | Supported. |
| Floating point types | Supported, reasoning via axioms and by using SMT solvers with float support. |
| Library methods | KeY will throw an error when you use libraries the code of which is not in KeY’s classpath. However, we have a plugin in our eclipse extension which can create stubs with default contracts for library methods such that you can directly start proving properties about your code, or manually refine the stub specifications before. |
| Generics | Unsupported; However, a tool to statically remove Generics from the code can be downloaded here. |
| Multithreading | Unsupported. |
| try-with-resources and multi-catch (both Java 7) | Unsupported. |
| Java 8 features (lambdas etc.) | Unsupported. |
Tutorials
Tutorial @ FM 2024
By Bernhard Beckert, Richard Bubel, Daniel Drodt, Reiner Hähnle, Florian Lanzinger, Wolfram Pfeifer, Mattias Ulbrich, and Alexander Weigl This tutorial was given at FM’24 in Milan. It combined an introductionary lecture of the concepts behind the KeY approach with practical exercises.Formal Verification with KeY: A Tutorial (2016)
By Bernhard Beckert, Reiner Hähnle, Martin Hentschel and Peter H. Schmitt Book chapter of the KeY book. This chapter gives a systematic tutorial introduction on how to perform formal program verification with the KeY system. It illustrates a number of complications and pitfalls, notably programs with loops, and shows how to deal with them. After working through this tutorial, you should be able to formally verify with KeY the correctness of simple Java programs, such as standard sorting algorithms, gcd, etc. Find this tutorial on SpringerLinkNote: The following tutorials may require older versions of KeY.
Verifying Object-Oriented Programs with KeY: A Tutorial (2007)
By Wolfgang Ahrendt, Bernhard Beckert, Reiner Hähnle, Philipp Rümmer, and Peter H. Schmitt. Abstract. This paper is a tutorial on performing formal specification and semi-automatic verification of Java programs with the formal software development tool KeY. This tutorial aims to fill the gap between elementary introductions using toy examples and state-of-art case studies by going through a self-contained, yet non-trivial, example. It is hoped that this contributes to explain the problems encountered in verification of imperative, object-oriented programs to a readership outside the limited community of active researchers. Download this tutorial.KeY: The Sequent Calculus of the KeY Tool (2015)
Tutorial at CADE-25 by Reiner Hähnle and Peter H. Schmitt You can download part I and part II of the slides of this tutorial as well as the corresponding KeY proofs.Video Tutorial: Interactive Verification with the Symbolic Execution Debugger (SED)
Video Tutorial: Proof Attempt Inspection with the Symbolic Execution Debugger
Relevant blog posts
Norwegian Governmental Election Software Formally Verified with KeY - In his recently finished Master's thesis, Henrik Torland Klev verified (parts of) EVA, the main support system for elections in municipalities and counties in Norway, using the KeY prover.
Proving the Correctness of Program Transformations with Abstract Execution and REFINITY - Summary. Abstract Execution (AE) is a new program analysis technique for automatically proving second-order properties about programs. It is based on the symbolic execution of abstract programs with second-order symbolic stores. Proving JDK’s Dual Pivot Quicksort Correct - by Bernhard Beckert, Jonas Schiffl, Peter H. Schmitt and Mattias Ulbrich Sorting is a fundamental functionality in libraries, for which efficiency is crucial. Correctness of the highly optimized implementations is often taken for granted. De Gouw et al. have shown that this certainty is deceptive by revealing a bug in the Java Development Kit (JDK) […]
New Feature: State Merging in KeY - Current nightly builds of KeY contain a new feature called state merging, a technique to decrease the size of proof trees arising from the symbolic execution of large programs.Literature
2016
Dynamic Dispatch for Method Contracts Through Abstract Predicates Journal Article
In: Trans. Modularity and Composition, vol. 1, pp. 238–267, 2016.
Darmstadt University of Technology, Germany, 2016.
2015
Dynamic Dispatch for Method Contracts through Abstract Predicates Proceedings Article
In: Proceedings of the 14th International Conference on Modularity, MODULARITY 2015, Fort Collins, CO, USA, March 16 - 19, 2015, pp. 109–116, ACM, 2015.
Implementation-level Verification of Algorithms with KeY Journal Article
In: Software Tools for Technology Transfer, vol. 17, no. 6, pp. 729–744, 2015, ISSN: 1433-2779.
A Hybrid Approach for Proving Noninterference of Java Programs Proceedings Article
In: Fournet, Cédric; Hicks, Michael (Ed.): 28th IEEE Computer Security Foundations Symposium (CSF 2015), pp. 305-319, 2015.
A Hybrid Approach for Proving Noninterference of Java Programs Journal Article
In: IACR Cryptology ePrint Archive, vol. 2015, pp. 438, 2015.
Generating Specifications for Recursive Methods by Abstracting Program States Proceedings Article
In: SETTA, pp. 243–257, Springer, 2015.
2014
JKelloy: A Proof Assistant for Relational Specifications of Java Programs Proceedings Article
In: NASA Formal Methods - 6th International Symposium, NFM 2014, Houston, TX, USA, April 29 - May 1, 2014. Proceedings, pp. 173–187, 2014.
The KeY Platform for Verification and Analysis of Java Programs Proceedings Article
In: Giannakopoulou, Dimitra; Kroening, Daniel (Ed.): Verified Software: Theories, Tools, and Experiments (VSTTE 2014), pp. 1–17, Springer-Verlag, 2014, ISBN: 978-3-642-54107-0.
2013
Proving Well-Definedness of JML Specifications with KeY Masters Thesis
ITI Schmitt, Karlsruhe Institute of Technology, 2013.