Leading-edge Ada verification technologies: highly automated Ada contract checking using bakar kiasan

This tutorial presents a new approach to Spark/Ada contract checking using Bakar Kiasan--a highly automated, evidence-based symbolic execution tool. Bakar Kiasan aims to lower the barrier of entry and reduce the burden of engineers as they specify and verify Ada contracts. Even in the absence of contracts, Bakar Kiasan can check code for possible runtime exceptions and provide visualizations of semantic constraints along paths through procedures. As engineers progressively add contracts, Bakar Kiasan can verify the consistency of code and contracts, thus providing increased confidence, often proportional to the efforts made to capture fuller behavioral specifications via contracts. Bakar Kiasan also provides compositional checking; that is, it can be used on incomplete systems, where contracts are only present for some program components (which may not even have been implemented). This allows contract checking to be used as the program is being developed starting early in the software development process.

Bakar Kiasan provides helpful feedback and evidence of its verification results. For example, it automatically generates counter examples as program test cases for illustrating how contracts are violated (this is very helpful when debugging code/contracts), as well as providing various visualization cues, for example, highlighting problematic code or contract segments similar to how modern Integrated Development Environments (IDEs) illustrate compile (type) errors. Kiasan also generates test cases for illustrating how contracts are satisfied, which is helpful for understanding code/contracts or confirming how a program should behave. Bakar Kiasan is integrated in the Eclipse IDE as a plug-in, and an integration with the GNAT Programming Studio (GPS) is currently being developed in collaboration with AdaCore.