Learning Objectives
The learning goals describe what we want students to know or be able to do by the end of the semester. We evaluate whether learning goals have been achieved through assignments, in-class discussion and exercises, exams, and the final project. These goals are:
- Students will learn to implement program analyses that verify program properties and find bugs using dataflow analysis, interprocedural analysis, pointer analysis, Hoare logic, symbolic execution, and dynamic analysis. Furthermore, they will learn how program analysis frameworks can leverage abstract interpretation ideas in order to reuse the vast majority of analysis boilerplate.
- Students will learn to use abstract interpretation to formally prove that an analysis is sound and will terminate. They will also learn to analyze the scalability of a program analysis and compare the precision of different analysis techniques.
- The ability to reason rigorously about what code does.
- The ability to formally model discrete software systems and prove theorems about those models.
- The ability to build moderate-scale programs using software frameworks.
- The ability to run large, existing open-source tools.
Prerequisites
15-251 and (15-150 or 15-214)
Degree Requirements Fulfilled
Undergraduates: This course can be used to satisfy the Logic and Languages constrained elective category of the Computer Science Bachelor's Degree. It also satisfies the Technical Software Engineering requirement for the Software Engineering minor, subject to double-counting rules.
Masters: The course is preapproved for the Theoretical Foundations requirement of the Computer Science master's degree.
PhD students: This course satisfies the SYM area requirement for the SE PhD. It has also been used to satisfy the Algorithms/Complexity/Programming Languages requirement for the ECE PhD by previous students.
Syllabus
Topics covered in this course include:- Program Representations: ASTs, control-flow graphs, stack machines
- Program Semantics
- Data-Flow Analysis: theoretical framework, sample analyses, soundness and correctness, termination and complexity
- Interprocedural Data-Flow Analysis: context-sensitivity, precision, termination
- Control-Flow Analysis for Functional Languages
- Pointer Analysis: Andersen and Steengaard's analysis, field sensitivity for object-oriented languages, call graph construction with dynamic dispatch
- Hoare logic: axiomatic semantics, Hoare triples, strogest postconditions and weakest preconditions, proving properties of programs
- Software Model Checking
- Satisfiability Modulo Theories: SAT, SMT, DPLL
- Symbolic Excution and Concolic Testing
- Fuzz Testing: white-box and grey-box analysis
- Dynamic Analysis: examples for concurrency, software engineering applications
- Program Synthesis
- Program Repair
- Program analyses for improving performance and security
Assessments
The final course grade will be calculated using the following categories and percentages:
- 40% homework assignments
- 30% two midterm exams
- 20% final project
- 10% exercises and in-class participation
Assignments are a mixture of formal definitions/proofs covering analysis theory and programming exercises that cover the principled construction of program analyses. Both forms of assignments will be assessed based on correctness and clarity of the definitions and of the analysis implementation, respectively.
Assignments will be submitted via Github, Gradescope, and/or Canvas, as appropriate.
There will be two open-book midterm exams. The exams will be designed so that a well-prepared student can complete them within the 80-minute class period. As time pressure is not the point of the exam, the instructors will make arrangements for students to take extra time after the class period if needed.
The semester project will be student-selected. Students will have several options:
- A student-defined analysis implementation or other research project. This is the default assumed project for enrolled Ph.D. students, who are generally expected to take on a project of larger scope that engages with (typically their) research.
- A student-selected, but instructor-guided program analysis-related project with a research angle. This option is intended to provide guidance for typically non-PhD students who would like to explore program analysis research but do not yet have sufficient exposure to research to define their own project.
- A substantive pull request contributing to a real-world program analysis tool or framework.
- A substantive analysis implementation project.
In addition to code and a write-up, the projects will involve a checkpoint report (intended to overview the background on the project in question and establish progress, guidelines to be provided) and a final presentation, describing what the student(s) actually did/accomplished.
Students will be permitted (but not required) to work with partners for the final project; we expect partnered projects to be larger in scope than solo projects. Graduate (PhD) students are expected to take on projects of non-trivial, research-oriented scope, regardless of whether they work alone or in pairs.
Class participation and readings are important, as most material will be communicated via lectures or readings and reinforced with in-class activities. In most class periods there will be an in-class exercise designed to allow students to practice the material being taught. Students will earn participations for completing each day's in-class exercise (regardless of the answers given). We will drop some number (approximately 4) of the quizzes automatically. Students missing class due to unavoidable circumstances (e.g. health or family-related matters) can make up participation points by attending the instructor's office hours after having read the lecture notes for this missed class, coming with a couple of questions or comments prepared for discussion.
Supplemental Textbook
The primary reference for this course are the provided course notes. For those who would like to have a second textbook as a reference, the course schedule indicates when certain topics are covered in the supplemental text. These readings are optional but we provide them for those who would like a second reference. The supplemental text is:
Nielson, Nielson, and Hankin. Principles of Program Analysis (PPA).
Time Management
This is a 12-unit course, and it is our intention to manage it so that you spend close to 12 hours a week on the course, on average. In general, 4 hours/week will be spent in class and 8 hours on assignments. Please feel free to give the course staff feedback on how much time the course is taking for you.
Late Work Policy
We understand that normal life events, including projects and exams in other courses and technical difficulties out of your control, can interfere with your ability to complete your work on time. Our philosophy is that our late work policy includes built-in flexibility but that the policy will be uniformly applied to all students. Exceptions to this policy will be made only in extraordinary circumstances, almost always involving a family or medical emergency with your academic advisor or the Dean of Student Affairs requesting such exceptions on your behalf.
For most homework deadlines, you may turn in your work up to three days late. You begin the semester with five free late days. These are automatically applied to late assignments until they are all expended. You cannot defer a free late day from one assignment to another. Once late days are expended, a 10% (full letter grade) penalty applies per-day. Work turned in more than three days late will receive feedback but no credit, i.e., a 100% penalty, regardless of late day application/availability.
Collaboration Policy
We expect that your work on individual assignments, projects, and exams will be your own work. Thus, you may not copy any part of a solution to a problem that was written by another student, or was developed together with another student, or was copied from another unauthorized source such as the Internet. You may not look at another student's solution, even if you have completed your own, nor may you knowingly give your solution to another student or leave your solution where another student can see it.Here are some examples of behavior that are inappropriate:
- Copying files or parts of files (such as source code, written text, or unit tests) from another person or source.
- Copying (or retyping) files or parts of files with minor modifications such as style changes or minor logic modifications.
- Allowing someone else to copy your code or written assignment, either in draft or final form.
- Getting help that you do not fully understand, and from someone whom you do not acknowledge on your solution.
- Writing, using, or submitting a program that attempts to alter or erase grading information or otherwise compromise security of course resources.
- Copying someone else's files containing draft solutions, even if the file permissions are incorrectly set to allow it.
- Lying to course staff.
- Copying prose or programs directly.
- Giving copies of work to others.
- Making your work publicly available in a way that other students (current or future) can access your solutions, even if others' access is accidental or incidental to your goals.
- Coaching others step-by-step without them understanding your help.
If any of your work contains any statement that was not written by you, you must put it in quotes and cite the source. If you are paraphrasing an idea you read elsewhere, you must acknowledge the source. Using existing material without proper citation is plagiarism, a form of cheating. If there is any question about whether the material is permitted, you must get permission in advance. We will be using automated systems to detect software plagiarism.
It is not considered cheating to clarify vague points in the assignments, lectures, lecture notes, or to give help or receive help in using the computer systems, compilers, debuggers, profilers, or other facilities.
Some assignments are specifically noted as group projects. For these, interpret "you" in the preceeding paragraphs to mean "you and your partner(s)."
Any violation of this policy
is cheating. The minimum penalty for cheating (including
plagiarism) will be a zero
grade for the whole assignment. Cheating incidents will also be
reported through University channels, with possible additional
disciplinary action. For more information, see the University Policy on Academic Integrity. There is no statute of limitations for violations of the collaboration policy; penalties may be assessed (and referred to the university disciplinary board) after you have completed the course, and some requirements of the collaboration policy (such as restrictions on you posting your solutions) extend beyond your completion of the course.
If you have any question about how this policy applies in a particular situation, ask the instructors or TAs for clarification.
Accommodations
If you have a disability and require accommodations, please contact Catherine Getchell, Director of Disability Resources, 412-268-6121, getchell@cmu.edu. If you have an accommodations letter from the Disability Resources office, We encourage you to discuss your accommodations and needs with me as early in the semester as possible. We will work with you to ensure that accommodations are provided as appropriate.
Pandemic Mode
This class is in-person expected, and lecture will include exercises. Much of the course instruction involves the board. We will investigate the A/V situation at the start of the semester to see how well it supports recording over zoom; if at all possible, we will record lecture and share the recordings after the fact (we won't livestream). See above for discussion of how to make up class that you have to miss.
At any point during the semester, if you are feeling sick and/or are exhibiting any symptoms of COVID-19 (or anything else! Don't come to class with the flu, either!), please do not come to class. Do reach out to the instructors if you require any unanticipated health-related accommodations.
Your health matters
When we say "your health matters" we mean exactly that: Your health matters. We don't intend to imply that other peoples' health does not matter, or that your health matters more or less than theirs. It's just that we know that CMU can be a stressful, risky environment, and your health is the health that is relevant in this conversation.
Please take care of yourself. Do your best to maintain a healthy lifestyle this semester by eating well, exercising, avoiding drugs and alcohol, getting enough sleep and taking some time to relax. This will help you achieve your goals and cope with stress.
All of us benefit from support during times of struggle. You are not alone. There are many helpful resources available on campus and an important part of the college experience is learning how to ask for help. Asking for support sooner rather than later is often helpful.
If you or anyone you know experiences any academic stress, difficult life events, or feelings like anxiety or depression, we strongly encourage you to seek support. Counseling and Psychological Services (CaPS) is here to help: call 412-268-2922 and visit their website at http://www.cmu.edu/counseling/. Consider reaching out to a friend, faculty or family member you trust for help getting connected to the support that can help.