Proceedings ArticleDOI
Lazy abstraction
Thomas A. Henzinger,Ranjit Jhala,Rupak Majumdar,Grégoire Sutre +3 more
- pp 58-70
TLDR
This work presents an algorithm for model checking safety properties using lazy abstraction and describes an implementation of the algorithm applied to C programs and provides sufficient conditions for the termination of the method.Abstract:
One approach to model checking software is based on the abstract-check-refine paradigm: build an abstract model, then check the desired property, and if the check fails, refine the model and start over. We introduce the concept of lazy abstraction to integrate and optimize the three phases of the abstract-check-refine loop. Lazy abstraction continuously builds and refines a single abstract model on demand, driven by the model checker, so that different parts of the model may exhibit different degrees of precision, namely just enough to verify the desired property. We present an algorithm for model checking safety properties using lazy abstraction and describe an implementation of the algorithm applied to C programs. We also provide sufficient conditions for the termination of the method.read more
Citations
More filters
Journal ArticleDOI
DART: directed automated random testing
TL;DR: DART is a new tool for automatically testing software that combines three main techniques, automated extraction of the interface of a program with its external environment using static source-code parsing, and dynamic analysis of how the program behaves under random testing and automatic generation of new test inputs to direct systematically the execution along alternative program paths.
Proceedings ArticleDOI
CUTE: a concolic unit testing engine for C
TL;DR: In this paper, the authors address the problem of automating unit testing with memory graphs as inputs, and develop a method to represent and track constraints that capture the behavior of a symbolic execution of a unit with memory graph as inputs.
Proceedings ArticleDOI
The SLAM project: debugging system software via static analysis
Thomas Ball,Sriram K. Rajamani +1 more
TL;DR: This work has successfully applied the SLAM toolkit to Windows XP device drivers, to both validate behavior and find defects in their usage of kernel APIs.
Journal Article
Interpolation and SAT-based model checking
TL;DR: In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDD-based symbolic model checking, and compares favorably to some recent SAT-based model checking methods on positive instances.
Journal ArticleDOI
A static analyzer for large safety-critical software
Bruno Blanchet,Patrick Cousot,Radhia Cousot,Jérôme Feret,Laurent Mauborgne,Antoine Miné,David Monniaux,Xavier Rival +7 more
TL;DR: It is shown that abstract interpretation-based static program analysis can be made efficient and precise enough to formally verify a class of properties for a family of large programs with few or no false alarms.
References
More filters
Journal ArticleDOI
Graph-Based Algorithms for Boolean Function Manipulation
TL;DR: In this paper, the authors present a data structure for representing Boolean functions and an associated set of manipulation algorithms, which have time complexity proportional to the sizes of the graphs being operated on, and hence are quite efficient as long as the graphs do not grow too large.
Book
Compilers: Principles, Techniques, and Tools
TL;DR: This book discusses the design of a Code Generator, the role of the Lexical Analyzer, and other topics related to code generation and optimization.
Journal ArticleDOI
On Computable Numbers, with an Application to the Entscheidungsproblem
TL;DR: This chapter discusses the application of the diagonal process of the universal computing machine, which automates the calculation of circle and circle-free numbers.
Model checking
TL;DR: Model checking tools, created by both academic and industrial teams, have resulted in an entirely novel approach to verification and test case generation that often enables engineers in the electronics industry to design complex systems with considerable assurance regarding the correctness of their initial designs.
Journal ArticleDOI
A theory of timed automata
Rajeev Alur,David L. Dill +1 more
TL;DR: Alur et al. as discussed by the authors proposed timed automata to model the behavior of real-time systems over time, and showed that the universality problem and the language inclusion problem are solvable only for the deterministic automata: both problems are undecidable (II i-hard) in the non-deterministic case and PSPACE-complete in deterministic case.