Journal ArticleDOI
Model Checking Dynamic Memory Allocation in Operating Systems
Reads0
Chats0
TLDR
A novel method to extend explicit model checking of C programs with dynamic memory management by defining a canonical representation of the heap, moving most of the information from the state vector to a global structure and providing a formal semantics of the method that allows us to prove the soundness of the representation.Abstract:
Most system software, including operating systems, contains dynamic data structures whose shape and contents should satisfy design requirements during execution. Model checking technology, a powerful tool for automatic verification based on state exploration, should be adapted to deal with this kind of structure. This paper presents a method to specify and verify properties of C programs with dynamic memory management. The proposal contains two main contributions. First, we present a novel method to extend explicit model checking of C programs with dynamic memory management. The approach consists of defining a canonical representation of the heap, moving most of the information from the state vector to a global structure. We provide a formal semantics of the method that allows us to prove the soundness of the representation. Secondly, we combine temporal LTL and CTL logic to define a two-dimensional logic, in time and space, which is suitable to specify complex properties of programs with dynamic data structures. We also define the model checking algorithms for this logic. The whole method has been implemented in the well known model checker SPIN, and illustrated with an example where a typical memory reader/writer driver is modelled and analyzed.read more
Citations
More filters
Journal ArticleDOI
The Pointer Assertion Logic Engine
TL;DR: A new framework for verifying partial specifications of programs in order to catch type and memory errors and check data structure invariants is presented, which can verify a large class of data structures, namely all those that can be expressed as graph types.
Journal ArticleDOI
Verification support for ARINC-653-based avionics software
TL;DR: A method to automatically extract PROMELA models from the C source code and a tool that can verify realistic applications that has been used as a novel testing method to ensure the correctness of the APEX environment.
Journal ArticleDOI
A practical use of model checking for synthesis: generating a dam controller for flood management
TL;DR: This paper proposes the use of model checking (MC) techniques to automatically synthesize controllers for dam management during flood seasons and develops a realistic application in the context of a joint project with a major water reservoir management company.
Proceedings ArticleDOI
A Scalable Fluid Flow Process Algebraic Approach to Emergency Egress Analysis
TL;DR: This paper focuses on the validation of a representative example of a stochastic process algebraic models of smart signage systems in the context of emergency egress to show how realistic human behaviour can be embedded in the model and how the effect of this behaviour on building evacuation can be analysed in an efficient and scalable way.
Journal ArticleDOI
A model-extraction approach to verifying concurrent C programs with CADP
TL;DR: An approach to verify concurrent C code by automatically extracting a high-level formal model that is suitable for analysis with existing tools is described and implemented as an extension of the CADP toolbox which already provides a variety of analysis modules for several input languages using labeled transition systems as the core model.
References
More filters
Model checking
TL;DR: Model checking tools, created by both academic and industrial teams, have resulted in an entirely novel approach to verification and test case generation that often enables engineers in the electronics industry to design complex systems with considerable assurance regarding the correctness of their initial designs.
Journal ArticleDOI
The model checker SPIN
TL;DR: An overview of the design and structure of the verifier, its theoretical foundation, and an overview of significant practical applications are given.
Book ChapterDOI
A Temporal Logic of Nested Calls and Returns
TL;DR: This work introduces a temporal logic of calls and returns (CaRet) for specification and algorithmic verification of correctness requirements of structured programs and presents a tableau construction that reduces the model checking problem to the emptiness problem for a Buchi pushdown system.
Book
The SPIN Model Checker: Primer and Reference Manual
TL;DR: The SPIN Model Checker as mentioned in this paper is used for both teaching software verification techniques, and for validating large scale applications, and it has been estimated that up to three-quarters of the $400 billion spent annually to hire programmers in the United States is ultimately spent on debugging.