共查询到10条相似文献,搜索用时 140 毫秒
1.
Sagar Chaki Joël Ouaknine Karen Yorav Edmund Clarke 《Electronic Notes in Theoretical Computer Science》2003,89(3):417
The state space explosion problem in model checking remains the chief obstacle to the practical verification of real-world distributed systems. We attempt to address this problem in the context of verifying concurrent (message-passing) C programs against safety specifications. More specifically, we present a fully automated compositional framework which combines two orthogonal abstraction techniques (operating respectively on data and events) within a counterexample-guided abstraction refinement (CEGAR) scheme. In this way, our algorithm incrementally increases the granularity of the abstractions until the specification is either established or refuted. Our explicit use of compositionality delays the onset of state space explosion for as long as possible. To our knowledge, this is the first compositional use of CEGAR in the context of model checking concurrent C programs. We describe our approach in detail, and report on some very encouraging preliminary experimental results obtained with our tool MAGIC. 相似文献
2.
一种基于满足性判定的并发软件验证策略 总被引:1,自引:0,他引:1
对线性时态逻辑SE-LTL提出了一种基于SAT的有界模型检测过程,该过程避免了基于BDD方法中状态空间快速增长的问题.在SE-LTL的子集SE-LTL?X的有界模型检测过程中,集成了stuttering等价技术,该集成有效地加速了验证过程.进一步提出了一种组合了基于SAT的有界模型检测、基于反例的抽象求精、组合推理3种状态空间约简技术的并发软件验证策略.该策略中,抽象和求精在每一个构件上独立进行.同时,模型检测的过程是符号化的.实例表明,该策略降低了验证时间和对内存空间的需求. 相似文献
3.
S. Chaki E. Clarke A. Groce J. Ouaknine O. Strichman K. Yorav 《Formal Methods in System Design》2004,25(2-3):129-166
There has been considerable progress in the domain of software verification over the last few years. This advancement has been driven, to a large extent, by the emergence of powerful yet automated abstraction techniques such as predicate abstraction. However, the state-space explosion problem in model checking remains the chief obstacle to the practical verification of real-world distributed systems. Even in the case of purely sequential programs, a crucial requirement to make predicate abstraction effective is to use as few predicates as possible. This is because, in the worst case, the state-space of the abstraction generated (and consequently the time and memory complexity of the abstraction process) is exponential in the number of predicates involved. In addition, for concurrent programs, the number of reachable states could grow exponentially with the number of components. We attempt to address these issues in the context of verifying concurrent (message-passing) C programs against safety specifications. More specifically, we present a fully automated compositional framework which combines two orthogonal abstraction techniques (predicate abstraction for data and action-guided abstraction for events) within a counterexample-guided abstraction refinement scheme. In this way, our algorithm incrementally increases the granularity of the abstractions until the specification is either established or refuted. Additionally, a key feature of our approach is that if a property can be proved to hold or not hold based on a given finite set of predicates $\mathcal{P}$ , the predicate refinement procedure we propose in this article finds automatically a minimal subset of $\mathcal{P}$ that is sufficient for the proof. This, along with our explicit use of compositionality, delays the onset of state-space explosion for as long as possible. We describe our approach in detail, and report on some very encouraging experimental results obtained with our tool MAGIC. 相似文献
4.
5.
Sagar Chaki Edmund Clarke Natasha Sharygina Nishant Sinha 《Formal Methods in System Design》2008,32(3):235-266
This paper presents an automated and compositional procedure to solve the substitutability problem in the context of evolving software systems. Our solution contributes two
techniques for checking correctness of software upgrades: (1) a technique based on simultaneous use of over-and under-approximations
obtained via existential and universal abstractions; (2) a dynamic assume-guarantee reasoning algorithm—previously generated component assumptions are reused and altered on-the-fly to prove
or disprove the global safety properties on the updated system. When upgrades are found to be non-substitutable, our solution
generates constructive feedback to developers showing how to improve the components. The substitutability approach has been
implemented and validated in the ComFoRT reasoning framework, and we report encouraging results on an industrial benchmark.
This is an extended version of a paper, Dynamic Component Substitutability Analysis, published in the Proceedings of the Formal Methods 2005 Conference, Lecture Notes in Computer Science, vol. 3582, by the
same authors. This research was sponsored by the National Science Foundation under grant nos. CNS-0411152, CCF-0429120, CCR-0121547,
and CCR-0098072, the Semiconductor Research Corporation under grant no. TJ-1366, the US Army Research Office under grant no.
DAAD19-01-1-0485, the Office of Naval Research under grant no. N00014-01-1-0796, the ICAST project and the Predictable Assembly
from Certifiable Components (PACC) initiative at the Software Engineering Institute, Carnegie Mellon University. The views
and conclusions contained in this document are those of the authors and should not be interpreted as representing the official
policies, either expressed or implied, of any sponsoring institution, the US government or any other entity. 相似文献
6.
In this paper, we focus on the verification approach of Metropolis, an integrated design framework for heterogeneous embedded
systems. The verification approach is based on the formal properties specified in Linear Temporal Logic (LTL) or Logic of
Constraints (LOC). Designs may be refined due to synthesis or be abstracted for verification. An automatic abstraction propagation
algorithm is used to simplify the design for specific properties. A user-defined starting point may also be used with automatic
propagation. Two main verification techniques are implemented in Metropolis the formal verification utilizing the model checker
Spin and the simulation trace checking with automatic generated checkers. Translation algorithms from specification models
to verification models, as well as algorithms of generated checkers are discussed. We use several case studies to demonstrate
our approach for verification of system level designs at multiple levels of abstraction. 相似文献
7.
The use of Craig interpolants has enabled the development of powerful hardware and software model checking techniques. Efficient
algorithms are known for computing interpolants in rational and real linear arithmetic. We focus on subsets of integer linear
arithmetic. Our main results are polynomial time algorithms for obtaining interpolants for conjunctions of linear Diophantine
equations, linear modular equations (linear congruences), and linear Diophantine disequations. We also present an interpolation
result for conjunctions of mixed integer linear equations. We show the utility of the proposed interpolation algorithms for
discovering modular/divisibility predicates in a counterexample guided abstraction refinement (CEGAR) framework. This has enabled verification of simple programs
that cannot be checked using existing CEGAR based model checkers.
This paper is an extended version of [14]. This research was sponsored by the Gigascale Systems Research Center (GSRC), Semiconductor Research Corporation (SRC),
the National Science Foundation (NSF), the Office of Naval Research (ONR), the Naval Research Laboratory (NRL), the Defense
Advanced Research Projects Agency (DARPA), the Army Research Office (ARO), and the General Motors Collaborative Research Lab
at CMU. The views and conclusions contained in this document are those of the author and should not be interpreted as representing
the official policies, either expressed or implied, of GSRC, SRC, NSF, ONR, NRL, DARPA, ARO, GM, or the U.S. government. 相似文献
8.
Patrice Godefroid Nir Piterman 《International Journal on Software Tools for Technology Transfer (STTT)》2011,13(6):571-584
Given a 3-valued abstraction of a program (possibly generated using static program analysis and predicate abstraction) and
a temporal logic formula, generalized model checking (GMC) checks whether there exists a concretization of that abstraction
that satisfies the formula. In this paper, we revisit generalized model checking for linear time (LTL) properties. First,
we show that LTL GMC is 2EXPTIME-complete in the size of the formula and polynomial in the model, where the degree of the
polynomial depends on the formula, instead of EXPTIME-complete and quadratic as previously believed. The standard definition
of GMC depends on a definition of concretization which is tailored for branching-time model checking. We then study a simpler
linear completeness preorder for relating program abstractions. We show that LTL GMC with this weaker preorder is only EXPSPACE-complete in the size of
the formula, and can be solved in linear time and logarithmic space in the size of the model. Finally, we identify classes
of formulas for which the model complexity of standard GMC is reduced. 相似文献
9.
Martin Vechev Eran Yahav Greta Yorsh 《International Journal on Software Tools for Technology Transfer (STTT)》2013,15(5-6):413-431
We present a novel framework for automatic inference of efficient synchronization in concurrent programs, a task known to be difficult and error-prone when done manually. Our framework is based on abstract interpretation and can infer synchronization for infinite state programs. Given a program, a specification, and an abstraction, we infer synchronization that avoids all (abstract) interleavings that may violate the specification, but permits as many valid interleavings as possible. Combined with abstraction refinement, our framework can be viewed as a new approach for verification where both the program and the abstraction can be modified on-the-fly during the verification process. The ability to modify the program, and not only the abstraction, allows us to remove program interleavings not only when they are known to be invalid, but also when they cannot be verified using the given abstraction. We implemented a prototype of our approach using numerical abstractions and applied it to verify several example programs. 相似文献
10.
Duane A. Bailey Janice E. Cuny Craig P. Loomis 《International journal of parallel programming》1990,19(2):75-110
We report here on a graph editor, ParaGraph, that supports massively parallel programming. It provides a flexible mechanism for the concise specification of families of annotated graphs, addressing the problems of user annotation and scale independent graph manipulation. ParaGraph currently serves as the basis for tools supporting communication abstractions in program specification and debugging. Its foundation in an extended form of aggregate rewriting graph grammars makes its adaptation to other parallel programming environments straightforward.The Parallel Programming Environments Project at the University of Massachusetts is supported by the Office of Naval Research under Contract N000014-84-K-0647 and by the National Science Foundation under Grants DCR-8500332 and CCR-8712410. 相似文献