Article

Enhanced Property Specification and Verification in BLAST

Author:

Ondřej ŠerýAuthors Info & Claims

FASE '09: Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009

Pages 456 - 469

https://doi.org/10.1007/978-3-642-00593-0_32

Published: 28 March 2009 Publication History

Abstract

Model checking tools based on the iterative refinement of predicate abstraction (e.g., <Emphasis Type="SmallCaps">Slam</Emphasis> and <Emphasis Type="SmallCaps">Blast</Emphasis> ) often feature a specification language for expressing complex behavior rules. The source code under verification is instrumented by artificial variables and statements in order to transform the problem of checking such a rule into the problem of program location reachability. This way, the source code get bloated and additional predicates have to be discovered and tracked during the verification. We suggest that a significant performance improvement can be achieved by tracking state of the behavior rules aside from the source code instead of instrumenting them. We have implemented an extension to <Emphasis Type="SmallCaps">Blast</Emphasis>, which accepts a specification language (a simplified version of <em>behavior protocols</em> ), and checks its validity without modifying the input source code. An experiment with two Linux kernel drivers confirms the performance gain using the extension.

References

[1]

Adamek, J., Plasil, F.: Component composition errors and update atomicity: static analysis. Journal of Software Maintenance and Evolution 17(5), 363-377 (2005).

[2]

Ball, T., Bounimova, E., Cook, B., Levin, V., Lichtenberg, J., McGarvey, C., Ondrusek, B., Rajamani, S.K., Ustuner, A.: Thorough static analysis of device drivers. SIGOPS Oper. Syst. Rev. 40(4), 73-85 (2006).

[3]

Ball, T., Majumdar, R., Millstein, T., Rajamani, S.K.: Automatic predicate abstraction of c programs. SIGPLAN Not. 36(5), 203-213 (2001).

[4]

Ball, T., Rajamani, S.K.: Slic: A specification language for interface checking. Technical Report MSR-TR-2001-21, Microsoft Research (January 2002).

[5]

Beyer, D., Chlipala, A., Henzinger, T., Jhala, R., Majumdar, R.: The Blast query language for software verification. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 2-18. Springer, Heidelberg (2004).

[6]

Beyer, D., Henzinger, T.A., Jhala, R., Majumdar, R.: Checking memory safety with blast. In: Cerioli, M. (ed.) FASE 2005. LNCS, vol. 3442, pp. 2-18. Springer, Heidelberg (2005).

[7]

Beyer, D., Henzinger, T.A., Théoduloz, G.: Configurable software verification: Concretizing the convergence of model checking and program analysis. In: Damm, W., Hermanns, H. (eds.) CAV 2007. LNCS, vol. 4590, pp. 504-518. Springer, Heidelberg (2007).

[8]

Beyer, D., Henzinger, T.A., Théoduloz, G.: Program analysis with dynamic precision adjustment. In: Proceedings of the 23rd IEEE/ACM International Conference on Automated Software Engineering (ASE 2008). IEEE Computer Society Press, Los Alamitos (2008).

[9]

Bodden, E., Hendren, L.J., Lam, P., Lhoták, O., Naeem, N.A.: Collaborative runtime verification with tracematches. In: Sokolsky, O., Taşiran, S. (eds.) RV 2007. LNCS, vol. 4839, pp. 22-37. Springer, Heidelberg (2007).

[10]

Clarke, E., Kroening, D., Sharygina, N., Yorav, K.: SATABS: SAT-Based Predicate Abstraction for ANSI-C. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 570-574. Springer, Heidelberg (2005).

[11]

Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154-169. Springer, Heidelberg (2000).

[12]

Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL 1977: Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, pp. 238-252. ACM, New York (1977).

[13]

Gulavani, B.S., Henzinger, T.A., Kannan, Y., Nori, A.V., Rajamani, S.K.: Synergy: a new algorithm for property checking. In: SIGSOFT 2006/FSE-14: Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering, pp. 117-127. ACM, New York (2006).

[14]

Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. SIGPLAN Not. 37(1), 58-70 (2002).

[15]

Holzmann, G.: The Spin Model Checker, Primer and Reference Manual. Addison-Wesley, Reading (2003).

[16]

Hopcroft, J.E., Motwani, R., Ullman, J.D.: Introduction to Automata Theory, Languages, and Computation, 2nd edn. Addison-Wesley, Reading (2000).

[17]

Pasareanu, C.S., Pelánek, R., Visser, W.: Predicate abstraction with underapproximation refinement. Logical Methods in Computer Science 3(1) (2007).

[18]

Plasil, F., Visnovsky, S.: Behavior protocols for software components. IEEE Transactions on Software Engineering 28(11), 1056-1076 (2002).

[19]

Poch, T.: Distributed behavior protocol checker. Master's thesis, Charles University in Prague, Czech Republic (2006).

[20]

Visser, W., Havelund, K., Brat, G., Park, S., Lerda, F.: Model Checking Programs. Automated Software Engineering 10(2), 203-232 (2003).

Cited By

Beyer DDangl MDietsch DHeizmann MLemberger TTautschnig M(2022)Verification WitnessesACM Transactions on Software Engineering and Methodology10.1145/347757931:4(1-69)Online publication date: 8-Sep-2022
https://dl.acm.org/doi/10.1145/3477579
Apel SBeyer DMordan VMutilin VStahlbauer AZimmermann TCleland-Huang JSu Z(2016)On-the-fly decomposition of specifications in software model checkingProceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering10.1145/2950290.2950349(349-361)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1145/2950290.2950349
Beyer DDangl MDietsch DHeizmann MStahlbauer ADi Nitto EHarman MHeymans P(2015)Witness validation and stepwise testification across software verifiersProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786867(721-733)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786867
Show More Cited By

Index Terms

Enhanced Property Specification and Verification in BLAST
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Formal software verification

Index terms have been assigned to the content through auto-classification.

Recommendations

Specification and automated verification of concurrent software systems
The software model checker Blast: Applications to software engineering

Blast is an automatic verification tool for checking temporal safety properties of C programs. Given a C program and a temporal safety property, Blast either statically proves that the program satisfies the safety property, or provides an execution path ...
Temporal property verification as a program analysis task

We describe a reduction from temporal property verification to a program analysis problem. First we present a proof system that, unlike the standard formulation, is more amenable to reasoning about infinite-state systems: disjunction is treated by ...

Comments

Information & Contributors

Information

Published In

cover image Guide Proceedings

FASE '09: Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009

March 2009

485 pages

ISBN:9783642005923

Editors:
Marsha Chechik
Department of Computer Science, University of Toronto, Toronto, Canada M5S 3G4
,
Martin Wirsing
Institute of Computer Science, LMU Munich, Munich, Germany 80538

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 28 March 2009

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 18 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Beyer DDangl MDietsch DHeizmann MLemberger TTautschnig M(2022)Verification WitnessesACM Transactions on Software Engineering and Methodology10.1145/347757931:4(1-69)Online publication date: 8-Sep-2022
https://dl.acm.org/doi/10.1145/3477579
Apel SBeyer DMordan VMutilin VStahlbauer AZimmermann TCleland-Huang JSu Z(2016)On-the-fly decomposition of specifications in software model checkingProceedings of the 2016 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering10.1145/2950290.2950349(349-361)Online publication date: 1-Nov-2016
https://dl.acm.org/doi/10.1145/2950290.2950349
Beyer DDangl MDietsch DHeizmann MStahlbauer ADi Nitto EHarman MHeymans P(2015)Witness validation and stepwise testification across software verifiersProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786867(721-733)Online publication date: 30-Aug-2015
https://dl.acm.org/doi/10.1145/2786805.2786867
Beyer DHolzer ATautschnig MVeith H(2013)Information reuse for multi-goal reachability analysesProceedings of the 22nd European conference on Programming Languages and Systems10.1007/978-3-642-37036-6_26(472-491)Online publication date: 16-Mar-2013
https://dl.acm.org/doi/10.1007/978-3-642-37036-6_26
Kolb EŠerý OWeiss R(2009)Applicability of the BLAST model checkerProceedings of the 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics10.1007/978-3-642-11486-1_19(218-229)Online publication date: 15-Jun-2009
https://dl.acm.org/doi/10.1007/978-3-642-11486-1_19

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents