4,163 Hits in 4.2 sec

A Reachability Predicate for Analyzing Low-Level Software [chapter]

Shaunak Chatterjee, Shuvendu K. Lahiri, Shaz Qadeer, Zvonimir Rakamarić
Tools and Algorithms for the Construction and Analysis of Systems  
Sound and precise analysis for such data structures becomes significantly more challenging in the presence of low-level pointer manipulation that is prevalent in systems software.  ...  In this paper, we give a novel formalization of the reachability predicate in the presence of internal pointers and pointer arithmetic.  ...  Finally, we thank Tom Ball and Rustan Leino for providing valuable feedback on the paper.  ... 
doi:10.1007/978-3-540-71209-1_4 dblp:conf/tacas/ChatterjeeLQR07 fatcat:xlukh7twejb4nk7ljgcfyqripy

A low-level memory model and an accompanying reachability predicate

Shaunak Chatterjee, Shuvendu K. Lahiri, Shaz Qadeer, Zvonimir Rakamarić
2009 International Journal on Software Tools for Technology Transfer (STTT)  
In this paper, we present a memory model suitable for reasoning about low-level pointer operations that is accompanied by a formalization of the reachability predicate in the presence of internal pointers  ...  Furthermore, sound analysis that precisely models heap becomes significantly more challenging in the presence of low-level pointer manipulation that is prevalent in systems software.  ...  Finally, we thank Tom Ball and Rustan Leino for providing valuable feedback on the paper.  ... 
doi:10.1007/s10009-009-0098-1 fatcat:n2ih3qh52rfodknkhtgavqixvy

Software model checking

Ranjit Jhala, Rupak Majumdar
2009 ACM Computing Surveys  
(While we focus here on analyzing the behavior of a program relative to given correctness specifications, the development of specification mechanisms happened in parallel, and merits a different survey  ...  As the complexity of software systems grew, so did the need for some reasoning mechanism about correct behavior.  ...  We thank Jay Misra and Tony Hoare for encouraging us to write this survey and several useful comments along the way.  ... 
doi:10.1145/1592434.1592438 fatcat:hxexhmlpxjbx3hqlfh3o4bzz4u

End-to-end Information Flow Security Model for Software-Defined Networks

D. Ju. Chaly, E. S. Nikitin, E. Ju. Antoshina, V. A. Sokolov
2016 Modelirovanie i Analiz Informacionnyh Sistem  
Software-defined networks (SDN) are a novel paradigm of networking which became an enabler technology for many modern applications such as network virtualization, policy-based access control and many others  ...  Software can provide flexibility and fast-paced innovations in the networking; however, it has a complex nature.  ...  Denote a security level of a host h as h : low or h : high. For further discussion we need means for reasoning about sets of hosts.  ... 
doi:10.18255/1818-1015-2015-6-735-749 fatcat:xdu5ensflngmbp3v45bj3tl44y

A Survey of Automated Techniques for Formal Software Verification

Vijay D'Silva, Daniel Kroening, Georg Weissenbacher
2008 IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems  
Index Terms-Bounded model checking (BMC), model checking, predicate abstraction, software verification, static analysis.  ...  The quality and the correctness of software are often the greatest concern in electronic systems. Formal verification tools can provide a guarantee that a design is free of specific flaws.  ...  Wahl for their helpful input.  ... 
doi:10.1109/tcad.2008.923410 fatcat:2cfyumxa6bglpai7jpvhqr5yyu

Distributed and Predictable Software Model Checking [chapter]

Nuno P. Lopes, Andrey Rybalchenko
2011 Lecture Notes in Computer Science  
We present a predicate abstraction and refinement-based algorithm for software verification that is designed for the distributed execution on compute nodes that communicate via message passing, as found  ...  We demonstrate that our distributed software verification algorithm is practical by an experimental evaluation on a set of difficult benchmark problems from the transportation domain.  ...  A typical cluster offers a large number of compute nodes interconnected via a high throughput and low latency network.  ... 
doi:10.1007/978-3-642-18275-4_24 fatcat:s3h4ywku6ja27pawxmy753uwh4

Towards Generating High Coverage Vulnerability-Based Signatures with Protocol-Level Constraint-Guided Exploration [chapter]

Juan Caballero, Zhenkai Liang, Pongsin Poosankam, Dawn Song
2009 Lecture Notes in Computer Science  
Thus, in this paper we focus on how to generate vulnerability point reachability predicates with high coverage and compact size, and we refer the reader to [13] for details on the vulnerability condition  ...  Thus, the problem of automatically generating a vulnerability-based signature can be decomposed into two: identifying the vulnerability condition and identifying the vulnerability point reachability predicate  ...  Acknowledgements We would like to thank James Newsome and Prateek Saxena for many helpful discussions on signature generation. We also thank Stephen  ... 
doi:10.1007/978-3-642-04342-0_9 fatcat:rtpna6gu6bedvoeq2kgzrxgsnm

Benchmark Generator for Software Testers [chapter]

Javier Ferrer, Francisco Chicano, Enrique Alba
2011 IFIP Advances in Information and Communication Technology  
In the field of search based software engineering, evolutionary testing is a very popular domain in which test cases are automatically generated for a given piece of code using evolutionary algorithms.  ...  In addition, we can ensure that all the branches in the programs are reachable, i.e. a 100% branch coverage is always possible.  ...  If total reachability is desired, logic predicates are used to represent the set of possible values that the variables can take at a given point of the PUC.  ... 
doi:10.1007/978-3-642-23960-1_45 fatcat:4e3hg4wttrcwjn2jimx34hrjoy

An Automata-Theoretic Approach to Hardware/Software Co-verification [chapter]

Juncao Li, Fei Xie, Thomas Ball, Vladimir Levin, Con McGarvey
2010 Lecture Notes in Computer Science  
; and built a software tool for deciding reachability of BPDS models.  ...  We designed a co-specification framework describing HW/SW systems; synthesized a hybrid Büchi Automaton Pushdown System model for co-verification, namely Büchi Pushdown System (BPDS), from the co-specification  ...  We developed a method for checking reachability properties of a BPDS and analyzed its complexities.  ... 
doi:10.1007/978-3-642-12029-9_18 fatcat:yv7g7xwb7vdpnkdp63j5groy24

Theta: A framework for abstraction refinement-based model checking

Tamas Toth, Akos Hajdu, Andras Vorcos, Zoltan Micskei, Istvan Majzik
2017 2017 Formal Methods in Computer Aided Design (FMCAD)  
The built-in abstract domains include predicates, explicit values, zones and their combinations, along with various refinement strategies implemented for each.  ...  In this paper, we present THETA, a configurable model checking framework.  ...  Abstraction refinement is a widely used approach for model checking software. Several tools, e.g. SLAM [1] , BLAST [2] and SATABS [3] are based on predicate abstraction.  ... 
doi:10.23919/fmcad.2017.8102257 dblp:conf/fmcad/TothHVMM17 fatcat:f5qmm4cxzrgfdntw53jb4746ai

On the declarativity of declarative networking

Yun Mao
2010 ACM SIGOPS Operating Systems Review  
First, by analyzing the language semantics, we classify rules into deductive rules and Event-Condition-Action (ECA) rules, and reveal their different levels of declarativities.  ...  As a result, the benefit of declarative programming is undermined.  ...  on the draft of the paper, and Nalini Belaramani for providing the source code of Coda in OverLog.  ... 
doi:10.1145/1713254.1713260 fatcat:ioxdvftdx5bqnelbwyuqkxcliq

Model Checker Execution Reports [article]

Rodrigo Castaño, Victor Braberman, Diego Garbervetsky, Sebastian Uchitel
2017 arXiv   pre-print
We instantiate these concepts for a family of techniques based on Abstract Reachability Trees and implement the approach using the software model checker CPAchecker.  ...  The purpose of this work is to provide a conceptual framing to extend software model checkers in a way that allows users to access information about incomplete checks.  ...  Figure 1 : 1 Harness for method min lowed by a few concluding remarks. II. MOTIVATION: WHAT HAS AND HAS NOT BEEN ANALYZED? Example 2 ( 2 Analyzed behaviors in lazy predicate abstraction).  ... 
arXiv:1607.06857v2 fatcat:cuwyzezf5bacvjxdlausix5iim

The SLAM Toolkit [chapter]

Thomas Ball, Sriram K. Rajamani
2001 Lecture Notes in Computer Science  
We have created a low-level specification language called Slic (Specification Language for Interface Checking) for stating safety properties.  ...  Introduction The SLAM toolkit checks safety properties of software without the need for user-supplied annotations or abstractions.  ... 
doi:10.1007/3-540-44585-4_25 fatcat:7fzprd55zbaajgsjcpzuzso3la

The Blast Query Language for Software Verification [chapter]

Dirk Beyer, Adam J. Chlipala, Thomas A. Henzinger, Ranjit Jhala, Rupak Majumdar
2004 Lecture Notes in Computer Science  
In this way, each call to the model checker may have to analyze only part of the program, or part of the specification, and may thus succeed in a reduction of the number of predicates needed for the analysis  ...  In addition, the two-level specification language provides a means for structuring and maintaining specifications.  ...  Introduction Blast, the Berkeley Lazy Abstraction Software verification Tool, is a fully automatic engine for software model checking [11] .  ... 
doi:10.1007/978-3-540-27864-1_2 fatcat:y5bt3fvijvb27kykzxf3v6gdye

Detecting inconsistencies via universal reachability analysis

Aaron Tomb, Cormac Flanagan
2012 Proceedings of the 2012 International Symposium on Software Testing and Analysis - ISSTA 2012  
as bug finding technique with a low false-positive rate.  ...  Recent research has suggested that a large class of software bugs fall into the category of inconsistencies, or cases where two pieces of program code make incompatible assumptions.  ...  Benefits of Universal Reachability Universal reachability analysis has several attributes that make it a valuable addition to the arsenal of software defect-detection tools.  ... 
doi:10.1145/2338965.2336788 dblp:conf/issta/TombF12 fatcat:ryeg7cmo7fcsbmfdvpbiqhkgnq
« Previous Showing results 1 — 15 out of 4,163 results