On software verification for sensor nodes

Doina Bucur, Marta Kwiatkowska
2011 Journal of Systems and Software  
We consider software written for networked, wireless sensorn o d e s ,a n ds p e c i a l i z es o f t w a r ev e r i fi c a t i o nt e c h n i q u e sf o rs t a n d a r d Cp r o g r a m si no r d e rt ol o c a t ep r o g r a m m i n ge r r o r si ns e n s o ra p plications before the software's deployment on motes. Ensuring the reliability of sensor applications is challenging: low-level, interrupt-driven code runs without memory protection in dynamic environments. The difficulties lie with (i)
more » ... being able to automatically extract standard C models out of the particular flavours of embedded C used in sensor programming solutions, and (ii) decreasing the resulting program's state space to a degree thatallo ws practical verification times. We contribute a platform-dependent, OS-independent software verification tool for OS-wide programs written in MSP430 embedded C with asynchronous hardware interrupts. Our tool automatically translates the program into standard C by modelling the MCU's memory map and direct memory access. To emulate the existence of hardware interrupts, calls to hardware interrupt handlers are added, and their occurrence is minimized with a partial-order reduction technique, in order to decrease the program's state space, while preserving program semantics. Safety specifications are written as C assertions embedded in the code. The resulting sequential program is then passed to CBMC, a bounded softwarev e r i fi e rf o rs e q u e n t i a lA N S IC .B e s i d e ss t a n d a r de r r o r s( e . g., out-of-bounds arrays, null-pointer dereferences), this tool chain is able to verify application-specific assertions,includinglow-level assertions upon the state of the registers and peripherals. Ve r i fi c a t i o n f o r w i r e l e s s s e n s o r n e t w o r k a p p l i c a t i o n s i s a n emerging field of research; thus, as a final note, we survey current research on the topic.
doi:10.1016/j.jss.2011.04.054 fatcat:oi3lrh2pinfjnflhst2lqxluii