Results 1  10
of
13
Using model checking with symbolic execution to verify parallel numerical programs
 In: ISSTA (2006
"... We present a method to verify the correctness of parallel programs that perform complex numerical computations, including computations involving floatingpoint arithmetic. The method requires that a sequential version of the program be provided, to serve as the specification for the parallel one. Th ..."
Abstract

Cited by 28 (2 self)
 Add to MetaCart
We present a method to verify the correctness of parallel programs that perform complex numerical computations, including computations involving floatingpoint arithmetic. The method requires that a sequential version of the program be provided, to serve as the specification for the parallel one. The key idea is to use model checking, together with symbolic computation, to establish the equivalence of the two programs. 1.
Combining Symbolic Execution with Model Checking to Verify Parallel Numerical Programs
"... We present a method to verify the correctness of parallel programs that perform complex numerical computations, including computations involving floatingpoint arithmetic. This method requires that a sequential version of the program be provided, to serve as the specification for the parallel one. T ..."
Abstract

Cited by 16 (4 self)
 Add to MetaCart
We present a method to verify the correctness of parallel programs that perform complex numerical computations, including computations involving floatingpoint arithmetic. This method requires that a sequential version of the program be provided, to serve as the specification for the parallel one. The key idea is to use model checking, together with symbolic execution, to establish the equivalence of the two programs. In this approach the path condition from symbolic execution of the sequential program is used to constrain the search through the parallel program. To handle floatingpoint operations, three different types of equivalence are supported. Several examples are presented, demonstrating the approach and actual errors that were found. Limitations and directions for future research are also described.
Varieties of Static Analyzers: A Comparison with ASTRÉE
"... We discuss the characteristic properties of ASTRÉE, an automatic static analyzer for proving the absence of runtime errors in safetycritical realtime synchronous controlcommand C programs, and compare it with a variety of other program analysis tools. 1 ..."
Abstract

Cited by 14 (5 self)
 Add to MetaCart
We discuss the characteristic properties of ASTRÉE, an automatic static analyzer for proving the absence of runtime errors in safetycritical realtime synchronous controlcommand C programs, and compare it with a variety of other program analysis tools. 1
M.: GRKLib: a Guaranteed Runge Kutta Library
 In: Scientific Computing, Computer Arithmetic and Validated Numerics
, 2006
"... In this article, we describe a new library for computing guaranteed bounds of the solutions of Initial Value Problems (IVP). Given an initial value problem and an end point, our library computes a sequence of approximation points together with a sequence of approximation errors such that the distanc ..."
Abstract

Cited by 7 (4 self)
 Add to MetaCart
In this article, we describe a new library for computing guaranteed bounds of the solutions of Initial Value Problems (IVP). Given an initial value problem and an end point, our library computes a sequence of approximation points together with a sequence of approximation errors such that the distance to the true solution of the IVP is below these error terms at each approximation point. These sequences are computed using a classical RungeKutta method for which truncation and roundoff errors may be overapproximated. We also compute the propagation of local errors to obtain an enclosure of the global error at each computation step. These techniques are implemented in a C++ library which provides an easytouse framework for the rigorous approximation of IVP. This library implements an error control technique based on step size reduction in order to reach a certain tolerance on local errors. 1.
Abstract interpretation of the physical inputs of embedded programs
 In VMCAI’08, volume 4905 of LNCS
"... Abstract. We define an abstraction of the continuous variables that serve as inputs to embedded software. In existing static analyzers, these variables are most often abstracted by a constant interval, and this approach has shown its limits. We propose a different method that analyzes in a more prec ..."
Abstract

Cited by 7 (3 self)
 Add to MetaCart
Abstract. We define an abstraction of the continuous variables that serve as inputs to embedded software. In existing static analyzers, these variables are most often abstracted by a constant interval, and this approach has shown its limits. We propose a different method that analyzes in a more precise way the continuous environment. This environment is first expressed as the semantics of a special continuous program, and we define a safe abstract semantics. We introduce the abstract domain of interval valued step functions and show that it safely overapproximates the set of continuous functions. The theory of guaranteed integration is then used to effectively compute an abstract semantics and we prove that this abstract semantics is safe. 1
Trustworthy Numerical Computation in Scala
"... Modern computing has adopted the floating point type as a default way to describe computations with real numbers. Thanks to dedicated hardware support, such computations are efficient on modern architectures, even in double precision. However, rigorous reasoning about the resulting programs remains ..."
Abstract

Cited by 6 (3 self)
 Add to MetaCart
Modern computing has adopted the floating point type as a default way to describe computations with real numbers. Thanks to dedicated hardware support, such computations are efficient on modern architectures, even in double precision. However, rigorous reasoning about the resulting programs remains difficult. This is in part due to a large gap between the finite floating point representation and the infiniteprecision realnumber semantics that serves as the developers’ mental model. Because programming languages do not provide support for estimating errors, some computations in practice are performed more and some less precisely than needed. We present a library solution for rigorous arithmetic computation. Our numerical data type library tracks a (double) floating point value, but also a guaranteed upper bound on the error between this value and the ideal value that would be computed in the realvalue semantics. Our implementation involves a set of linear approximations based on an extension of affine arithmetic. The derived approximations cover most of the standard mathematical operations, including trigonometric functions, and are more comprehensive than any publicly available ones. Moreover, while interval arithmetic rapidly yields overly pessimistic estimates, our approach remains precise for several computational tasks of interest. We evaluate the library on a number of examples from numerical analysis and physical simulations. We found it to be a useful tool for gaining confidence in the correctness of the computation.
SemanticsBased Transformation of Arithmetic Expressions
"... Abstract. Floatingpoint arithmetic is an important source of errors in programs because of the loss of precision arising during a computation. Unfortunately, this arithmetic is not intuitive (e.g. many elementary operations are not associative, inversible, etc.) making the debugging phase very diff ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
Abstract. Floatingpoint arithmetic is an important source of errors in programs because of the loss of precision arising during a computation. Unfortunately, this arithmetic is not intuitive (e.g. many elementary operations are not associative, inversible, etc.) making the debugging phase very difficult and empiric. This article introduces a new kind of program transformation in order to automatically improve the accuracy of floatingpoint computations. We use P. Cousot and R. Cousot’s framework for semantics program transformation and we propose an offline transformation. This technique was implemented, and the first experimental results are presented. 1
Astrée: Proving the Absence of Runtime Errors
"... Abstract: Safetycritical embedded software has to satisfy stringent quality requirements. Testing and validation consumes a large – and growing – fraction of development cost. The last years have seen the emergence of semanticsbased static analysis tools in various application areas, from runtime ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
Abstract: Safetycritical embedded software has to satisfy stringent quality requirements. Testing and validation consumes a large – and growing – fraction of development cost. The last years have seen the emergence of semanticsbased static analysis tools in various application areas, from runtime error analysis to worstcase execution time prediction. Their appeal is that they have the potential to reduce testing effort while providing 100% coverage, thus enhancing safety. Static runtime error analysis is applicable to large industryscale projects and produces a list of definite runtime errors and of potential runtime errors which might be true errors or false alarms. In the past, often only the definite errors were fixed because manually inspecting each alarm was too timeconsuming due to a large number of false alarms. Therefore no proof of the absence of runtime errors could be given. In this article the parameterizable static analyzer Astrée is presented. By specialization and parameterization Astrée can be adapted to the software under analysis. This enables Astrée to efficiently compute precise results. Astrée has successfully been used to analyze largescale safetycritical avionics software with zero false alarms.
SIMPLIFYING THE ANALYSIS OF C++ PROGRAMS
, 2013
"... Based on our experience of working with different C++ front ends, this thesis identifies numerous problems that complicate the analysis of C++ programs along the entire spectrum of analysis applications. We utilize library, language, and tool extensions to address these problems and offer solutions ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Based on our experience of working with different C++ front ends, this thesis identifies numerous problems that complicate the analysis of C++ programs along the entire spectrum of analysis applications. We utilize library, language, and tool extensions to address these problems and offer solutions to many syntax trees of a program, which together render the visitor design pattern obsolete. We further extend C++ with open multimethods to deal with the broader expression problem. Finally, we offer two techniques, one based on refining the type system of a language and the other on abstract interpretation, both of which allow developers to statically ensure or verify various runtime properties of their programs without having to deal with the full language semantics or even the abstract syntax tree of a program. Together, the solutions presented in this thesis make ensuring properties of interest about C++ programs available to average language users. ii ACKNOWLEDGEMENTS Knowledge is in the end based on acknowledgement. Ludwig Wittgenstein
In Pursuit of Real Answers ∗
"... Digital computers permeate our physical world. This phenomenon creates a pressing need for tools that help us understand a priori how digital computers can affect their physical environment. In principle, simulation can be a powerful tool for animating models of the world. Today, however, there is n ..."
Abstract
 Add to MetaCart
Digital computers permeate our physical world. This phenomenon creates a pressing need for tools that help us understand a priori how digital computers can affect their physical environment. In principle, simulation can be a powerful tool for animating models of the world. Today, however, there is not a single simulation environment that comes with a guarantee that the results of the simulation are determined purely by a realvalued model and not by artifacts of the digitized implementation. As such, simulation with guaranteed fidelity does not yet exist. Towards addressing this problem, we offer an expository account of what is known about exact real arithmetic. We argue that this technology, which has roots that are over 200 years old, bears significant promise as offering exactly the right technology to build simulation environments with guaranteed fidelity. And while it has only been sparsely studied in this large span of time, there are reasons to believe that the time is right to accelerate research in this direction. ∗ This research was sponsored by the NSF under Award 0439017,