Results 1  10
of
761
Compositional Model Checking
, 1999
"... We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approac ..."
Abstract

Cited by 3252 (70 self)
 Add to MetaCart
We describe a method for reducing the complexity of temporal logic model checking in systems composed of many parallel processes. The goal is to check properties of the components of a system and then deduce global properties from these local properties. The main difficulty with this type of approach is that local properties are often not preserved at the global level. We present a general framework for using additional interface processes to model the environment for a component. These interface processes are typically much simpler than the full environment of the component. By composing a component with its interface processes and then checking properties of this composition, we can guarantee that these properties will be preserved at the global level. We give two example compositional systems based on the logic CTL*.
Perspectives on Program Analysis
, 1996
"... eing analysed. On the negative side, the semantic correctness of the analysis is seldom established and therefore there is often no formal justification for the program transformations for which the information is used. The semantics based approach [1; 5] is often based on domain theory in the form ..."
Abstract

Cited by 685 (35 self)
 Add to MetaCart
(Show Context)
eing analysed. On the negative side, the semantic correctness of the analysis is seldom established and therefore there is often no formal justification for the program transformations for which the information is used. The semantics based approach [1; 5] is often based on domain theory in the form of abstract domains modelling sets of values, projections, or partial equivalence relations. The approach tends to focus more directly on discovering the extensional properties of interest: for constant propagation it might operate on sets of values with constancy corresponding to singletons, and for neededness analysis it might perform a strictness analysis and use the strictness information for neededness (or make use of the "absence" notion from projection analysis and attempt to discover the di#erence). On the positive side, this usually gives rise to provably correct analyses, although there are sometimes complications (due to deciding what information to stick onto the
Parametric Shape Analysis via 3Valued Logic
, 2001
"... Shape Analysis concerns the problem of determining "shape invariants"... ..."
Abstract

Cited by 663 (80 self)
 Add to MetaCart
(Show Context)
Shape Analysis concerns the problem of determining "shape invariants"...
Abstract interpretation frameworks
 Journal of Logic and Computation
, 1992
"... We introduce abstract interpretation frameworks which are variations on the archetypal framework using Galois connections between concrete and abstract semantics, widenings and narrowings and are obtained by relaxation of the original hypotheses. We consider various ways of establishing the correctn ..."
Abstract

Cited by 290 (25 self)
 Add to MetaCart
(Show Context)
We introduce abstract interpretation frameworks which are variations on the archetypal framework using Galois connections between concrete and abstract semantics, widenings and narrowings and are obtained by relaxation of the original hypotheses. We consider various ways of establishing the correctness of an abstract interpretation depending on how the relation between the concrete and abstract semantics is defined. We insist upon those correspondences allowing for the inducing of the approximate abstract semantics from the concrete one. Furthermore we study various notions interpretation.
A Static Analyzer for Large SafetyCritical Software
, 2003
"... We show that abstract interpretationbased static program analysis can be made e#cient and precise enough to formally verify a class of properties for a family of large programs with few or no false alarms. This is achieved by refinement of a general purpose static analyzer and later adaptation to p ..."
Abstract

Cited by 271 (54 self)
 Add to MetaCart
(Show Context)
We show that abstract interpretationbased static program analysis can be made e#cient and precise enough to formally verify a class of properties for a family of large programs with few or no false alarms. This is achieved by refinement of a general purpose static analyzer and later adaptation to particular programs of the family by the enduser through parametrization. This is applied to the proof of soundness of data manipulation operations at the machine level for periodic synchronous safety critical embedded software. The main novelties are the design principle of static analyzers by refinement and adaptation through parametrization, the symbolic manipulation of expressions to improve the precision of abstract transfer functions, ellipsoid, and decision tree abstract domains, all with sound handling of rounding errors in floating point computations, widening strategies (with thresholds, delayed) and the automatic determination of the parameters (parametrized packing).
Interprocedural MayAlias Analysis for Pointers: Beyond klimiting
, 1994
"... Existing methods for alias analysis of recursive pointer data structures are based on two approximation techniques: klimiting, which blurs distinction between subobjects below depth k; and storebased (or equivalently location or regionbased) approximations, which blur distinction between elements ..."
Abstract

Cited by 249 (0 self)
 Add to MetaCart
(Show Context)
Existing methods for alias analysis of recursive pointer data structures are based on two approximation techniques: klimiting, which blurs distinction between subobjects below depth k; and storebased (or equivalently location or regionbased) approximations, which blur distinction between elements of recursive data structures. Although notable progress in interprocedural alias analysis has been recently accomplished, very little progress in the precision of analysis of recursive pointer data structures has been seen since the inception of these approximation techniques by Jones and Muchnick a decade ago. As a result, optimizing, verifying and parallelizing programs with pointers has remained difficult. We present a new parametric framework for analyzing recursive pointer data structures which can express a new natural class of alias information not accessib...
Verification by abstract interpretation
 In Verification: Theory and Practice
, 2003
"... Dedicated to Zohar Manna, for his 2 6 th birthday. Abstract. Abstract interpretation theory formalizes the idea of abstraction of mathematical structures, in particular those involved in the specification of properties and proof methods of computer systems. Verification by abstract interpretation is ..."
Abstract

Cited by 237 (16 self)
 Add to MetaCart
Dedicated to Zohar Manna, for his 2 6 th birthday. Abstract. Abstract interpretation theory formalizes the idea of abstraction of mathematical structures, in particular those involved in the specification of properties and proof methods of computer systems. Verification by abstract interpretation is illustrated on the particular cases of predicate abstraction, which is revisited to handle infinitary abstractions, and on the new parametric predicate abstraction. 1
Property preserving abstractions for the verification of concurrent systems
 FORMAL METHODS IN SYSTEM DESIGN, VOL 6, ISS
, 1995
"... We study property preserving transformations for reactive systems. The main idea is the use of simulations parameterized by Galois connections ( �), relating the lattices of properties of two systems. We propose and study a notion of preservation of properties expressed by formulas of a logic, by a ..."
Abstract

Cited by 152 (6 self)
 Add to MetaCart
(Show Context)
We study property preserving transformations for reactive systems. The main idea is the use of simulations parameterized by Galois connections ( �), relating the lattices of properties of two systems. We propose and study a notion of preservation of properties expressed by formulas of a logic, by a function mapping sets of states of a system S into sets of states of a system S'. We give results on the preservation of properties expressed in sublanguages of the branching timecalculus when two systems S and S' are related via h � isimulations. They can be used to verify a property for a system by verifying the same property on a simpler system which is an abstraction of it. We show also under which conditions abstraction of concurrent systems can be computed from the abstraction of their components. This allows a compositional application of the proposed verification method. This is a revised version of the papers [2] and [16] � the results are fully developed in [27].
TVLA: A System for Implementing Static Analyses
 In Static Analysis Symp
, 2000
"... We present TVLA (ThreeValuedLogic Analysis engine). TVLA is a "YACC"like framework for automatically constructing staticanalysis algorithms from an operational semantics, where the operational semantics is specified using logical formulae. TVLA was implemented in Java and was successfu ..."
Abstract

Cited by 134 (27 self)
 Add to MetaCart
(Show Context)
We present TVLA (ThreeValuedLogic Analysis engine). TVLA is a "YACC"like framework for automatically constructing staticanalysis algorithms from an operational semantics, where the operational semantics is specified using logical formulae. TVLA was implemented in Java and was successfully used to perform shape analysis on programs manipulating linked data structures (singly and doubly linked lists), to prove safety properties of Mobile Ambients, and to verify the partial correctness of several sorting programs.