Results 11  20
of
52
SATbased verification for timed component connectors
"... Componentbased software construction relies on suitable models underlying components, and in particular the coordinators which orchestrate component behaviour. Verifying correctness and safety of such systems amounts to model checking the underlying system model, where model checking techniques not ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
Componentbased software construction relies on suitable models underlying components, and in particular the coordinators which orchestrate component behaviour. Verifying correctness and safety of such systems amounts to model checking the underlying system model, where model checking techniques not only need to be correct but—since system sizes increase—also scalable and efficient. In this paper, we present a SATbased approach for bounded model checking of Timed Constraint Automata. We present an embedding of bounded model checking into propositional logic with linear arithmetic, which overcomes the state explosion problem to deal with large systems by defining a product that is linear in the size of the system. To further improve model checking performance, we show how to embed our approach into an extension of counterexample guided abstraction refinement with Craig interpolants.
Program analysis via satisfiability modulo path programs
 IN: POPL
, 2010
"... Pathsensitivity is often a crucial requirement for verifying safety properties of programs. As it is infeasible to enumerate and analyze each path individually, analyses compromise by soundly merging information about executions along multiple paths. However, this frequently results in a loss of pr ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
Pathsensitivity is often a crucial requirement for verifying safety properties of programs. As it is infeasible to enumerate and analyze each path individually, analyses compromise by soundly merging information about executions along multiple paths. However, this frequently results in a loss of precision. We present a program analysis technique that we call Satisfiability Modulo Path Programs (SMPP), based on a pathbased decomposition of a program. It is inspired by insights that have driven the development of modern SMT (Satisfiability Modulo Theory) solvers. SMPP symbolically enumerates path programs using a SAT formula over control edges in the program. Each enumerated path program is verified using an oracle, such as abstract interpretation or symbolic execution, to either find a proof of correctness or report a potential violation. If a proof is found, then SMPP extracts a sufficient set of control edges and corresponding interference edges, as a form of proofbased learning. Blocking clauses derived from these edges are added back to the SAT formula to avoid enumeration of other path programs guaranteed to be correct, thereby improving performance and scalability. We have applied SMPP in the FSoft program verification framework, to verify properties of realworld C programs that require pathsensitive reasoning. Our results indicate that the precision from analyzing individual path programs, combined with their efficient enumeration by SMPP, can prove properties as well as indicate potential violations in the large.
Model Checking: Software and Beyond
"... Temporal logic model checking, first developed by Clarke and Emerson [1] and independently discovered by Queille and Sifakis [2], is an automated technique for the verification of finitestate systems. The specification is expressed as a ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
Temporal logic model checking, first developed by Clarke and Emerson [1] and independently discovered by Queille and Sifakis [2], is an automated technique for the verification of finitestate systems. The specification is expressed as a
Scheduling large jobs by abstraction refinement
 in Proceedings of the sixth conference on Computer systems. ACM
"... The static scheduling problem often arises as a fundamental problem in realtime systems and grid computing. We consider the problem of statically scheduling a large job expressed as a task graph on a large number of computing nodes, such as a data center. This paper solves the largescale static sc ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
The static scheduling problem often arises as a fundamental problem in realtime systems and grid computing. We consider the problem of statically scheduling a large job expressed as a task graph on a large number of computing nodes, such as a data center. This paper solves the largescale static scheduling problem using abstraction refinement, a technique commonly used in formal verification to efficiently solve computationally hard problems. A scheduler based on abstraction refinement first attempts to solve the scheduling problem with abstract representations of the job and the computing resources. As abstract representations are generally small, the scheduling can be done reasonably fast. If the obtained schedule does not meet specified quality conditions (like
Structure and Hierarchy in RealTime Systems
, 2002
"... The development of digital systems is particularly challenging, if their correctness depends on the right timing of operations. One approach to enhance the reliability of such systems is modelbased development. This allows for a formal analysis throughout all stages of design. Modelbased ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
The development of digital systems is particularly challenging, if their correctness depends on the right timing of operations. One approach to enhance the reliability of such systems is modelbased development. This allows for a formal analysis throughout all stages of design. Modelbased
Event Order Abstraction for Parametric RealTime System Verification
, 2008
"... We present a new abstraction technique, event order abstraction (EOA), for parametric safety verification of realtime systems in which “correct orderings of events ” needed for system correctness are maintained by timing constraints on the systems ’ behavior. By using EOA, one can separate the task ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
We present a new abstraction technique, event order abstraction (EOA), for parametric safety verification of realtime systems in which “correct orderings of events ” needed for system correctness are maintained by timing constraints on the systems ’ behavior. By using EOA, one can separate the task of verifying a realtime system into two parts: 1. Safety property verification of the system given that only correct event orderings occur; and 2. Derivation of timing parameter constraints for correct orderings of events in the system. The user first identifies a candidate set of bad event orders. Then, by using ordinary untimed modelchecking, the user examines whether a discretized system model in which all timing constraints are abstracted away satisfies a desirable safety property under the assumption that the identified bad event orders occur in no system execution. The user uses counterexamples obtained from the modelchecker to identify additional bad event orders, and repeats the process until the modelchecking succeeds. In this step, the user obtains a sufficient set of bad event orders that must be excluded by timing synthesis for system correctness. Next, the algorithm presented in the paper automatically derives a set of timing parameter constraints under which the system does not exhibit the identified bad event orderings. From this step combined with the untimed modelchecking step, the user obtains a sufficient set of timing parameter constraints under which the system executes correctly with respect to a given safety property. We illustrate the use of EOA with a traingate example inspired by the general railroad crossing problem [13]. We also summarize three other case studies, a biphase mark protocol, the IEEE 1394 root contention protocol, and the Fischer mutual exclusion algorithm.
Program Compatibility Approaches
 IN PROCEEDINGS OF THE FORMAL METHODS FOR COMPONENTS AND OBJECTS SYMPOSIUM, FMCO 2006
, 2006
"... This paper is a survey of several techniques that have proven useful in establishing compatibility among behaviorally similar programs (e.g., system upgrades, object sub and supertypes, system components produced by different vendors, etc.). We give a comparative analysis of the techniques by eval ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
This paper is a survey of several techniques that have proven useful in establishing compatibility among behaviorally similar programs (e.g., system upgrades, object sub and supertypes, system components produced by different vendors, etc.). We give a comparative analysis of the techniques by evaluating their applicability to various aspects of the compatibility problem.
Sciduction: Combining induction, deduction, and structure for verification and synthesis
, 2011
"... Even with impressive advances in automated formal methods, certain problems in system verification and synthesis remain challenging. Examples include the verification of quantitative properties of software involving constraints on timing and energy consumption, and the automatic synthesis of systems ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Even with impressive advances in automated formal methods, certain problems in system verification and synthesis remain challenging. Examples include the verification of quantitative properties of software involving constraints on timing and energy consumption, and the automatic synthesis of systems from specifications. The major challenges include environment modeling, incompleteness in specifications, and the complexity of underlying decision problems. This position paper proposes sciduction, an approach to tackle these challenges by integrating inductive inference, deductive reasoning, and structure hypotheses. Deductive reasoning, which leads from general rules or concepts to conclusions about specific problem instances, includes techniques such as logical inference and constraint solving. Inductive inference, which generalizes from specific instances to yield a concept, includes algorithmic learning from examples. Structure hypotheses are used to define the class of artifacts, such as invariants or program fragments, generated during verification or synthesis. Sciduction constrains inductive and deductive reasoning using structure hypotheses, and actively combines inductive and deductive reasoning: for instance, deductive techniques generate examples for learning, and inductive reasoning is used to guide the deductive engines. We illustrate this approach with three applications: (i) timing analysis of software; (ii) synthesis of loopfree programs, and (iii) controller synthesis for hybrid systems. Some future applications are also discussed. 1
Incremental formal verification of hardware
 In Proc. FMCAD
, 2011
"... Abstract—Formal verification is a reliable and fully automatic technique for proving correctness of hardware designs. Its main drawback is the high complexity of verification, and this problem is especially acute in regression verification, where a new version of the design, differing from the previ ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract—Formal verification is a reliable and fully automatic technique for proving correctness of hardware designs. Its main drawback is the high complexity of verification, and this problem is especially acute in regression verification, where a new version of the design, differing from the previous version very slightly, is verified with respect to the same or a very similar property. In this paper, we present an efficient algorithm for incremental verification, based on the ic3 algorithm, that uses stored information from the previous verification runs in order to improve the complexity of reverifying similar designs on similar properties. Our algorithm applies both to the positive and to the negative results of verification (that is, both when there is a proof of correctness and when there is a counterexample). The algorithm is implemented and experimental results show improvement of up to two orders of magnitude in running time, compared to full verification. I.
Automatic Abstraction of NonLinear Systems Using Change of Bases Transformations.
"... We present abstraction techniques that transform a given nonlinear dynamical system into a linear system, such that, invariant properties of the resulting linear abstraction can be used to infer invariants for the original system. The abstraction techniques rely on a change of bases transformation ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We present abstraction techniques that transform a given nonlinear dynamical system into a linear system, such that, invariant properties of the resulting linear abstraction can be used to infer invariants for the original system. The abstraction techniques rely on a change of bases transformation that associates each state variable of the abstract system with a function involving the state variables of the original system. We present conditions under which a given change of basis transformation for a nonlinear system can define an abstraction. Furthermore, we present a technique to discover, given a nonlinear system, if a change of bases transformation involving degreebounded polynomials yielding a linear system abstraction exists. If so, our technique yields the resulting abstract linear system, as well. This approach is further extended to search for a change of bases transformation that abstracts a given nonlinear system into a system of linear differential inclusions. Our techniques enable the use of analysis techniques for linear systems to infer invariants for nonlinear systems. We present preliminary evidence of the practical feasibility of our ideas using a prototype implementation.