Results 1  10
of
1,640,565
Proving Functional Equivalence of two AES Implementations using Bounded Model Checking ∗
"... Bounded model checking—as well as symbolic equivalence checking—are highly successful techniques in the hardware domain. Recently, bitvector bounded model checkers like CBMC have been developed that are able to check properties of (mostly lowlevel) software written in C. However, using these tool ..."
Abstract
 Add to MetaCart
these tools to check equivalence of software implementations has rarely been pursued. In this case study we tackle the problem of proving the functional equivalence of two implementations of the AES cryptoalgorithm using automatic bounded model checking techniques. Cryptographic algorithms heavily rely
Symbolic Model Checking without BDDs
, 1999
"... Symbolic Model Checking [3, 14] has proven to be a powerful technique for the verification of reactive systems. BDDs [2] have traditionally been used as a symbolic representation of the system. In this paper we show how boolean decision procedures, like Stalmarck's Method [16] or the Davis ..."
Abstract

Cited by 910 (74 self)
 Add to MetaCart
which reduces model checking to propositional satisfiability. We show that bounded LTL model checking can be done without a tableau construction. We have implemented a model checker BMC, based on bounded model checking, and preliminary results are presented.
Symbolic Model Checking for Realtime Systems
 INFORMATION AND COMPUTATION
, 1992
"... We describe finitestate programs over realnumbered time in a guardedcommand language with realvalued clocks or, equivalently, as finite automata with realvalued clocks. Model checking answers the question which states of a realtime program satisfy a branchingtime specification (given in an ..."
Abstract

Cited by 574 (50 self)
 Add to MetaCart
We describe finitestate programs over realnumbered time in a guardedcommand language with realvalued clocks or, equivalently, as finite automata with realvalued clocks. Model checking answers the question which states of a realtime program satisfy a branchingtime specification (given
Implementing FaultTolerant Services Using the State Machine Approach: A Tutorial
 ACM COMPUTING SURVEYS
, 1990
"... The state machine approach is a general method for implementing faulttolerant services in distributed systems. This paper reviews the approach and describes protocols for two different failure modelsByzantine and failstop. System reconfiguration techniques for removing faulty components and i ..."
Abstract

Cited by 972 (10 self)
 Add to MetaCart
The state machine approach is a general method for implementing faulttolerant services in distributed systems. This paper reviews the approach and describes protocols for two different failure modelsByzantine and failstop. System reconfiguration techniques for removing faulty components
Domain names  Implementation and Specification
 RFC883, USC/Information Sciences Institute
, 1983
"... This RFC describes the details of the domain system and protocol, and assumes that the reader is familiar with the concepts discussed in a companion RFC, "Domain Names Concepts and Facilities " [RFC1034]. The domain system is a mixture of functions and data types which are an official pr ..."
Abstract

Cited by 715 (9 self)
 Add to MetaCart
This RFC describes the details of the domain system and protocol, and assumes that the reader is familiar with the concepts discussed in a companion RFC, "Domain Names Concepts and Facilities " [RFC1034]. The domain system is a mixture of functions and data types which are an official
Implementing data cubes efficiently
 In SIGMOD
, 1996
"... Decision support applications involve complex queries on very large databases. Since response times should be small, query optimization is critical. Users typically view the data as multidimensional data cubes. Each cell of the data cube is a view consisting of an aggregation of interest, like total ..."
Abstract

Cited by 545 (1 self)
 Add to MetaCart
to materialize. The greedy algorithm performs within a small constant factor of optimal under a variety of models. We then consider the most common case of the hypercube lattice and examine the choice of materialized views for hypercubes in detail, giving some good tradeoffs between the space used
Efficient implementation of a BDD package
 In Proceedings of the 27th ACM/IEEE conference on Design autamation
, 1991
"... Efficient manipulation of Boolean functions is an important component of many computeraided design tasks. This paper describes a package for manipulating Boolean functions based on the reduced, ordered, binary decision diagram (ROBDD) representation. The package is based on an efficient implementat ..."
Abstract

Cited by 500 (9 self)
 Add to MetaCart
to decrease memory use. Memory function efficiency is improved by using rules that detect. when equivalent functions are computed. The usefulness of the package is enhanced by an automatic and lowcost scheme for rec:ycling memory. Experimental results are given to demonstrate why various implementation trade
The implementation of the cilk5 multithreaded language
 In PLDI ’98: Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
, 1998
"... The fth release of the multithreaded language Cilk uses a provably good \workstealing " scheduling algorithm similar to the rst system, but the language has been completely redesigned and the runtime system completely reengineered. The eciency of the new implementation was aided by a clear st ..."
Abstract

Cited by 493 (30 self)
 Add to MetaCart
to equivalent C programs. This paper describes how the workrst principle was exploited in the design of Cilk5's compiler and its runtime system. In particular, we present Cilk5's novel \twoclone " compilation strategy and its Dijkstralike mutualexclusion protocol for implementing the ready
Model Checking for Programming Languages using VeriSoft
 IN PROCEEDINGS OF THE 24TH ACM SYMPOSIUM ON PRINCIPLES OF PROGRAMMING LANGUAGES
, 1997
"... Verification by statespace exploration, also often referred to as "model checking", is an effective method for analyzing the correctness of concurrent reactive systems (e.g., communication protocols). Unfortunately, existing modelchecking techniques are restricted to the verification of ..."
Abstract

Cited by 442 (13 self)
 Add to MetaCart
of properties of models, i.e., abstractions, of concurrent systems. In this paper, we discuss how model checking can be extended to deal directly with "actual" descriptions of concurrent systems, e.g., implementations of communication protocols written in programming languages such as C or C++. We
Results 1  10
of
1,640,565