D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proc. of ISCA'01.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....this issue. Dynamic protocol inference techniques discover protocols from execution traces collected while the component is being used [WML02] ABL02] RR01] Static protocol inference techniques deduce sequencing constraints by statically analyzing component code [WML02] or component client code [LCED01][ECHCC01] WD01] In this paper, both inference techniques are discussed. The remainder of this paper is organized as follows: Section 2 presents and compares the existing protocol inference techniques, Section 3 proposes some future work, and Section 4 concludes. 2. Component Protocol Inference ....

.... type Results Whaley et al. WML02] Java Static Dynamic FSA Reiss et al. RR01] Java C C Dynamic FSA Ammons et al. ABL02] C Dynamic FSA Cook et al. CW98] Software process Dynamic FSA El Ramly et al. ESS02] Interactive system Dynamic Frequently recurring usage patterns Lie et al. [LCED01] C protocol code Static Models to model checkers Previous related work is summarized in Table 1. Whaley et al. WML02] use both static and dynamic techniques to extract multiple FSA submodels for the interface of a Java class. Reiss et al. RR01] employ dynamic techniques to encode program ....

[Article contains additional citation context not shown here]

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, pp. 192-203, July 2001.

....readily available for large systems. Few programmers are both willing and able to write down the speci cations. Furthermore, programmers may also be wrong when specifying the constraints. To deal with this, there have been various recent attempts to infer constraints automatically. Engler et al. [16] proposed techniques to infer constraints from programs by analyzing the behavior of the code statically. To allow for errors in the program, behavior that is observed most of the time is considered the norm. Their results suggest that this approach is e ective in nding bugs like whether a lock ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the International Symposium on Computer Architecture, pages 192-203, 2001.

....basis. The Bandera [5] and SLAM [2] toolkits create abstract verification models from source code. Bandera inputs the abstractions from the user, while SLAM iteratively refines them by itself. Neither tool seems to support the composition of derived models with hand crafted fragments. Lie et al. [13] present a method for automatically extracting models from low level software implementations. The extracted model is combined with a model of the hardware. Their approach 81 SQL Java components compose MoLa parameters translate IFL model check Modelling Language Intermediate Formal ....

David Lie, Andy Chou, Dawson Engler and David L. Dill. A simple method for extracting models from protocol code. Proceedings of the 28 Annual International Symposium on Computer Architecture, ISCA 2001.

....necessary to check a particular property can be retained in the extracted model. In contrast, general purpose languages like C, C , and Java have language features (complex pointer manipulation, exceptions etc. that are difficult to translate into the specification language of the model checkers [18, 22, 11, 26]. Support for Abstraction Other domain specific languages [8, 3, 4] extract a single model from the program and use it for model checking. To avoid the state space explosion associated with detailed models, these languages have been designed to encode only the control structure of the ....

....Spin code is generated. This approach automates the extraction of abstract models. However, the translator does not have any semantic information to check the validity of the translation. The system was used to debug the call processing software for Lucent s Pathstar access server. Lie et al. [26] use an approach similar to FeaVer [22] to extract Murphi [13] models from C programs. It requires the programmer to specify two things: a set of patterns that iden12 tify the C code that has to be captured in the extracted model, and transformations that translate the identified C code into ....

D. Lie, A. Chou, D. Engler, and D. Dill. A Simple Method for Extracting Models from Protocol Code. In International Symposium on Computer Architecture, 2001.

....Spin code is generated. This approach automates the extraction of abstract models. However, the translator does not have any semantic information to check the validity of the translation. The system was used to debug the call processing software for Lucent s Pathstar access server. Lie et al. [67] use an approach similar to FeaVer [57] to extract Murphi [40] models from C programs. It requires the programmer to specify two things: a set of patterns that identify the C code that has to be captured in the extracted model, and transformations that translate the identified C code into Murphi ....

D. Lie, A. Chou, D. Engler, and D. Dill. A Simple Method for Extracting Models from Protocol Code. In Proceedings of the International Symposium on Computer Architecture, Goteborg, Sweden, June 2001.

....readily available for large systems. Few programmers are both willing and able to write down the speci cations. Furthermore, programmers may also be wrong when specifying the constraints. To deal with this, there have been various recent attempts to infer constraints automatically. Engler et al.[16] proposed techniques to infer constraints from programs by analyzing the behavior of the code statically. To allow for errors in the program, behavior that is observed most of the time is considered the norm. Their results suggest that this approach is e ective in nding bugs like whether a lock ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the International Symposium on Computer Architecture, 2001.

....SPIN code is generated. This approach automates the extraction of abstract models. However, the translator does not have any semantic information to check the validity of the translation. The system was used to debug the call processing software for Lucent s Pathstar access server. Lie et al. [25] use an approach similar to FeaVer [23] to extract Murphi [13] models from C programs. It requires the programmer to specify two things: a set of patterns that identify the C code that has to be captured in the extracted model, and transformations that translate the identified C code into Murphi ....

D. Lie, A. Chou, D. Engler, and D. Dill. A Simple Method for Extracting Models from Protocol Code. In International Symposium on Computer Architecture, 2001.

No context found.

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th International Symposium on Computer Architecture, July 2001. 5.4.1

No context found.

Lie, D., Chou, A., Engler, D., Dill, D.: A simple method for extracting models from protocol code. In: Proceedings of the 28th Annual International Symposium on Computer Architecture. (2001)

No context found.

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, July 2001.

.... project, described in Section 2 and 3, checked FLASH cache coherence protocol implementation code [24] We rst used static analysis to nd violations of FLASHspeci c rules (e.g. that messages are sent in such a way as to prevent deadlock) 7] and then, in a follow on work, applied model checking [26]. One interesting feature of the This research was supported in part by DARPA contract MDA904 98 C A933, by GSRC MARCO Grant No:SA3276JB, and by a grant from the Stanford Networking Research Center. Dawson Engler is partially supported by an NSF Career Award. Permission to make digital or hard ....

....short summary of using both static analysis and model checking to nd bugs in FLASH cache coherence protocol implementation code. The next section focuses on the lessons learned from these e orts. Readers familiar with Chou et al. 7] can skip Section 2.1 and 2.2. Readers familiar with Lie et al. [26] can skip Section 2.1 and 2.3. 2.1 FLASH overview The Stanford FLASH multiprocessor [24] is a scalable cache coherent DSM machine that implements its communication protocols in software that runs on an embedded processor in its programmable node controller, MAGIC. While implementing such ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, July 2001.

....statements that are evaluated every time a new state is found. When Mur# detects an error, it outputs a counter example that indicates the states it traversed to reach the error state. Mur# has been successfully used in other work to verify both security protocols [17, 22] and computer hardware [13, 25], but this is the first instance we are aware of where it has been used to verify tamper resistance. Model checkers, in general, have some limitations. First, they verify models of systems, not the systems themselves. Models abstract details of the system to make the size of the state space ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th International Symposium on Computer Architecture, July 2001.

....formal veri cation can nd deep errors, it is so dicult and costly that it is rarely used for software. Further, speci cations do not necessarily mirror the code they abstract and su er from missing features and over simpli cations in practice. While recent work has begun attacking these problems [5, 15, 18], verifying software is still extremely rare. The SLAM project [2] is a promising variation on this approach. It extracts and then model checks a Boolean variable program skeleton from C code. However, it requires considerably more e ort than our approach, and appears to check a more limited set ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, July 2001.

....verification can find deep errors, it is so difficult and costly that it is rarely used for software. Further, specifications do not necessarily mirror the code they abstract and suffer from missing features and over simplifications in practice. While recent work has begun attacking these problems [5, 16, 19], verifying software is still extremely rare. The SLAM project [2] is a promising variation on this approach. It extracts and then model checks a Boolean variable program skeleton from C code. However, it requires considerably more effort than our approach, and appears to check a more limited set ....

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, July 2001.

No context found.

D. Lie, A. Chou, D. Engler, and D. Dill. A simple method for extracting models from protocol code. In Proc. of ISCA'01.

No context found.

D. Lie, A. Chou, D. Engler, and D. Dill, "A simple method for extracting models from protocol code," in Proc. of ISCA'01.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, 2001.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, Goteborg, Sweden, June 30--July 4, 2001.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings Annual International Symposium on Computer Architecture, ISCA 2001.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings Annual International Symposium on Computer Architecture, ISCA 2001.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, 2001.

No context found.

David Lie, Andy Chou, Dawson Engler, and David L. Dill. A simple method for extracting models from protocol code. In Proceedings of the 28th Annual International Symposium on Computer Architecture, 2001.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC