Results 1  10
of
18
Toolsupported Program Abstraction for Finitestate Verification
 In Proceedings of the 23rd International Conference on Software Engineering
, 2000
"... Numerous researchers have reported success in reasoning about properties of small programs using finitestate verification techniques. We believe, as do most researchers in this area, that in order to scale those initial successes to realistic programs, aggressive abstraction of program data will be ..."
Abstract

Cited by 73 (8 self)
 Add to MetaCart
Numerous researchers have reported success in reasoning about properties of small programs using finitestate verification techniques. We believe, as do most researchers in this area, that in order to scale those initial successes to realistic programs, aggressive abstraction of program data will be necessary. Furthermore, we believe that to make abstractionbased verification usable by nonexperts significant tool support will be required. In this paper, we describe how several different program analysis and transformation techniques are integrated into the Bandera toolset to provide facilities for abstracting Java programs to produce compact, finitestate models that are amenable to verification, for example via model checking. We illustrate the application of Bandera's abstraction facilities to analyze a realistic multithreaded Java program. 1. Introduction Finitestate verification techniques, such as model checking, are rekindling interest in program verification. Such techniqu...
Finding Feasible Counterexamples when Model Checking Abstracted Java Programs
 IN PROCEEDINGS OF TACAS
, 2001
"... Despite recent advances in model checking and in adapting model checking techniques to software, the state explosion problem remains a major hurdle in applying model checking to software. Recent work in automated program abstraction has shown promise as a means of scaling model checking to larg ..."
Abstract

Cited by 49 (5 self)
 Add to MetaCart
(Show Context)
Despite recent advances in model checking and in adapting model checking techniques to software, the state explosion problem remains a major hurdle in applying model checking to software. Recent work in automated program abstraction has shown promise as a means of scaling model checking to larger systems. Most common abstraction techniques compute an upper approximation of the original program. Thus, when a specification is found true for the abstracted program, it is known to be true for the original program. Finding a specification to be false, however, is inconclusive since the specification may be violated on a behavior in the abstracted program which is not present in the original program. We have extended an explicitstate model checker, Java PathFinder (JPF), to analyze counterexamples in the presence of abstractions. We enhanced JPF to search for "feasible" counterexamples during model checking. Alternatively, an abstract counterexample can be used to guide the simulation of the concrete computation and thereby check feasibility of the counterexample. We demonstrate the effectiveness of these techniques on counterexamples from checks of several multithreaded Java programs.
Diagram refinements for the design of reactive systems
 in &quot;Journal of Universal Computer Science
, 1993
"... Abstract: We define a class of predicate diagrams that represent abstractions of—possibly infinitestate—reactive systems. Our diagrams support the verification of safety as well as liveness properties. Nontemporal proof obligations establish the correspondence between the original specification, w ..."
Abstract

Cited by 14 (6 self)
 Add to MetaCart
(Show Context)
Abstract: We define a class of predicate diagrams that represent abstractions of—possibly infinitestate—reactive systems. Our diagrams support the verification of safety as well as liveness properties. Nontemporal proof obligations establish the correspondence between the original specification, whereas model checking can be used to verify behavioral properties. We define a notion of refinement between diagrams that is intended to justify the topdown development of systems within the framework of diagrams. The method is illustrated by a number of mutualexclusion algorithms.
Combinations of model checking and theorem proving
 PROCEEDINGS OF THE THIRD INTL. WORKSHOP ON FRONTIERS OF COMBINING SYSTEMS, VOLUME 1794 OF LNCS
, 2000
"... The two main approaches to the formal verification of reactive systems are based, respectively, on model checking (algorithmic verification) and theorem proving (deductive verification). These two approaches have complementary strengths and weaknesses, and their combination promises to enhance the ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
(Show Context)
The two main approaches to the formal verification of reactive systems are based, respectively, on model checking (algorithmic verification) and theorem proving (deductive verification). These two approaches have complementary strengths and weaknesses, and their combination promises to enhance the capabilities of each. This paper surveys a number of methods for doing so. As is often the case, the combinations can be classified according to how tightly the different components are integrated, their range of application, and their degree of automation.
Abstraction and assumeguarantee reasoning for automated software verification
, 2004
"... Compositional verification and abstraction are the key techniques to address the state explosion problem associated with model checking of concurrent software. A promising compositional approach is to prove properties of a system by checking properties of its components in an assumeguarantee style. ..."
Abstract

Cited by 10 (4 self)
 Add to MetaCart
(Show Context)
Compositional verification and abstraction are the key techniques to address the state explosion problem associated with model checking of concurrent software. A promising compositional approach is to prove properties of a system by checking properties of its components in an assumeguarantee style. This article proposes a framework for performing abstraction and assumeguarantee reasoning of concurrent C code in an incremental and fully automated fashion. The framework uses predicate abstraction to extract and refine finite state models of software and it uses an automata learning algorithm to incrementally construct assumptions for the compositional verification of the abstract models. The framework can be instantiated with different assumeguarantee rules. We have implemented our approach in the ComFoRT reasoning framework and we show how ComFoRT outperforms several previous software model checking approaches when checking safety properties of nontrivial concurrent programs.
Data Independent Induction: CSP Model Checking of Arbitrary Sized Networks
, 2001
"... The challenge for researchers in the formal methods community is to produce formal techniques which industry can use, in terms of people being able to utilise the methods, and in terms of those methods delivering useful results for industrial systems. The formal verification of systems of realistic ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
The challenge for researchers in the formal methods community is to produce formal techniques which industry can use, in terms of people being able to utilise the methods, and in terms of those methods delivering useful results for industrial systems. The formal verification of systems of realistic size and complexity in itself requires the help of computers. This type of tool support usually takes the form of either theorem proving or model checking. Modelchecking is an important formal technique, since it is a form of tool support not only capable of positive verifications of system specifications, but also because where proofs fail it provides debugging information. This information makes modelchecking applicable throughout the development lifecycle, since it can help remove errors early in system development. However, modelcheckers can only reason about systems of a finite size, making it impossible to model check an network of arbitrary size directly. The Data Independent Induction technique presented in this thesis extends the classes of systems which may be reasoned about using a model checker. Its particular contribution is to allow us to prove things about arbitrarysized networks where each node knows and uses the type of node identities.
Predicate Diagrams for the Verification of RealTime Systems
"... This article discusses a new format of predicate diagrams for the verification of realtime systems. We consider systems that are defined as extended timed graphs, a format that combines timed automata and constructs for modelling data, possibly over infinite domains. Predicate diagrams are succinc ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
This article discusses a new format of predicate diagrams for the verification of realtime systems. We consider systems that are defined as extended timed graphs, a format that combines timed automata and constructs for modelling data, possibly over infinite domains. Predicate diagrams are succinct and intuitive representations of Boolean abstractions. They also represent an interface between deductive tools used to establish the correctness of an abstraction, and model checking tools that can verify behavioral properties of finitestate models. The contribution of this article is to extend the format of predicate diagrams to timed systems. We establish a set of verification conditions that are sufficient to prove that a given predicate diagram is a correct abstraction of an extended timed graph; these verification conditions can often be discharged with SMT solvers such as CVClite. Additionally, we describe how this approach extends naturally to the verification of parameterized systems. The formalism is supported by a toolkit, and we demonstrate its use at the hand of Fischer’s realtime mutualexclusion protocol.
"No Collision" in a Protocol with n Stations: a Comparative Study of Formal Proofs
"... . Formal methods are used both for designing a system and for checking that it satisfies required properties. To prove that a finite system matches its specification, a common line of thought is to express properties in a suitable temporal logic, and with a model checker, automatically verify th ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
. Formal methods are used both for designing a system and for checking that it satisfies required properties. To prove that a finite system matches its specification, a common line of thought is to express properties in a suitable temporal logic, and with a model checker, automatically verify that the system satisfies them. However this method does not work straightaway for systems composed of n similar components running in parallel, where n is not fixed, like the protocol we present in this paper. Several ways out have been proposed. We have selected 3 different methods. We present them, apply them to the protocol and analyse how they compare. Keywords: Formal methods, automatic verification, model checker, temporal logic, deductive reasoning, structural induction, correspondence. 1 Introduction With software components becoming essential parts of embedded systems, there is a large agreement that formal methods are particularly important to build dependable systems. Form...
Experimenting Acceleration Methods for the Validation of Infinite State Systems
 In International Workshop on Distributed System Validation and Verification (DSVV'2000
, 2000
"... In this paper, we present a generic validation tool, called FMona. We illustrate its use through the expression of iterative and abstraction methods. These methods are applied for the validation of infinite or parameterized space problems. We propose two techniques to enhance iterative methods by ac ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
In this paper, we present a generic validation tool, called FMona. We illustrate its use through the expression of iterative and abstraction methods. These methods are applied for the validation of infinite or parameterized space problems. We propose two techniques to enhance iterative methods by accelerating their convergence. These techniques are expressed in FMona and applied on some examples. Keywords: Verification Technique, Validation tools, parameterized systems. 1. Introduction In recent years, important work has been done in the design and implementation of general specification languages and validation systems. Usually, we distinguish three families of tools: model checkers (SMV [6], SPIN [11]) to build a finite model and check its temporal properties; automatic proof tools (Mona [10] for the WSnS logic, its extension to structured types Lisa [2]), and proof assistants (Coq [3], HOL [8] and PVS [16]) which offer an expressive higher order logic (and thus not decidable) and...
RealTime system verification techniques based on abstraction/deduction and model checking
 in &quot;Doctoral Symposium of the Fifth International Conference on Integrated Formal Methods  IFM’2005. Technical Report of MCS
"... model checking ..."
(Show Context)