Software Model

14,000,000 Leading Edge Experts on the ideXlab platform

Scan Science and Technology

Contact Leading Edge Experts & Companies

Scan Science and Technology

Contact Leading Edge Experts & Companies

The Experts below are selected from a list of 846555 Experts worldwide ranked by ideXlab platform

Debra J Richardson - One of the best experts on this subject based on the ideXlab platform.

  • Software library usage pattern extraction using a Software Model checker
    Automated Software Engineering, 2006
    Co-Authors: E Ye, Debra J Richardson
    Abstract:

    The need to manually specify temporal properties of Software systems is a major barrier to wider adoption of Software Model checking, because the specification of Software temporal properties is a difficult, time-consuming, and error-prone process. To address this problem, we propose to automatically extract Software library usage patterns, which are one type of temporal specifications. Our approach uses a Model checker to check a set of Software library usage pattern candidates against existing programs using that library, and identifies valid patterns based on Model checking results. These valid patterns can help programmers learn about common Software library usage. They can also be used to check new programs using the same library. We applied our approach to C programs using the OpenSSL library and the C standard library, and extracted valid usage patterns using BLAST. We also successfully used the extracted valid usage patterns to detect an error in an open source project hosted by SourceForge.net.

  • ASE - Software Library Usage Pattern Extraction Using a Software Model Checker
    21st IEEE ACM International Conference on Automated Software Engineering (ASE'06), 2006
    Co-Authors: Chang Liu, Debra J Richardson
    Abstract:

    The need to manually specify temporal properties of Software systems is a major barrier to wider adoption of Software Model checking, because the specification of Software temporal properties is a difficult, time-consuming, and error-prone process. To address this problem, we propose to automatically extract Software library usage patterns, which are one type of temporal specifications. Our approach uses a Model checker to check a set of Software library usage pattern candidates against existing programs using that library, and identifies valid patterns based on Model checking results. These valid patterns can help programmers learn about common Software library usage. They can also be used to check new programs using the same library. We applied our approach to C programs using the OpenSSL library and the C standard library, and extracted valid usage patterns using BLAST. We also successfully used the extracted valid usage patterns to detect an error in an open source project hosted by SourceForge.net.

Nishant Sinha - One of the best experts on this subject based on the ideXlab platform.

  • state event based Software Model checking
    Integrated Formal Methods, 2004
    Co-Authors: Sagar Chaki, Edmund M Clarke, Joel Ouaknine, Natasha Sharygina, Nishant Sinha
    Abstract:

    We present a framework for Model checking concurrent Software systems which incorporates both states and events. Contrary to other state/event approaches, our work also integrates two powerful verification techniques, counterexample-guided abstraction refinement and compositional reasoning. Our specification language is a state/event extension of linear temporal logic, and allows us to express many properties of Software in a concise and intuitive manner. We show how standard automata-theoretic LTL Model checking algorithms can be ported to our framework at no extra cost, enabling us to directly benefit from the large body of research on efficient LTL verification.

  • state event based Software Model checking
    Lecture Notes in Computer Science, 2004
    Co-Authors: Sagar Chaki, Edmund M Clarke, Joel Ouaknine, Natasha Sharygina, Nishant Sinha
    Abstract:

    We present a framework for Model checking concurrent Software systems which incorporates both states and events. Contrary to other state/event approaches, our work also integrates two powerful verification techniques, counterexample-guided abstraction refinement and compositional reasoning. Our specification language is a state/event extension of linear temporal logic, and allows us to express many properties of Software in a concise and intuitive manner. We show how standard automata-theoretic LTL Model checking algorithms can be ported to our framework at no extra cost, enabling us to directly benefit from the large body of research on efficient LTL verification. We have implemented this work within our concurrent C Model checker, MAGIC, and checked a number of properties of OpenSSL-0.9.6c (an open-source implementation of the SSL protocol) and Micro-C OS version 2 (a real-time operating system for embedded applications). Our experiments show that this new approach not only eases the writing of specifications, but also yields important gains both in space and in time during verification. In certain cases, we even encountered specifications that could not be verified using traditional pure event-based or state-based approaches, but became tractable within our state/event framework. We report a bug in the source code of Micro-C OS version 2, which was found during our experiments.

Sagar Chaki - One of the best experts on this subject based on the ideXlab platform.

  • Parallel Assignments in Software Model Checking
    2015
    Co-Authors: Murray Stokely, Sagar Chaki
    Abstract:

    In this paper we investigate how formal Software verification systems can be improved by utilising parallel assignment in weakest precondition computations. We begin with an introduction to modern Software verification systems. Specifically, we review the method in which Software abstractions are built using counterexample-guided abstraction refine-ment (CEGAR). The classical NP-complete parallel assignment problem is first posed, and then an additional restriction is added to create a special case in which the problem is tractable with an O(n2) algorithm. The parallel assignment problem is then discussed in the context of weakest precondition computations. In this special situation where statements can be assumed to execute truly concurrently, we show that any sequence of simple assignment statements without function calls can be transformed into an equivalent parallel assignment block. Results of compressing assignment statements into a parallel form with this algorithm are presented for a wide variety of Software applications. The proposed algorithms were implemented in the ComFoRT reasoning framework [12] and used to measure the improvement in the verification of real Software systems. This improvement in time proved to be significant for many classes of Software

  • SVV 2005 Parallel Assignments in Software Model Checking
    2015
    Co-Authors: Murray Stokely, Sagar Chaki
    Abstract:

    In this paper we investigate how formal Software verication systems can be im-proved by utilising parallel assignment in weakest precondition computations. We begin with an introduction to modern Software verication systems. Specif-ically, we review the method in which Software abstractions are built us-ing counterexample-guided abstraction renement (CEGAR). The classical NP-complete parallel assignment problem is rst posed, and then an additional re-striction is added to create a special case in which the problem is tractable with an O(n2) algorithm. The parallel assignment problem is then discussed in the context of weakest precondition computations. In this special situation where statements can be assumed to execute truly concurrently, we show that any sequence of simple assignment statements without function calls can be transformed into an equivalent parallel assignment block. Results of compressing assignment statements into a parallel form with this al-gorithm are presented for a wide variety of Software applications. The proposed algorithms were implemented in the ComFoRT reasoning framework [12] and used to measure the improvement in the verication of real Software systems. This im-provement in time proved to be signicant for many classes of Software. Key words: static analysis, Software Model checking, predicate abstraction, parallel assignment

  • Parallel Software Model Checking
    2015
    Co-Authors: Sagar Chaki, Arie Gurfinkel, Derrick Karimi
    Abstract:

    Abstract : As the DoD continues to become Software reliant, rigorous techniques to assure the correct behavior of programs are in great demand. Software Model checking (SMC) is a promising candidate, but its scalability remains unsatisfactory. Recent years have seen the emergence of HPC technologies, e.g., multi-core processors and clusters. Yet, few Software Model checkers are designed to use this cheap and abundant computing power. A key reason is that Model checking is at its core a graph search -- where the graph is the state-space of the Model -- which is difficult to parallelize effectively (i.e., obtain reasonable speedups). The main challenge is to partition the search among the CPUs in a way that limits duplicated effort and communication bottlenecks. A promising approach is to start with a verification algorithm that maintains a worklist and to distribute elements of the worklist to different CPUs in a balanced manner. New elements are added to the worklist as a result of processing an existing element. For example, this strategy has been used successfully to parallelize the breadth-first-search in the SPIN Model checker. This project will explore this strategy to parallelize the generalized PDR algorithm for Software Model checking. It belongs to TF1 due to its focus on formal verification.

  • Combining predicate and numeric abstraction for Software Model checking
    International Journal on Software Tools for Technology Transfer, 2010
    Co-Authors: Arie Gurfinkel, Sagar Chaki
    Abstract:

    Predicate (PA) and numeric (NA) abstractions are the two principal techniques for Software analysis. In this paper, we develop an approach to couple the two techniques tightly into a unified framework via a single abstract domain called N um P red D om . In particular, we develop and evaluate four data structures that implement N um P red D om but differ in their expressivity and internal representation and algorithms. All our data structures combine BDDs (for efficient propositional reasoning) with data structures for representing numerical constraints. Our technique is distinguished by its support for complex transfer functions that allow two-way interaction between predicate and numeric information during state transformation. We have implemented a general framework for reachability analysis of C programs on top of our four data structures. Our experiments on non-trivial examples show that our proposed combination of PA and NA is more powerful and more efficient than either technique alone.

  • Software Model checking without source code
    Innovations in Systems and Software Engineering, 2010
    Co-Authors: Sagar Chaki, James Ivers
    Abstract:

    We present a framework, called air , for verifying safety properties of assembly language programs via Software Model checking. air extends the applicability of predicate abstraction and counterexample guided abstraction refinement to the automated verification of low-level Software. By working at the assembly level, air allows verification of programs for which source code is unavailable—such as legacy and COTS Software—and programs that use features—such as pointers, structures, and object-orientation—that are problematic for source-level Software verification tools. In addition, air makes no assumptions about the underlying compiler technology. We have implemented a prototype of air and present encouraging results on several non-trivial examples.

Marsha Chechik - One of the best experts on this subject based on the ideXlab platform.

  • ASE - PtYasm: Software Model Checking with Proof Templates
    2008 23rd IEEE ACM International Conference on Automated Software Engineering, 2008
    Co-Authors: Thomas E Hart, Kelvin Ku, Marsha Chechik, Arie Gurfinkel, David Lie
    Abstract:

    We describe PTYASM, an enhanced version of the YASM Software Model checker which uses proof templates. These templates associate correctness arguments with common programming idioms, thus enabling efficient verification. We have used PTYASM to verify the safety of array accesses in programs derived from the Verisec suite. PTYASM is able to verify this property in the majority of testcases, while existing Software Model checkers fail to do so due to loop unrolling.

  • a buffer overflow benchmark for Software Model checkers
    Automated Software Engineering, 2007
    Co-Authors: Kelvin Ku, Thomas E Hart, Marsha Chechik
    Abstract:

    Software Model checking based on abstraction-refinement has recently achieved widespread success in verifying API conformance in device drivers, and we believe this success can be replicated for the problem of buffer overflow detection. This paper presents a publicly-available benchmark suite to help guide and evaluate this research. The benchmark consists of 298 code fragments of varying complexity capturing 22 buffer overflow vulnerabilities in 12 open source applications. We give a preliminary evaluation of the benchmark using the SatAbs Model checker

  • CAV - YASM: a Software Model-checker for verification and refutation
    Computer Aided Verification, 2006
    Co-Authors: Arie Gurfinkel, Ou Wei, Marsha Chechik
    Abstract:

    This paper presents Yasm: a (yet another) Software Model-checker based on the Counter-Example Guided Abstraction Refinement (CEGAR) [6] framework. A number of well-engineered Software Model-checkers are available, e.g., Slam [1] and Blast [12]. Why build another one? Traditional Software Model-checkers build over-approximating abstractions of the programs they analyze and typically bias their analysis towards proving that a (safety) property of interest holds (verification). On the other hand, since Model-checkers are widely known for their bug-finding abilities, they are often used for refutation. In this case, the above approach seems unreasonable: why introduce spurious behaviour and make it more difficult to find a real bug? For such circumstances, one would just want to prove that the property is false (refutation). No witness for that is required.

  • YASM : A Software Model-checker for verification and refutation
    Lecture Notes in Computer Science, 2006
    Co-Authors: Arie Gurfinkel, Ou Wei, Marsha Chechik
    Abstract:

    This paper presents Yasm: a (yet another) Software Model-checker based on the Counter-Example Guided Abstraction Refinement (CEGAR) [6] framework. A number of well-engineered Software Model-checkers are available, e.g., Slam [1] and Blast [12]. Why build another one? Traditional Software Model-checkers build over-approximating abstractions of the programs they analyze and typically bias their analysis towards proving that a (safety) property of interest holds (verification). On the other hand, since Model-checkers are widely known for their bug-finding abilities, they are often used for refutation. In this case, the above approach seems unreasonable: why introduce spurious behaviour and make it more difficult to find a real bug? For such circumstances, one would just want to prove that the property is false (refutation). No witness for that is required.

Chang Liu - One of the best experts on this subject based on the ideXlab platform.

  • ASE - Software Library Usage Pattern Extraction Using a Software Model Checker
    21st IEEE ACM International Conference on Automated Software Engineering (ASE'06), 2006
    Co-Authors: Chang Liu, Debra J Richardson
    Abstract:

    The need to manually specify temporal properties of Software systems is a major barrier to wider adoption of Software Model checking, because the specification of Software temporal properties is a difficult, time-consuming, and error-prone process. To address this problem, we propose to automatically extract Software library usage patterns, which are one type of temporal specifications. Our approach uses a Model checker to check a set of Software library usage pattern candidates against existing programs using that library, and identifies valid patterns based on Model checking results. These valid patterns can help programmers learn about common Software library usage. They can also be used to check new programs using the same library. We applied our approach to C programs using the OpenSSL library and the C standard library, and extracted valid usage patterns using BLAST. We also successfully used the extracted valid usage patterns to detect an error in an open source project hosted by SourceForge.net.