Abstractions from proofs

Henzinger, Thomas A.; Jhala, Ranjit; Majumdar, Rupak; McMillan, Kenneth L.

doi:10.1145/982962.964021

Cited by 173 publications

(206 citation statements)

References 31 publications

Supporting

Mentioning

205

Contrasting

Unclassified

Order By: Relevance

“…In particular, lazy abstraction with abstraction refinement based on interpolation was used for automatically generating tests leading to the reachable locations of a program, with successful applications in device drivers and security critical programs [41]. Other related and successful approaches are those by Henzinger et al [38] and…”

Section: Related Workmentioning

confidence: 99%

Improving lazy abstraction for SCR specifications through constraint relaxation

Degiovanni

Aguirre

Frias

2018

Software Testing Verif & Rel

View full text Add to dashboard Cite

Summary Formal requirements specifications, eg, software cost reduction (SCR) specifications, are challenging to analyse using automated techniques such as model checking. Since such specifications are meant to capture requirements, they tend to refer to real‐world magnitudes often characterized through variables over large domains. At the same time, they feature a high degree of nondeterminism, as opposed to other analysis contexts such as (sequential) program verification. This makes model checking of SCR specifications difficult even for symbolic approaches. Moreover, automated abstraction refinement techniques such as counterexample guided abstraction refinement fail in many cases in this context, since the concrete state space is typically large, and reaching specific states of interest may require complex executions involving many different states, causing these approaches to perform many abstraction refinements, and making them ineffective in practice. In this paper, an approach to tackle the above situation, through a 2‐stage abstraction, is presented. The specification is first relaxed, by disregarding the constraints imposed in the specification by physical laws or by the environment, before being fed to a counterexample guided abstraction refinement procedure, tailored to SCR. By relaxing the original specification, shorter spurious counterexamples are produced, favouring the abstraction refinement through the introduction of fewer abstraction predicates. Then, when a counterexample is concretizable with respect to the relaxed (concrete) specification but it is spurious with respect to the original specification, an efficient though incomplete refinement step is applied to the constraints, to cause the removal of the spurious case. This approach is experimentally assessed, comparing it with related techniques in the verification of properties and in automated test case generation, using various SCR specifications drawn from the literature as case studies. The experiments show that this new approach runs faster and scales better to larger, more complex specifications than related techniques.

show abstract

Section: Related Workmentioning

confidence: 99%

Improving lazy abstraction for SCR specifications through constraint relaxation

Degiovanni

Aguirre

Frias

2018

Software Testing Verif & Rel

View full text Add to dashboard Cite

show abstract

“…In the next phase of the algorithm, the two formulas ψ E and ψ F are used to guide the inference of new predicates from states (ϕ k 's and ϕ k 's) belonging to the error trace π E (first loop, lines [17][18][19][20][21] The procedure ExtractNewPreds is applied to the states of π E and π F , i.e., the ϕ k 's and ϕ k 's of each trace. These states are obtained via a backward analysis of π E and π F during the initial phase of the algorithm (lines 4 and 5).…”

Section: Refinement For Precondition Inferencementioning

confidence: 99%

“…It is based on a system of inference rules in the spirit of [23], where an interpolation procedure [19] is used to find predicates, followed by the application of a system of inference rules to deduce range predicates. In [23], the interpolant provides a concise description of the cause of infeasibility of traces, thus the base formula is already minimal.…”

Section: Predicate Inferencementioning

confidence: 99%

Counterexample-Guided Precondition Inference

Seghir

Kroening

2013

Programming Languages and Systems

View full text Add to dashboard Cite

Abstract. The precondition for an assertion inside a procedure is useful for understanding, verifying and debugging programs. As the procedure might be used in multiple calling-contexts within a program, the precondition should be sufficiently general to enable re-use. We present an extension of counterexample-guided abstraction refinement (CEGAR) for automated precondition inference. Starting with an over-approximation of both the set of safe and unsafe states, we iteratively refine them until they become disjoint. The resulting precondition is then necessary and sufficient for the validity of the assertion, which prevents false alarms. We have implemented our approach in a tool called P-Gen. We present experimental results on string and array-manipulating programs.

show abstract

“…If the counterexample is spurious, that is the formula representing it is unsatisfiable, then the counterexample is passed to the refiner. The refiner tries to refine the precision by discovering new predicates that need to be kept track by using the unsatisfiable core or interpolation based techniques as described in [14].…”

Section: Architecturementioning

confidence: 99%

Kratos – A Software Model Checker for SystemC

Cimatti

Griggio

Micheli

et al. 2011

Computer Aided Verification

View full text Add to dashboard Cite

Abstract. The growing popularity of SystemC has attracted research aimed at the formal verification of SystemC designs. In this paper we present KRATOS, a software model checker for SystemC. KRATOS verifies safety properties, in the form of program assertions, by allowing users to explore two directions in the verification. First, by relying on the translation from SystemC designs to sequential C programs, KRATOS is capable of model checking the resulting C programs using the symbolic lazy predicate abstraction technique. Second, KRATOS implements a novel algorithm, called ESST, that combines Explicit state techniques to deal with the SystemC Scheduler, with Symbolic techniques to deal with the Threads. KRATOS is built on top of NUSMV and MATHSAT, and uses state-ofthe-art SMT-based techniques for program abstractions and refinements.

show abstract

Abstractions from proofs

Cited by 173 publications

References 31 publications

Improving lazy abstraction for SCR specifications through constraint relaxation

Improving lazy abstraction for SCR specifications through constraint relaxation

Counterexample-Guided Precondition Inference

Kratos – A Software Model Checker for SystemC

Contact Info

Product

Resources

About