An automated verification method for distributed systems software based on model extraction

Holzmann, Gerard J.; Smith, Margaret

doi:10.1109/tse.2002.995426

Cited by 69 publications

(34 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, the equality of the exact equivalence condition (20) will never hold because of the floating-point error terms (e.g., E A ) and the numerical errors in the implementation's controller parameters (e.g.,Â) due to the optimization of the code generator. To overcome this problem, we define and use an approximate equivalence relation ≈ ρ on matrices such that M ≈ ρM if and only if M −M ≤ ρ where ρ is a given precision (i.e., threshold for approximate equivalence).…”

Section: Approximate Input-output Equivalencementioning

confidence: 99%

See 1 more Smart Citation

Automatic Verification of Finite Precision Implementations of Linear Controllers

Park

Pajić

Sokolsky

et al. 2017

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

We consider the problem of verifying finite precision implementation of linear time-invariant controllers against mathematical specifications. A specification may have multiple correct implementations which are different from each other in controller state representation, but equivalent from a perspective of input-output behavior (e.g., due to optimization in a code generator). The implementations may use finite precision computations (e.g. floating-point arithmetic) which cause quantization (i.e., roundoff) errors. To address these challenges, we first extract a controller's mathematical model from the implementation via symbolic execution and floating-point error analysis, and then check approximate input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of floating-point controller implementation in C language using the combination of techniques such as symbolic execution and convex optimization problem solving. We demonstrate the scalability of our approach through evaluation with randomly generated controller specifications of realistic size. Disciplines Computer Engineering | Computer Sciences AbstractWe consider the problem of verifying finite precision implementation of linear time-invariant controllers against mathematical specifications. A specification may have multiple correct implementations which are different from each other in controller state representation, but equivalent from a perspective of input-output behavior (e.g., due to optimization in a code generator). The implementations may use finite precision computations (e.g. floating-point arithmetic) which cause quantization (i.e., roundoff) errors. To address these challenges, we first extract a controller's mathematical model from the implementation via symbolic execution and floating-point error analysis, and then check approximate input-output equivalence between the extracted model and the specification by similarity checking. We show how to automatically verify the correctness of floating-point controller implementation in C language using the combination of techniques such as symbolic execution and convex optimization problem solving. We demonstrate the scalability of our approach through evaluation with randomly generated controller specifications of realistic size.

show abstract

Section: Approximate Input-output Equivalencementioning

confidence: 99%

“…Note that the approximate equivalence relation ≈ ρ is not transitive, thus not an equivalence relation unless ρ = 0. With ≈ ρ for a precision ρ, the equations (20) are relaxed as follows:…”

Section: Approximate Input-output Equivalencementioning

confidence: 99%

Automatic Verification of Finite Precision Implementations of Linear Controllers

Park

Pajić

Sokolsky

et al. 2017

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

show abstract

“…An Eventua program can be transformed to the ς-calculus, the underlying formalism, for execution. Bandera [4] and the Spin model checker [12] provide automatic translation from a general purpose programming language to a standard model checker. Our approach differs in that we limit ourselves to a special-purpose II language.…”

Section: Related Workmentioning

confidence: 99%

A transformational framework for testing and model checking implicit-invocation systems

Zhang¹

2004

"International Workshop on Distributed Event-Based Systems (DEBS 2004)" W18L Workshop - 26th International Conference on Softwa

View full text Add to dashboard Cite

show abstract

“…In the same perspective, [BW99], [GSX99] or [BWB + 00] are intentions papers for Ada95 while in Vienna, J. Blieberger and its team use symbolic data flow analysis framework for detecting deadlocks in Ada programs with tasks [BBS00]. With a quite different approach, some very interesting work is being done at Bell Laboratories by G.J Holzmann's team [HS99], [Hol00b] [Hol00a], [GS02]. In particular this team developped the tool FeaVer [HS00], based on the Spin model-checker, that allows the verification of distributed applications written in ANSI-C source code.…”

Section: Related Workmentioning

confidence: 99%

Quasar: A New Tool for Concurrent Ada Programs Analysis

Évangelista

Kaiser

Pradat-Peyre

et al. 2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Concurrency introduces a high degree of combinatory which may be the source of subtle mistakes. We present a new tool, Quasar, which is based on ASIS and which uses fully the concept of patterns. The analysis of a concurrent Ada program by our tool proceeds in four steps: automatic extraction of the concurrent part of the program; translation of the simplified program into a formal model using predefined patterns that are combined by substitution and merging constructors; analysis of the model both by structural techniques and model-checking techniques; reporting deadlock or starvation results. We demonstrate the usefulness of Quasar by analyzing several variations of a non trivial concurrent program.

show abstract

An automated verification method for distributed systems software based on model extraction

Cited by 69 publications

References 20 publications

Automatic Verification of Finite Precision Implementations of Linear Controllers

Automatic Verification of Finite Precision Implementations of Linear Controllers

A transformational framework for testing and model checking implicit-invocation systems

Quasar: A New Tool for Concurrent Ada Programs Analysis

Contact Info

Product

Resources

About