Model checking software with well-defined APIs

Cámara, Pedro de la; Gallardo, María del Mar Prados; Merino, Pedro; Sanán, David

doi:10.1145/1081180.1081184

Cited by 12 publications

(30 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Translation from other language to PROMELA, have been developed in [18][19][20]. In [18], Jiang addresses the problem of automatically verifying the correctness of concurrent algorithms, and describes a step in this direction: an automated translation from a subset of C to PROMELA.…”

Section: To Promelamentioning

confidence: 99%

“…In [18], Jiang addresses the problem of automatically verifying the correctness of concurrent algorithms, and describes a step in this direction: an automated translation from a subset of C to PROMELA. Reference [19] gives a method for using the tool SPIN to verify the network protocol stack TCP/IP for communications. The approach consists of building a model of the underlying operating system to be joined with the original C code in order to obtain the input for the model checker.…”

Section: To Promelamentioning

confidence: 99%

See 1 more Smart Citation

Using SPIN to Check Simulink Stateflow Models

Yamada¹,

Miller²

2016

IJNDC

View full text Add to dashboard Cite

Verification is critical to the design of large and complex systems. SPIN is a well-known and extensively used verification tool. In this paper, we consider two tool chains, one existing, WSAT, and one introduced here, that support using SPIN to model check systems specified as Simulink Stateflow models. We present algorithms for doing the necessary translations and present empirical results that show the chain using tools introduced in this paper performs better than the one using the existing WSAT tool. We also show that these tools allow SPIN to be used for model checking nondeterministic Stateflow models in addition to deterministic ones.

show abstract

Section: To Promelamentioning

confidence: 99%

Section: To Promelamentioning

confidence: 99%

Using SPIN to Check Simulink Stateflow Models

Yamada¹,

Miller²

2016

IJNDC

View full text Add to dashboard Cite

show abstract

“…A similar approach analyzes the complete state space of all processes by extending JPF itself [38,39] rather than pre-processing the SUT. De la Cámara et al [10] propose a tool for the transformation of distributed C programs to the input language of the model checker SPIN [16]. The generated program model is combined with a static, manually constructed model of TCP sockets and verified by Spin.…”

Section: Centralization-based Approachesmentioning

confidence: 99%

Software Model Checking of UDP-based Distributed Applications

Sebih

Hagiya

Weitl

et al. 2015

IJNC

View full text Add to dashboard Cite

PostprintThis is the accepted version of a paper published in IJNC. This paper has been peer-reviewed but does not include the final publisher proof-corrections or journal pagination.Citation for the original published paper (version of record): Sebih, N., Hagiya, M., Weitl, F., Yamamoto, M., Artho, C. et al. (2015) Software Model Checking of UDP-based Distributed Applications. IJNC, 5(2): 373-402Access to the published version may require subscription. UDP maximizes performance by omitting flow control and connection handling. For instance, media-streaming services often use UDP to reduce delay and jitter. However, because UDP is unreliable (packets are subject to loss, duplication, and reordering), verification of UDP-based applications becomes an issue. Even though unreliable behavior occurs only rarely during testing, it often appears in a production environment due to a larger number of concurrent network accesses.Our tool systematically tests UDP-based applications by producing packet loss, duplication, and reordering for each packet. We have evaluated the performance of our tool in a multithreaded client/server application and detected incorrectly handled packet duplicates in a file transfer client.

show abstract

“…As far as we know, this is the first time that collapsing related methods have been formalized. As in [13], the formal semantics has been useful to check correctness and to guide implementation.…”

Section: Contributionsmentioning

confidence: 99%

“…Furthermore, it is necessary to replace the calls to the operating system with models of their expected behavior in a systematic way. In [13] we presented a new approach for verifying concurrent C applications that make extensive use of such system calls, represented in Fig. 7.…”

Section: Transforming C Programs Into Promela Modelsmentioning

confidence: 99%

Model Checking Dynamic Memory Allocation in Operating Systems

2009

View full text Add to dashboard Cite

Most system software, including operating systems, contains dynamic data structures whose shape and contents should satisfy design requirements during execution. Model checking technology, a powerful tool for automatic verification based on state exploration, should be adapted to deal with this kind of structure. This paper presents a method to specify and verify properties of C programs with dynamic memory management. The proposal contains two main contributions. First, we present a novel method to extend explicit model checking of C programs with dynamic memory management. The approach consists of defining a canonical representation of the heap, moving most of the information from the state vector to a global structure. We provide a formal semantics of the method that allows us to prove the soundness of the representation. Secondly, we combine temporal LTL and CTL logic to define a two-dimensional logic, in time and space, which is suitable to specify complex properties of programs with dynamic data structures. We also define the model checking algorithms for this logic. The whole method has been implemented in the well known model checker SPIN, and illustrated with an example where a typical memory reader/writer driver is modelled and analyzed.

show abstract

Model checking software with well-defined APIs

Cited by 12 publications

References 8 publications

Using SPIN to Check Simulink Stateflow Models

Using SPIN to Check Simulink Stateflow Models

Software Model Checking of UDP-based Distributed Applications

Model Checking Dynamic Memory Allocation in Operating Systems

Contact Info

Product

Resources

About