ProMoVer: Modular Verification of Temporal Safety Properties

Soleimanifard, Siavash; Gurov, Dilian; Huisman, Marieke

doi:10.1007/978-3-642-24690-6_25

Cited by 7 publications

(7 citation statements)

References 15 publications

(5 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In particular, we target CVPP (see e.g. [20,13]), a framework and tool set for compositional verification of control-flow safety properties. In this setting, one typically wishes to produce CFGs from incomplete programs.…”

Section: Resultsmentioning

confidence: 99%

Sound Control-Flow Graph Extraction for Java Programs with Exceptions

Amighi

Gomes

Gurov

et al. 2012

Software Engineering and Formal Methods

Self Cite

View full text Add to dashboard Cite

Abstract. We present an algorithm to extract control-flow graphs from Java bytecode, considering exceptional flows. We then establish its correctness: the behavior of the extracted graphs is shown to be a sound over-approximation of the behavior of the original programs. Thus, any temporal safety property that holds for the extracted control-flow graph also holds for the original program. This makes the extracted graphs suitable for performing various static analyses, in particular model checking. The extraction proceeds in two phases. First, we translate Java bytecode into BIR, a stack-less intermediate representation. The BIR transformation is developed as a module of Sawja, a novel static analysis framework for Java bytecode. Besides Sawja's efficiency, the resulting intermediate representation is more compact than the original bytecode and provides an explicit representation of exceptions. These features make BIR a natural starting point for sound control-flow graph extraction. Next, we formally define the transformation from BIR to control-flow graphs, which (among other features) considers the propagation of uncaught exceptions within method calls. We prove the correctness of the two-phase extraction by suitably combining the properties of the two transformations with those of an idealized control-flow graph extraction algorithm, whose correctness has been proved directly. The control-flow graph extraction algorithm is implemented in the ConFlEx tool. A number of test-cases show the efficiency and the utility of the implementation.

show abstract

Section: Resultsmentioning

confidence: 99%

Sound Control-Flow Graph Extraction for Java Programs with Exceptions

Amighi

Gomes

Gurov

et al. 2012

Software Engineering and Formal Methods

Self Cite

View full text Add to dashboard Cite

show abstract

“…Further, it provides users with a library of global properties which contains platform as well as application specific properties. For details about ProMoVer, the reader is refered to [27].…”

Section: Tool Support and Evaluationmentioning

confidence: 99%

Compositional Algorithmic Verification of Software Product Lines

Schaefer

Gurov

Soleimanifard

2011

Formal Methods for Components and Objects

Self Cite

View full text Add to dashboard Cite

Abstract. Software product line engineering allows large software systems to be developed and adapted for varying customer needs. The products of a software product line can be described by means of a hierarchical variability model specifying the commonalities and variabilities between the artifacts of the individual products. The number of products generated by a hierarchical model is exponential in its size, which poses a serious challenge to software product line analysis and verification. For an analysis technique to scale, the effort has to be linear in the size of the model rather than linear in the number of products it generates. Hence, efficient product line verification is only possible if compositional verification techniques are applied that allow the analysis of products to be relativized on the properties of their variation points. In this paper, we propose simple hierarchical variability models (SHVM) with explicit variation points as a novel way to describe a set of products consisting of sets of methods. SHVMs provide a trade-off between expressiveness and a clean and simple model suitable for compositional verification. We generalize a previously developed compositional technique and tool set for the automatic verification of control-flow based temporal safety properties to product lines defined by SHVMs, and prove soundness of the generalization. The desired property relativization is achieved by introducing variation point specifications. We evaluate the proposed technique on a number of test cases.

show abstract

“…In addition, ProMoVer provides support for different property specification languages, proof reuse, specification extraction, a collection of ready-formalized properties, and a translation between the different intermediate formats and formalisms. Results on a previous version of ProMoVer are reported in [29]. The present paper extends this earlier work by introducing an automata-based specification language and its modular verification principle.…”

Section: Introductionmentioning

confidence: 58%

“…To support our approach, we have developed a fully automated verification tool, ProMoVer, which can be tried via a web-based interface [28]. It takes as input a Java program annotated with global and method-local correctness assertions written in temporal logic and it automatically invokes a number of tools from cvpp, a previously developed tool set for compositional verification [17], to perform the individual local and global correctness checks.…”

Section: Introductionmentioning

confidence: 99%

Procedure-modular specification and verification of temporal safety properties

2013

Self Cite

View full text Add to dashboard Cite

Abstract. This paper describes ProMoVer, a tool for fully automated procedure-modular verification of Java programs equipped with methodlocal and global assertions that specify safety properties of sequences of method invocations. Modularity at the procedure-level is a natural instantiation of the modular verification paradigm, where correctness of global properties is relativized on the local properties of the methods rather than on their implementations. Here it is based on the construction of maximal models for a program model that abstracts away from program data. This approach allows global properties to be verified in the presence of code evolution, multiple method implementations (as arising from software product lines), or even unknown method implementations (as in mobile code for open platforms). ProMoVer automates a typical verification scenario for a previously developed tool set for compositional verification of control flow safety properties, and provides appropriate pre-and post-processing. Both linear-time temporal logic and finite automata are supported as formalisms for expressing local and global safety properties, allowing the user to choose a suitable format for the property at hand. Modularity is exploited by a mechanism for proof reuse that detects and minimizes the verification tasks resulting from changes in the code and the specifications. The verification task is relatively light-weight due to support for abstraction from private methods and automatic extraction of candidate specifications from method implementations. We evaluate the tool on a number of applications from the domains of Java Card and web-based application.

show abstract

ProMoVer: Modular Verification of Temporal Safety Properties

Cited by 7 publications

References 15 publications

Sound Control-Flow Graph Extraction for Java Programs with Exceptions

Sound Control-Flow Graph Extraction for Java Programs with Exceptions

Compositional Algorithmic Verification of Software Product Lines

Procedure-modular specification and verification of temporal safety properties

Contact Info

Product

Resources

About