Verification Artifacts in Cooperative Verification: Survey and Unifying Component Framework

Beyer, Dirk; Wehrheim, Heike

doi:10.1007/978-3-030-61362-4_8

Cited by 32 publications

(10 citation statements)

References 91 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Different approaches come with different strengths, and in order to join forces, we need to investigate ways to combine approaches. We are looking into possibilities to decompose a verification problem into smaller sub-problems in such a way that we can assign them to different tools (cooperative verification [20]). To achieve this, we extended the schema for proving correctness from refinement calculus by a symmetric schema for proving violation of program specifications.…”

Section: Discussionmentioning

confidence: 99%

“…The program operations operate on a set of program variables X. For defining interfaces, we use protocol automata from the literature on verification witnesses [11,20], in order to emphasis the similarity of verification interfaces with verification witnesses.…”

Section: Verification Interfacesmentioning

confidence: 99%

“…The idea is to decompose the overall verification process into parts that can be performed by specific tools, optimized for their part of the proof. Verification interfaces are a great tool to make program verification compositional, involving different tools that solve the problem together in a cooperative manner [20]. Thus, we need three kinds of tools:…”

Section: Decomposing Verification and Cooperative Verificationmentioning

confidence: 99%

See 2 more Smart Citations

An Interface Theory for Program Verification

Beyer

Kanav

2020

Leveraging Applications of Formal Methods, Verification and Validation: Verification Principles

Self Cite

View full text Add to dashboard Cite

Program verification is the problem, for a given program $$P$$ and a specification $$\phi $$, of constructing a proof of correctness for the statement “program $$P$$ satisfies specification $$\phi $$” ($$P \models \phi $$) or a proof of violation ("Equation missing"). Usually, a correctness proof is based on inductive invariants, and a violation proof on a violating program trace. Verification engineers typically expect that a verification tool exports these proof artifacts. We propose to view the task of program verification as constructing a behavioral interface (represented e.g. by an automaton). We start with the interface $$I_{P}$$ of the program itself, which represents all traces of program executions. To prove correctness, we try to construct a more abstract interface $$I_{C}$$ of the program (overapproximation) that satisfies the specification. This interface, if found, represents more traces than $$I_{P}$$ that are all correct (satisfying the specification). Ultimately, we want a compact representation of the program behavior as a correctness interface $$I_{C}$$ in terms of inductive invariants. We can then extract a correctness witness, in standard exchange format, out of such a correctness interface. Symmetrically, to prove violation, we try to construct a more concrete interface $$I_{V}$$ of the program (underapproximation) that violates the specification. This interface, if found, represents fewer traces than $$I_{P}$$ that are all feasible (can be executed). Ultimately, we want a compact representation of the program behavior as a violation interface $$I_{V}$$ in terms of a violating program trace. We can then extract a violation witness, in standard exchange format, out of such a violation interface. This viewpoint exposes the duality of these two tasks — proving correctness and violation. It enables the decomposition of the verification process, and its tools, into (at least!) three components: interface synthesizers, refinement checkers, and specification checkers. We hope the reader finds this viewpoint useful, although the underlying ideas are not novel. We see it as a framework towards modular program verification.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Verification Interfacesmentioning

confidence: 99%

Section: Decomposing Verification and Cooperative Verificationmentioning

confidence: 99%

See 1 more Smart Citation

An Interface Theory for Program Verification

Beyer

Kanav

2020

Leveraging Applications of Formal Methods, Verification and Validation: Verification Principles

Self Cite

View full text Add to dashboard Cite

show abstract

“…Whilst combining techniques is not a new idea (e.g. [34]), our focus is on the combination across different deployment stages. The framework utilizes the LLVM toolchain for (i) the insertion of assertions, (ii) the translation of C code for static analyzers, and (iii) the compilation to PureCap ISA.…”

Section: Proposed Hybrid Frameworkmentioning

confidence: 99%

Towards a Hybrid Approach to Protect Against Memory Safety Vulnerabilities

Bhayat¹,

Cordeiro²,

Reger³

et al. 2021

Preprint

View full text Add to dashboard Cite

Memory corruption bugs continue to plague low-level systems software generally written in unsafe programming languages. In order to detect and protect against such exploits, many pre- and post-deployment techniques exist. In this position paper, we propose and motivate the need for a <i>hybrid</i> approach for the protection against memory safety vulnerabilities, combining techniques that can identify the presence (and absence) of vulnerabilities pre-deployment with those that can detect and mitigate such vulnerabilities post-deployment. Our hybrid approach involves three layers: hardware runtime protection provided by capability hardware, software runtime protection provided by compiler instrumentation, and static analysis provided by bounded model checking and symbolic execution. The key aspect of the proposed hybrid approach is that the protection offered is greater than the sum of its parts -- the expense of post-deployment runtime checks is reduced via information obtained during pre-deployment analysis. During pre-deployment analysis, static checking can be guided by runtime information. <br>

show abstract

“…An approach for changing this unsatisfactory situation is cooperative verification (for an overview see [13]). Cooperative verification builds on the idea of letting tools (and thus techniques) cooperate on verification tasks, thereby leveraging the tool's individual strengths.…”

Section: Introductionmentioning

confidence: 99%

CoVEGI: Cooperative Verification via Externally Generated Invariants

Haltermann

Wehrheim

2021

Fundamental Approaches to Software Engineering

Self Cite

View full text Add to dashboard Cite

Software verification has recently made enormous progress due to the development of novel verification methods and the speed-up of supporting technologies like SMT solving. To keep software verification tools up to date with these advances, tool developers keep on integrating newly designed methods into their tools, almost exclusively by re-implementing the method within their own framework. While this allows for a conceptual re-use of methods, it nevertheless requires novel implementations for every new technique.In this paper, we employ cooperative verification in order to avoid re-implementation and enable usage of novel tools as black-box components in verification. Specifically, cooperation is employed for the core ingredient of software verification which is invariant generation. Finding an adequate loop invariant is key to the success of a verification run. Our framework named CoVEGI allows a master verification tool to delegate the task of invariant generation to one or several specialized helper invariant generators. Their results are then utilized within the verification run of the master verifier, allowing in particular for crosschecking the validity of the invariant. We experimentally evaluate our framework on an instance with two masters and three different invariant generators using a number of benchmarks from SV-COMP 2020. The experiments show that the use of CoVEGI can increase the number of correctly verified tasks without increasing the used resources.

show abstract

Verification Artifacts in Cooperative Verification: Survey and Unifying Component Framework

Cited by 32 publications

References 91 publications

An Interface Theory for Program Verification

An Interface Theory for Program Verification

Towards a Hybrid Approach to Protect Against Memory Safety Vulnerabilities

CoVEGI: Cooperative Verification via Externally Generated Invariants

Contact Info

Product

Resources

About