9,609 research outputs found
Differentially Testing Soundness and Precision of Program Analyzers
In the last decades, numerous program analyzers have been developed both by
academia and industry. Despite their abundance however, there is currently no
systematic way of comparing the effectiveness of different analyzers on
arbitrary code. In this paper, we present the first automated technique for
differentially testing soundness and precision of program analyzers. We used
our technique to compare six mature, state-of-the art analyzers on tens of
thousands of automatically generated benchmarks. Our technique detected
soundness and precision issues in most analyzers, and we evaluated the
implications of these issues to both designers and users of program analyzers
A formally verified compiler back-end
This article describes the development and formal verification (proof of
semantic preservation) of a compiler back-end from Cminor (a simple imperative
intermediate language) to PowerPC assembly code, using the Coq proof assistant
both for programming the compiler and for proving its correctness. Such a
verified compiler is useful in the context of formal methods applied to the
certification of critical software: the verification of the compiler guarantees
that the safety properties proved on the source code hold for the executable
compiled code as well
Checking Computations of Formal Method Tools - A Secondary Toolchain for ProB
We present the implementation of pyB, a predicate - and expression - checker
for the B language. The tool is to be used for a secondary tool chain for data
validation and data generation, with ProB being used in the primary tool chain.
Indeed, pyB is an independent cleanroom-implementation which is used to
double-check solutions generated by ProB, an animator and model-checker for B
specifications. One of the major goals is to use ProB together with pyB to
generate reliable outputs for high-integrity safety critical applications.
Although pyB is still work in progress, the ProB/pyB toolchain has already been
successfully tested on various industrial B machines and data validation tasks.Comment: In Proceedings F-IDE 2014, arXiv:1404.578
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Exact Gap Computation for Code Coverage Metrics in ISO-C
Test generation and test data selection are difficult tasks for model based
testing. Tests for a program can be meld to a test suite. A lot of research is
done to quantify the quality and improve a test suite. Code coverage metrics
estimate the quality of a test suite. This quality is fine, if the code
coverage value is high or 100%. Unfortunately it might be impossible to achieve
100% code coverage because of dead code for example. There is a gap between the
feasible and theoretical maximal possible code coverage value. Our review of
the research indicates, none of current research is concerned with exact gap
computation. This paper presents a framework to compute such gaps exactly in an
ISO-C compatible semantic and similar languages. We describe an efficient
approximation of the gap in all the other cases. Thus, a tester can decide if
more tests might be able or necessary to achieve better coverage.Comment: In Proceedings MBT 2012, arXiv:1202.582
- …