1,726 research outputs found

    The JKind Model Checker

    Full text link
    JKind is an open-source industrial model checker developed by Rockwell Collins and the University of Minnesota. JKind uses multiple parallel engines to prove or falsify safety properties of infinite state models. It is portable, easy to install, performance competitive with other state-of-the-art model checkers, and has features designed to improve the results presented to users: inductive validity cores for proofs and counterexample smoothing for test-case generation. It serves as the back-end for various industrial applications.Comment: CAV 201

    A Survey of Symbolic Execution Techniques

    Get PDF
    Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software vulnerabilities may need to rule out the existence of any backdoor to bypass a program's authentication. One approach would be to test the program using different, possibly random inputs. As the backdoor may only be hit for very specific program workloads, automated exploration of the space of possible inputs is of the essence. Symbolic execution provides an elegant solution to the problem, by systematically exploring many possible execution paths at the same time without necessarily requiring concrete inputs. Rather than taking on fully specified input values, the technique abstractly represents them as symbols, resorting to constraint solvers to construct actual instances that would cause property violations. Symbolic execution has been incubated in dozens of tools developed over the last four decades, leading to major practical breakthroughs in a number of prominent software reliability applications. The goal of this survey is to provide an overview of the main ideas, challenges, and solutions developed in the area, distilling them for a broad audience. The present survey has been accepted for publication at ACM Computing Surveys. If you are considering citing this survey, we would appreciate if you could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing this survey, we would appreciate if you could use the following BibTeX entry: http://goo.gl/Hf5Fv

    Danger Invariants

    Get PDF

    An Effective Fixpoint Semantics for Linear Logic Programs

    Full text link
    In this paper we investigate the theoretical foundation of a new bottom-up semantics for linear logic programs, and more precisely for the fragment of LinLog that consists of the language LO enriched with the constant 1. We use constraints to symbolically and finitely represent possibly infinite collections of provable goals. We define a fixpoint semantics based on a new operator in the style of Tp working over constraints. An application of the fixpoint operator can be computed algorithmically. As sufficient conditions for termination, we show that the fixpoint computation is guaranteed to converge for propositional LO. To our knowledge, this is the first attempt to define an effective fixpoint semantics for linear logic programs. As an application of our framework, we also present a formal investigation of the relations between LO and Disjunctive Logic Programming. Using an approach based on abstract interpretation, we show that DLP fixpoint semantics can be viewed as an abstraction of our semantics for LO. We prove that the resulting abstraction is correct and complete for an interesting class of LO programs encoding Petri Nets.Comment: 39 pages, 5 figures. To appear in Theory and Practice of Logic Programmin

    Mathematical Logic: Proof theory, Constructive Mathematics

    Get PDF
    The workshop “Mathematical Logic: Proof Theory, Constructive Mathematics” was centered around proof-theoretic aspects of current mathematics, constructive mathematics and logical aspects of computational complexit

    Transactions and updates in deductive databases

    Get PDF
    n this paper we develop a new approach providing a smooth integration of extensional updates and declarative query language for deductive databases. The approach is based on a declarative speci cation of updates in rule bodies. Updates are not executed as soon are evaluated. Instead, they are collectedand then applied to the database when the query evaluation is completed. We call this approach non-immediate update semantics. We provide a top down and equivalent bottom-up semantics which re ect the corresponding computation models. We also package set of updates into transactions and we provide a formal semantics for transactions. Then, in order to handle complex transactions, we extend the transaction language with control constructors still perserving formal semantics and semantics equivalence

    A framework for program reasoning based on constraint traces

    Get PDF
    Ph.DDOCTOR OF PHILOSOPH

    Smart Contract Analysis Through Communication Abstractions

    Get PDF
    Smart contracts are programs that manage interactions between many users. Recently, Solidity smart contract have become a popular way to enforce financial agreements between untrusting users. However, such agreements do not eliminate trust, but rather redirects trust into the correctness of the smart contract. This means that each user must verify that a smart contract behaves correctly, regardless of how other users interact with it. Verifying a smart contract relative to all possible users is intractable due to state explosion. This thesis studies how local symmetry can be used to analyze smart contracts from a few representative users. This thesis builds on the novel notion of participation, that gives explicit semantics to user interactions. From participation, a topology is obtained for how users interact during each transaction of a smart contract. Local symmetry analysis shows that most users are interchangeable within a topology, and therefore, most users are locally symmetric. This motivates local bundle abstractions that reduce contracts with arbitrarily many users to sequential programs with a few representative users. It is shown that local bundle abstractions can be used to ameliorate state explosion in smart contract verification, and to accelerate counterexample search in bounded analysis (e.g., fuzzing and bounded model checking). We implement local bundle abstraction in SmartACE, and show order-of-magnitude improvements in time when compared to a state-of-the-art smart contract verification tool

    Argument as design: a multimodal approach to academic argument in a digital age

    Get PDF
    Includes bibliographical referencesThis study posits that using a range of modes and genres to construct argument can engender different ways of thinking about argument in the academic context. It investigates the potentials and constraints of adopting a multimodal approach to constructing academic argument. The research is situated within a seminar, in a second year Media course. Within this context, the study identifies the semiotic resources that students draw on and examines how they are employed to construct academic argument in three digital domains, namely video, comics and PowerPoint. Grounded in a theory of multimodal social semiotics, this study posits that argument is a product of design, motivated by the rhetor's interest in communicating a particular message, in a particular environment, and shaped by the available resources in the given environment. It proposes that argument is a cultural text form for bringing about difference (Kress 1989). This view of argument recognises that argument occurs in relation to mode, genre, discourse and medium. The study illustrates how each of these social categories shapes argument through textual analysis. A framework based on Halliday's metafunctional principle is proposed to analyse argument in multimodal texts. The framework combines theories from rhetoric and social semiotics. It offers analysis of ideational content, the ways social relations are established, and how organising principles assist in establishing coherence in argument. The analysis of the data (video, comics and PowerPoint presentations) demonstrates that the framework can be applied across genres and media. The significance of the study is threefold. Theoretically, it contributes towards theorising a theory of argument from a multimodal perspective. Methodologically, it puts forward a framework for analysing multimodal arguments. Pedagogically, it contributes towards developing and interrogating a pedagogy of academic argument that is relevant to contemporary communication practices
    corecore