3,744 research outputs found
Low-Effort Specification Debugging and Analysis
Reactive synthesis deals with the automated construction of implementations
of reactive systems from their specifications. To make the approach feasible in
practice, systems engineers need effective and efficient means of debugging
these specifications.
In this paper, we provide techniques for report-based specification
debugging, wherein salient properties of a specification are analyzed, and the
result presented to the user in the form of a report. This provides a
low-effort way to debug specifications, complementing high-effort techniques
including the simulation of synthesized implementations.
We demonstrate the usefulness of our report-based specification debugging
toolkit by providing examples in the context of generalized reactivity(1)
synthesis.Comment: In Proceedings SYNT 2014, arXiv:1407.493
Model Checking Boot Code from AWS Data Centers
This paper describes our experience with symbolic model checking in an industrial setting. We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center. Standard static analysis tools cannot be easily used on boot code without modification owing to issues not commonly found in higher-level code, including memory-mapped device interfaces, byte-level memory access, and linker scripts. This paper describes automated solutions to these issues and their implementation in the C Bounded Model Checker (CBMC). CBMC is now the first source-level static analysis tool to extract the memory layout described in a linker script for use in its analysis
Automatic Software Repair: a Bibliography
This article presents a survey on automatic software repair. Automatic
software repair consists of automatically finding a solution to software bugs
without human intervention. This article considers all kinds of repairs. First,
it discusses behavioral repair where test suites, contracts, models, and
crashing inputs are taken as oracle. Second, it discusses state repair, also
known as runtime repair or runtime recovery, with techniques such as checkpoint
and restart, reconfiguration, and invariant restoration. The uniqueness of this
article is that it spans the research communities that contribute to this body
of knowledge: software engineering, dependability, operating systems,
programming languages, and security. It provides a novel and structured
overview of the diversity of bug oracles and repair operators used in the
literature
ProofPeer - A Cloud-based Interactive Theorem Proving System
ProofPeer strives to be a system for cloud-based interactive theorem proving.
After illustrating why such a system is needed, the paper presents some of the
design challenges that ProofPeer needs to meet to succeed. Contexts are
presented as a solution to the problem of sharing proof state among the users
of ProofPeer. Chronicles are introduced as a way to organize and version
contexts
Passport: Improving Automated Formal Verification Using Identifiers
Formally verifying system properties is one of the most effective ways of
improving system quality, but its high manual effort requirements often render
it prohibitively expensive. Tools that automate formal verification, by
learning from proof corpora to suggest proofs, have just begun to show their
promise. These tools are effective because of the richness of the data the
proof corpora contain. This richness comes from the stylistic conventions
followed by communities of proof developers, together with the logical systems
beneath proof assistants. However, this richness remains underexploited, with
most work thus far focusing on architecture rather than making the most of the
proof data.
In this paper, we develop Passport, a fully-automated proof-synthesis tool
that systematically explores how to most effectively exploit one aspect of that
proof data: identifiers. Passport enriches a predictive Coq model with three
new encoding mechanisms for identifiers: category vocabulary indexing, subword
sequence modeling, and path elaboration. We compare Passport to three existing
base tools which Passport can enhance: ASTactic, Tac, and Tok. In head-to-head
comparisons, Passport automatically proves 29% more theorems than the
best-performing of these base tools. Combining the three Passport-enhanced
tools automatically proves 38% more theorems than the three base tools
together, without Passport's enhancements. Finally, together, these base tools
and Passport-enhanced tools prove 45% more theorems than the combined base
tools without Passport's enhancements. Overall, our findings suggest that
modeling identifiers can play a significant role in improving proof synthesis,
leading to higher-quality software
- …