AUTSEG: Automatic Test Set Generator for Embedded Reactive Systems

Part 2: Tools and FrameworksInternational audienceOne of the biggest challenges in hardware and software design is to ensure that a system is error-free. Small errors in reactive embedded systems can have disastrous and costly consequences for a project. Preventing such errors by identifying the most probable cases of erratic system behavior is quite challenging. In this paper, we introduce an automatic test set generator called AUTSEG. Its input is a generic model of the target system, generated using the synchronous approach. Our tool finds the optimal preconditions for restricting the state space of the model. It only works locally on significant subspaces. Our approach exhibits a simpler and efficient quasi-flattening algorithm than existing techniques and a useful compiled form to check security properties and reduce the combinatorial explosion problem of state space. To illustrate our approach, AUTSEG was applied to the case of a transportation contactless card

Quadtrees as an Abstract Domain

Quadtrees have proved popular in computer graphics and spatial databases as a way of representing regions in two dimensional space. This hierarchical data-structure is flexible enough to support nonconvex and even disconnected regions, therefore it is natural to ask whether this data-structure can the form the basis of an abstract domain. This paper explores this question and suggests that quadtrees offer a new approach to weakly relation domains whilst their hierarchical structure naturally lends itself to representation with boolean functions

Compositional reasoning for shared-variable concurrent programs

Scalable and automatic formal verification for concurrent systems is always demanding. In this paper, we propose a verification framework to support automated compositional reasoning for concurrent programs with shared variables. Our framework models concurrent programs as succinct automata and supports the verification of multiple important properties. Safety verification and simulations of succinct automata are parallel compositional, and safety properties of succinct automata are preserved under refinements. We generate succinct automata from infinite state concurrent programs in an automated manner. Furthermore, we propose the first automated approach to checking rely-guarantee based simulations between infinite state concurrent programs. We have prototyped our algorithms and applied our tool to the verification of multiple refinements

Model checking the evolution of gene regulatory networks

The behaviour of gene regulatory networks (GRNs) is typically analysed using simulation-based statistical testing-like methods. In this paper, we demonstrate that we can replace this approach by a formal verification-like method that gives higher assurance and scalability. We focus on Wagner’s weighted GRN model with varying weights, which is used in evolutionary biology. In the model, weight parameters represent the gene interaction strength that may change due to genetic mutations. For a property of interest, we synthesise the constraints over the parameter space that represent the set of GRNs satisfying the property. We experimentally show that our parameter synthesis procedure computes the mutational robustness of GRNs—an important problem of interest in evolutionary biology—more efficiently than the classical simulation method. We specify the property in linear temporal logic. We employ symbolic bounded model checking and SMT solving to compute the space of GRNs that satisfy the property, which amounts to synthesizing a set of linear constraints on the weights

Efficient Evaluation of Arbitrary Relational Calculus Queries

The relational calculus (RC) is a concise, declarative query language. However, existing RC query evaluation approaches are inefficient and often deviate from established algorithms based on finite tables used in database management systems. We devise a new translation of an arbitrary RC query into two safe-range queries, for which the finiteness of the query's evaluation result is guaranteed. Assuming an infinite domain, the two queries have the following meaning: The first is closed and characterizes the original query's relative safety, i.e., whether given a fixed database, the original query evaluates to a finite relation. The second safe-range query is equivalent to the original query, if the latter is relatively safe. We compose our translation with other, more standard ones to ultimately obtain two SQL queries. This allows us to use standard database management systems to evaluate arbitrary RC queries. We show that our translation improves the time complexity over existing approaches, which we also empirically confirm in both realistic and synthetic experiments.Comment: minor revisio

Efficient Evaluation of Arbitrary Relational Calculus Queries

The relational calculus (RC) is a concise, declarative query language. However, existing RC query evaluation approaches are inefficient and often deviate from established algorithms based on finite tables used in database management systems. We devise a new translation of an arbitrary RC query into two safe-range queries, for which the finiteness of the query's evaluation result is guaranteed. Assuming an infinite domain, the two queries have the following meaning: The first is closed and characterizes the original query's relative safety, i.e., whether given a fixed database, the original query evaluates to a finite relation. The second safe-range query is equivalent to the original query, if the latter is relatively safe. We compose our translation with other, more standard ones to ultimately obtain two SQL queries. This allows us to use standard database management systems to evaluate arbitrary RC queries. We show that our translation improves the time complexity over existing approaches, which we also empirically confirm in both realistic and synthetic experiments

Proceedings of Formal Methods in Computer Aided Design, FMCAD 2009

Table of Contents: Preface (p. v) -- Organizing Committee (p. vii) -- Program Committee (p. vii) -- Referees (p. ix) -- Keynote Presentations (p. x) -- Tutorials (p. xii) -- Industrial Experience Reports (p. xiv) -- Panels (p. xvii) -- Session 1. Model Checking -- Interpolation-Sequence Based Model Checking / by Yakir Vizel and Orna Grumberg, The Technion (p. 1) -- Structure-Aware Computation of Predicate Abstraction / by Alessandro Cimatti, FBK-irst; Jori Dubrovin, Helsinki University of Technology; Tommi Junttila, Helsinki University of Technology; and Marco Roveri, FBK-irst (p. 9) -- Enhanced Verification by Temporal Decomposition / by Michael L. Case, Hari Mony, Jason Baumgartner, and Robert Kanzelman, IBM (p. 17) -- Session 2. Software Verification -- Software Model Checking via Large-Block Encoding / by Dirk Beyer, Simon Fraser University; Alessandro Cimatti, FBK-irst; Alberto Griggio, University of Trento & Simon Fraser University; M. Erkan Keremoglu, Simon Fraser University; and Roberto Sebastiani, University of Trento (p. 25) -- Verification of Recursive Methods on Tree-like Data Structures / by Jyotirmoy Deshmukh and E. Allen Emerson, University of Texas at Austin (p. 33) -- MCC: A Runtime Verification Tool for MCAPI User Applications / by Subodh Sharma and Ganesh Gopalakrishnan, University of Utah; Eric Mercer, Brigham Young University; and Jim Holt, Freescale Semiconductor (p. 41) -- Session 3. Satisfiability Modulo Theory -- Generalized and Efficient Array Decision Procedures / by Leonardo de Moura and Nikolaj Bjørner, Microsoft Research (p. 45) -- Decision Diagrams for Linear Arithmetic / by Sagar Chaki and Arie Gurfinkel, SEI/CMU; Ofer Strichman, Technion (p. 53) -- Efficient Decision Procedure for Non-linear Arithmetic Constraints using CORDIC / by Malay Ganai and Franjo Ivančić, NEC Laboratories America (p. 61) -- Mixed Abstractions for Floating-Point Arithmetic / by Angelo Brillout, ETH Zurich; Daniel Kroening and Thomas Wahl, Oxford University (p. 69) -- Session 4. Games -- Safety First: A Two-Stage Algorithm for LTL Games / by Saqib Sohail and Fabio Somenzi, University of Colorado at Boulder (p. 77) -- Synthesizing Robust Systems / by Roderick Bloem and Karin Greimel, Graz University of Technology; Thomas Henzinger, EPFL & IST Austria; Barbara Jobstmann, EPFL (p. 85) -- Session 5. Quantitative Reasoning -- Formal Verification of Analog Designs Using MetiTarski / by William Denman, Behzad Akbarpour, and Sofiène Tahar, Concordia University, Montreal; Mohamed H. Zaki, University of British Columbia; and Lawrence Paulson, University of Cambridge (p. 93) -- Formal Verification of Correctness and Performance of Random Priority-based Arbiters / by Krishnan Kailas, IBM T.J. Watson Research Center; Viresh Paruthi and Brian Monwai, IBM Systems & Technology Group (p. 101) -- Session 6. Assume Guarantee Reasoning -- Assume-Guarantee Validation for STE Properties within an SVA Environment / by Zurab Khasidashvili and Gavriel Gavrielov, Intel Israel; and Tom Melham, Oxford University (p. 108) -- Data Mining Based Decomposition for Assume-Guarantee Reasoning / by He Zhu and Fei He, Tsinghua University; William N. N. Hung, Synopsys; Xiaoyu Song, Portland State University; and Ming Gu, Tsinghua University (p. 116) -- Session 7. Equivalence Checking -- Scalable Conditional Equivalence Checking: An Automated Invariant-Generation Based Approach / by Jason Baumgartner, Hari Mony, and Michael Case, IBM Systems & Technology Group; Jun Sawada, IBM Austin Research Laboratory; and Karen Yorav, IBM Haifa (p. 120) -- Verifying Equivalence of Memories Using a First Order Logic Theorem Prover / by Zurab Khasidashvili and Mahmoud Kinanah, Intel Israel; and Andrei Voronkov, University of Manchester (p. 128) -- A Compositional Theory for Post-Reboot Observational Equivalence Checking of Hardware / by Zurab Khasidashvili, Daher Kaiss, and Doron Bustan, Intel Israel (p. 136) -- Session 8. Debugging -- Scaling VLSI Design Debugging with Interpolation / by Brian Keng and Andreas Veneris, University of Toronto (p. 144) -- Debugging Formal Specifications Using Simple Counterstrategies / by Robert Könighofer, Georg Hofferek, and Roderick Bloem, Graz University of Technology (p. 152) -- Connecting Pre-silicon and Post-silicon Verification / by Sandip Ray and Warren Hunt, University of Texas at Austin (p. 160) -- Session 9. Case Studies and Verification in the Large -- A Verified Platform for a Gate-Level Electronic Control Unit / by Sergey Tverdyshev, Saarland University (p. 164) -- Protocol Verification Using Flows: An Industrial Experience / by John O’Leary, Murali Talupur, and Mark Tuttle, Intel (p. 172) -- Industrial Strength Refinement Checking / by Jesse Bingham, John Erickson, Gaurav Singh, and Flemming Andersen, Intel (p. 180) -- Towards a Formally Verified Network-on-Chip / by Tom van den Broek and Julien Schmaltz, Radboud University Nijmegen (p. 184) -- Hardware/Software Co-Verification of Cryptographic Algorithms using Cryptol / by Levent Erkök, Magnus Carlsson, and Adam Wick, Galois, Inc. (p. 188) -- Session 10. Synthesis -- Retiming and Resynthesis with Sweep Are Complete for Sequential Transformation / by Hai Zhou, Northwestern University (p. 192) -- SAT-Based Synthesis of Clock Gating Functions Using 3-Valued Abstraction / by Eli Arbel, Oleg Rokhlenko, and Karen Yorav, IBM Haifa (p. 198) -- Finding Heap-Bounds for Hardware Synthesis / by Byron Cook, MSR; Ashutosh Gupta, MPI-SWS; Stephen Magill, CMU; Andrey Rybalchenko, MPI-SWS; Jiri Simsa, CMU; Satnam Singh, MSR; and Viktor Vafeiadis, MSR (p. 205) -- Author Index (p. 213)15-18 November, 2009 in Austin, TexasIEEE, IBM, Intel, Jasper Design Automation, NEC Labs America, NVIDIAhttp://www.cs.utexas.edu/users/hunt/FMCAD/Computer Science