199 research outputs found
Design Pattern Instances within Model Driven Development Based on Abstraction, Concretization and Variability
The main goal of the paper is to present the method of design pattern support based on principles of model driven development: the abstraction, semantics and model transformations. More specifically, the method is based on the principle of suggestion of design pattern instances via the semantic marking of model elements or source code fragments and on the subsequent transformations of this way marked models or source code. Thanks to the continual support of the design patterns at more levels of abstraction and thanks to the transformations between particular model levels and source code, the method is targeted to achieve the applicability in the area of the iterative, incremental and model driven development
Synthesis of Recursive ADT Transformations from Reusable Templates
Recent work has proposed a promising approach to improving scalability of
program synthesis by allowing the user to supply a syntactic template that
constrains the space of potential programs. Unfortunately, creating templates
often requires nontrivial effort from the user, which impedes the usability of
the synthesizer. We present a solution to this problem in the context of
recursive transformations on algebraic data-types. Our approach relies on
polymorphic synthesis constructs: a small but powerful extension to the
language of syntactic templates, which makes it possible to define a program
space in a concise and highly reusable manner, while at the same time retains
the scalability benefits of conventional templates. This approach enables
end-users to reuse predefined templates from a library for a wide variety of
problems with little effort. The paper also describes a novel optimization that
further improves the performance and scalability of the system. We evaluated
the approach on a set of benchmarks that most notably includes desugaring
functions for lambda calculus, which force the synthesizer to discover Church
encodings for pairs and boolean operations
Utilizing Multi-Level Concepts for Multi-Phase Modeling
In model-based systems engineering projects, engineers from multiple domains collaborate by establishing a common system model. Multi-level modeling is a technique that can be used to model the development from abstract ideas to concrete implementations. However, current multi-level modeling approaches are not adequate for processes with multiple modeling phases that might have to be rearranged later. In this paper, we introduce multi-phase modeling that utilizes concepts of multi-level modeling by considering a description of the expected phase ordering per domain. Constraints aware of this context can express that certain elements are only valid in specific phases without having to determine a concrete phase ordering for a particular model. This enables using multi-phase modeling in flexible workflows, adapting to changing requirements and the definition of access rules in domain notation. We show feasibility of this multi-phase modeling by applying it to multiple real-life systems engineering projects of the aerospace domain
Global Guidance for Local Generalization in Model Checking
SMT-based model checkers, especially IC3-style ones, are currently the most
effective techniques for verification of infinite state systems. They infer
global inductive invariants via local reasoning about a single step of the
transition relation of a system, while employing SMT-based procedures, such as
interpolation, to mitigate the limitations of local reasoning and allow for
better generalization. Unfortunately, these mitigations intertwine model
checking with heuristics of the underlying SMT-solver, negatively affecting
stability of model checking. In this paper, we propose to tackle the
limitations of locality in a systematic manner. We introduce explicit global
guidance into the local reasoning performed by IC3-style algorithms. To this
end, we extend the SMT-IC3 paradigm with three novel rules, designed to
mitigate fundamental sources of failure that stem from locality. We instantiate
these rules for the theory of Linear Integer Arithmetic and implement them on
top of SPACER solver in Z3. Our empirical results show that GSPACER, SPACER
extended with global guidance, is significantly more effective than both SPACER
and sole global reasoning, and, furthermore, is insensitive to interpolation.Comment: Published in CAV 202
Global Guidance for Local Generalization in Model Checking
SMT-based model checkers, especially IC3-style ones, are currently the most effective techniques for verification of infinite state systems. They infer global inductive invariants via local reasoning about a single step of the transition relation of a system, while employing SMT-based procedures, such as interpolation, to mitigate the limitations of local reasoning and allow for better generalization. Unfortunately, these mitigations intertwine model checking with heuristics of the underlying SMT-solver, negatively affecting stability of model checking. In this paper, we propose to tackle the limitations of locality in a systematic manner. We introduce explicit global guidance into the local reasoning performed by IC3-style algorithms. To this end, we extend the SMT-IC3 paradigm with three novel rules, designed to mitigate fundamental sources of failure that stem from locality. We instantiate these rules for the theory of Linear Integer Arithmetic and implement them on top of Spacer solver in Z3. Our empirical results show that GSpacer, Spacer extended with global guidance, is significantly more effective than both Spacer and sole global reasoning, and, furthermore, is insensitive to interpolation
Value Partitioning: A Lightweight Approach to Relational Static Analysis for JavaScript
In static analysis of modern JavaScript libraries, relational analysis at key locations is critical to provide sound and useful results. Prior work addresses this challenge by the use of various forms of trace partitioning and syntactic patterns, which is fragile and does not scale well, or by incorporating complex backwards analysis. In this paper, we propose a new lightweight variant of trace partitioning named value partitioning that refines individual abstract values instead of entire abstract states. We describe how this approach can effectively capture important relational properties involving dynamic property accesses, functions with free variables, and predicate functions. Furthermore, we extend an existing JavaScript analyzer with value partitioning and demonstrate experimentally that it is a simple, precise, and efficient alternative to the existing approaches for analyzing widely used JavaScript libraries
Global guidance for local generalization in model checking
SMT-based model checkers, especially IC3-style ones, are currently the most effective techniques for verification of infinite state systems. They infer global inductive invariants via local reasoning about a single step of the transition relation of a system, while employing SMT-based procedures, such as interpolation, to mitigate the limitations of local reasoning and allow for better generalization. Unfortunately, these mitigations intertwine model checking with heuristics of the underlying SMT-solver, negatively affecting stability of model checking. In this paper, we propose to tackle the limitations of locality in a systematic manner. We introduce explicit global guidance into the local reasoning performed by IC3-style algorithms. To this end, we extend the SMT-IC3 paradigm with three novel rules, designed to mitigate fundamental sources of failure that stem from locality. We instantiate these rules for Linear Integer Arithmetic and Linear Rational Aritmetic and implement them on top of Spacer solver in Z3. Our empirical results show that GSpacer, Spacer extended with global guidance, is significantly more effective than both Spacer and sole global reasoning, and, furthermore, is insensitive to interpolation
Efficient Pointer Analysis of Java in Logic
Points-to analysis for Java
benefits greatly from context sensitivity.
CFL-reachability and k-limited context strings
are two approaches to obtaining context sensitivity with different
advantages:
CFL-reachability allows local reasoning about data value flow
and thus is suitable for demand-driven analyses,
whereas k-limited analyses allow object sensitivity
which is a superior calling-context abstraction for object-oriented languages.
We combine the advantages of both approaches
to obtain a context-sensitive analysis
that is as precise as k-limited context strings,
but is more efficient to compute.
Our key insight is based on a novel abstraction
of contexts adapted from CFL-reachability, which represents
a relation between two calling contexts as a composition of
transformations over contexts.
We formulate pointer analysis in an algebraic structure
of context transformations, which is a set of functions
over calling contexts closed under function composition.
We show that the context representation of context-string-based
analyses
is an explicit enumeration of all input and output values of
context transformations.
CFL-reachability-based pointer analysis is formulated to use call strings as contexts,
but the context transformations concept can be applied to any context
abstraction used in k-limited analyses, including object- and type-sensitive analysis.
The result is a more efficient algorithm for computing context-sensitive
pointer information for a wide variety of context configurations
Detecting Prolog programming techniques using abstract interpretation
There have been a number of attempts at developing intelligent tutoring systems (ITSs)
for teaching students various programming languages. An important component of such
an ITS is a debugger capable of recognizing errors in the code the student writes and
possibly suggesting ways of correcting such errors. The debugging process involves a
wealth of knowledge about the programming language, the student and the individual
problem at hand, and an automated debugging component makes use of a number of
tools which apply this knowledge. Successive ITSs have incorporated a wider range of
knowledge and more powerful tools.
The research described in this thesis should be seen as carrying on with this succes¬
sion. Specifically, we attempt to enhance an existing Prolog ITS (PITS) debugger called
APR0P0S2 developed by Looi. The enhancements take the form of a richer language
with which to describe Prolog code and more powerful tools with which constructs in
this language may be detected in Prolog code.
The richer language is based on the notion of programming techniques—common
patterns in code which capture in some sense an expert's understanding of Prolog.
The tools are based on Prolog abstract interpretation—a program analysis method for
inferring dynamic properties of code. Our research makes contributions to both these
areas.
We develop a language for describing classes of Prolog programming techniques
that manipulate data-structures. We define classes in this language for common Prolog
techniques such as accumulator pairs and difference structures.
We use abstract interpretation to infer the dynamic features with which techniques
are described. We develop a general framework for abstract interpretation which is
described in Prolog, so leading directly to an implementation. We develop two abstract
domains—one which infers general data flow information about the code and one which
infers particularly detailed type information—and describe the implementation of the
former
- …