A Tree Locality-Sensitive Hash for Secure Software Testing

Bugs in software that make it through testing can cost tens of millions of dollars each year, and in some cases can even result in the loss of human life. In order to eliminate bugs, developers may use symbolic execution to search through possible program states looking for anomalous states. Most of the computational effort to search through these states is spent solving path constraints in order to determine the feasibility of entering each state. State merging can make this search more efficient by combining program states, allowing multiple execution paths to be analyzed at the same time. However, a merge with dissimilar path constraints dramatically increases the time necessary to solve the path constraint. Currently, there are no distance measures for path constraints, and pairwise comparison of program states is not scalable. A hashing method is presented that clusters constraints in such a way that similar constraints are placed in the same cluster without requiring pairwise comparisons between queries. When combined with other state-of-the-art state merging techniques, the hashing method allows the symbolic executor to execute more instructions per second and find more terminal execution states than the other techniques alone, without decreasing the high path coverage achieved by merging many states together

Graph-based software specification and verification

The (in)correct functioning of many software systems heavily influences how\ud we qualify our daily lives. Software companies as well as academic computer\ud science research groups spend much effort on applying and developing techniques for improving the correctness of software systems. In this dissertation\ud we focus on using and developing graph-based techniques to specify and verify\ud the behaviour of software systems in general, and object-oriented systems more\ud specifically. We elaborate on two ways to improve the correctness (and thereby\ud the quality) of such systems.\ud Firstly, we investigate the potential of using the graph transformation tech-\ud nique to formally specify the dynamic semantics of (object-oriented) program-\ud ming languages. Those semantics are typically specified in natural language.\ud Such specifications are often hard to understand or even ambiguous. We show\ud how the graph transformation framework provides formal and intuitive means\ud for their specification.\ud Secondly, we develop techniques to verify systems of which the behaviour is\ud specified as graph production systems. For the verification of such systems, we\ud introduce an algorithm that combines a well-known on-the-\ud y model checking\ud algorithm with ideas from bounded model checking. One of the main prob-\ud lems of model checking is the state-explosion problem. This problem is often\ud tackled using partial order reduction techniques. Unfortunately, many such\ud techniques are based on assumptions that do not hold for graph production sys-\ud tems. Therefore, we develop a new dynamic partial order reduction algorithm\ud based on selecting so-called probe sets and prove its correctness.\ud Most of the techniques developed in this dissertation have been implemented\ud in the graph transformation tool GROOVE

Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design – FMCAD 2022

The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

Computer Aided Verification

This open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency

Foundations of Software Science and Computation Structures

This open access book constitutes the proceedings of the 25th International Conference on Foundations of Software Science and Computational Structures, FOSSACS 2022, which was held during April 4-6, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 23 regular papers presented in this volume were carefully reviewed and selected from 77 submissions. They deal with research on theories and methods to support the analysis, integration, synthesis, transformation, and verification of programs and software systems

Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design – FMCAD 2022

The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing