21,058 research outputs found
Enhancing Predicate Pairing with Abstraction for Relational Verification
Relational verification is a technique that aims at proving properties that
relate two different program fragments, or two different program runs. It has
been shown that constrained Horn clauses (CHCs) can effectively be used for
relational verification by applying a CHC transformation, called predicate
pairing, which allows the CHC solver to infer relations among arguments of
different predicates. In this paper we study how the effects of the predicate
pairing transformation can be enhanced by using various abstract domains based
on linear arithmetic (i.e., the domain of convex polyhedra and some of its
subdomains) during the transformation. After presenting an algorithm for
predicate pairing with abstraction, we report on the experiments we have
performed on over a hundred relational verification problems by using various
abstract domains. The experiments have been performed by using the VeriMAP
transformation and verification system, together with the Parma Polyhedra
Library (PPL) and the Z3 solver for CHCs.Comment: Pre-proceedings paper presented at the 27th International Symposium
on Logic-Based Program Synthesis and Transformation (LOPSTR 2017), Namur,
Belgium, 10-12 October 2017 (arXiv:1708.07854
Verification of Imperative Programs by Constraint Logic Program Transformation
We present a method for verifying partial correctness properties of
imperative programs that manipulate integers and arrays by using techniques
based on the transformation of constraint logic programs (CLP). We use CLP as a
metalanguage for representing imperative programs, their executions, and their
properties. First, we encode the correctness of an imperative program, say
prog, as the negation of a predicate 'incorrect' defined by a CLP program T. By
construction, 'incorrect' holds in the least model of T if and only if the
execution of prog from an initial configuration eventually halts in an error
configuration. Then, we apply to program T a sequence of transformations that
preserve its least model semantics. These transformations are based on
well-known transformation rules, such as unfolding and folding, guided by
suitable transformation strategies, such as specialization and generalization.
The objective of the transformations is to derive a new CLP program TransfT
where the predicate 'incorrect' is defined either by (i) the fact 'incorrect.'
(and in this case prog is not correct), or by (ii) the empty set of clauses
(and in this case prog is correct). In the case where we derive a CLP program
such that neither (i) nor (ii) holds, we iterate the transformation. Since the
problem is undecidable, this process may not terminate. We show through
examples that our method can be applied in a rather systematic way, and is
amenable to automation by transferring to the field of program verification
many techniques developed in the field of program transformation.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455
Recommended from our members
Formally Verifiable Synthesis Flow In FPGAs
FPGAs are used in a wide variety of digital systems. Due to their ability to support parallelism and specialization, these devices are becoming more commonplace in fields such as machine learning. One of the biggest benefits of FPGAs, logic specialization, can lead to security risks. Prior research has shown that a large variety of malicious circuits can snoop on sensitive user data, induce circuit faults, or physically damage the FPGA. These Trojan circuits can easily be crafted and embedded in FPGA designs. Often, these Trojans are small, consume little power in comparison to the target circuit, and are hard to detect via simulation or physical inspection. Computer-aided design (CAD) software in FPGAs has been the subject of extensive research and development of FPGAs for the past thirty-five years. The current FPGA software landscape includes vendors that provide widely used software flows to convert behavioral and register-transfer level (RTL) descriptions to bitstreams needed to program an FPGA device. Given the complexity of the algorithms needed to perform this translation, these CAD tool flows are generally structured as black boxes with limited transparency regarding design conversion steps or the logical equivalence of the generated design and initial design specification. vi This work explores the enhancement of open-source FPGA software, SymbiFlow, that focuses on FPGA RTL synthesis, place and route and bitstream generation. SymbiFlow uses Yosys for synthesis, VPR for place and route, and Project X-Ray for bitstream generation. We focus on synthesis using Yosys and formal verification using the Cadence Conformal Logic Equivalence Checker (LEC) for Xilinx Artix-7 FPGAs. Yosys is used to synthesize 160 benchmarks written in Verilog. We implement required code modifications to Yosys for designs to pass the equivalence checker. For Conformal, this work involves processing 160 benchmark designs with the equivalence checker. Parameters can be toggled on or off to obtain results that indicates if a design has passed formal verification when comparing RTL and synthesized netlists
Modelling mobile health systems: an application of augmented MDA for the extended healthcare enterprise
Mobile health systems can extend the enterprise computing system of the healthcare provider by bringing services to the patient any time and anywhere. We propose a model-driven design and development methodology for the development of the m-health components in such extended enterprise computing systems. The methodology applies a model-driven design and development approach augmented with formal validation and verification to address quality and correctness and to support model transformation. Recent work on modelling applications from the healthcare domain is reported. One objective of this work is to explore and elaborate the proposed methodology. At the University of Twente we are developing m-health systems based on Body Area Networks (BANs). One specialization of the generic BAN is the health BAN, which incorporates a set of devices and associated software components to provide some set of health-related services. A patient will have a personalized instance of the health BAN customized to their current set of needs. A health professional interacts with their\ud
patients¿ BANs via a BAN Professional System. The set of deployed BANs are supported by a server. We refer to this distributed system as the BAN System. The BAN system extends the enterprise computing system of the healthcare provider. Development of such systems requires a sound software engineering approach and this is what we explore with the new methodology. The methodology is illustrated with reference to recent modelling activities targeted at real implementations. In the context of the Awareness project BAN implementations will be trialled in a number of clinical settings including epilepsy management and management of chronic pain
Proving Correctness of Imperative Programs by Linearizing Constrained Horn Clauses
We present a method for verifying the correctness of imperative programs
which is based on the automated transformation of their specifications. Given a
program prog, we consider a partial correctness specification of the form
prog , where the assertions and are
predicates defined by a set Spec of possibly recursive Horn clauses with linear
arithmetic (LA) constraints in their premise (also called constrained Horn
clauses). The verification method consists in constructing a set PC of
constrained Horn clauses whose satisfiability implies that prog
is valid. We highlight some limitations of state-of-the-art
constrained Horn clause solving methods, here called LA-solving methods, which
prove the satisfiability of the clauses by looking for linear arithmetic
interpretations of the predicates. In particular, we prove that there exist
some specifications that cannot be proved valid by any of those LA-solving
methods. These specifications require the proof of satisfiability of a set PC
of constrained Horn clauses that contain nonlinear clauses (that is, clauses
with more than one atom in their premise). Then, we present a transformation,
called linearization, that converts PC into a set of linear clauses (that is,
clauses with at most one atom in their premise). We show that several
specifications that could not be proved valid by LA-solving methods, can be
proved valid after linearization. We also present a strategy for performing
linearization in an automatic way and we report on some experimental results
obtained by using a preliminary implementation of our method.Comment: To appear in Theory and Practice of Logic Programming (TPLP),
Proceedings of ICLP 201
Internationalisation of Innovation: Why Chip Design Moving to Asia
This paper will appear in International Journal of Innovation Management, special issue in honor of Keith Pavitt, (Peter Augsdoerfer, Jonathan Sapsed, and James Utterback, guest editors), forthcoming. Among Keith Pavitt's many contributions to the study of innovation is the proposition that physical proximity is advantageous for innovative activities that involve highly complex technological knowledge But chip design, a process that creates the greatest value in the electronics industry and that requires highly complex knowledge, is experiencing a massive dispersion to leading Asian electronics exporting countries. To explain why chip design is moving to Asia, the paper draws on interviews with 60 companies and 15 research institutions that are doing leading-edge chip design in Asia. I demonstrate that "pull" and "policy" factors explain what attracts design to particular locations. But to get to the root causes that shift the balance in favor of geographical decentralization, I examine "push" factors, i.e. changes in design methodology ("system-on-chip design") and organization ("vertical specialization" within global design networks). The resultant increase in knowledge mobility explains why chip design - that, in Pavitt's framework is not supposed to move - is moving from the traditional centers to a few new specialized design clusters in Asia. A completely revised and updated version has been published as: " Complexity and Internationalisation of Innovation: Why is Chip Design Moving to Asia?," in International Journal of Innovation Management, special issue in honour of Keith Pavitt, Vol. 9,1: 47-73.
Finite Countermodel Based Verification for Program Transformation (A Case Study)
Both automatic program verification and program transformation are based on
program analysis. In the past decade a number of approaches using various
automatic general-purpose program transformation techniques (partial deduction,
specialization, supercompilation) for verification of unreachability properties
of computing systems were introduced and demonstrated. On the other hand, the
semantics based unfold-fold program transformation methods pose themselves
diverse kinds of reachability tasks and try to solve them, aiming at improving
the semantics tree of the program being transformed. That means some
general-purpose verification methods may be used for strengthening program
transformation techniques. This paper considers the question how finite
countermodels for safety verification method might be used in Turchin's
supercompilation method. We extract a number of supercompilation sub-algorithms
trying to solve reachability problems and demonstrate use of an external
countermodel finder for solving some of the problems.Comment: In Proceedings VPT 2015, arXiv:1512.0221
- …