275 research outputs found
Invariant Synthesis for Incomplete Verification Engines
We propose a framework for synthesizing inductive invariants for incomplete
verification engines, which soundly reduce logical problems in undecidable
theories to decidable theories. Our framework is based on the counter-example
guided inductive synthesis principle (CEGIS) and allows verification engines to
communicate non-provability information to guide invariant synthesis. We show
precisely how the verification engine can compute such non-provability
information and how to build effective learning algorithms when invariants are
expressed as Boolean combinations of a fixed set of predicates. Moreover, we
evaluate our framework in two verification settings, one in which verification
engines need to handle quantified formulas and one in which verification
engines have to reason about heap properties expressed in an expressive but
undecidable separation logic. Our experiments show that our invariant synthesis
framework based on non-provability information can both effectively synthesize
inductive invariants and adequately strengthen contracts across a large suite
of programs
A multi-paradigm language for reactive synthesis
This paper proposes a language for describing reactive synthesis problems
that integrates imperative and declarative elements. The semantics is defined
in terms of two-player turn-based infinite games with full information.
Currently, synthesis tools accept linear temporal logic (LTL) as input, but
this description is less structured and does not facilitate the expression of
sequential constraints. This motivates the use of a structured programming
language to specify synthesis problems. Transition systems and guarded commands
serve as imperative constructs, expressed in a syntax based on that of the
modeling language Promela. The syntax allows defining which player controls
data and control flow, and separating a program into assumptions and
guarantees. These notions are necessary for input to game solvers. The
integration of imperative and declarative paradigms allows using the paradigm
that is most appropriate for expressing each requirement. The declarative part
is expressed in the LTL fragment of generalized reactivity(1), which admits
efficient synthesis algorithms, extended with past LTL. The implementation
translates Promela to input for the Slugs synthesizer and is written in Python.
The AMBA AHB bus case study is revisited and synthesized efficiently,
identifying the need to reorder binary decision diagrams during strategy
construction, in order to prevent the exponential blowup observed in previous
work.Comment: In Proceedings SYNT 2015, arXiv:1602.0078
Modularity for Security-Sensitive Workflows
An established trend in software engineering insists on using components
(sometimes also called services or packages) to encapsulate a set of related
functionalities or data. By defining interfaces specifying what functionalities
they provide or use, components can be combined with others to form more
complex components. In this way, IT systems can be designed by mostly re-using
existing components and developing new ones to provide new functionalities. In
this paper, we introduce a notion of component and a combination mechanism for
an important class of software artifacts, called security-sensitive workflows.
These are business processes in which execution constraints on the tasks are
complemented with authorization constraints (e.g., Separation of Duty) and
authorization policies (constraining which users can execute which tasks). We
show how well-known workflow execution patterns can be simulated by our
combination mechanism and how authorization constraints can also be imposed
across components. Then, we demonstrate the usefulness of our notion of
component by showing (i) the scalability of a technique for the synthesis of
run-time monitors for security-sensitive workflows and (ii) the design of a
plug-in for the re-use of workflows and related run-time monitors inside an
editor for security-sensitive workflows
Synthesis from multi-paradigm specifications
This work proposes a language for describing reactive synthesis problems that integrates imperative and declarative elements. The semantics is defined in terms of two-player turn-based infinite games with full information. Currently, synthesis tools accept linear temporal logic (LTL) as input, but this description is less structured and does not facilitate the expression of sequential constraints. This motivates the use of a structured programming language to specify synthesis problems. Transition systems and guarded commands serve as imperative constructs, expressed in a syntax based on that of the modeling language Promela. The syntax allows defining which player controls data and control flow, and separating a program into assumptions and guarantees. These notions are necessary for input to game solvers. The integration of imperative and declarative paradigms allows using the paradigm that is most appropriate for expressing each requirement. The declarative part is expressed in the LTL fragment of generalized reactivity(1), which admits efficient synthesis algorithms. The implementation translates Promela to input for the Slugs synthesizer and is written in Python
Differentially Testing Soundness and Precision of Program Analyzers
In the last decades, numerous program analyzers have been developed both by
academia and industry. Despite their abundance however, there is currently no
systematic way of comparing the effectiveness of different analyzers on
arbitrary code. In this paper, we present the first automated technique for
differentially testing soundness and precision of program analyzers. We used
our technique to compare six mature, state-of-the art analyzers on tens of
thousands of automatically generated benchmarks. Our technique detected
soundness and precision issues in most analyzers, and we evaluated the
implications of these issues to both designers and users of program analyzers
- …