35,996 research outputs found
Software Verification for Weak Memory via Program Transformation
Despite multiprocessors implementing weak memory models, verification methods
often assume Sequential Consistency (SC), thus may miss bugs due to weak
memory. We propose a sound transformation of the program to verify, enabling SC
tools to perform verification w.r.t. weak memory. We present experiments for a
broad variety of models (from x86/TSO to Power/ARM) and a vast range of
verification tools, quantify the additional cost of the transformation and
highlight the cases when we can drastically reduce it. Our benchmarks include
work-queue management code from PostgreSQL
Thread-Modular Static Analysis for Relaxed Memory Models
We propose a memory-model-aware static program analysis method for accurately
analyzing the behavior of concurrent software running on processors with weak
consistency models such as x86-TSO, SPARC-PSO, and SPARC-RMO. At the center of
our method is a unified framework for deciding the feasibility of inter-thread
interferences to avoid propagating spurious data flows during static analysis
and thus boost the performance of the static analyzer. We formulate the
checking of interference feasibility as a set of Datalog rules which are both
efficiently solvable and general enough to capture a range of hardware-level
memory models. Compared to existing techniques, our method can significantly
reduce the number of bogus alarms as well as unsound proofs. We implemented the
method and evaluated it on a large set of multithreaded C programs. Our
experiments showthe method significantly outperforms state-of-the-art
techniques in terms of accuracy with only moderate run-time overhead.Comment: revised version of the ESEC/FSE 2017 pape
A formally verified compiler back-end
This article describes the development and formal verification (proof of
semantic preservation) of a compiler back-end from Cminor (a simple imperative
intermediate language) to PowerPC assembly code, using the Coq proof assistant
both for programming the compiler and for proving its correctness. Such a
verified compiler is useful in the context of formal methods applied to the
certification of critical software: the verification of the compiler guarantees
that the safety properties proved on the source code hold for the executable
compiled code as well
Scaling Bounded Model Checking By Transforming Programs With Arrays
Bounded Model Checking is one the most successful techniques for finding bugs
in program. However, model checkers are resource hungry and are often unable to
verify programs with loops iterating over large arrays.We present a
transformation that enables bounded model checkers to verify a certain class of
array properties. Our technique transforms an array-manipulating (ANSI-C)
program to an array-free and loop-free (ANSI-C) program thereby reducing the
resource requirements of a model checker significantly. Model checking of the
transformed program using an off-the-shelf bounded model checker simulates the
loop iterations efficiently. Thus, our transformed program is a sound
abstraction of the original program and is also precise in a large number of
cases - we formally characterize the class of programs for which it is
guaranteed to be precise. We demonstrate the applicability and usefulness of
our technique on both industry code as well as academic benchmarks
Partial Orders for Efficient BMC of Concurrent Software
This version previously deposited at arXiv:1301.1629v1 [cs.LO]The vast number of interleavings that a concurrent program can have is typically identified as the root cause of the difficulty of automatic analysis of concurrent software. Weak memory is generally believed to make this problem even harder. We address both issues by modelling programs' executions with partial orders rather than the interleaving semantics (SC). We implemented a software analysis tool based on these ideas. It scales to programs of sufficient size to achieve first-time formal verification of non-trivial concurrent systems code over a wide range of models, including SC, Intel x86 and IBM Power
Formal Verification of Security Protocol Implementations: A Survey
Automated formal verification of security protocols has been mostly focused on analyzing high-level abstract models which, however, are significantly different from real protocol implementations written in programming languages. Recently, some researchers have started investigating techniques that bring automated formal proofs closer to real implementations. This paper surveys these attempts, focusing on approaches that target the application code that implements protocol logic, rather than the libraries that implement cryptography. According to these approaches, libraries are assumed to correctly implement some models. The aim is to derive formal proofs that, under this assumption, give assurance about the application code that implements the protocol logic. The two main approaches of model extraction and code generation are presented, along with the main techniques adopted for each approac
Interacting Components
SystemCSP is a graphical modeling language based on both CSP and concepts of component-based software development. The component framework of SystemCSP enables specification of both interaction scenarios and relative execution ordering among components. Specification and implementation of interaction among participating components is formalized via the notion of interaction contract. The used approach enables incremental design of execution diagrams by adding restrictions in different interaction diagrams throughout the process of system design. In this way all different diagrams are related into a single formally verifiable system. The concept of reusable formally verifiable interaction contracts is illustrated by designing set of design patterns for typical fault tolerance interaction scenarios
- …