4,558 research outputs found
Lazy Shape Analysis
Many software model checkers are based on predicate abstraction. If
the verification goal depends on pointer structures, the approach does
not work well, because it is difficult to find adequate predicate
abstractions for the heap. In contrast, shape analysis, which uses
graph-based heap abstractions, can provide a compact representation of
recursive data structures. We integrate shape analysis into the
software model checker BLAST. Because shape analysis is expensive, we
do not apply it globally. Instead, we ensure that, like predicates,
shape graphs are computed and stored locally, only where necessary for
proving the verification goal. To achieve this, we extend lazy
abstraction refinement, which so far has been used only for predicate
abstractions, to three-valued logical structures. This approach does
not only increase the precision of model checking, but it also
increases the efficiency of shape analysis. We implemented the
technique by extending BLAST with calls to TVLA
Computer Aided Verification
This open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency
Word-level Symbolic Trajectory Evaluation
Symbolic trajectory evaluation (STE) is a model checking technique that has
been successfully used to verify industrial designs. Existing implementations
of STE, however, reason at the level of bits, allowing signals to take values
in {0, 1, X}. This limits the amount of abstraction that can be achieved, and
presents inherent limitations to scaling. The main contribution of this paper
is to show how much more abstract lattices can be derived automatically from
RTL descriptions, and how a model checker for the general theory of STE
instantiated with such abstract lattices can be implemented in practice. This
gives us the first practical word-level STE engine, called STEWord. Experiments
on a set of designs similar to those used in industry show that STEWord scales
better than word-level BMC and also bit-level STE.Comment: 19 pages, 3 figures, 2 tables, full version of paper in International
Conference on Computer-Aided Verification (CAV) 201
Computer Aided Verification
This open access two-volume set LNCS 13371 and 13372 constitutes the refereed proceedings of the 34rd International Conference on Computer Aided Verification, CAV 2022, which was held in Haifa, Israel, in August 2022. The 40 full papers presented together with 9 tool papers and 2 case studies were carefully reviewed and selected from 209 submissions. The papers were organized in the following topical sections: Part I: Invited papers; formal methods for probabilistic programs; formal methods for neural networks; software Verification and model checking; hyperproperties and security; formal methods for hardware, cyber-physical, and hybrid systems. Part II: Probabilistic techniques; automata and logic; deductive verification and decision procedures; machine learning; synthesis and concurrency. This is an open access book
- …