4,849 research outputs found
A Static Analyzer for Large Safety-Critical Software
We show that abstract interpretation-based static program analysis can be
made efficient and precise enough to formally verify a class of properties for
a family of large programs with few or no false alarms. This is achieved by
refinement of a general purpose static analyzer and later adaptation to
particular programs of the family by the end-user through parametrization. This
is applied to the proof of soundness of data manipulation operations at the
machine level for periodic synchronous safety critical embedded software. The
main novelties are the design principle of static analyzers by refinement and
adaptation through parametrization, the symbolic manipulation of expressions to
improve the precision of abstract transfer functions, the octagon, ellipsoid,
and decision tree abstract domains, all with sound handling of rounding errors
in floating point computations, widening strategies (with thresholds, delayed)
and the automatic determination of the parameters (parametrized packing)
Invariant Generation through Strategy Iteration in Succinctly Represented Control Flow Graphs
We consider the problem of computing numerical invariants of programs, for
instance bounds on the values of numerical program variables. More
specifically, we study the problem of performing static analysis by abstract
interpretation using template linear constraint domains. Such invariants can be
obtained by Kleene iterations that are, in order to guarantee termination,
accelerated by widening operators. In many cases, however, applying this form
of extrapolation leads to invariants that are weaker than the strongest
inductive invariant that can be expressed within the abstract domain in use.
Another well-known source of imprecision of traditional abstract interpretation
techniques stems from their use of join operators at merge nodes in the control
flow graph. The mentioned weaknesses may prevent these methods from proving
safety properties. The technique we develop in this article addresses both of
these issues: contrary to Kleene iterations accelerated by widening operators,
it is guaranteed to yield the strongest inductive invariant that can be
expressed within the template linear constraint domain in use. It also eschews
join operators by distinguishing all paths of loop-free code segments. Formally
speaking, our technique computes the least fixpoint within a given template
linear constraint domain of a transition relation that is succinctly expressed
as an existentially quantified linear real arithmetic formula. In contrast to
previously published techniques that rely on quantifier elimination, our
algorithm is proved to have optimal complexity: we prove that the decision
problem associated with our fixpoint problem is in the second level of the
polynomial-time hierarchy.Comment: 35 pages, conference version published at ESOP 2011, this version is
a CoRR version of our submission to Logical Methods in Computer Scienc
Working Time and Employment under Uncertainty
The standard literature on working time has modelled the decisions of firms in a deterministic framework in which firms can choose between employment and overtime (given mandated standard hours). Contrary to this approach, we consider the impact of uncertainty and real options on the decision of working time, i.e. we examines the determinants of employment and hours in a stochastic framework. We conclude the theoretical analysis with a number of simulation exercises to illustrate the working of the model.real options, uncertainty, working time, employment, labor demand
Simulation of a weather radar display for over-water airborne radar approaches
Airborne radar approach (ARA) concepts are being investigated as a part of NASA's Rotorcraft All-Weather Operations Research Program on advanced guidance and navigation methods. This research is being conducted using both piloted simulations and flight test evaluations. For the piloted simulations, a mathematical model of the airborne radar was developed for over-water ARAs to offshore platforms. This simulated flight scenario requires radar simulation of point targets, such as oil rigs and ships, distributed sea clutter, and transponder beacon replies. Radar theory, weather radar characteristics, and empirical data derived from in-flight radar photographs are combined to model a civil weather/mapping radar typical of those used in offshore rotorcraft operations. The resulting radar simulation is realistic and provides the needed simulation capability for ongoing ARA research
Analysis and Transformation Tools for Constrained Horn Clause Verification
Several techniques and tools have been developed for verification of
properties expressed as Horn clauses with constraints over a background theory
(CHC). Current CHC verification tools implement intricate algorithms and are
often limited to certain subclasses of CHC problems. Our aim in this work is to
investigate the use of a combination of off-the-shelf techniques from the
literature in analysis and transformation of Constraint Logic Programs (CLPs)
to solve challenging CHC verification problems. We find that many problems can
be solved using a combination of tools based on well-known techniques from
abstract interpretation, semantics-preserving transformations, program
specialisation and query-answer transformations. This gives insights into the
design of automatic, more general CHC verification tools based on a library of
components.Comment: To appear in Theory and Practice of Logic Programming (TPLP
Abstract Acceleration in Linear relation analysis (extended version)
Linear relation analysis is a classical abstract interpretation based on an over-approximation of reachable numerical states of a program by convex polyhedra. Since it works with a lattice of infinite height, it makes use of a widening operator to enforce the convergence of fixed point computations. Abstract acceleration is a method that computes the precise abstract effect of loops wherever possible and uses widening in the general case. Thus, it improves both the precision and the efficiency of the analysis. This research report gives a comprehensive tutorial on abstract acceleration: its origins in Presburger-based acceleration including new insights w.r.t. the linear accelerability of linear transformations, methods for simple and nested loops, recent extensions, tools and applications, and a detailed discussion of related methods and future perspectives. This is the long version of a paper under submission
Applying abstract acceleration to (co-)reachability analysis of reactive programs
Acceleration methods are commonly used for computing precisely the effects of loops in the reachability analysis of counter machine models. Applying these methods on synchronous data-flow programs, e.g. Lustre programs, requires to deal with the non-deterministic transformations due to numerical input variables. In this article, we address this problem by extending the concept of abstract acceleration of Gonnord et al. to numerical input variables. Moreover, we describe the dual analysis for co-reachability. We compare our method with some alternative techniques based on abstract interpretation pointing out its advantages and limitations. At last, we give some experimental results
Recommended from our members
The Growing Gap in Life Expectancy by Income: Recent Evidence and Implications for the Social Security Retirement Age
[Excerpt] This report provides a brief overview of the concept of life expectancy, how it is measured, and how it has changed over time in the United States. While life expectancy may be studied in a variety of contexts, this report focuses on the link between life expectancy and SES, as measured by lifetime income. In particular, this report synthesizes recent research on (1) the life expectancy gap by income and (2) the relationship between this gap and Social Security benefits. Finally, this report discusses the implications of this research for one type of Social Security reform proposal: increasing the Social Security retirement age
- …