Abstract
We present a process for validating temporal safety properties of software that uses a well-defined interface. The process requires only that the user state the property of interest. It then automatically creates abstractions of C code using iterative refinement, based on the given property. The process is realized in the SLAM toolkit, which consists of a model checker, predicate abstraction tool and predicate discovery tool. We have applied the SLAM toolkit to a number of Windows NT device drivers to validate critical safety properties such as correct locking behavior. We have found that the process converges on a set of predicates powerful enough to validate properties in just a few iterations.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
T. Ball, R. Majumdar, T. Millstein, and S. K. Rajamani. Automatic predicate abstraction of C programs. In PLDI 01: Programming Language Design and Implementation (to appear). ACM, 2001.
T. Ball, A. Podelski, and S. K. Rajamani. Boolean and cartesian abstractions for model checking C programs. In TACAS 01: Tools and Algorithms for Construction and Analysis of Systems(to appear). Springer-Verlag, 2001.
T. Ball and S. K. Rajamani. Bebop: A symbolic model checker for Boolean programs. In SPIN 00: SPIN Workshop, LNCS 1885, pages 113–130. Springer-Verlag, 2000.
D. Blei and et al. Vampyre: A proof generating theorem prover — http://www.eecs.berkeley.edu/ rupak/vampyre.
R. Bryant. Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers, C-35(8):677–691, 1986.
W. R. Bush, J. D. Pincus, and D. J. Sielaff. A static analyzer for finding dynamic programming errors. Software-Practice and Experience, 30(7):775–802, June 2000.
E. Clarke, O. Grumberg, S. Jha, Y. Lu, and H. Veith. Counterexample-guided abstraction refinement. In CAV 00: Computer Aided Verification, LNCS 1855, pages 154–169. Springer-Verlag, 2000.
J. Corbett, M. Dwyer, J. Hatcliff, C. Pasareanu, Robby, S. Laubach, and H. Zheng. Bandera: Extracting finite-state models from Java source code. In ICSE 2000: International Conference on Software Engineering, pages 439–448. ACM, 2000.
P. Cousot and R. Cousot. Abstract interpretation: a uni_ed lattice model for the static analysis of programs by construction or approximation of fix points. In POPL 77: Principles of Programming Languages, pages 238–252. ACM, 1977.
P. Cousot and R. Cousot. Temporal abstract interpretation. In POPL 00: Principles of Programming Languages, pages 12–25. ACM, 2000.
M. Das. Unification-based pointer analysis with directional assignments. In PLDI 00: Programming Language Design and Implementation, pages 35–46. ACM, 2000.
R. DeLine and M. Fähndrich. Enforcing high-level protocols in low-level software In PLDI 01: Programming Language Design and Implementation(to appear). ACM, 2001.
D. Detlefs, G. Nelson, and J. Saxe. Simplify theorem prover — http://research.compaq.com/src/esc/simplify.html.
D. L. Detlefs, K. R. M. Leino, G. Nelson, and J. B. Saxe. Extended static checking. Technical Report Research Report 159, Compaq Systems Research Center, December 1998.
E. Dijkstra. A Discipline of Programming. Prentice-Hall, 1976.
M. Dwyer and L. Clarke. Data flow analysis for verifying properties of concurrent programs. In FSE 94: Foundations of Software Engineering, pages 62–75. ACM, 1994.
M. Dwyer, J. Hatcliff, R. Joehanes, S. Laubach, C. Pasareanu, Robby, W. Visser, and H. Zheng. Tool-supported program abstraction for finite-state verification. In ICSE 01: Software Engineering (to appear), 2001.
D. Engler, B. Chelf, A. Chou, and S. Hallem. Checking system rules using system-specific, programmer-written compiler extensions. In OSDI 00: Operating System Design and Implementation. Usenix Association, 2000.
C. Flanagan, R. Joshi, and K. R. M. Leino. Annotation inference for modular checkers. Information Processing Letters (to appear), 2001.
S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In CAV 97: Computer Aided Verification, LNCS 1254, pages 72–83. Springer-Verlag, 1997.
G. Holzmann. The Spin model checker. IEEE Transactions on Software Engineering, 23(5):279–295, May 1997.
G. Holzmann. Logic verification of ANSI-C code with Spin. In SPIN 00: SPIN Workshop, LNCS 1885, pages 131–147. Springer-Verlag, 2000.
R. Kurshan. Computer-aided Verification of Coordinating Processes. Princeton University Press, 1994.
L. Lamport. Proving the correctness of multiprocess programs. IEEE Transactions on Software Engineering, SE-3(2):125–143, 1977.
K. R. M. Leino and G. Nelson. An extended static checker for Modula-3. In CC 98: Compiler Construction, LNCS 1383, pages 302–305. Springer-Verlag, 1998.
G. Necula. Proof carrying code. In POPL 97: Principles of Programming Languages, pages 106–119. ACM, 1997.
G. Nelson. Techniques for program verification. Technical Report CSL81-10, Xerox Palo Alto Research Center, 1981.
S. Owre, S. Rajan, J. Rushby, N. Shankar, and M. Srivas. PVS: Combining specification, proof checking, and model checking. In CAV 96: Computer-Aided Verification, LNCS 1102, pages 411–414. Springer-Verlag, 1996.
J. Pincus. personal communication, October 2000.
W. Pugh. A practical algorithm for exact array dependence analysis. Communications of the ACM, 35(8):102–114, August 1992.
T. Reps, S. Horwitz, and M. Sagiv. Precise interprocedural dataflow analysis via graph reachability. In POPL 95: Principles of Programming Languages, pages 49–61. ACM, 1995.
H. Saidi and N. Shankar. Abstract and model check while you prove. In CAV 99: Computer-aided Verification, LNCS 1633, pages 443–454. Springer-Verlag, 1999.
D. Schmidt. Data flow analysis is model checking of abstract interpretation. In POPL 98: Principles of Programming Languages, pages 38–48. ACM, 1998.
M. Sharir and A. Pnueli. Two approaches to interprocedural data dalow analysis. In Program Flow Analysis: Theory and Applications, pages 189–233. Prentice-Hall, 1981.
N. Suzuki and K. Ishihata. Implementation of an array bound checker. In POPL 77: Principles of Programming Languages, pages 132–143. ACM, 1977.
Z. Xu, B. P. Miller, and T. Reps. Safety checking of machine code. In PLDI 00: Programming Language Design and Implementation, pages 70–82. ACM, 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ball, T., Rajamani, S.K. (2001). Automatically validating temporal safety properties of interfaces. In: Dwyer, M. (eds) Model Checking Software. SPIN 2001. Lecture Notes in Computer Science, vol 2057. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45139-0_7
Download citation
DOI: https://doi.org/10.1007/3-540-45139-0_7
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42124-5
Online ISBN: 978-3-540-45139-6
eBook Packages: Springer Book Archive