Advertisement

An abstraction refinement approach combining precise and approximated techniques

  • Natasha Sharygina
  • Stefano Tonetta
  • Aliaksei Tsitovich
Regular Paper

Abstract

Predicate abstraction is a powerful technique to reduce the state space of a program to a finite and affordable number of states. It produces a conservative over-approximation where concrete states are grouped together according to a given set of predicates. A precise abstraction contains the minimal set of transitions with regard to the predicates, but as a result is computationally expensive. Most model checkers therefore approximate the abstraction to alleviate the computation of the abstract system by trading off precision with cost. However, approximation results in a higher number of refinement iterations, since it can produce more false counterexamples than its precise counterpart. The refinement loop can become prohibitively expensive for large programs. This paper proposes a new approach that employs both precise (slow) and approximated (fast) abstraction techniques within one abstraction-refinement loop. It allows computing the abstraction quickly, but keeps it precise enough to avoid too many refinement iterations. We implemented the new algorithm in a state-of-the-art software model checker. Our tests with various real-life benchmarks show that the new approach almost systematically outperforms both precise and imprecise techniques.

Keywords

Predicate abstraction Precise abstraction Approximated abstraction CEGAR 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
  2. 2.
    Ball, T., Cook, B., Das, S., Rajamani, S.K.: Refining approximations in software predicate abstraction. In: TACAS 388–403 (2004)Google Scholar
  3. 3.
    Ball, T., Majumdar, R., Millstein, T.D., Rajamani, S.K.: Automatic predicate abstraction of C programs. In: PLDI 203–213 (2001)Google Scholar
  4. 4.
    Ball T., Podelski A., Rajamani S.K.: Boolean and Cartesian abstraction for model checking C programs. STTT 5(1), 49–58 (2003)Google Scholar
  5. 5.
    Ball, T., Rajamani, S.K.: Boolean programs: A model and process for software analysis. Technical report 2000–2014, Microsoft research, February (2000)Google Scholar
  6. 6.
    Ball, T., Rajamani, S.K.: Generating abstract explanations of spurious counterexamples in C programs. Technical report 2002–2009, Microsoft research, September (2002)Google Scholar
  7. 7.
    Braghin, C., Sharygina, N., Barone-Adesi, K.: Automated verification of security policies in mobile code. In: Davies, J., Gibbons, J., (eds) IFM. volume 4591 of Lecture Notes in Computer Science. Springer, Berlin, pp. 37–53 (2007)Google Scholar
  8. 8.
    Bryant R. E.: Graph-based algorithms for boolean function manipulation. IEEE Trans Comput C-35(8), 677–691 (1986)CrossRefGoogle Scholar
  9. 9.
    Burch J.R., Clarke E.M., McMillan K.L., Dill D.L., Hwang L.J.: Symbolic model checking: 1020 states and beyond. Inf. Comput. 98(2), 142–170 (1992)MathSciNetzbMATHCrossRefGoogle Scholar
  10. 10.
    Cavada, R., Cimatti, A., Franzén, A., Kalyanasundaram, K., Roveri, M., Shyamasundar, R. K.: Computing predicate abstractions by integrating BDDs and SMT solvers. In: FMCAD IEEE, pp. 69–76 (2007)Google Scholar
  11. 11.
    Clarke, E., Talupur, M., Veith, H., Wang, D.: SAT based predicate abstraction for hardware verification. In: SAT (2003)Google Scholar
  12. 12.
    Clarke, E.M., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-Guided Abstraction Refinement. In: CAV, pp. 154–169 (2000)Google Scholar
  13. 13.
    Clarke E.M., Grumberg O., Long D.E.: Model checking and abstraction. ACM Trans. Program. Lang. Syst. 16(5), 1512–1542 (1994)CrossRefGoogle Scholar
  14. 14.
    Clarke, E.M., Gupta, A., Kukula, J.H., Strichman, O.: SAT based abstraction-refinement using ILP and machine learning techniques. In: CAV, pp. 265–279 (2002)Google Scholar
  15. 15.
    Clarke E.M., Kroening D., Sharygina N., Yorav K.: Predicate abstraction of ANSI-C programs using SAT. Formal methods in system design 25(2–3), 105–127 (2004)zbMATHCrossRefGoogle Scholar
  16. 16.
    Colón, M., Uribe, T.E.: Generating finite-state abstractions of reactive systems using decision procedures. In: CAV, pp. 293–304 (1998)Google Scholar
  17. 17.
    Das, S., Dill, D.L.: Successive approximation of abstract transition relations. In: LICS, pp. 51–60 (2001)Google Scholar
  18. 18.
    Das, S., Dill, D.L., Park, S.: Experience with predicate abstraction. In: CAV (1999)Google Scholar
  19. 19.
    Eén, N., Sörensson, N., An extensible sat-solver. In: SAT, pp. 502–518 (2003)Google Scholar
  20. 20.
    Graf, S., Saïdi, H.: Construction of abstract state graphs with PVS. In: CAV, pp. 72–83 (1997)Google Scholar
  21. 21.
    Gupta, A., Strichman, O.: Abstraction refinement for bounded model checking. In: CAV, pp. 112–124 (2005)Google Scholar
  22. 22.
    Henzinger, T.A., Jhala, R., Majumdar, R., McMillan, K.L.: Abstractions from proofs. In: POPL, pp. 232–244 (2004)Google Scholar
  23. 23.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy Abstraction. In POPL, pp. 58–70 (2002)Google Scholar
  24. 24.
    Jain, H., Kroening, D., Sharygina, N., Clarke, E.M.: Word level predicate abstraction and refinement for verifying RTL verilog. In: DAC, pp. 445–450 (2005)Google Scholar
  25. 25.
    Jain, H., Ivancic, F., Gupta, A., Ganai, M. K.: Localization and register sharing for predicate abstraction. In: TACAS, pp. 397–412 (2005)Google Scholar
  26. 26.
    Jhala, R., McMillan, K.L.: Interpolant-based transition relation approximation. In: CAV, pp. 39–51 (2005)Google Scholar
  27. 27.
    Jhala, R., McMillan, K.L.: A practical and complete approach to predicate refinement. In: TACAS, pp. 459–473 (2006)Google Scholar
  28. 28.
    Ku, K., Hart, T. E., Chechik, M., Lie, D.: A buffer overflow benchmark for software model checkers. In: ASE ’07 ACM Press, pp. 389–392 (2007)Google Scholar
  29. 29.
    Lahiri, S.K., Ball, T., Cook, B.: Predicate abstraction via symbolic decision procedures. Log. Methods Comput. Sci. 3(2) (2007)Google Scholar
  30. 30.
    Lahiri, S.K., Nieuwenhuis, R., Oliveras, A.: SMT techniques for fast predicate abstraction. In: CAV. LNCS, Springer, Berlin, pp. 424–437 (2006)Google Scholar
  31. 31.
    McMillan, K.L.: Lazy abstraction with interpolants. In: CAV, pp. 123–136 (2006)Google Scholar
  32. 32.
    McMillan, K.L.: Applying SAT methods in unbounded symbolic model checking. In: CAV, pp. 250–264 (2002)Google Scholar
  33. 33.
    Nielson F., Nielson H. R., Hankin C. L.: Principles of Program Analysis. Springer, Berlin (1999)zbMATHGoogle Scholar
  34. 34.
    Sharygina, N., Tonetta, S., Tsitovich, A.: The synergy of precise and fast abstractions for program verification. In: 24th annual ACM symposium on applied computing. Honolulu, Hawaii, USA, ACM (2009)Google Scholar

Copyright information

© Springer-Verlag 2011

Authors and Affiliations

  • Natasha Sharygina
    • 1
    • 3
  • Stefano Tonetta
    • 2
  • Aliaksei Tsitovich
    • 1
  1. 1.University of LuganoLuganoSwitzerland
  2. 2.Fondazione Bruno KesslerTrentoItaly
  3. 3.School of Computer ScienceCarnegie Mellon UniversityPittsburghUSA

Personalised recommendations