Skip to main content
SpringerLink
Log in

Applying symbolic bounded model checking to the 2012 RERS greybox challenge

  • Rers
  • Published:
International Journal on Software Tools for Technology Transfer Aims and scope Submit manuscript

Abstract

We describe the application of ESBMC, a symbolic bounded model checker for C programs, to the 2012 RERS greybox challenge. We checked the reachability properties via reachability of the error labels, and the behavioral properties via a bounded LTL model checking approach. Our approach could solve about 700 properties for the small and medium problems from the offline phase, and scored overall about 5,000 marks but still ranked last in the competition.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

Notes

  1. With further improvements by Babiak et al. [1].

  2. Note that the internal program structure still plays a role: for the same unwinding bound the hard problems take one to two orders of magnitude longer than the easy or moderate ones; see Table 1 for details.

  3. Since this specific LTL formula only uses output the traces (and thus prefixes) consist of output-literals only. However, the corresponding input values can still be extracted from the BMC counterexamples.

References

  1. Babiak, T., Kr̆etínský, M., Rehák, V., Strejc̆ek, J.: LTL to Büchi Automata translation: fast and more deterministic. TACAS, LNCS 7241, 95–109 (2012)

    Google Scholar 

  2. Bauer, A., Haslum, P.: LTL goal specifications revisited. ECAI’10 Front. Artif. Intell. Appl. 215, 881–886 (2010)

    Google Scholar 

  3. Bauer, A., Leucker, M., Schallhart, C.: Comparing LTL semantics for runtime verification. J. Log. Comput. 20(3), 651–674 (2010)

    Article  MATH  MathSciNet  Google Scholar 

  4. Brummayer, R., Biere, A.: Boolector: an efficient SMT solver for bit-vectors and arrays. TACAS, LNCS 5505, 174–177 (2009)

    Google Scholar 

  5. Chai, M., Li, X., Zhao, L.: Runtime verification based on 4-valued past time LTL. In: Intl. Conf. Computer Science and Information Processing, pp. 567–570 (2012)

  6. Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. TACAS, LNCS 2988, 168–176 (2004)

    Google Scholar 

  7. Clarke, E., Lerda, F.: Model checking: software and beyond. J. Univ. Computer Sci. 13, 639–649 (2007)

    MathSciNet  Google Scholar 

  8. Cordeiro, L., Fischer, B.: Verifying multi-threaded software using SMT-based context-bounded model checking. ICSE, pp. 331–340 (2011)

  9. Cordeiro, L., Fischer, B., Marques-Silva, J.: SMT-based bounded model checking for embedded ANSI-C software. IEEE Trans. Softw. Eng. 38(4), 957–974 (2012)

    Article  Google Scholar 

  10. Cordeiro, L., Morse, J., Nicole, D., Fischer, B.: Context-bounded model checking with ESBMC 1.17. TACAS, LNCS 7214, 533–536 (2012)

  11. de Moura, L.M., Bjørner, N.: An efficient SMT solver:Z3. TACAS, LNCS 4963, 337–340 (2008)

  12. Gastin, P., Oddoux, D.: Fast LTL to Büchi Automata Translation. CAV, LNCS 2102, 53–65 (2001)

    MathSciNet  Google Scholar 

  13. Holzmann, G.: The SPIN Model Checker—Primer and Reference Manual. Addison-Wesley, Boston (2004)

    Google Scholar 

  14. Kupferman, O., Vardi, M.: Model checking of safety properties. Formal Methods Syst. Design 19(3), 291–314 (2001)

    Article  MATH  MathSciNet  Google Scholar 

  15. Lamport, L.: What good is temporal logic? Inf. Process. 83, 657–668 (1983)

    Google Scholar 

  16. Li, X., Chai, M., Zhao, L., Tang, T., Xu, T.: Safety monitoring for ETCS with 4-valued LTL. In: Intl. Symposium Autonomous Decentralized Systems, pp. 86–91 (2011)

  17. Morse, J., Cordeiro, L., Nicole, D., Fischer, B.: Context-bounded model checking of LTL properties for ANSI-C software. SEFM, LNCS 7041, 302–317 (2011)

    Google Scholar 

  18. Morse, J., Cordeiro, L., Nicole, D., Fischer, B.: Model checking LTL properties over ANSI-C programs with bounded traces. J. Softw. Syst. Model (2013) (Online first)

  19. Pnueli, A.: The temporal logic of programs. FOCS, pp. 46–57 (1977)

  20. van de Pol, J., Ruys, T.C., te Brinke, S.: Thoughtful Brute force attack of the RERS 2012 and 2013 challenges. STTT, this volume (2014)

  21. Steffen, B., Isberner, M., Naujokat, S., Margaria, T., Geske, M.: Property-driven benchmark generation: synthesizing programs of realistic structure. STTT. doi:10.1007/s10009-014-0336-z (2014)

  22. Visser, W.: Personal communication (2012)

Download references

Acknowledgments

The authors acknowledge the use of the IRIDIS High Performance Computing Facility, and associated support services at the University of Southampton, in the completion of this work

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Bristol, Bristol, UK

    Jeremy Morse

  2. Electronic and Information Research Center, Federal University of Amazonas, Manaus, Brazil

    Lucas Cordeiro

  3. Electronics and Computer Science, University of Southampton, Southampton, UK

    Denis Nicole

  4. Division of Computer Science, Stellenbosch University, Stellenbosch, South Africa

    Bernd Fischer

Authors
  1. Jeremy Morse
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lucas Cordeiro
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Denis Nicole
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bernd Fischer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bernd Fischer.

Appendix: Detailed results

Appendix: Detailed results

See Tables 1 and 2.

Table 1 Results for the reachability properties
Full size table
Table 2 Results for behavioral properties
Full size table

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Morse, J., Cordeiro, L., Nicole, D. et al. Applying symbolic bounded model checking to the 2012 RERS greybox challenge. Int J Softw Tools Technol Transfer 16, 519–529 (2014). https://doi.org/10.1007/s10009-014-0335-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10009-014-0335-0

Keywords

Search

Navigation