Advertisement

Underapproximating Predicate Transformers

  • David A. Schmidt
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4134)

Abstract

We study the underapproximation of the predicate transformers used to give semantics to the modalities in dynamic and temporal logic. Because predicate transformers operate on state sets, we define appropriate powerdomains for sound approximation. We study four such domains — two are based on “set inclusion” approximation, and two are based on “quantification” approximation — and we apply the domains to synthesize the most precise, underapproximating \(\widetilde{pre}\) and pre transformers, in the latter case, introducing a focus operation. We also show why the expected abstractions of post and \(\widetilde{post}\) are unsound, and we use the powerdomains to guide us to correct, sound underapproximations.

Keywords

Model Check Complete Lattice Abstract Interpretation Abstract Domain Denotational Semantic 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bourdoncle, F.: Abstract debugging of higher-order imperative languages. In: Proc. ACM Conf. PLDI, pp. 46–55 (2003)Google Scholar
  2. 2.
    Clarke, E.M., Grumberg, O., Long, D.E.: Model checking and abstraction. ACM Transactions on Programming Languages and Systems 16(5), 1512–1542 (1994)CrossRefGoogle Scholar
  3. 3.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (2000)Google Scholar
  4. 4.
    Cleaveland, R., Iyer, P., Yankelevich, D.: Optimality in abstractions of model checking. In: Mycroft, A. (ed.) SAS 1995. LNCS, vol. 983. Springer, Heidelberg (1995)Google Scholar
  5. 5.
    Cousot, P.: Méthodes itératives de construction et d’approximation de points fixes d’opérateurs monotones sur un treillis, analyse sémantique de programmes. PhD thesis, University of Grenoble (1978)Google Scholar
  6. 6.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs. In: Proc. 4th ACM Symp. POPL, pp. 238–252 (1977)Google Scholar
  7. 7.
    Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: Proc. 6th ACM Symp. POPL, pp. 269–282 (1979)Google Scholar
  8. 8.
    Cousot, P., Cousot, R.: Temporal abstract interpretation. In: Proc. 27th ACM Symp. on Principles of Programming Languages, pp. 12–25. ACM Press, New York (2000)Google Scholar
  9. 9.
    Dams, D.: Abstract interpretation and partition refinement for model checking. PhD thesis, Technische Universiteit Eindhoven, The Netherlands (1996)Google Scholar
  10. 10.
    Dams, D., Gerth, R., Grumberg, O.: Abstract interpretation of reactive systems. ACM Trans. Prog. Lang. Systems 19, 253–291 (1997)CrossRefGoogle Scholar
  11. 11.
    Dams, D., Namjoshi, K.: The existence of finite abstractions for branching time model checking. In: Proc. IEEE Symp. LICS 2004, pp. 335–344 (2004)Google Scholar
  12. 12.
    Dams, D.R., Namjoshi, K.S.: Automata as abstractions. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 216–232. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Davey, B.A., Priestly, H.A.: Introduction to Lattices and Order, 2nd edn. Cambridge University Press, Cambridge (2002)MATHGoogle Scholar
  14. 14.
    Fecher, H., Huth, M.: Complete abstractions through extensions of disjunctive modal transition systems. Technical Report 0604, Institut für Informatik und Praktische Mathematik der Christian-Albrechts-Universitaet zu Kiel (2005)Google Scholar
  15. 15.
    Giacobazzi, R., Quintarelli, E.: Incompleteness, counterexamples, and refinements in abstract model-checking. In: Cousot, P. (ed.) SAS 2001. LNCS, vol. 2126, pp. 356–373. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  16. 16.
    Giacobazzi, R., Ranzato, F.: The reduced relative power operation on abstract domains. Theoretical Comp. Sci. 216, 159–211 (1999)CrossRefMathSciNetMATHGoogle Scholar
  17. 17.
    Giacobazzi, R., Ranzato, F., Scozzari, F.: Making abstract interpretations complete. J. ACM 47, 361–416 (2000)CrossRefMathSciNetMATHGoogle Scholar
  18. 18.
    Heckmann, R.: Power domain constructions. PhD thesis, Univ. Saarbrücken (1990)Google Scholar
  19. 19.
    Larsen, K.: Proof systems for Hennessy-Milner logic with recursion. In: Dauchet, M., Nivat, M. (eds.) CAAP 1988. LNCS, vol. 299. Springer, Heidelberg (1988)CrossRefGoogle Scholar
  20. 20.
    Larsen, K.G., Xinxin, L.: Equation solving using modal transition systems. In: LICS 1990 (1990)Google Scholar
  21. 21.
    Loiseaux, C., Graf, S., Sifakis, J., Bouajjani, A., Bensalem, S.: Property preserving abstractions for verification of concurrent systems. Formal Methods in System Design 6, 1–36 (1995)CrossRefGoogle Scholar
  22. 22.
    Massé, D.: Combining forward and backward analyses of temporal properties. In: Danvy, O., Filinski, A. (eds.) PADO 2001. LNCS, vol. 2053, pp. 103–172. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  23. 23.
    Massé, D.: Property checking driven abstract interpretation-based static analysis. In: Zuck, L.D., Attie, P.C., Cortesi, A., Mukhopadhyay, S. (eds.) VMCAI 2003. LNCS, vol. 2575, pp. 56–69. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  24. 24.
    Plotkin, G.: Domains. Lecture notes, Univ. Pisa/Edinburgh (1983)Google Scholar
  25. 25.
    Ranzato, F., Tapparo, F.: Strong preservation as completeness in abstract interpretation. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 18–32. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  26. 26.
    Ranzato, F., Tapparo, F.: An abstract interpretation-based refinement algorithm for strong preservation. In: Halbwachs, N., Zuck, L.D. (eds.) TACAS 2005. LNCS, vol. 3440, pp. 140–156. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Ranzato, F., Tapparo, F.: Strong preservation of temporal fixpoint-based operators by abstract interpretation. In: Emerson, E.A., Namjoshi, K.S. (eds.) VMCAI 2006. LNCS, vol. 3855, pp. 332–347. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  28. 28.
    Sagiv, M., Reps, T., Wilhelm, R.: Parametric shape analysis via 3-valued logic. ACM TOPLAS 24, 217–298 (2002)CrossRefGoogle Scholar
  29. 29.
    Schmidt, D.A.: Data-flow analysis is model checking of abstract interpretations. In: Proc. 25th ACM Symp. on Principles of Prog. Languages. ACM Press, New York (1998)Google Scholar
  30. 30.
    Schmidt, D.A.: Closed and logical relations for over- and under-approximation of powersets. In: Giacobazzi, R. (ed.) SAS 2004. LNCS, vol. 3148, pp. 22–37. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  31. 31.
    Schmidt, D.A.: A calculus of logical relations for over- and underapproximating static analyses. Science of Computer Programming (in press)Google Scholar
  32. 32.
    Shoham, S., Grumberg, O.: Monotonic abstraction-refinement for CTL. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 546–560. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  33. 33.
    Shoham, S., Grumberg, O.: 3-valued abstraction: More precision at less cost. In: LICS 2006 (2006)Google Scholar
  34. 34.
    Steffen, B.: Generating data-flow analysis algorithms for modal specifications. Science of Computer Programming 21, 115–139 (1993)CrossRefMATHGoogle Scholar
  35. 35.
    Steffen, B., Classen, A., Klein, M., Knoop, J., Margaria, T.: The fixpoint analysis machine. In: Lee, I., Smolka, S.A. (eds.) CONCUR 1995. LNCS, vol. 962, pp. 72–87. Springer, Heidelberg (1995)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • David A. Schmidt
    • 1
  1. 1.Kansas State UniversityManhattanUSA

Personalised recommendations