Integration of Bounded Model Checking and Deductive Verification

  • Bernhard Beckert
  • Thorsten Bormer
  • Florian Merz
  • Carsten Sinz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7421)


Modular deductive verification of software systems is a complex task: the user has to put a lot of effort in writing module specifications that fit together when verifying the system as a whole. In this paper, we propose a combination of deductive verification and software bounded model checking (SBMC), where SBMC is used to support the user in the specification and verification process, while deductive verification provides the final correctness proof. SMBC provides early – as well as precise – feedback to the user. Unlike modular deductive verification, the SBMC approach is able to check annotations beyond the boundaries of a single module – even if other relevant modules are not annotated (yet). This allows to test whether the different module specifications in the system match the implementation at every step of the specification process.


Model Check Symbolic Execution Correctness Proof Generate Test Case Class Invariant 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barnett, M., Chang, B.-Y.E., DeLine, R., Jacobs, B., Leino, K.R.M.: Boogie: A Modular Reusable Verifier for Object-Oriented Programs. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 364–387. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Berezin, S., McMillan, K., Labs, C.B.: Model checking and theorem proving: a unified framework. Technical report, Carnegie Mellon Univ. (2002)Google Scholar
  3. 3.
    Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-Guided Abstraction Refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Cohen, E., Dahlweid, M., Hillebrand, M., Leinenbach, D., Moskal, M., Santen, T., Schulte, W., Tobies, S.: VCC: A Practical System for Verifying Concurrent C. In: Berghofer, S., Nipkow, T., Urban, C., Wenzel, M. (eds.) TPHOLs 2009. LNCS, vol. 5674, pp. 23–42. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  5. 5.
    de Moura, L., Bjørner, N.: Z3: An Efficient SMT Solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  6. 6.
    Delzanno, G., Podelski, A.: Constraint-based deductive model checking. Software Tools for Technology Transfer 3(3), 250–270 (2001)zbMATHGoogle Scholar
  7. 7.
    Dovland, J., Johnsen, E.B., Owe, O., Steffen, M.: Lazy behavioral subtyping. Journal of Logic and Algebraic Programming 79(7), 578–607 (2010)MathSciNetzbMATHCrossRefGoogle Scholar
  8. 8.
    Groce, A., Kroning, D., Lerda, F.: Understanding Counterexamples with Explain. In: Alur, R., Peled, D.A. (eds.) CAV 2004. LNCS, vol. 3114, pp. 453–456. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  9. 9.
    Kesten, Y., Klein, A., Pnueli, A., Raanan, G.: A Perfecto Verification: Combining Model Checking with Deductive Analysis to Verify Real-Life Software. In: Wing, J.M., Woodcock, J. (eds.) FM 1999. LNCS, vol. 1708, pp. 173–194. Springer, Heidelberg (1999)Google Scholar
  10. 10.
    Leino, K.R.M., Moskal, M.: Usable auto-active verification. Technical Report Manuscript KRML 212, Microsoft Research (2010)Google Scholar
  11. 11.
    Manna Z., Anuchitanukul, A., Bjørner, N., Browne, A., Chang, E., Colon, M., de Alfaro, L., Devarajan, H., Sipma, H., Uribe, T.E.: STeP: The Stanford Temporal Prover. Technical report, Stanford Univ.(1994)Google Scholar
  12. 12.
    Moskal, M.: Satisfiability Modulo Software. PhD thesis, Univ. of Wrocław (2009)Google Scholar
  13. 13.
    Müller, P., Ruskiewicz, J.N.: Using Debuggers to Understand Failed Verification Attempts. In: Butler, M., Schulte, W. (eds.) FM 2011. LNCS, vol. 6664, pp. 73–87. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  14. 14.
    Pnueli, A., Shahar, E.: A Platform for Combining Deductive with Algorithmic Verification. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 184–195. Springer, Heidelberg (1996)CrossRefGoogle Scholar
  15. 15.
    Sinz, C., Falke, S., Merz, F.: A precise memory model for low-level bounded model checking. In: SSV 2010 (2010)Google Scholar
  16. 16.
    Sipma, H., Uribe, T.E., Manna, Z.: Deductive model checking. Formal Methods in System Design 15(1), 49–74 (1999)CrossRefGoogle Scholar
  17. 17.
    Uribe, T.E.: Combinations of Model Checking and Theorem Proving. In: Kirchner, H. (ed.) FroCos 2000. LNCS, vol. 1794, pp. 151–170. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  18. 18.
    Vanoverberghe, D., Bjørner, N., de Halleux, J., Schulte, W., Tillmann, N.: Using Dynamic Symbolic Execution to Improve Deductive Verification. In: Havelund, K., Majumdar, R. (eds.) SPIN 2008. LNCS, vol. 5156, pp. 9–25. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Bernhard Beckert
    • 1
  • Thorsten Bormer
    • 1
  • Florian Merz
    • 1
  • Carsten Sinz
    • 1
  1. 1.Department of InformaticsKarlsruhe Institute of Technology (KIT)Germany

Personalised recommendations