Download
1 / 20
230 likes | 446 Views
Automated Verification of Software thesis progress report. Ondřej Šerý Advisor: František Plášil. Problem statement. Problem: “Slow adoption of automated software verification in industry”. Thesis: Automated Software Verification. Problem
E N D
Automated Verification of Softwarethesis progress report Ondřej Šerý Advisor: František Plášil
Problem statement Problem: “Slow adoption of automated software verification in industry” Ondřej Šerý: Automated Verification of Software
Thesis: Automated Software Verification Problem “Slow adoption of automated software verification in industry” • Scaling • Low user-friendliness of the tools • Usually no GUI, LTL properties, hard-to-master spec. lang. • Hard to assess and choose a particular tool • No general set of test/benchmarks • No competition (like SAT-COMP and SMT-COMP) • Few (successful) case studies • Missing methodology • How to apply the techniques in the SW development cycle? • Appropriate education missing • Trend to decrease amount of math and logic in CS education • Few special lectures devoted to this problem • No comprehensive textbook on code model checking and deductive verification Goal • Comprehensive summary of the field • Code Model Checking + Deductive Verification • Inclusion of 3-4 related (co)authored papers [4] [3] Cunning plan:reuse some of the textin a NSWI132 textbook… some day… [2] [1] Ondřej Šerý: Automated Verification of Software
Outline 1 Introduction 2 State-of-the-art 2.1 Code Model Checking 2.2 Explicit State Code Model Checking 2.3 Abstraction Based Code Model Checking 2.4 Mixed Approaches 2.5 Deductive Verification 2.6 Other techniques 2.7 Case Studies 3 Collection of Papers 4 Evaluation 5 Future Work 6 Conclusion References Ondřej Šerý: Automated Verification of Software
Explicit State Code Model Checking Key Idea • Explicit representation of the program state Tools • Java PathFinder, MoonWalker, CMC, Zing, dSPIN Topics • Basics • State Storage and Matching • Collapsing Full States • State Symmetries • Incremental Heap Canonicalization • State Space Reductions • Partial Order Reduction • Summaries • Symbolic Execution Ondřej Šerý: Automated Verification of Software
Abstraction Based Code Model Checking Key Idea • Predicate abstraction, counter-example guided abstraction refinement Tools • SLAM, BLAST, SATABS, CBMC Topics • Basics • Lazy Abstraction • Local Predicates • Lazy Shape Abstraction • Specification Languages • Termination Ondřej Šerý: Automated Verification of Software
Mixed Approaches Key Idea • Mixing explicit state and abstraction based model checking Topics • Synergy (YOGI) • Predicate Abstraction with Under-Approximation Refinement • Dynamic Precision Adjustment (BLAST) • Dynamic Analysis (PEX, CHESS) Ondřej Šerý: Automated Verification of Software
Deductive Verification Key Ideas • Based on Hoare reasoning • Heavy use of automated provers Tools • Java: JML • .NET: Spec#, Code Contracts • C: ACSL (FramaC), VCC Topics • Basics • Heap • Concurrency and Ownership • Object Protocols Ondřej Šerý: Automated Verification of Software
Collection of Papers [1] Kofron, J., Parizek, P., Sery, O.: On Teaching Formal Methods: Behavior Models and Code Analysis, Accepted for publication in Proceedings of the 2nd International FME Conference on Teaching Formal Methods (TFM 2009), LNCS 5846, Nov 2009 [2] Kebrt, M., Sery, O.: UnitCheck: Unit Testing and Model Checking Combined, Accepted for publication in Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis (ATVA'09), LNCS, Oct 2009 [3] Kolb, E., Sery, O., Weiss, R.: Applicability of the BLAST Model Checker: An Industrial Case Study, Accepted for publication in Post-proceedings of PSI'09, LNCS, Apr 2009 [best PC score award] [4] Sery, O.: Enhanced Property Specification and Verification in BLAST, In Proceedings of FASE 2009, LNCS 5503, pp. 456-469, York, UK, Mar 2009 [5] Kofron, J., Poch, T., Sery, O.: Making Components Fit: SPINing, In Proceedings of 32nd Software Engineering Workshop, IEEE, ISBN 978-0-7695-3617-0, pp. 65-74, Greece, Jan 2009 [6] Kofron, J., Plasil, F., Sery, O.: Modes in component behavior specification via EBP and their application in product lines, In Information and Software Technology 51/1, pp. 31-41, Elsevier, Jan 2009 [7] Kofron, J., Poch, T., Sery, O.: TBP: Code-Oriented Component Behavior Specification, In Proceedings of 32nd Software Engineering Workshop, IEEE, ISBN 978-0-7695-3617-0, pp. 75-83, Greece, Jan 2009 [8] Bulej, L., Bures, T., Thierry Coupaye, Decky, M., Jezek, P., Parizek, P., Plasil, F., Poch, T., Nicolas Rivierre, Sery, O., Tuma, P.: CoCoME in Fractal, Chapter in The Common Component Modeling Example: Comparing Software Component Models, Springer-Verlag, LNCS 5153, Aug 2008 [9] Bures, T., Decky, M., Hnetynka, P., Kofron, J., Parizek, P., Plasil, F., Poch, T., Sery, O., Tuma, P.: CoCoME in SOFA, Chapter in The Common Component Modeling Example: Comparing Software Component Models, Springer-Verlag, LNCS 5153, Aug 2008 [10] Sery, O., Plasil, F.: Slicing of Component Behavior Specification with Respect to Their Composition, In Proceedings of 10th International ACM SIGSOFT Symposium on Component-Based Software Engineering (CBSE 2007), LNCS 4608, Jul 2007 … Ondřej Šerý: Automated Verification of Software
Enhanced Property Specification and Verification in BLAST Šerý O. FASE 2009, York (UK) Ondřej Šerý: Automated Verification of Software
Blast spec. language int a = 3; void f() { lock(); a++; unlock(); } int locked = 0; int a = 3; void f() { if (!(locked == 0)) { assert(0); } locked = 1; lock(); a++; if (!(locked == 1)) { assert(0); } locked = 0; unlock(); } Predicates to be found & tracked theorem prover calls global int locked = 0; event { pattern { lock(); } guard { locked == 0 } action { locked = 1; } } event { pattern { unlock(); } guard { locked == 1 } action { locked = 0; } } Ondřej ŠerýDSRG Seminar 5th March 2008
BP: !lock^ ?lock$ !unlock^ 1 2 3 4 ?unlock$ Blast & BP int a = 3; void f() { lock(); a++; unlock(); } 1 Pros: • Marking the error states • No changes in the input C code • No new predicates • Differentiates among states • No laziness in the important properties Cons: • Strictly weaker in expressive power • FSM vs. TM 1 1 3 3 1 (!lock; !unlock)* Ondřej ŠerýDSRG Seminar 5th March 2008
Applicability of the BLAST Model Checker: An Industrial Case Study Kolb, E., Šerý, O., Weiss, R. PSI 2009, Novosibirsk Ondřej Šerý: Automated Verification of Software
OPC UA OLEfor Process Control - Unified Architecture • Standardized by OPC Foundation • www.opcfoundation.org • Platform- and Network-independent communication • Field Devices, Control Systems, Manufacturing Execution Systems, and Enterprise Resource Planning Systems • Language bindings • C/C++, Java, .NET Ondřej Šerý: Automated Verification of Software
Implementation for the C language Developed at ABB ~150 KLOC of ANSI C Designed for both PC-based and embedded systems OPC UA C-Stack Ondřej Šerý: Automated Verification of Software
Results summary (1/2) Locking policy: Ondřej Šerý: Automated Verification of Software
Results summary (2/2) MessageContext management: Encoder management: Ondřej Šerý: Automated Verification of Software
UnitCheck: Unit Testing and Model Checking Combined Kebrt, M., Sery, O. ATVA 2009, Macau Ondřej Šerý: Automated Verification of Software
UnitCheck Problem • Missing methodology for application of code model checking Key idea • Exhaustively explore state space of unittests • In JUnit: JVM Java PathFinder Benefit • Developer can use the same interface while getting more confidence Ondřej Šerý: Automated Verification of Software
Thank you for your attentionQuestions? Aswers also at: ondrej.sery@dsrg.mff.cuni.cz www.dsrg.mff.cuni.cz Ondřej Šerý: Automated Verification of Software
