Catálogo de publicaciones - libros
Título de Acceso Abierto
Computer Aided Verification
Hana Chockler ; Georg Weissenbacher (eds.)
En conferencia: 30º International Conference on Computer Aided Verification (CAV) . Oxford, United Kingdom . July 14, 2018 - July 17, 2018
Resumen/Descripción – provisto por la editorial
No disponible.
Palabras clave – provistas por la editorial
Logics and Meanings of Programs; Software Engineering; Artificial Intelligence (incl. Robotics); Mathematical Logic and Formal Languages; Algorithm Analysis and Problem Complexity; Simulation and Modeling
Disponibilidad
Institución detectada | Año de publicación | Navegá | Descargá | Solicitá |
---|---|---|---|---|
No requiere | 2018 | SpringerLink |
Información
Tipo de recurso:
libros
ISBN impreso
978-3-319-96141-5
ISBN electrónico
978-3-319-96142-2
Editor responsable
Springer Nature
País de edición
Reino Unido
Fecha de publicación
2018
Información sobre derechos de publicación
© The Editor(s) (if applicable) and The Author(s) 2018
Tabla de contenidos
Let this Graph Be Your Witness!
Hannah Arndt; Christina Jansen; Joost-Pieter Katoen; Christoph Matheja; Thomas Noll
We present a graph-based tool for analysing Java programs operating on dynamic data structures. It involves the generation of an abstract state space employing a user-defined graph grammar. LTL model checking is then applied to this state space, supporting both structural and functional correctness properties. The analysis is fully automated, procedure-modular, and provides informative visual feedback including counterexamples in the case of property violations.
- Tools | Pp. 3-11
MaxSMT-Based Type Inference for Python 3
Mostafa Hassan; Caterina Urban; Marco Eilers; Peter Müller
We present , a sound type inferencer that automatically infers Python 3 type annotations. encodes type constraints as a problem and uses optional constraints and specific quantifier instantiation patterns to make the constraint solving process efficient. Our experimental evaluation shows that scales to real world Python programs and outperforms state-of-the-art tools.
- Tools | Pp. 12-19
The JK Model Checker
Andrew Gacek; John Backes; Mike Whalen; Lucas Wagner; Elaheh Ghassabani
is an open-source industrial model checker developed by Rockwell Collins and the University of Minnesota. uses multiple parallel engines to prove or falsify safety properties of infinite state models. It is portable, easy to install, performance competitive with other state-of-the-art model checkers, and has features designed to improve the results presented to users: for proofs and for test-case generation. It serves as the back-end for various industrial applications.
- Tools | Pp. 20-27
The DEEPSEC Prover
Vincent Cheval; Steve Kremer; Itsaka Rakotonirina
In this paper we describe the prover, a tool for security protocol analysis. It decides equivalence properties modelled as trace equivalence of two processes in a dialect of the applied pi calculus.
- Tools | Pp. 28-36
SimpleCAR: An Efficient Bug-Finding Tool Based on Approximate Reachability
Jianwen Li; Rohit Dureja; Geguang Pu; Kristin Yvonne Rozier; Moshe Y. Vardi
We present a new safety hardware model checker SimpleCAR that serves as a reference implementation for evaluating Complementary Approximate Reachability (CAR), a new SAT-based model checking framework inspired by classical reachability analysis. The tool gives a “bottom-line” performance measure for comparing future extensions to the framework. We demonstrate the performance of SimpleCAR on challenging benchmarks from the Hardware Model Checking Competition. Our experiments indicate that SimpleCAR is particularly suited for unsafety checking, or ; it is able to solve 7 unsafe instances within 1 h that are not solvable by any other state-of-the-art techniques, including BMC and IC3/PDR, within 8 h. We also identify a bug (reports safe instead of unsafe) and 48 counterexample generation errors in the tools compared in our analysis.
- Tools | Pp. 37-44
StringFuzz: A Fuzzer for String Solvers
Dmitry Blotsky; Federico Mora; Murphy Berzish; Yunhui Zheng; Ifaz Kabir; Vijay Ganesh
In this paper, we introduce StringFuzz: a modular SMT-LIB problem instance transformer and generator for string solvers. We supply a repository of instances generated by StringFuzz in SMT-LIB 2.0/2.5 format. We systematically compare Z3str3, CVC4, Z3str2, and Norn on groups of such instances, and identify those that are particularly challenging for some solvers. We briefly explain our observations and show how StringFuzz helped discover causes of performance degradations in Z3str3.
- Tools | Pp. 45-51
Permission Inference for Array Programs
Jérôme Dohrau; Alexander J. Summers; Caterina Urban; Severin Münger; Peter Müller
Information about the memory locations accessed by a program is, for instance, required for program parallelisation and program verification. Existing inference techniques for this information provide only partial solutions for the important class of array-manipulating programs. In this paper, we present a static analysis that infers the memory footprint of an array program in terms of permission pre- and postconditions as used, for example, in separation logic. This formulation allows our analysis to handle concurrent programs and produces specifications that can be used by verification tools. Our analysis expresses the permissions required by a loop via maximum expressions over the individual loop iterations. These maximum expressions are then solved by a novel maximum elimination algorithm, in the spirit of quantifier elimination. Our approach is sound and is implemented; an evaluation on existing benchmarks for memory safety of array programs demonstrates accurate results, even for programs with complex access patterns and nested loops.
- Static Analysis | Pp. 55-74
Program Analysis Is Harder Than Verification: A Computability Perspective
Patrick Cousot; Roberto Giacobazzi; Francesco Ranzato
We study from a computability perspective static program analysis, namely detecting sound program assertions, and verification, namely sound checking of program assertions. We first design a general computability model for domains of program assertions and corresponding program analysers and verifiers. Next, we formalize and prove an instantiation of Rice’s theorem for static program analysis and verification. Then, within this general model, we provide and show a precise statement of the popular belief that program analysis is a harder problem than program verification: we prove that for finite domains of program assertions, program analysis and verification are equivalent problems, while for infinite domains, program analysis is strictly harder than verification.
- Static Analysis | Pp. 75-95
Automata vs Linear-Programming Discounted-Sum Inclusion
Suguman Bansal; Swarat Chaudhuri; Moshe Y. Vardi
The problem of formalizes the goal of comparing quantitative dimensions between systems such as worst-case execution time, resource consumption, and the like. Such systems are typically represented by formalisms such as weighted logics or weighted automata. Despite its significance in analyzing the quality of computing systems, the study of quantitative inclusion has mostly been conducted from a theoretical standpoint. In this work, we conduct the first empirical study of quantitative inclusion for discounted-sum weighted automata (DS-inclusion, in short).
Currently, two contrasting approaches for DS-inclusion exist: the linear-programming based DetLP and the purely automata-theoretic BCV. Theoretical complexity of DetLP is exponential in time and space while of BCV is PSPACE-complete. All practical implementations of BCV, however, are also exponential in time and space. Hence, it is not clear which of the two algorithms renders a superior implementation.
In this work we present the first implementations of these algorithms, and perform extensive experimentation to compare between the two approaches. Our empirical analysis shows how the two approaches complement each other. This is a nuanced picture that is much richer than the one obtained from the theoretical study alone.
- Theory and Security | Pp. 99-116
Model Checking Indistinguishability of Randomized Security Protocols
Matthew S. Bauer; Rohit Chadha; A. Prasad Sistla; Mahesh Viswanathan
The design of security protocols is extremely subtle and vulnerable to potentially devastating flaws. As a result, many tools and techniques for the automated verification of protocol designs have been developed. Unfortunately, these tools don’t have the ability to model and reason about protocols with randomization, which are becoming increasingly prevalent in systems providing privacy and anonymity guarantees. The security guarantees of these systems are often formulated by means of the indistinguishability of two protocols. In this paper, we give the first practical algorithms for model checking indistinguishability properties of randomized security protocols against the powerful threat model of a bounded Dolev-Yao adversary. Our techniques are implemented in the Stochastic Protocol ANalayzer () and evaluated on several examples. As part of our evaluation, we conduct the first automated analysis of an electronic voting protocol based on the 3-ballot design.
- Theory and Security | Pp. 117-135