Presentation is loading. Please wait.

Presentation is loading. Please wait.

DISTRIBUTED SYSTEMS RESEARCH GROUP Automated Verification of Software thesis progress report Ondřej Šerý Advisor: František Plášil.

Published bySydney Day Modified over 9 years ago

Similar presentations

Presentation on theme: "DISTRIBUTED SYSTEMS RESEARCH GROUP Automated Verification of Software thesis progress report Ondřej Šerý Advisor: František Plášil."— Presentation transcript:

1 DISTRIBUTED SYSTEMS RESEARCH GROUP http://dsrg.mff.cuni.cz Automated Verification of Software thesis progress report Ondřej Šerý Advisor: František Plášil

2 Ondřej Šerý: Automated Verification of Software 2 Problem statement Problem: “Slow adoption of automated software verification in industry”

3 Ondřej Šerý: Automated Verification of Software 3 Thesis: Automated Software Verification Problem “Slow adoption of automated software verification in industry” Scaling Low user-friendliness of the tools  Usually no GUI, LTL properties, hard-to-master spec. lang. Hard to assess and choose a particular tool  No general set of test/benchmarks  No competition (like SAT-COMP and SMT-COMP)  Few (successful) case studies Missing methodology  How to apply the techniques in the SW development cycle? Appropriate education missing  Trend to decrease amount of math and logic in CS education  Few special lectures devoted to this problem  No comprehensive textbook on code model checking and deductive verification Goal Comprehensive summary of the field  Code Model Checking + Deductive Verification Inclusion of 3-4 related (co)authored papers [3] [4] [1] [2] Cunning plan: reuse some of the text in a NSWI132 textbook… some day…

4 Ondřej Šerý: Automated Verification of Software 4 Outline 1 Introduction 2 State-of-the-art 2.1 Code Model Checking 2.2 Explicit State Code Model Checking 2.3 Abstraction Based Code Model Checking 2.4 Mixed Approaches 2.5 Deductive Verification 2.6 Other techniques 2.7 Case Studies 3 Collection of Papers 4 Evaluation 5 Future Work 6 Conclusion References

5 Ondřej Šerý: Automated Verification of Software 5 Explicit State Code Model Checking Key Idea  Explicit representation of the program state Tools  Java PathFinder, MoonWalker, CMC, Zing, dSPIN Topics  Basics  State Storage and Matching Collapsing Full States State Symmetries Incremental Heap Canonicalization  State Space Reductions Partial Order Reduction Summaries Symbolic Execution

6 Ondřej Šerý: Automated Verification of Software 6 Abstraction Based Code Model Checking Key Idea  Predicate abstraction, counter-example guided abstraction refinement Tools  SLAM, BLAST, SATABS, CBMC Topics  Basics  Lazy Abstraction  Local Predicates  Lazy Shape Abstraction  Specification Languages  Termination

7 Ondřej Šerý: Automated Verification of Software 7 Mixed Approaches Key Idea  Mixing explicit state and abstraction based model checking Topics  Synergy (YOGI)  Predicate Abstraction with Under- Approximation Refinement  Dynamic Precision Adjustment (BLAST)  Dynamic Analysis (PEX, CHESS)

8 Ondřej Šerý: Automated Verification of Software 8 Deductive Verification Key Ideas  Based on Hoare reasoning  Heavy use of automated provers Tools  Java: JML .NET: Spec#, Code Contracts  C: ACSL (FramaC), VCC Topics  Basics  Heap  Concurrency and Ownership  Object Protocols

9 Collection of Papers [1]Kofron, J., Parizek, P., Sery, O.: On Teaching Formal Methods: Behavior Models and Code Analysis, Accepted for publication in Proceedings of the 2nd International FME Conference on Teaching Formal Methods (TFM 2009), LNCS 5846, Nov 2009 [2]Kebrt, M., Sery, O.: UnitCheck: Unit Testing and Model Checking Combined, Accepted for publication in Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis (ATVA'09), LNCS, Oct 2009 [3]Kolb, E., Sery, O., Weiss, R.: Applicability of the BLAST Model Checker: An Industrial Case Study, Accepted for publication in Post-proceedings of PSI'09, LNCS, Apr 2009[best PC score award] [4]Sery, O.: Enhanced Property Specification and Verification in BLAST, In Proceedings of FASE 2009, LNCS 5503, pp. 456-469, York, UK, Mar 2009 [5]Kofron, J., Poch, T., Sery, O.: Making Components Fit: SPINing, In Proceedings of 32nd Software Engineering Workshop, IEEE, ISBN 978-0-7695-3617-0, pp. 65-74, Greece, Jan 2009 [6]Kofron, J., Plasil, F., Sery, O.: Modes in component behavior specification via EBP and their application in product lines, In Information and Software Technology 51/1, pp. 31-41, Elsevier, Jan 2009 [7]Kofron, J., Poch, T., Sery, O.: TBP: Code-Oriented Component Behavior Specification, In Proceedings of 32nd Software Engineering Workshop, IEEE, ISBN 978-0-7695-3617-0, pp. 75-83, Greece, Jan 2009 [8]Bulej, L., Bures, T., Thierry Coupaye, Decky, M., Jezek, P., Parizek, P., Plasil, F., Poch, T., Nicolas Rivierre, Sery, O., Tuma, P.: CoCoME in Fractal, Chapter in The Common Component Modeling Example: Comparing Software Component Models, Springer-Verlag, LNCS 5153, Aug 2008 [9]Bures, T., Decky, M., Hnetynka, P., Kofron, J., Parizek, P., Plasil, F., Poch, T., Sery, O., Tuma, P.: CoCoME in SOFA, Chapter in The Common Component Modeling Example: Comparing Software Component Models, Springer-Verlag, LNCS 5153, Aug 2008 [10]Sery, O., Plasil, F.: Slicing of Component Behavior Specification with Respect to Their Composition, In Proceedings of 10th International ACM SIGSOFT Symposium on Component-Based Software Engineering (CBSE 2007), LNCS 4608, Jul 2007 … Ondřej Šerý: Automated Verification of Software 9

10 Enhanced Property Specification and Verification in BLAST Ondřej Šerý: Automated Verification of Software 10 Šerý O. FASE 2009, York (UK)

11 Ondřej Šerý DSRG Seminar 5th March 2008 11 Blast spec. language global int locked = 0; event { pattern { lock(); } guard { locked == 0 } action { locked = 1; } } event { pattern { unlock(); } guard { locked == 1 } action { locked = 0; } } int a = 3; void f() { lock(); a++; unlock(); } int locked = 0; int a = 3; void f() { if (!(locked == 0)) { assert(0); } locked = 1; lock(); a++; if (!(locked == 1)) { assert(0); } locked = 0; unlock(); } Predicates to be found & tracked  theorem prover calls

12 Ondřej Šerý DSRG Seminar 5th March 2008 12 Blast & BP (!lock; !unlock)* int a = 3; void f() { lock(); a++; unlock(); } 1 2 !lock^ BP: 34 ?lock$!unlock^ ?unlock$ 1 1 1 3 3 1 Pros: Marking the error states  No changes in the input C code  No new predicates Differentiates among states No laziness in the important properties Cons: Strictly weaker in expressive power  FSM vs. TM

13 Applicability of the BLAST Model Checker: An Industrial Case Study Ondřej Šerý: Automated Verification of Software 13 Kolb, E., Šerý, O., Weiss, R. PSI 2009, Novosibirsk

14 OPC UA OLE for Process Control - Unified Architecture  Standardized by OPC Foundation www.opcfoundation.org  Platform- and Network-independent communication Field Devices, Control Systems, Manufacturing Execution Systems, and Enterprise Resource Planning Systems  Language bindings C/C++, Java,.NET Ondřej Šerý: Automated Verification of Software 14

15 OPC UA C-Stack Implementation for the C language  Developed at ABB  ~150 KLOC of ANSI C  Designed for both PC-based and embedded systems Ondřej Šerý: Automated Verification of Software 15

16 Results summary(1/2) Locking policy: Ondřej Šerý: Automated Verification of Software 16

17 Results summary(2/2) MessageContext management: Encoder management: Ondřej Šerý: Automated Verification of Software 17

18 UnitCheck: Unit Testing and Model Checking Combined Ondřej Šerý: Automated Verification of Software 18 Kebrt, M., Sery, O. ATVA 2009, Macau

19 UnitCheck Problem Missing methodology for application of code model checking Key idea Exhaustively explore state space of unit tests In JUnit: JVM  Java PathFinder Benefit Developer can use the same interface while getting more confidence Ondřej Šerý: Automated Verification of Software 19

20 Thank you for your attention Questions? ondrej.sery@dsrg.mff.cuni.cz www.dsrg.mff.cuni.cz Aswers also at: Ondřej Šerý: Automated Verification of Software 20

Download ppt "DISTRIBUTED SYSTEMS RESEARCH GROUP Automated Verification of Software thesis progress report Ondřej Šerý Advisor: František Plášil."

Similar presentations

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
A component- and message-based architectural style for GUI software

A component- and message-based architectural style for GUI software
CS3773 Software Engineering Lecture 01 Introduction.

CS3773 Software Engineering Lecture 01 Introduction.
Keeping Secrets Within a Family: Rediscovering Parnas H. Conrad Cunningham Computer & Information Science, University of Mississippi Cuihua Zhang Computer.

Keeping Secrets Within a Family: Rediscovering Parnas H. Conrad Cunningham Computer & Information Science, University of Mississippi Cuihua Zhang Computer.
Introducing BLAST Software Verification John Gallagher CS4117.

Introducing BLAST Software Verification John Gallagher CS4117.
Alternate Software Development Methodologies

Alternate Software Development Methodologies
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (www.dcs.warwick.ac.uk/~doron/notes.html)

Software Reliability CIS 640 Adapted from the lecture notes by Doron Pelel (
1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.

1 Formal Methods in SE Qaisar Javaid Assistant Professor Lecture 05.
The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.

The Software Model Checker BLAST by Dirk Beyer, Thomas A. Henzinger, Ranjit Jhala and Rupak Majumdar Presented by Yunho Kim Provable Software Lab, KAIST.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Page 1 Building Reliable Component-based Systems Chapter 16 - Component based embedded systems Chapter 16 Component based embedded systems.

Page 1 Building Reliable Component-based Systems Chapter 16 - Component based embedded systems Chapter 16 Component based embedded systems.
Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.
Software Testing and Quality Assurance

Software Testing and Quality Assurance
Course Summary. © Katz, 2003 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.

Course Summary. © Katz, 2003 Formal Specifications of Complex Systems-- Real-time 2 Topics (1) Families of specification methods, evaluation criteria.
Synergy: A New Algorithm for Property Checking

Synergy: A New Algorithm for Property Checking

Similar presentations

Ads by Google