nach oben

Software and Systems Modeling

Erschienen in:

15.07.2015 | Theme Section Paper

A formal verification framework for static analysis

As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY

verfasst von: Elvira Albert, Richard Bubel, Samir Genaim, Reiner Hähnle, Germán Puebla, Guillermo Román-Díez

Erschienen in: Software and Systems Modeling | Ausgabe 4/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Static analysis tools, such as resource analyzers, give useful information on software systems, especially in real-time and safety-critical applications. Therefore, the question of the reliability of the obtained results is highly important. State-of-the-art static analyzers typically combine a range of complex techniques, make use of external tools, and evolve quickly. To formally verify such systems is not a realistic option. In this work, we propose a different approach whereby, instead of the tools, we formally verify the results of the tools. The central idea of such a formal verification framework for static analysis is the method-wise translation of the information about a program gathered during its static analysis into specification contracts that contain enough information for them to be verified automatically. We instantiate this framework with costa, a state-of-the-art static analysis system for sequential Java programs, for producing resource guarantees and KeY, a state-of-the-art verification tool, for formally verifying the correctness of such resource guarantees. Resource guarantees allow to be certain that programs will run within the indicated amount of resources, which may refer to memory consumption, number of instructions executed, etc. Our results show that the proposed tool cooperation can be used for automatically producing verified resource guarantees.

Vorheriger Artikel Model-checking software library API usage rules

Nächster Artikel A framework for deadlock detection in core ABS

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Recall that we assume that the Java program is recursion-free, thus “recursion” in the RBR actually correspond only to loop constructs in the Java program.

Note that this is not the heap model described in earlier publications on KeY such as [15]. In the present paper we use an explicit heap model based on [36] which is implemented in KeY starting with version 2.0.

To be more precise, there is some splitting, but only to ensure that and are not null.

Albert, E., Arenas, P., Codish, M., Genaim, S., Puebla, G., Zanardini, D.: Termination analysis of Java bytecode. In: Proceedings of FMOODS’08, vol. 5051 of LNCS, pp. 2–18. Springer (2008)

Albert, E., Arenas, P., Genaim, S., Puebla, G.: Field-sensitive value analysis by field-insensitive analysis. In: Proceedings of FM’09, vol. 5850 of LNCS, pp. 370–386. Springer (2009)

Albert, E., Arenas, P., Genaim, S., Puebla, G.: Closed-form upper bounds in static cost analysis. J. Autom. Reason. 46(2), 161–203 (2011)MathSciNetCrossRefMATH

Albert, E., Arenas, P., Genaim, S., Puebla, G., Román-Díez, G.: Conditional termination of loops over heap-allocated data. Sci. Comput. Program. 92, 2–24 (2014)CrossRef

Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Cost analysis of Java bytecode. In: European Symposium on Programming (ESOP’07), vol. 4421 of LNCS. Springer (2007)

Albert, E., Arenas, P., Genaim, S., Puebla, G., Zanardini, D.: Cost analysis of object-oriented bytecode programs. Theor. Comput. Sci. 413(1), 142–159 (2012)MathSciNetCrossRefMATH

Albert, E., Arenas, P., Puebla, G., Hermenegildo, M.: Certificate size reduction in abstraction-carrying code. Theory Pract. Log. Progr. 12(3), 283–318 (2012)MathSciNetCrossRefMATH

Albert, E., Bubel, R., Genaim, S., Hähnle, R., Puebla, G., Román-Díez, G.: Verified resource guarantees using COSTA and KeY. In: Proceedings of PEPM’11, pp. 73–76 (2011)

Albert, E., Bubel, R., Genaim, S., Hähnle, R., Román-Díez, G.: Verified resource guarantees for heap manipulating programs. In: Proceedings of FASE’12, vol. 7212 of LNCS, pp. 130–145. Springer, March (2012)

10.

Albert, E., Genaim, S., Gómez-Zamalloa, M.: Parametric inference of memory requirements for garbage collected languages. In: Proceeding of ISMM’10, pp. 121–130. ACM Press (2010)

11.

Albert, E., Genaim, S., Masud, A.N.: On the inference of resource usage upper and lower bounds. ACM Trans. Comput. Log. 14(3), 22:1–22:35 (2013)MathSciNetCrossRefMATH

12.

Albert, E., Arenas, P., Correas, J., Gómez-Zamalloa, M., Genaim, S., Puebla, G., Román-Díez, G.: Object-Sensitive Cost Analysis for Concurrent Objects, Technical Report. http://costa.ls.fi.upm.es/papers/costa/AlbertACGGPRtr.pdf (2014)

13.

Ball, T., Bounimova, E., Levin, V., Kumar, R., Lichtenberg, J.: The static driver verifier research platform. In: Proceeding of CAV’10, vol. 6174 of LNCS, pp. 119–122. Springer (2010)

14.

Barnett, M., Chang, B., DeLine, R., Jacobs, B., Rustan K., Leino, M.: Boogie: A modular reusable verifier for object-oriented programs. In: Proceedings of FMCO’06, vol. 4111 of LNCS, pp. 364–387. Springer (2006)

15.

Beckert, B., Hähnle, R., Schmitt, P.: Verification of object-oriented software: the KeY approach, vol. 4334 of LNCS. Springer (2006)

16.

Beyer, D., Erkan Keremoglu M.: CPAchecker: A tool for configurable software verification. In: Computer Aided Verification, vol. 6806 of LNCS, pp. 184–190. Springer (2011)

17.

Blazy, S., Maroneze, A., Pichardie, D.: Formal verification of loop bound estimation for WCET analysis. In: Proceedings of VSTTE’13, vol. 8164 of LNCS, pp. 281–303. Springer (2013)

18.

Brockschmidt, M., Cook, B., Fuhs, C.: Better termination proving through cooperation. In: Computer Aided Verification, vol. 8044 of LNCS, pp. 413–429. Springer, Berlin Heidelberg (2013)

19.

Bubel, R., Roth, A., Rümmer, P.: Ensuring the correctness of lightweight tactics for JavaCard dynamic logic. Electron. Notes Theor. Comput. Sci. 199, 107–128 (2008)MathSciNetCrossRefMATH

20.

Crary, K., Weirich, S.: Resource bound certification. In: Proceedings of POPL’00, pp. 184–198. ACM (2000)

21.

Dios, De., Peña, R.: Certification of safe polynomial memory bounds. In: Proceedings of FM’11, LNCS, pp. 184–199. Springer, June (2011)

22.

Filliâtre, J.C., Marché, C.: The Why/Krakatoa/Caduceus platform for deductive program verification. In: Proceeding of CAV’07, vol. 4590 of LNCS, pp. 173–177. Springer (2007)

23.

Gulwani, S., Mehra, K. K., Chilimbi, T. M.: Speed: precise and efficient static estimation of program computational complexity. In: Proceeding of POPL’09, pp. 127–139. ACM (2009)

24.

Hoffmann, J., Hofmann, M.: Amortized resource analysis with polynomial potential. In: Proceedings of ESOP’10, vol. 6012 of LNCS, pp. 287–306. Springer (2010)

25.

Rustan, K., Leino, M.: Dafny: An automatic program verifier for functional correctness. In: Proceeding of LPAR’10, vol. 6355 of LNCS, pp. 348–370. Springer (2010)

26.

Leroy, X.: Formal verification of a realistic compiler. Commun ACM 52(7), 107–115 (2009)CrossRef

27.

Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Addison-Wesley, Boston (1996)

28.

Mauborgne, L., Rival, X.: Trace partitioning in abstract interpretation based static analyzers. In: Sagiv, M. (ed.) European Symposium on Programming (ESOP’05), vol. 3444 of LNCS, pp. 5–20. Springer (2005)

29.

Necula, G.: Proof-carrying code. In: Proceedings of POPL’97, pp. 106–119. ACM Press (1997)

30.

Pnueli, A., Siegel, M., Singerman, E.: Translation validation. In: Proceeding of TACAS’98, vol. 1384 of LNCS, pp. 151–166. Springer (1998)

31.

Podelski, A., Rybalchenko, A.: A complete method for the synthesis of linear ranking functions. In: 5th International Conference on Verification, Model Checking and Abstract Interpretation (VMCAI’04), LNCS, pp. 239–251. Springer (2004)

32.

Secci, S., Spoto, F.: Pair-sharing analysis of object-oriented programs. In: Proceedings of SAS’05, vol. 3672 of LNCS, pp. 320–335. Springer (2005)

33.

Smans, J., Jacobs, B., Piessens, F., Schulte, W.: An automatic verifier for Java-like programs based on dynamic frames. In: Proceeding of FASE’08, vol. 4961 of LNCS, pp. 261–275. Springer (2008)

34.

Spoto, F., Hill, P.M., Payet, E.: Path-length analysis of object-oriented programs. In: Proceeding of EAAI’06. http://profs.sci.univr.it/spoto/papers.html (2006)

35.

Wegbreit, B.: Mechanical program analysis. Commun ACM 18(9), 528–539 (1975)MathSciNetCrossRefMATH

36.

Weiß, B.: Deductive verification of object-oriented software: dynamic frames, dynamic logic and predicate abstraction. Ph.D. thesis, Karlsruhe Institute of Technology (2011)

Titel: A formal verification framework for static analysis
As well as its instantiation to the resource analyzer COSTA and formal verification tool KeY
verfasst von: Elvira Albert
Richard Bubel
Samir Genaim
Reiner Hähnle
Germán Puebla
Guillermo Román-Díez
Publikationsdatum: 15.07.2015
Verlag: Springer Berlin Heidelberg
Erschienen in: Software and Systems Modeling / Ausgabe 4/2016
Print ISSN: 1619-1366
Elektronische ISSN: 1619-1374
DOI: https://doi.org/10.1007/s10270-015-0476-y

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Weitere Artikel der Ausgabe 4/2016

Contract-based verification of discrete-time multi-rate Simulink models

An overview of model checking practices on verification of PLC software

Theme issue on Integrated Formal Methods

Constructing and verifying a robust Mix Net using CSP

Supporting different process views through a Shared Process Model

Knowledge-based construction of distributed constrained systems

Premium Partner