BDD-Based Software Model Checking with CPAchecker

Beyer, Dirk; Stahlbauer, Andreas

doi:10.1007/978-3-642-36046-6_1

Cited by 13 publications

(9 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The configurations Explicit and BDD-IntBool perform worse, because they represent the variables of domain type Eq using the explicit-value domain. The performance result is in line with the results of a recent paper on BDD-based software model checking [15].…”

Section: Resultssupporting

confidence: 88%

“…Abstract domains can be based on explicit representations (e.g., hash tables for integers, memory graphs for the heap) and symbolic representations (predicates, binary decision diagrams (BDD)). For example, using an explicitvalue domain [14] was efficient on many benchmarks from the recent competition on software verification [9], while using a BDD domain [15] was more efficient on eventcondition-action (ECA) systems that involve only simple operations over integers in an ECA competition [30]. In the context of product-line verification, it has been shown that BDD-encodings of feature variables improve verification performance [5,24].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Domain Types: Abstract-Domain Selection Based on Variable Usage

Apel

Beyer

Friedberger

et al. 2013

Hardware and Software: Verification and Testing

Self Cite

View full text Add to dashboard Cite

Abstract. The success of software model checking depends on finding an appropriate abstraction of the program to verify. The choice of the abstract domain and the analysis configuration is currently left to the user, who may not be familiar with the tradeoffs and performance details of the available abstract domains. We introduce the concept of domain types, which classify the program variables into types that are more fine-grained than standard declared types (e.g., 'int' and 'long') to guide the selection of an appropriate abstract domain for a model checker. Our implementation on top of an existing verification framework determines the domain type for each variable in a pre-analysis step, based on the usage of variables in the program, and then assigns each variable to an abstract domain. Based on a series of experiments on a comprehensive set of verification tasks from international verification competitions, we demonstrate that the choice of the abstract domain per variable (we consider one explicit and one symbolic domain) can substantially improve the verification in terms of performance and precision.

show abstract

Section: Resultssupporting

confidence: 88%

Section: Introductionmentioning

confidence: 99%

Domain Types: Abstract-Domain Selection Based on Variable Usage

Apel

Beyer

Friedberger

et al. 2013

Hardware and Software: Verification and Testing

Self Cite

View full text Add to dashboard Cite

show abstract

“…Because feature variables are boolean, they can be efficiently checked for equivalence, and joined using disjunction, by binary decision diagrams (BDDs). We refer to previous work for details on encoding feature-variables in BDDs [10], [30] and on BDD-based software model checking [6].…”

Section: A Running Example and Settingmentioning

confidence: 99%

“…We used the explicit-state verification algorithms in CPACHECKER [5] and JAVA PATHFINDER [29], and we encode feature variables in BDDs. Encoding of feature variables in BDDs [10], [30] and BDD-based software model checking of event-condition-action systems [6] have been described before.…”

Section: Related Workmentioning

confidence: 99%

Strategies for product-line verification: Case studies and experiments

Apel¹,

Rhein²,

Wendler³

et al. 2013

2013 35th International Conference on Software Engineering (ICSE)

Self Cite

106

163

View full text Add to dashboard Cite

Abstract-Product-line technology is increasingly used in mission-critical and safety-critical applications. Hence, researchers are developing verification approaches that follow different strategies to cope with the specific properties of product lines. While the research community is discussing the mutual strengths and weaknesses of the different strategies-mostly at a conceptual level-there is a lack of evidence in terms of case studies, tool implementations, and experiments. We have collected and prepared six product lines as subject systems for experimentation. Furthermore, we have developed a modelchecking tool chain for C-based and Java-based product lines, called SPLVERIFIER, which we use to compare sample-based and family-based strategies with regard to verification performance and the ability to find defects. Based on the experimental results and an analytical model, we revisit the discussion of the strengths and weaknesses of product-line-verification strategies.

show abstract

“…First of all, RERS has facilitated a number of scientific advances by challenge participants. Some examples are presented in[1,7,10,11,[15][16][17]30,34,37,44,45,47,48,50,51,56,57,59,[69][70][71].…”

mentioning

confidence: 99%

The RERS challenge: towards controllable and scalable benchmark synthesis

Howar

Jasper

Mues

et al. 2021

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

This paper (1) summarizes the history of the RERS challenge for the analysis and verification of reactive systems, its profile and intentions, its relation to other competitions, and, in particular, its evolution due to the feedback of participants, and (2) presents the most recent development concerning the synthesis of hard benchmark problems. In particular, the second part proposes a way to tailor benchmarks according to the depths to which programs have to be investigated in order to find all errors. This gives benchmark designers a method to challenge contributors that try to perform well by excessive guessing.

show abstract

BDD-Based Software Model Checking with CPAchecker

Cited by 13 publications

References 19 publications

Domain Types: Abstract-Domain Selection Based on Variable Usage

Domain Types: Abstract-Domain Selection Based on Variable Usage

Strategies for product-line verification: Case studies and experiments

The RERS challenge: towards controllable and scalable benchmark synthesis

Contact Info

Product

Resources

About