ESBMC 5.0: an industrial-strength C model checker

Gadelha, Mikhail R.; Monteiro, Felipe R.; Morse, Jeremy; Cordeiro, Lucas C.; Fischer, Bernd; Nicole, Denis A.

doi:10.1145/3238147.3240481

Cited by 77 publications

(58 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Typical k-inductionbased verifiers use iterative deepening and repeatedly unwind the program to produce the verification results; its incremental nature means that it always finds the smallest falsification [2]. In SV-COMP'19, we have implemented a new interval-invariant generator that runs as a pre-processing step in ESBMC [4]. In this implementation, invariants based on intervals are automatically introduced in the program as assumptions and, although the implementation has some limitations in keeping track of the relations between variables (i.e., our abstract domain is non-relational), it significantly strengthens the k -induction algorithm results; in particular, we have observed that the use of invariants increases the number of correct proofs by about 7% over the SV-COMP benchmarks.…”

Section: Overviewmentioning

confidence: 99%

ESBMC v6.0: Verifying C Programs Using k-Induction and Invariant Inference

Gadelha¹,

Monteiro

Cordeiro

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

ESBMC v6.0 employs a k-induction algorithm to both falsify and prove safety properties in C programs. We have developed a new interval-invariant generator that pre-processes the program, inferring invariants based on intervals and introducing them in the program as assumptions. Our experiments show that ESBMC v6.0 using k-induction can prove up to 7% more programs when the invariant generation is enabled.

show abstract

Section: Overviewmentioning

confidence: 99%

ESBMC v6.0: Verifying C Programs Using k-Induction and Invariant Inference

Gadelha¹,

Monteiro

Cordeiro

et al. 2019

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…ESBMC runs with an improved SMT backend for test-case generation, which includes a floating-point encoding layer that converts all floating-point operations into bit-vector operations (a process called bit-blasting) when encoding the program into an SMT formula. Previous ESBMC versions [8] were only able to encode and verify programs using a fixed-point representation for floating-points. This particular encoding is a valid approximation since fixed-points are used in a large number of applications in the embedded world; however, it restricted ESBMC from verifying the broad set of programs that relied on processors that implement floating-point arithmetic.…”

Section: Test Generation Approachmentioning

confidence: 99%

ESBMC: Scalable and Precise Test Generation based on the Floating-Point Theory

Gadelha¹,

Menezes

Monteiro

et al. 2020

Fundamental Approaches to Software Engineering

Self Cite

View full text Add to dashboard Cite

ESBMC is an SMT-based bounded model checker for realworld C programs. Such programs often represent real numbers using the floating-points, most commonly, the IEEE floating-point standard (IEEE 754-2008). Thus, ESBMC now includes a new floating-point arithmetic encoding layer in our SMT backend, that encodes floating-point operations into bit-vector operations. In particular, ESBMC can use offthe-shelf SMT solvers that offer support for bit-vectors only to encode floating-point arithmetic.

show abstract

“…Particularly, the total number of panels in series (N P Smin ) and parallel (N P P min ) are given by (12) and (13), respectively. With the check performed by (14) and (15), V system is the DC voltage of the bus, normally 12, 24 or 48 V.…”

Section: Pv Generator Modelmentioning

confidence: 99%

“…ESBMC (or Efficient SMT-based Bounded Model Checker) is an open source, permissively licensed (Apache 2), cross platform bounded model checking for C and C++ programs [12], which supports the verification of LTL properties with bounded traces [36]. ESBMC's verification flow can be summarized in three stages: (i) a front-end that can read and compile C/C++ code, where the formal specification of the system to be verified is first handled; (ii) preprocessing steps to deal with the representation of the code, control flow and unwinding of loops, and the model simplification, thereby aiming to reduce the verification effort; and finally (iii) the SMT solving stage, where all the constraints and properties of the system to be verified are encoded into SMT and checked for satisfiability.…”

Section: A Esbmcmentioning

confidence: 99%

Automated formal verification of stand-alone solar photovoltaic systems

Trindade

Cordeiro

2019

Solar Energy

View full text Add to dashboard Cite

With declining costs and increasing performance, the deployment of renewable energy systems is growing faster. Particular attention is given to stand-alone solar photovoltaic systems in rural areas or where grid extension is unfeasible. Tools to evaluate electrification projects are available, but they are based on simulations that do not cover all aspects of the design space. Automated verification using model checking has proven to be an effective technique to program verification. This paper marks the first application of software model checking to formally verify the design of a stand-alone solar photovoltaic system including solar panel, charge controller, battery, inverter, and electric load. Case studies, from real photovoltaic systems deployed in five different sites, ranging from 700W to 1,200W, were used to evaluate this proposed approach and to compare that with specialized simulation tools. Data from practical applications show the effectiveness of our approach, where specific conditions that lead to failures in a photovoltaic solar system are only detected by our automated verification method.

show abstract

ESBMC 5.0: an industrial-strength C model checker

Cited by 77 publications

References 15 publications

ESBMC v6.0: Verifying C Programs Using k-Induction and Invariant Inference

ESBMC v6.0: Verifying C Programs Using k-Induction and Invariant Inference

ESBMC: Scalable and Precise Test Generation based on the Floating-Point Theory

Automated formal verification of stand-alone solar photovoltaic systems

Contact Info

Product

Resources

About