Improving Generalization in Software IC3

Lange, Tim; Prinz, Frederick; Neuhäußer, Martin R.; Noll, Thomas; Katoen, Joost-Pieter

doi:10.1007/978-3-319-94111-0_5

Cited by 4 publications

(5 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Property-directed reachability (PDR) is a SAT/SMT-based reachability algorithm that incrementally constructs inductive invariants. After it was successfully applied to hardware model checking [43,44], several adaptations to software model checking have been proposed [42,63,64,130,131].…”

Section: Competition On Software Verification (2010s)mentioning

confidence: 99%

Software Model Checking: 20 Years and Beyond

Beyer

Podelski

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We give an overview of the development of software model checking, a general approach to algorithmic program verification that integrates static analysis, model checking, and deduction. We start with a look backwards and briefly cover some of the important steps in the past decades. The general approach has become a research topic on its own, with a wide range of tools that are based on the approach. Therefore, we discuss the maturity of the research area of software model checking in terms of looking at competitions, at citations, and most importantly, at the tools that were build in this area: we count 76 verification systems for software written in C or Java. We conclude that software model checking has quickly grown to a significant field of research with a high impact on current research directions and tools in software verification.

show abstract

Section: Competition On Software Verification (2010s)mentioning

confidence: 99%

Software Model Checking: 20 Years and Beyond

Beyer

Podelski

2022

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…While PDR (also known as IC3 for its first implementation [13]) was introduced as a SAT-based algorithm for model checking finite-state Boolean transition systems [14], several approaches have since then been presented to extend it to SMT and to apply it to the verification of software models: PDR has been suggested as an interpolation engine for Impact, but experiments have shown that it is too expensive in the general case, and is most effective if only applied as a fall-back engine for cases where a cheaper interpolation engine fails to produce useful interpolants [16]. It also has been proposed to improve this approach by tracking control-flow locations explicitly instead of symbolically [31], thereby avoiding the problem that many iterations of the algorithm are spent only to learn the control flow, and this idea has later been extended by several improvements to the generalization step of PDR [30]. Another approach is to model the program using a Boolean abstraction, which has the advantage that it requires only few changes to the original algorithm, but the disadvantage that a refinement procedure is necessary to handle the spurious paths introduced by the abstraction: One such approach uses infeasible error paths (i.e., counterexample-guided abstraction refinement (CEGAR) [18]) to refine the abstraction [17], while another (CTIGAR) uses counterexamples to induction [12]; both of these refinement techniques use interpolation to obtain abstraction predicates; the latter of the two techniques is used in two of the configurations we compare in our evaluation (CPAchecker-CTIGAR and Vvt-CTIGAR [21]).…”

Section: Pdr-like Invariant Generationmentioning

confidence: 99%

“…Unfortunately, we could include neither the implementations of Cimatti and Grigio [16], nor that of Lange, Prinz, Neuhäußer, Noll, and Katoen [30,31], in our evaluation. The former are only applicable to transition systems in SMT format and control-flow graphs in SMTCFA format, respectively, not to C programs, and the latter is not publicly available.…”

Section: Verification Tools and Algorithmsmentioning

confidence: 99%

See 1 more Smart Citation

Software Verification with PDR: An Implementation of the State of the Art

Beyer

Dangl

2020

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Property-directed reachability (PDR) is a SAT/SMT-based reachability algorithm that incrementally constructs inductive invariants. After it was successfully applied to hardware model checking, several adaptations to software model checking have been proposed. We contribute a replicable and thorough comparative evaluation of the state of the art: We (1) implemented a standalone PDR algorithm and, as improvement, a PDR-based auxiliary-invariant generator for k -induction, and (2) performed an experimental study on the largest publicly available benchmark set of C verification tasks, in which we explore the effectiveness and efficiency of software verification with PDR. The main contribution of our work is to establish a reproducible baseline for ongoing research in the area by providing a well-engineered reference implementation and an experimental evaluation of the existing techniques. 1 extern void __VERIFIER_error() __attribute__ ֒→ ((__noreturn__)); 2 extern unsigned int __VERIFIER_nondet_uint(void); 3 void __VERIFIER_assert(int cond) { 4 if (!(cond)) { 5 ERROR: __VERIFIER_error(); 6 } 7 return; 8 } 9 int main(void) { 10 unsigned int w = __VERIFIER_nondet_uint(); 11 unsigned int x = w; 12 unsigned int y = w + 1; 13 unsigned int z = x + 1; 14 while (__VERIFIER_nondet_uint()) { 15 y++; 16 z++; 17 } 18 __VERIFIER_assert(y == z);

show abstract

“…T. Lange, F. Prinz, M. R. Neuhäußer, T. Noll, and J.-P. Katoen (2018). "Improving Generalization in Software IC3".…”

Section: Prior Publicationsunclassified

IC3 software model checking

Lange

Neuhäußer

Noll

et al. 2019

Int J Softw Tools Technol Transfer

Self Cite

View full text Add to dashboard Cite

In times where computers become ever smaller and more powerful and software becomes more complex and advances even deeper into every aspect of our lives, the risk of software misbehaviour and the resulting damage grows dramatically. In order to prevent such erroneous behaviour model checking, a formal verification technique for determining functional properties of information and communication systems, has proven to be highly useful.For proving mathematical properties, one of the first methods to be taught in schools is induction. With the concept of proving a concrete induction base and a general induction step it is considered a very simple and intuitive, yet powerful proof method. However, for difficult properties finding an inductive formulation can be an extremely hard task. When humans try to solve this problem, they naturally produce a set of smaller, simple lemmas that together imply the desired property. Each of these lemmas holds relative to some subset of previously established lemmas by invoking the knowledge to prove the new lemma.This incremental approach to proving complex properties using sets of small inductive lemmas was first applied to model checking of hardware systems in the IC3 algorithm and has proven to outperform all known approaches to hardware model checking.This thesis aims at applying the principles of incremental, inductive verification laid by the IC3 algorithm to software model checking for industrial control software with special attention to the control-flow induced by the program under consideration. For this purpose, basic concepts are introduced and an in-depth explanation of the IC3 algorithm and its different building blocks (search phase, generalization and propagation) is given. Based on these prerequisites the novel IC3CFA algorithm is presented. In this algorithm, the control-flow of the program is explicitly modelled as an automaton, while the variable valuations are handled symbolically, thus using the best of both worlds. Following the search phase of IC3CFA, solutions for applying generalization to IC3CFA are presented and problems arising with propagation are discussed. Finally, the performance of the IC3CFA algorithm and all proposed improvements is extensively evaluated on a set of well-recognised benchmarks. To set these results into a relation, a comparison with other available IC3 software model checking implementations concludes this thesis and underlines the strong potential of the IC3CFA model checking algorithm.iii ZusammenfassungIn einer Zeit, in der Computer immer kleiner und leistungsfähiger und ihre Software immer komplexer wird und tiefer denn je unser tägliches Leben durchzieht, wachsen auch die Risiken von Fehlverhalten und die daraus resultierenden Schäden drastisch. Um solch ein unspezifiziertes Verhalten zu verhindern, hat sich das Model Checking, eine formale Verifikationstechnik zur Bestimmung funktionaler Eigenschaften von Informations-und Kommunikationssystemen, als besonders nützlich herausgestellt. Zum Beweis mathematischer Eigenschaften is...

show abstract

Improving Generalization in Software IC3

Cited by 4 publications

References 15 publications

Software Model Checking: 20 Years and Beyond

Software Model Checking: 20 Years and Beyond

Software Verification with PDR: An Implementation of the State of the Art

IC3 software model checking

Contact Info

Product

Resources

About