Low-Level Code Verification Based on CSP Models

Kleine, Moritz; Helke, Steffen

doi:10.1007/978-3-642-10452-7_18

Cited by 8 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, doing so would require extending Kothari's method with some kind of specification language for defining the properties, and with a mechanism for checking those specifications during symbolic execution. Kleine and Helke [2009] proposed using CSP to verify implementations of real-time multithreaded applications. Their approach appears to be similar to ours, in that it splits the CSP model into separate parts representing the application, the operating system, and the runtime environment.…”

Section: Related Workmentioning

confidence: 99%

“…Therefore, the SyncExec process permits nesting of atomic blocks, although the nesting is necessarily restricted to a finite depth to allow model-checking. Following the approach used by Kleine and Helke [2009], we ensure the soundness of this abstraction by emitting the tos atomic err event to flag situations where the maximum depth is exceeded.…”

Section: Preemptionmentioning

confidence: 99%

See 1 more Smart Citation

Modeling and Analysis of TinyOS Sensor Node Firmware

McInnes

2013

ACM Trans. Embed. Comput. Syst.

View full text Add to dashboard Cite

Wireless sensor networks are an increasingly popular application area for embedded systems. Individual sensor nodes within a network are typically resource-constrained, event-driven, and require a high degree of concurrency. This combination of requirements motivated the development of the widely used TinyOS sensor node operating system. The TinyOS concurrency model is a lightweight nonpreemptive system designed to suit the needs of typical sensor network applications. Although the TinyOS concurrency model is easier to reason about than preemptive threads, it can still give rise to undesirable behavior due to unexpected interleavings of related tasks, or unanticipated preemption by interrupt handlers. To aid TinyOS developers in understanding the behavior of their programs we have developed a technique for using the process algebra Communicating Sequential Processes (CSP) to model the interactions between TinyOS components, and between an application and the TinyOS scheduling and preemption mechanisms. Analysis of the resulting models can help TinyOS developers to discover and diagnose concurrency-related errors in their designs that might otherwise go undetected until after the application has been widely deployed. Such analysis is particularly valuable for the TinyOS components that are used as building blocks for a large number of other applications, since a subtle or sporadic error in a widely deployed building block component could be extremely costly to repair. ACM Reference Format:McInnes, A. I. 2013. Modeling and analysis of TinyOS sensor node firmware: A CSP approach. ACM Trans.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Preemptionmentioning

confidence: 99%

Modeling and Analysis of TinyOS Sensor Node Firmware

McInnes

2013

ACM Trans. Embed. Comput. Syst.

View full text Add to dashboard Cite

show abstract

“…These functions do not alter the behavior of the program but are commonly included for verification purposes. The concept of ghost functions and variables is explained in [13], for example. In order to keep the resulting models as small as possible in terms of memory consumption when analyzing them with FDR, the potentially infinite set of virtual SSA registers is mapped to a configurable number of registers when generating the CSP M model.…”

Section: Implementing Adaptive Systems Specified In Cspmentioning

confidence: 99%

“…Moreover, in previous work we have presented a methodology to construct concurrent implementations using CSP specifications [13,10]. Using these concepts we can obtain simulation environments and low-level implementations of adaptive systems from their CSP specifications.…”

Section: Introductionmentioning

confidence: 99%

A CSP-based framework for the specification, verification, and implementation of adaptive systems

Bartels

Kleine

2011

Proceedings of the 6th International Symposium on Software Engineering for Adaptive and Self-Managing Systems

Self Cite

View full text Add to dashboard Cite

The process algebra CSP is tailored for the specification and verification of reactive systems. Such systems react upon external stimuli by adjusting their internal behavior, e.g., to recover from errors. Adaptive systems can be regarded as a subclass of reactive systems in the sense that such systems react by adapting to changes propagated by some stimulus. In this paper, we use CSP for the specification, verification and implementation of adaptive systems. This enables us to use standard CSP tools such as FDR, ProB or the CSPProver for the verification of such systems. Furthermore, we present an approach for the implementation of systems specified in CSP.

show abstract

“…An approach to extracting CSP models from LLVM compiler intermediate representation (IR) of C++ programs is presented ( (Kleine and Helke, 2009)). It divides the low-level representation of a concurrent system into three parts: an applicationspecific one, which describes thread behavior, a domain-specific one, which encapsulates low-level software concepts such as scheduling and stack frame, and a platformspecific one, which is the hardware model; a CSP model can be extracted from the application-specific part and then combined with (parameterized) CSP models for the other two parts to form a complete CSP model, which can be model checked by existing checkers for CSP such as FDR2 and ProB.…”

mentioning

confidence: 99%

Combining type-checking with model-checking for system verification

Ren

2016

2016 ACM/IEEE International Conference on Formal Methods and Models for System Design (MEMOCODE)

View full text Add to dashboard Cite

Type checking is widely used in mainstream programming languages to detect programming errors at compile time. Model checking is gaining popularity as an automated technique for systematically analyzing behaviors of systems. My research focuses on combining these two software verification techniques synergically into one platform for the creation of correct models for software designs. This thesis describes two modeling languages ATS/PML and ATS/Veri that inherit the advanced type system from an existing programming language ATS, in which both dependent types of Dependent ML style and linear types are supported. A detailed discussion is given for the usage of advanced types to detect modeling errors at the stage of model construction. Going further, various modeling primitives with well-designed types are introduced into my modeling languages to facilitate a synergic combination of type checking with model checking. The semantics of ATS/PML is designed to be directly rooted in a well-known modeling language PROMELA. Rules for translation from ATS/PML to PROMELA are designed and a compiler is developed accordingly so that the SPIN model checker can v be readily employed to perform checking on models constructed in ATS/PML. AT-S/Veri is designed to be a modeling language, which allows a programmer to construct models for real-world multi-threaded software applications in the same way as writing a functional program with support for synchronization, communication, and scheduling among threads. Semantics of ATS/Veri is formally defined for the development of corresponding model checkers and a compiler is built to translate ATS/Veri into CSP# and exploit the state-of-the-art verification platform PAT for model checking ATS/Veri models. The correctness of such a transformational approach is illustrated based on the semantics of ATS/Veri and CSP#. In summary, the primary contribution of this thesis lies in the creation of a family of modeling languages with highly expressive types for modeling concurrent software systems as well as the related platform supporting verification via model checking. As such, we can combine type checking and model checking synergically to ensure software correctness with high confidence. vi

show abstract

Low-Level Code Verification Based on CSP Models

Cited by 8 publications

References 5 publications

Modeling and Analysis of TinyOS Sensor Node Firmware

Modeling and Analysis of TinyOS Sensor Node Firmware

A CSP-based framework for the specification, verification, and implementation of adaptive systems

Combining type-checking with model-checking for system verification

Contact Info

Product

Resources

About