Sal 2

Moura, Leonardo de; Owre, Sam; Rueß, Harald; Rushby, John; Shankar, N.; Sorea, Maria; Tiwari, Ashish

doi:10.1007/978-3-540-27813-9_45

Cited by 175 publications

(123 citation statements)

References 0 publications

Supporting

Mentioning

123

Contrasting

Order By: Relevance

“…The most commonly used model checkers in the context of testing are the explicit state model checker SPIN [22] (Simple Promela Interpreter), the Symbolic Analysis Laboratory SAL [23], which supports both symbolic and bounded model checking, the symbolic model checker SMV [24] as well as its derivative NuSMV [5], which supports symbolic and bounded model checking. Other popular model checkers include Murφ [25] the process algebra based FDR2 [26], or COSPAN [27]; some of these have also been used for testing.…”

Section: K π |= Truementioning

confidence: 99%

“…Many current model checkers such as NuSMV [5] or SAL [23] support CTL model checking in addition to or instead of LTL model checking. In CTL model checking, special algorithms are applied to construct linear traces from an initial state to explain a violating state [12].…”

Section: K π |= Truementioning

confidence: 99%

“…Since version 3.0, SAL [23] includes the tool SAL-ATG [139], which allows test case generation with SAL. As SAL provides a Scheme-based environment, this tool offers many possibilities for customization and extension.…”

Section: Toolsmentioning

confidence: 99%

See 2 more Smart Citations

Testing with model checkers: a survey

Fraser

Wotawa

Ammann

2008

Software Testing Verif & Rel

146

View full text Add to dashboard Cite

Abstract.About a decade after the initial proposal to use model checkers for the generation of test cases we take a look at the achievements in this field of research. Model checkers are formal verification tools, capable of providing counterexamples to violated properties. Normally, these counterexamples are meant to guide an analyst when searching for the root cause of a property violation. They are, however, also very useful as test cases. Many different approaches have been presented, many problems have been solved, yet many issues remain. This survey paper reviews the state of the art in testing with model checkers.

show abstract

Section: K π |= Truementioning

confidence: 99%

Section: K π |= Truementioning

confidence: 99%

See 1 more Smart Citation

Testing with model checkers: a survey

Fraser

Wotawa

Ammann

2008

Software Testing Verif & Rel

146

View full text Add to dashboard Cite

show abstract

“…These "infinite bounded model checkers," such as the one for SAL [19,16], combine the automation and other benefits of model checking (such as counterexamples, and a language oriented to the specification of computational systems rather than arbitrary mathematics) with the broader applicability of theorem proving, and I believe they will prove disruptive to both technologies and to several application domains.…”

Section: Smt Solvers: a Disruptive Innovationmentioning

confidence: 99%

Harnessing Disruptive Innovation in Formal Verification

Rushby

Fourth IEEE International Conference on Software Engineering and Formal Methods (SEFM'06)

View full text Add to dashboard Cite

Historical IntroductionEver since the first program verification systems of King [35] and Good [27], theorem provers have played an important part in the mechanically-assisted analysis of computer programs and software systems. Theorem provers have evolved over the years to better support this application, principally through improved automation for reasoning about arithmetic, data structures, and recursively or inductively defined functions and relations. During this time, the focus of formal verification has expanded from verifying small concrete programs to analyzing rather intricate (often concurrent) algorithms and the specifications (rather than the code) for fairly complex systems. These algorithms and specifications often are formalized directly in the notation of the theorem prover concerned, and these notations also have evolved, principally through use of higher-order logic and rich type systems, so that they provide attractive environments for formal specification. Until recently, the large majority of substantial formal verifications were performed using theorem provers of this kind, such as ACL2 [34] [38] (which uses a symbolic representation based on BDDs) became widely available. The limitation to finite state meant that most specifications had to be severely "downscaled" by Draconian restrictions on the size of data structures. Such downscaling usually does not preserve correctness (sometimes it does not preserve incorrectness either) and this compromises model checking as an approach to verification-hence, its early uses were mostly for refutation (i.e., bug finding), but it was highly effective for that purpose.The invention of predicate abstraction [47] allowed model checking to expand from refutation to verification: rather than arbitrarily downscale an algorithm or system specification to finite state, predicate abstraction provides a mechanizable approach to the construction of propertypreserving abstractions-so that model checking the finite state abstraction does verify the original specification. Initially, manual guidance was needed to select the predicates on which to abstract, but it was soon recognized that the predicates appearing explicitly in the specification provide a good starting point, and that the selection can iteratively be refined through examination of the counterexamples produced by model checking inadequate abstractions [45].This approach evolved into the automated methodology of counterexample-guided abstraction refinement (CE-GAR) [11], which employs a loop comprising abstraction, model checking, counterexample generation and analysis, and abstraction refinement. Decision procedures are used to construct the abstractions, and for software specifications (where the concrete transition relation may be too large or too complex to manipulate directly) these are often constructed and explored "on the fly" with an explicit state model checker; any counterexample produced by model checking an abstraction is checked in its concrete interpretation by a satisfiabilit...

show abstract

“…SAL is less general than PVS but it provides more automated forms of analysis including several symbolic model checkers, a bounded model checker based on SAT solving for finite systems, and a more general bounded model checker for infinite systems. Complete descriptions of these tools and of the SAL specification language can be found in [4], [2], and [3]. SAL is available at http://sal.csl.sri.com/.…”

Section: Sal Modelmentioning

confidence: 99%

Formal Modeling and Analysis of the Modbus Protocol

Dutertre

IFIP International Federation for Information Processing

View full text Add to dashboard Cite

Modbus is a communication protocol widely used in SCADA systems and distributed control applications. This report describes formal models of the Modbus protocol. Two formalizations of Modbus are presented: the first was developed using the PVS generic theorem prover and the second was developed using SAL, an environment for automatic analysis of state-transition systems using model checking tools. Both formalizations are based on the Modbus Application Protocol Specification [9], the application-layer part of the Modbus standard. This application-layer protocol specifies the format of command and response messages that a distributed control application can use to communicate with sensor or actuator devices. The goal of the formal modeling effort was to study automated methods for systematic and extensive testing of Modbus devices.

show abstract

Sal 2

Cited by 175 publications

References 0 publications

Testing with model checkers: a survey

Testing with model checkers: a survey

Harnessing Disruptive Innovation in Formal Verification

Formal Modeling and Analysis of the Modbus Protocol

Contact Info

Product

Resources

About