Daisuke Ishii,Takashi Tomita,Toshiaki Aoki,Quyen Ngo,Thi Bich Ngoc Do,Hideaki Takai

DOI: https://doi.org/10.48550/arXiv.2206.02992

2022-06-07

Abstract:The development of embedded systems requires formal analysis of models such as those described with MATLAB/Simulink. However, the increasing complexity of industrial models makes analysis difficult. This paper proposes a model checking method for Simulink models using SMT solvers. The proposed method aims at (1) automated, efficient and comprehensible verification of complex models, (2) numerically accurate analysis of models, and (3) demonstrating the analysis of Simulink models using an SMT solver (we use Z3). It first encodes a target model into a predicate logic formula in the domain of mathematical arithmetic and bit vectors. We explore how to encode various Simulink blocks exactly. Then, the method verifies a given invariance property using the k-induction-based algorithm that extracts a subsystem involving the target block and unrolls the execution paths incrementally. In the experiment, we applied the proposed method and other tools to a set of models and properties. Our method successfully verified most of the properties including those unverified with other tools.

Logic in Computer Science

Julien Julien Bertrane,Patrick Cousot,Radhia Cousot,Jérôme Feret,Laurent Mauborgne,Antoine Miné,Xavier Rival

DOI: https://doi.org/10.1145/1921532.1921553

2011-01-24

ACM SIGSOFT Software Engineering Notes

Abstract:Formal methods are increasingly used to help ensuring the correctness of complex, critical embedded software systems. We show how sound semantic static analyses based on Abstract Interpretation may be used to check properties at various levels of a software design: from high level models to low level binary code. After a short introduction to the Abstract Interpretation theory, we present a few current applications: checking for run-time errors at the C level, translation validation from C to assembly, and analyzing SAO models of communicating synchronous systems with imperfect clocks. We conclude by briey proposing some requirements to apply Abstract Interpretation to modeling languages such as UML.

Kaninda Musumbu

DOI: https://doi.org/10.48550/arXiv.0902.1871

2009-02-11

Abstract:interpretation is a general methodology for building static analyses of programs. It was introduced by P. and R. Cousot in \cite{cc}. We present, in this paper, an application of a generic abstract interpretation to domain of model-checking. Dynamic checking are usually easier to use, because the concept are establishe d and wide well know. But they are usually limited to systems whose states space is finite. In an other part, certain faults cannot be detected dynamically, even by keeping track of the history of the states <a class="link-external link-http" href="http://space.Indeed" rel="external noopener nofollow">this http URL</a>, the classical problem of finding the right test cases is far from trivial and limit the abilities of dynamic checkers further. Static checking have the advantage that they work on a more abstract level than dynamic checker and can verify system properties for all inputs. Problem, it is hard to guarantee that a violation of a modeled property corresponds to a fault in the concrete system. We propose an approach, in which we generate counter-examples dynamically using the abstract interpretation techniques.

Data Structures and Algorithms,Symbolic Computation

Kexin WANG,Zhijiang SHAO,T.Biegler Lorenz

DOI: https://doi.org/10.3969/j.issn.0438-1157.2013.12.023

2013-01-01

Abstract:Simulation and optimization based on equation-oriented models benefit the most from advanced modeling and optimization methods. However, linearly dependent and inconsistent constraints that arise from poor models or nonlinear programming(NLP) algorithms result in failure in practice. A method to detect the inconsistent constraints in this case is proposed. The detection is based on the infeasible system identification of NLP solvers and takes advantage of the structure of linearly dependent systems. Efficiency of the detection process can be improved significantly through proper linear solver invocations. Numerical experiments on examples derived from CUTE and COPS test sets demonstrate the effectiveness of the proposed method. © All Rights Reserved.

Tang Jianguo,Cao Weijuan,Gao Shuming

DOI: https://doi.org/10.3969/j.issn.1004-132X.2012.08.017

2012-01-01

Abstract:A method of error evaluation and information reuse in the analysis of simplified models was proposed.After evaluating the impacts of suppressed features on initial simplified models,the impacts were utilized to guide model simplification,and the analysis information was reused through partial matrix refactorization to accelerate the analysis process of the final simplified models.It is a computationally non-intensive method and can be used to improve the analysis accuracy and efficiency for the final simplified models.It can be applied to the linear static analysis of elastic structures.

Ramaseshan Kannan,Stephen Hendry,Peter Debney

DOI: https://doi.org/10.1061/9780784481325.007

2018-04-17

Abstract:Finite element analysis involves inherent approximations and numerical errors. In addition to these, the increasing size of structural models and the use of automated workflows for creating them can lead to hidden user errors in the said models. For the engineer to have confidence in analysis results, it is necessary to be aware of how these errors manifest themselves in models, what impact they have on analysis results, and, most importantly, how they can be detected. We present novel numerical techniques that the analyst can use to ‘debug’ their models and verify the accuracy their analysis results. These techniques have been implemented in software and have been successfully used by practicing engineers working on live projects.

Junyan Qian,Baowen Xu

2006-01-01

WSEAS TRANSACTIONS ON COMPUTERS

Abstract:Model checking has been interest in applying model checking to software. However, the major problem of software model checking is the state space explosion problem. For model checking software, abstraction is a key issue. We present a methodology for automatically constructing an abstraction of C programs based on finite state machine. Firstly eliminate unneeded variables using program slicing technique and restrict C program to a simple intermediate form before constructing an abstract model of program. And then automatically extract a finite model from C source code using predicate abstraction and theorem proving. Finally, in order to reduce time complexities, we partition the set of candidate predicates into subsets, and construct abstract model independently.

Junyan Qian,Baowen Xu,Yingzhou Zhang

2007-01-01

Journal of Computational Information Systems

Abstract:Model checking is an automatic formal verification technique for a finite state system. Iterative abstraction refinement has emerged recently as the leading approach to software model checking. We present a methodology for automatically verifying programs against safety specifications based on finite state machine. As the first step, an initial abstract model is automatically extracted from source code using predicate abstraction and theorem proving. In order to reduce time complexities of this process, we partition the set of candidate predicates into subsets, and then construct abstract model independently.

Gyula Sallai,Ákos Hajdu,Tamás Tóth,Zoltán Micskei

DOI: https://doi.org/10.4204/EPTCS.253.7

2017-08-24

Abstract:Formal verification techniques are widely used for detecting design flaws in software systems. Formal verification can be done by transforming an already implemented source code to a formal model and attempting to prove certain properties of the model (e.g. that no erroneous state can occur during execution). Unfortunately, transformations from source code to a formal model often yield large and complex models, making the verification process inefficient and costly. In order to reduce the size of the resulting model, optimization transformations can be used. Such optimizations include common algorithms known from compiler design and different program slicing techniques. Our paper describes a framework for transforming C programs to a formal model, enhanced by various optimizations for size reduction. We evaluate and compare several optimization algorithms regarding their effect on the size of the model and the efficiency of the verification. Results show that different optimizations are more suitable for certain models, justifying the need for a framework that includes several algorithms.

Software Engineering,Programming Languages

Dipeeka Luitel,Shiva Nejati,Mehrdad Sabetzadeh

2024-05-03

Abstract:Model slicing is a useful technique for identifying a subset of a larger model that is relevant to fulfilling a given requirement. Notable applications of slicing include reducing inspection effort when checking design adequacy to meet requirements of interest and when conducting change impact analysis. In this paper, we present a method based on large language models (LLMs) for extracting model slices from graphical Simulink models. Our approach converts a Simulink model into a textual representation, uses an LLM to identify the necessary Simulink blocks for satisfying a specific requirement, and constructs a sound model slice that incorporates the blocks identified by the LLM. We explore how different levels of granularity (verbosity) in transforming Simulink models into textual representations, as well as the strategy used to prompt the LLM, impact the accuracy of the generated slices. Our preliminary findings suggest that prompts created by textual representations that retain the syntax and semantics of Simulink blocks while omitting visual rendering information of Simulink models yield the most accurate slices. Furthermore, the chain-of-thought and zero-shot prompting strategies result in the largest number of accurate model slices produced by our approach.

Software Engineering

ZHOU Xiu-Yi,ZHAO Jian-Hua,LI Xuan-Dong,ZHENG Guo-Liang

DOI: https://doi.org/10.3969/j.issn.1002-137X.2005.07.061

2005-01-01

Computer Science

Abstract:Real-time systems are often modeled as timed automaton networks, which are parallel compositions of timed automata. Those timed automata interact with each other through shared variables and/or communication chan- nels. In the literate, symbolic states with different shared variable valuations in automaton networks are treated as distinct ones. Therefore, shared variables are also one of the causes of state-space explosion. We present the notion of the compatibility relationship between different shared variable valuations in this paper. Using this compatibility relationship can reduce the amount of states that need exploring in the reachability analysis algorithm of timed au- tomaton networks. In this paper, we describe two algorithms: one that detects compact shared variable valuations and the other more powerful one that detects this compatibility relationship further. These two algorithms result in an enhanced reachability analysis algorithm. The experiment results show that our technioque improves the space-effi- ciency of reachability analysis significantly.

Bowen Zhang,Wei Chen,Hung-Chun Chiu,Charles Zhang

2024-05-21

Abstract:Static analysis techniques enhance the security, performance, and reliability of programs by analyzing and portraiting program behaviors without the need for actual execution. In essence, static analysis takes the Intermediate Representation (IR) of a target program as input to retrieve essential program information and understand the program. However, there is a lack of systematic analysis on the benefit of IR for static analysis, besides serving as an information provider. In general, a modern static analysis framework should possess the ability to conduct diverse analyses on different languages, producing reliable results with minimal time consumption, and offering extensive customization options. In this survey, we systematically characterize these goals and review the potential solutions from the perspective of IR. It can serve as a manual for learners and practitioners in the static analysis field to better understand IR design. Meanwhile, numerous research opportunities are revealed for researchers.

Programming Languages,Software Engineering

Dejanira Araiza-Illan,Kerstin Eder,Arthur Richards

DOI: https://doi.org/10.1109/ECC.2015.7330941

2015-05-26

Abstract:This paper presents the verification of control systems implemented in Simulink. The goal is to ensure that high-level requirements on control performance, like stability, are satisfied by the Simulink diagram. A two stage process is proposed. First, the high-level requirements are decomposed into specific parametrized sub-requirements and implemented as assertions in Simulink. Second, the verification takes place. On one hand, the sub-requirements are verified through assertion checks in simulation. On the other hand, according to their scope, some of the sub-requirements are verified through assertion checks in simulation, and others via automatic theorem proving over an ideal mathematical model of the diagram. We compare performing only assertion checks against the use of theorem proving, to highlight the advantages of the latter. Theorem proving performs verification by computing a mathematical proof symbolically, covering the entire state space of the variables. An automatic translation tool from Simulink to the language of the theorem proving tool Why3 is also presented. The paper demonstrates our approach by verifying the stability of a simple discrete linear system.

Systems and Control,Software Engineering

Guang Chen,Min Zhou,Jiaguang Sun,Xiaoyu Song

DOI: https://doi.org/10.1109/APSEC.2018.00044

2018-01-01

Abstract:Static analysis is an effective way of checking memory safety issues in program. Usually, multiple analysis algorithms usually run together to achieve a precise analysis result. In this paper, a novel analysis frame work over access path is presented for incorporating analysis algorithms. A pointer analysis based on access path works as a base layer, alias and pointer information are automatically handled. An summary based checking algorithm is designed for checking real world project. Moreover, the framework is fully extensible and various analysis can be added as plugins. Experimental results show that our method has good precision on Juliet Test Suite and scales to large software.

Zheng Xie,XinAn Wang,ZhiBin Lian,YongGui Luo,ZiYi Hu

DOI: https://doi.org/10.1007/s11432-013-4817-6

2013-01-01

Science China Information Sciences

Abstract:An intelligent verification platform based on a structured analysis model is presented. Using an abstract model mechanism with specific signal interfaces for user callback, the unified structured analysis data, shared by the electronic system level design, functional verification, and performance evaluation, enables efficient management review, auto-generation of code, and modeling in the transaction level. We introduce the class tree, flow parameter diagram, structured flow chart, and event-driven finite state machine as structured analysis models. As a sand table to carry maps from different perspectives and levels via an engine, this highly reusable platform provides the mapping topology to search for unintended consequences and the graph theory for comprehensive coverage and smart test cases. Experimental results show that the engine generates efficient test sequences, with a sharp increase in coverage for the same vector count compared with a random test.

Adnan Rashid,Ayesha Gauhar,Osman Hasan

DOI: https://doi.org/10.48550/arXiv.2001.06702

2020-01-19

Abstract:Simulink is a graphical environment that is widely adapted for the modeling and the Laplace transform based analysis of linear analog circuits used in signal processing architectures. However, due to the involvement of the numerical algorithms of MATLAB in the analysis process, the analysis results cannot be termed as complete and accurate. Higher-order-logic theorem proving is a formal verification method that has been recently proposed to overcome these limitations for the modeling and the Laplace transform based analysis of linear analog circuits. However, the formal modeling of a system is not a straightforward task due to the lack of formal methods background for engineers working in the industry. Moreover, due to the undecidable nature of higher-order logic, the analysis generally requires a significant amount of user guidance in the manual proof process. In order to facilitate industrial engineers to formally analyze the linear analog circuits based on the Laplace transform, we propose a framework, FASiM, which allows automatically conducting the formal analysis of the Simulink models of linear analog circuits using the HOL Light theorem prover. For illustration, we use FASiM to formally analyze Simulink models of some commonly used linear analog filters, such as Sallen-key filters.

Logic in Computer Science

Yixiao Yang,Yu Jiang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1145/2970276.2970293

2016-01-01

Abstract:Simulink Stateflow is widely used for the model-driven development of software. However, the increasing demand of rigorous verification for safety critical applications brings new challenge to the Simulink Stateflow because of the lack of formal semantics. In this paper, we present STU, a self-contained toolkit to bridge the Simulink Stateflow and a well-defined rigorous verification. The tool translates the Simulink Stateflow into the Uppaal timed automata for verification. Compared to existing work, more advanced and complex modeling features in Stateflow such as the event stack, conditional action and timer are supported. Then, with the strong verification power of Uppaal, we can not only find design defects that are missed by the Simulink Design Verifier, but also check more important temporal properties. The evaluation on artificial examples and real industrial applications demonstrates the effectiveness.

Clemens Dubslaff,Andrey Morozov,Christel Baier,Klaus Janschek

DOI: https://doi.org/10.48550/arXiv.2004.06637

2020-04-15

Abstract:Modern safety-critical systems are heterogeneous, complex, and highly dynamic. They require reliability evaluation methods that go beyond the classical static methods such as fault trees, event trees, or reliability block diagrams. Promising dynamic reliability analysis methods employ probabilistic model checking on various probabilistic state-based models. However, such methods have to tackle the well-known state-space explosion problem. To compete with this problem, reduction methods such as symmetry reduction and partial-order reduction have been successfully applied to probabilistic models by means of discrete Markov chains or Markov decision processes. Such models are usually specified using probabilistic programs provided in guarded command language. In this paper, we propose two automated reduction methods for probabilistic programs that operate on a purely syntactic level: reset value optimization and register allocation optimization. The presented techniques rely on concepts well known from compiler construction such as live range analysis and register allocation through interference graph coloring. Applied on a redundancy system model for an aircraft velocity control loop modeled in SIMULINK, we show effectiveness of our implementation of the reduction methods. We demonstrate that model-size reductions in three orders of magnitude are possible and show that we can achieve significant speedups for a reliability analysis.

Logic in Computer Science,Performance,Systems and Control

Junyan Qian,Baowen Xu

DOI: https://doi.org/10.15388/informatica.2007.178

2007-01-01

Informatica

Abstract:Iterative abstraction refinement has emerged in the last few years as the leading approach to software model checking. We present an approach for automatically verifying C programs against safety specifications based on finite state machine. The approach eliminates unneeded variables using program slicing technique, and then automatically extracts an initial abstract model from C source code using predicate abstraction and theorem proving. In order to reduce time complexities, we partition the set of candidate predicates into subsets, and construct abstract model independently. On the basis of a counterexample-guided abstraction refinement scheme, the abstraction refines incrementally until the specification is either satisfied or refuted. Our methods can be extended to verifying concurrency C programs by parallel composition.

Mohammad Mahdi Mohajer,Reem Aleithan,Nima Shiri Harzevili,Moshi Wei,Alvine Boaye Belle,Hung Viet Pham,Song Wang

2023-12-18

Abstract:We introduce SkipAnalyzer, a large language model (LLM)-powered tool for static code analysis. SkipAnalyzer has three components: 1) an LLM-based static bug detector that scans source code and reports specific types of bugs, 2) an LLM-based false-positive filter that can identify false-positive bugs in the results of static bug detectors (e.g., the result of step 1) to improve detection accuracy, and 3) an LLM-based patch generator that can generate patches for the detected bugs above. As a proof-of-concept, SkipAnalyzer is built on ChatGPT, which has exhibited outstanding performance in various software engineering tasks. To evaluate SkipAnalyzer, we focus on two types of typical and critical bugs that are targeted by static bug detection, i.e., Null Dereference and Resource Leak as subjects. We employ Infer to aid the gathering of these two bug types from 10 open-source projects. Consequently, our experiment dataset contains 222 instances of Null Dereference bugs and 46 instances of Resource Leak bugs. Our study demonstrates that SkipAnalyzer achieves remarkable performance in the mentioned static analysis tasks, including bug detection, false-positive warning removal, and bug repair. In static bug detection, SkipAnalyzer achieves accuracy values of up to 68.37% for detecting Null Dereference bugs and 76.95% for detecting Resource Leak bugs, improving the precision of the current leading bug detector, Infer, by 12.86% and 43.13%, respectively. For removing false-positive warnings, SkipAnalyzer can reach a precision of up to 93.88% for Null Dereference bugs and 63.33% for Resource Leak bugs. Additionally, SkipAnalyzer surpasses state-of-the-art false-positive warning removal tools. Furthermore, in bug repair, SkipAnalyzer can generate syntactically correct patches to fix its detected bugs with a success rate of up to 97.30%.

Software Engineering