CHEN Feng,LI Weihua,CHEN Hao,L(U) Zheng

2011-01-01

Abstract:In order to improve the analysis and design of software safety,on the basis of current researches on safety model and verification technology,a modeling and checking method is proposed for object-oriented software safety.Establishing non-formal UML models of software safety,safety extended deterministic finite automata and linear temporal logic are used to create the formal models and describe the safety properties separately.Through a model checker,we get the verification result.This approach realizes the combination of software safety model and verification technology.Experimental results show that the method can analyze and verify the safety properties effectively in the early stage of software design.

DONG Wei,WANG Ji,QI Zhi-Chang

2001-01-01

Abstract:Model checking is an important technology of automatic verification. It verifies the modal/proposition properties of concurrent or real-time systems through explicit state exploration or implicit fixpoint computation. It can ensure the correctness of critical application such as communication protocol and digital circuit. In this paper, the development and state-of-art of model checking are expatiated. Two main tactics separately based on automata theory and symbolic structure for concurrent systems are described and the methods to solve state explosion problem are given. Then the methods of model checking for real-time systems and object-oriented designs are introduced. The corresponding known tools for every method are also presented. Finally, the difficulties faced by model checking and its developing trend are analyzed.

Wei-Tek Tsai,Hai Huang

2005-01-01

Abstract:Model checking is a formal approach for software verification. It can prove mathematically the absence of certain types of malicious behaviors, such as deadlocks. Because model checking exhaustively explores all possible states and transitions of given software system, its sluggish performance has impeded broad application in software development. Recent progress on leveraging the performance sheds light on its massive adoption in daily practices. One key contribution of this dissertation is an innovative model checking technique, proof slicing, that simultaneously reduces running time and storage requirement. Theoretical results have shown that proof slicing subsumes several existing abstraction-based, counterexample-driven model checking approaches, such as Lazy Abstraction, Craig Interpolation, and Localization. Experimental data have shown the superior performance in both running time and storage requirement of Blade, the model checker that implements proof slicing technique, over existing model checkers, such as BLAST from University of California at Berkeley. Web services and Services-Oriented Architecture (SOA) is a new paradigm for software development. SOA provide uniform data marshaling protocols (via Simple Object Access Protocol: SOAP and eXtensible Markup Language: XML), consistent information exchange infrastructure (via Web Service Definition Language: WSDL and HyperText Transfer Protocol: HTTP), and service query facility (via Universal Description, Discovery, and Integration: UDDI). New applications can be composed rapidly with SOA. Moreover, existing applications can be easily reconfigured or recomposed to meet new functional or non-functional requirements. The rapid development permitted by SOA imposes challenges on dynamic verification and validation on the newly developed applications. This dissertation reports an automated verification and validation framework powered by proof slicing and other techniques and its applications to dynamic verification and validation. This dissertation also reports the application of model checking techniques to the verification of service collaboration.

Pengcheng Zhang,Henry Muccini,Bixin Li

DOI: https://doi.org/10.1016/j.jss.2009.11.709

IF: 3.5

2009-01-01

Journal of Systems and Software

Abstract:Software architecture specifications are used for many different purposes, such as documenting architectural decisions, predicting architectural qualities before the system is implemented, and guiding the design and coding process. In these contexts, assessing the architectural model as early as possible becomes a relevant challenge. Various analysis techniques have been proposed for testing, model checking, and evaluating performance based on architectural models. Among them, model checking is an exhaustive and automatic verification technique, used to verify whether an architectural specification conforms to expected properties. While model checking is being extensively applied to software architectures, little work has been done to comprehensively enumerate and classify these different techniques. The goal of this paper is to investigate the state-of-the-art in model checking software architectures. For this purpose, we first define the main activities in a model checking software architecture process. Then, we define a classification and comparison framework and compare model checking software architecture techniques according to it.

ZHANG Peng-Cheng,LI Bi-Xin,ZHOU Yu

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.04.002

2007-01-01

Computer Science

Abstract:In the past ten years, software architecture has made a great step in the research of foundation theory, SA style, architecture description language (ADL), SA model etc. Currently, many people are doing the research of analysis, evaluation, testing and verification. As a formal verification technique based on automata theory, model checking verifies system’s attributes by enumerating all its state spaces. Compared with the traditional testing and verification techniques, it has its own advantages. Therefore, more and more researches are applying model checking to analyze and verify quality attributes of SA. In this paper the states of model checking SA are first investigated, the factors affecting to it are analyzed in the second, and the future research topics are debated in the final.

Roberto Sebastiani,Alessandro Tomasi,Fausto Giunchiglia

DOI: https://doi.org/10.1007/3-540-45319-9_10

2001-01-01

Abstract:Model checking has been conceived as a powerful tool for hardware, software and protocol verification, which has its main application fields in the development of hi-tech and safety-critical systems. We present here a completely novel application in the field of university administration processes, in which model checking is applied to the verification of the coherence of syllabi and to the automated synthesis/simulation of correct student careers under given requirements.

何恺铎,顾明,宋晓宇,李力,李江

DOI: https://doi.org/10.3969/j.issn.1002-137x.2009.01.068

2009-01-01

Computer Science

Abstract:Model checking on software reliability is always considered meaningful.This paper studied theory and metho-dology on source code verification,utilizing predicate abstraction and counterexample-guided abstraction refinement.Detailed verification framework and its implementation of the self-designed Jchecker,a source-oriented software model checker,were also introduced.

YANG Jun,GE Hai-tong,ZHENG Fei-jun,YAN Xiao-lang

DOI: https://doi.org/10.3321/j.issn:1008-9497.2006.04.012

2006-01-01

Abstract:Being a formal verification method,model checking is used frequently in hardware and software design.Firstey the Kripke structure which is used to describe the behavior of a system and the CTL logic which is used to describe the property of a system were introduced.Then two model checking algorithms were introduced: one is the labeling algorithm,the other is the algorithm based on fixpoint.In the end,the symbolic model checking which can reduce the possibility of memory explosion was introduced.

Nathan Chong,Byron Cook,Konstantinos Kallas,Kareem Khazem,Felipe R. Monteiro,Daniel Schwartz-Narbonne,Serdar Tasiran,Michael Tautschnig,Mark R. Tuttle

DOI: https://doi.org/10.1145/3377813.3381347

2020-06-27

Abstract:This experience report describes a style of applying symbolic model checking developed over the course of four years at Amazon Web Services (AWS). Lessons learned are drawn from proving properties of numerous C-based systems, e.g., custom hypervisors, encryption code, boot loaders, and an IoT operating system. Using our methodology, we find that we can prove the correctness of industrial low-level C-based systems with reasonable effort and predictability. Furthermore, AWS developers are increasingly writing their own formal specifications. All proofs discussed in this paper are publicly available on GitHub.

John Lång,I.S.W.B. Prasetya

DOI: https://doi.org/10.1145/3338906.3340453

2019-06-29

Abstract:This paper presents a case study on applying two model checkers, SPIN and DIVINE, to verify key properties of a C++ software framework, known as ADAPRO, originally developed at CERN. SPIN was used for verifying properties on the design level. DIVINE was used for verifying simple test applications that interacted with the implementation. Both model checkers were found to have their own respective sets of pros and cons, but the overall experience was positive. Because both model checkers were used in a complementary manner, they provided valuable new insights into the framework, which would arguably have been hard to gain by traditional testing and analysis tools only. Translating the C++ source code into the modeling language of the SPIN model checker helped to find flaws in the original design. With DIVINE, defects were found in parts of the code base that had already been subject to hundreds of hours of unit tests, integration tests, and acceptance tests. Most importantly, model checking was found to be easy to integrate into the workflow of the software project and bring added value, not only as verification, but also validation methodology. Therefore, using model checking for developing library-level code seems realistic and worth the effort.

Software Engineering

Yuhong Zhao,Franz J. Rammig

DOI: https://doi.org/10.1109/isorc.2012.28

2012-01-01

Abstract:This paper presents a lightweight verification technique, which is applicable to dependable real-time systems, provided that the (abstract) model and the (concrete) implementation of the system under test are given in advance. In addition to the usual quality assurance techniques at design time (e.g., formal verification) and at implementation time (e.g., testing), we provide a special form of model checking at run time. That is, we check the correctness of an actual system execution by means of exploring a partial model space covering the current execution trace. In doing so, concrete state information is observed from time to time while the system to be checked is running. This runtime information is used to guide model checking to reduce the model space to be explored. In this sense, we call this method online model checking. Since we do not directly check the execution trace itself, our online checking at model level is capable of checking a running system some steps ahead of the actual state of execution. In this paper, we describe online model checking as well as the underlying system architecture in general, explain the basic algorithm and its extension to improve performance, and provide experimental results.

Tang Shan,Peng Xin,Zhao Wen-yun,Liu Yi-ming

2006-01-01

Abstract:One of the urgent problems in software engineering is how to guarantee the correctness of software architecture evolution. Model checking is an approach which is used to verify properties of systems. Generally, it checks whether a given model satisfies some special property which are expressed by linear temporal logic through checking all of states of the target model. Since the complexity of the model checking mainly depends on the amount of number of the states, the most intractable problems of the approach are lack of memory and the state space explosion. There are few effective model checking approaches for large scale dynamic software architecture, this paper proposes a modular model checking strategy based on linear temporal logic. From two different levels: the component composing the system and the whole system, this paper discusses how to verify dynamic software architecture in detail, gives the corresponding algorithms and introduces an e-business case to illustrate the availability of our approach. Keyword: Dynamic Software Architecture, Model Checking, Linear Temporal Logic, Automaton

Wei Xia,Yiping Yao,Xiaodong Mu,Fei Xing

DOI: https://doi.org/10.4028/www.scientific.net/AMM.44-47.3508

2011-01-01

Applied Mechanics and Materials

Abstract:The accuracy and credibility of model is the most important determinant of development of Modeling and Simulation (M&S). There is a desperate need for an immediate practical solution to the problem of VV&A (Validation, Verification and Accreditation) of simulation systems. A discussion and experiment of the relative merits of informal methods and formal methods are provided in this paper. In spite of increasing simulation speed via parallelization, the number of problem cases that can be covered is not highly increased. On the other hand, formal methods have proven to be valuable techniques, but they require detailed specifications of systems and requirements, therefore they are not very accessible in practical simulation systems development. According to the exhaustiveness of formal methods, a Model Driven Architecture (MDA) based simulation VV&A framework guided by model checking is presented in this paper. This framework combines scalability of simulation with exhaustiveness of formal methods in order to get the best of both worlds for simulation model verification. It can provide more confidence in simulation models and increase the use of formal methods in the context of M&S by people that are not trained in formal techniques.

Zhi-Hong Tao,Hans Kleine Büning,Li-Fu Wang

DOI: https://doi.org/10.1007/s11390-006-0944-5

2006-01-01

Abstract:During the last decade, Model Checking has proven its efficacy and power in circuit design, network protocol analysis and bug hunting. Recent research on automatic verification has shown that no single model-checking technique has the edge over all others in all application areas. So, it is very difficult to determine which technique is the most suitable for a given model. It is thus sensible to apply different techniques to the same model. However, this is a very tedious and time-consuming task, for each algorithm uses its own description language. Applying Model Checking in software design and verification has been proved very difficult. Software architectures (SA) are engineering artifacts that provide high-level and abstract descriptions of complex software systems. In this paper a Direct Model Checking (DMC) method based on Kripke Structure and Matrix Algorithm is provided. Combined and integrated with domain specific software architecture description languages (ADLs), DMC can be used for computing consistency and other critical properties.

Zhengwei Qi,Liang Liu,Alei Liang,Hao Wang,Ying Chen

DOI: https://doi.org/10.1109/ICPADS.2008.73

2008-01-01

Abstract:Modern software model checkers are usually used to find safety violations. However, checking liveness properties can offer a more natural and effective way to detect errors, particularly in complex concurrent and distributed e-business systems. Specifying global liveness properties which should always eventually be true proves to be more desirable, but it is hard for existing software model checkers to verify liveness in real codes because doing so requires finding an infinite execution. For solving such a challenge, this paper proposes an online checking tool to verify the safety and liveness properties of complex systems. We adopt the linear temporal logic to describe the semantics of the finite model checking, use binary instrumentation to obtain the distribute states and apply a checking engine to dynamically verify the finite trace linear temporal logic properties. At last, we demonstrate the method in a distributed system using distributed protocol Paxos and achieve good results by experiments.

Mo Xia,Guiming Luo,Mian Sun

DOI: https://doi.org/10.1145/2591062.2591149

2014-01-01

Abstract:Model checking is a common formal verification technique, but it is only applicable to white box systems. In order to allow users without much formal verification expertise to use model checking easily, this paper proposes a modular approach for software modeling and model checking. Efficiency, correctness, and reusability are our main concerns. A hierarchical model is constructed for a system by modules, and it is translated into the specific model checking codes. The M^3C tool is implemented to support our approach, and it is successfully applied to actual industrial cases, as well as to some cases in the literature.

A Cimatti,F Giunchiglia,G Mongardi,D Romano,F Torielli,P Traverso

DOI: https://doi.org/10.1007/3-540-49646-7_22

1998-01-01

Abstract:This paper describes an industrial application in formal verification. The analyzed system is the Safety Logic of an interlocking system for the control of railway stations developed by Ansaldo. The Safety Logic is a process-based software architecture, which can be configured to implement different functions and control stations of different topology.The applied technique, model checking, allows for the representation of the analyzed system as a finite state machines. Specialized algorithms allow for the automatic and efficient verification of requirements by means of an exhaustive exploration of the state space.In this paper we describe how a formal model of the Safety Logic has been develped in the language of the SPIN model checker. This model retains the configurability features of the Safety Logic. Furthermore, we discuss how the automated verification of several significant process configurations was carried out without incurring into the state explosion problem.

A. Cimatti,F. Giunchiglia,G. Mongardi,D. Romano,F. Torielli,P. Traverso

DOI: https://doi.org/10.1007/s001650050022

1998-01-01

Formal Aspects of Computing

Abstract:In this paper we describe an industrial application of formal methods. We have used model checking techniques to model and formally verify a rather complex software, i.e. part of the “safety logic” of a railway interlocking system. The formal model is structured to retain the reusability and scalability properties of the system being modelled. Part of it is defined once for all at a low cost, and re-used. The rest of the model can be mechanically generated from the designers' current specification language. The model checker is “hidden” to the user, it runs as a powerful debugger. Its performances are impressive: exhaustive analysis of quite complex configurations with respect to rather complex properties are run in the order of minutes. The main reason for this achievement is essentially a carefully designed model, which exploits all the behaviour evolution constraints. The re-usability/scalability of the model and the fact that formal verification is automatic and efficient are the key factors which open up the possibility of a real usage by designers at design time. We have thus assessed the possibility of introducing the novel technique in the development cycle with an advantageous costs/benefits relation.

Hui Liu,Chongbin Zhang,Xiaomin Zhang

DOI: https://doi.org/10.3321/j.issn:1671-4512.2008.02.018

2008-01-01

Abstract:Model checking technology used widely in industrial designs was introduced into probable vulnerabilities finding in software. A system prototype is proposed to find vulnerabilities in source codes. Taking open-source operating system Linux as an example, a security property model was built for dropping privilege and creating files in this system, and this model was verified by various examples. The results show that the proposed method is a formal means that could prove the existence of vulnerabilities and automatically discover security vulnerabilities in software.

Haitao Zhang,Guoqiang Li,Zhuo Cheng,Jinyun Xue

DOI: https://doi.org/10.1002/stvr.1662

2018-01-01

Software Testing Verification and Reliability

Abstract:SummaryOSEK/VDX, a development standard for automobiles, has now been widely adopted by automotive manufacturers for developing a vehicle‐mounted system. The ever increasing complexity of the system has created a challenge for ensuring the reliability of the developed OSEK/VDX applications in exhaustive way. Model checking as an exhaustive verification technique has attracted much attention in the automotive industry. To check OSEK/VDX applications by using model checking verification techniques, we have proposed a method based on SMT‐based bounded model checking. However, the method performs a poor efficiency in checking the OSEK/VDX applications that hold many loops, especially it is unable to deal with interruptions. In this paper, to apply model checking verification techniques to check a practical OSEK/VDX application, we develop and investigate an alterative approach based on the well‐known model checker Spin. In our Spin‐based approach, interruptions are taken into account, and moreover, 2 optimization strategies are used to boost the scalability and efficiency of the approach by reducing state space and accelerating bug detection. We have investigated the Spin‐based approach based on a series of experiments. The experimental results show that the approach is an impactful technique to verify the developed OSEK/VDX applications that hold a number of loops and interruptions.