MAGIC
An iterative framework for simulation conformance. MAGIC is a software verification project for C source code which verifies conformance of software components against state-machine specifications. To this aim, MAGIC extracts abstract software models using predicate ahstraction, and resolves the inherent trade-off between model accuracy and scalability by an iterative abstraction refinement methodology. This paper presents the core principles implemented in the MAGIC verification engine, i.e., specification conformance using simulation and abstraction refinement. Viewing counterexamples as winning strategies in a simulation game between the implementation and the specification, we describe an algorithm where abstractions are refined on the basis of multiple winning strategies simultaneously. The refinement process is iterated until either a conformance with the specification is established, or a strategy to violate the specification is found to be realizable. In addition to the increase in expressiveness achieved by using simulation instead of trace containment, experimental results using OpenSSL indicate that our approach can lead to orders of magnitude improvement in verification time.
Keywords for this software
References in zbMATH (referenced in 35 articles , 1 standard article )
Showing results 1 to 20 of 35.
Sorted by year (- Gange, Graeme; Navas, Jorge A.; Schachte, Peter; Søndergaard, Harald; Stuckey, Peter J.: A complete refinement procedure for regular separability of context-free languages (2016)
- Song, Fu; Touili, Tayssir: Model checking dynamic pushdown networks (2015)
- Pan, Haiyu; Cao, Yongzhi; Zhang, Min; Chen, Yixiang: Simulation for lattice-valued doubly labeled transition systems (2014)
- Gange, Graeme; Navas, Jorge A.; Stuckey, Peter J.; Søndergaard, Harald; Schachte, Peter: Unbounded model-checking with interpolation for regular language constraints (2013)
- Bae, Kyungmin; Meseguer, José: A rewriting-based model checker for the linear temporal logic of rewriting (2012)
- Donaldson, Alastair F.; Kaiser, Alexander; Kroening, Daniel; Tautschnig, Michael; Wahl, Thomas: Counterexample-guided abstraction refinement for symmetric concurrent programs (2012)
- Fiadeiro, José; Lopes, Antónia; Abreu, João: A formal model for service-oriented interactions (2012)
- Palikareva, Hristina; Ouaknine, Joël; Roscoe, A.W.: SAT-solving in CSP trace refinement (2012)
- Beneš, N.; Brim, L.; Buhnova, B.; Černá, I.; Sochor, J.; Vařeková, P.: Partial order reduction for state/event LTL with application to component-interaction automata (2011)
- Braghin, Chiara; Sharygina, Natasha; Barone-Adesi, Katerina: A model checking-based approach for security policy verification of mobile systems (2011)
- Bae, Kyungmin; Meseguer, José: The linear temporal logic of rewriting Maude model checker (2010)
- de Boer, Frank S.; Grabe, Immo: Automated deadlock detection in synchronized reentrant multithreaded call-graphs (2010)
- Plagge, Daniel; Leuschel, Michael: Seven at one stroke: LTL model checking for high-level specifications in B, Z, CSP, and more (2010)
- Touili, Tayssir; Atig, Mohamed Faouzi: Verifying parallel programs with dynamic communication structures (2010)
- Ben Rajeb, Narjes; Nasraoui, Brahim; Robbana, Riadh; Touili, Tayssir: Verifying multithreaded recursive programs with integer variables (2009)
- Ben Rajeb, Narjes; Nasraoui, Brahim; Robbana, Riadh; Touili, Tayssir: Verifying multithreaded recursive programs with integer variables (2009)
- Kidd, Nicholas; Reps, Thomas; Dolby, Julian; Vaziri, Mandana: Finding concurrency-related bugs using random isolation (2009)
- Lal, Akash; Reps, Thomas: Reducing concurrent analysis under a context bound to sequential analysis (2009)
- Sighireanu, Mihaela; Touili, Tayssir: Bounded communication reachability analysis of process rewrite systems with ordered parallelism (2009)
- Sighireanu, Mihaela; Touili, Tayssir: Bounded communication reachability analysis of process rewrite systems with ordered parallelism (2009)