An iterative framework for simulation conformance. MAGIC is a software verification project for C source code which verifies conformance of software components against state-machine specifications. To this aim, MAGIC extracts abstract software models using predicate ahstraction, and resolves the inherent trade-off between model accuracy and scalability by an iterative abstraction refinement methodology. This paper presents the core principles implemented in the MAGIC verification engine, i.e., specification conformance using simulation and abstraction refinement. Viewing counterexamples as winning strategies in a simulation game between the implementation and the specification, we describe an algorithm where abstractions are refined on the basis of multiple winning strategies simultaneously. The refinement process is iterated until either a conformance with the specification is established, or a strategy to violate the specification is found to be realizable. In addition to the increase in expressiveness achieved by using simulation instead of trace containment, experimental results using OpenSSL indicate that our approach can lead to orders of magnitude improvement in verification time.

References in zbMATH (referenced in 38 articles , 1 standard article )

Showing results 21 to 38 of 38.
Sorted by year (citations)
  1. Ben Rajeb, Narjes; Nasraoui, Brahim; Robbana, Riadh; Touili, Tayssir: Verifying multithreaded recursive programs with integer variables (2009)
  2. Kidd, Nicholas; Reps, Thomas; Dolby, Julian; Vaziri, Mandana: Finding concurrency-related bugs using random isolation (2009)
  3. Lal, Akash; Reps, Thomas: Reducing concurrent analysis under a context bound to sequential analysis (2009)
  4. Sighireanu, Mihaela; Touili, Tayssir: Bounded communication reachability analysis of process rewrite systems with ordered parallelism (2009)
  5. Atig, Mohamed Faouzi; Bouajjani, Ahmed; Touili, Tayssir: On the reachability analysis of acyclic networks of pushdown systems (2008)
  6. Lal, Akash; Touili, Tayssir; Kidd, Nicholas; Reps, Thomas: Interprocedural analysis of concurrent programs under a context bound (2008)
  7. Meseguer, José: The temporal logic of rewriting: A gentle introduction (2008)
  8. Cook, Byron; Kroening, Daniel; Sharygina, Natasha: Verification of Boolean programs with unbounded thread creation (2007)
  9. Kahlon, Vineet; Gupta, Aarti: On the analysis of interacting pushdown systems (2007)
  10. Reps, Thomas; Lal, Akash; Kidd, Nick: Program analysis using weighted pushdown systems (2007)
  11. Chaki, S.; Clarke, E.; Kidd, N.; Reps, T.; Touili, T.: Verifying concurrent message-passing C programs with recursive calls (2006)
  12. Stokely, Murray; Chaki, Sagar; Ouaknine, Joël: Parallel assignments in software model checking (2006)
  13. Chaki, Sagar; Clarke, Edmund; Grumberg, Orna; Ouaknine, Joël; Sharygina, Natasha; Touili, Tayssir; Veith, Helmut: State/event software verification for branching-time specifications (2005)
  14. Chaki, Sagar; Clarke, Edmund; Jha, Somesh; Veith, Helmut: An iterative framework for simulation conformance (2005)
  15. Chaki, Sagar; Clarke, Edmund; Ouaknine, Joël; Sharygina, Natasha; Sinha, Nishant: Concurrent software verification with states, events, and deadlocks (2005)
  16. Chaki, Sagar; Clarke, Edmund M.; Ouaknine, Joël; Sharygina, Natasha; Sinha, Nishant: State/event-based software model checking (2004)
  17. Chaki, S.; Clarke, E.; Groce, A.; Ouaknine, J.; Strichman, O.; Yorav, K.: Efficient verification of sequential and concurrent C programs (2004)
  18. Chaki, Sagar; Ouaknine, Joël; Yorav, Karen; Clarke, Edmund: Automated compositional abstraction refinement for concurrent C programs: a two-level approach (2003)