微信服务号

微信订阅号

2025年6月2日 0:18 星期一
首页 > 过刊浏览>2007年第18卷第9期 >2130-2140
PDF HTML阅读 XML下载 导出引用 引用提醒
基于Assume-Guarantee搜索复用的C程序验证方法
作者:
基金项目:

Supported by the National Natural Science Foundation of China under Grant No.60233020 (国家自然科学基金); the National High-Tech Ressearch and Development Plan of China under Grant No.2006AA01Z429 (国家高技术研究发展计划(863)); the Program for New Century Excellent Talents in University under Grant No.NCET-04-0996 (新世纪优秀人才支持计划)


Verification of C Programs Using Assume-Guarantee Reuse of Searching
Author:
  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [29]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    提出了一种基于Assume-Guarantee搜索复用的验证方法,对C程序源代码进行验证.其思想是,在程序的每点处都引入一个保守假设条件,并假设从任意点出发,变量取值满足该点假设条件的所有执行路径都不会违背给定性质,然后根据这些假设条件遍历所有可能的执行路径以验证给定的时序安全性质,并在遍历的过程中验证这些假设条件是否满足,如果不满足,则不断对其精化和加强.验证方法总是在保证假设条件可靠的前提下尽量使用较弱的条件,使得大量的执行路径由于满足假设条件而可以搜索复用,从而降低验证代价.应用该方法验证了Linux操作系统中SSL协议的实现程序openssl-0.9.6c满足SSL协议的初始握手规范.实验结果表明,该方法具有良好的实用性和可扩展性.

    Abstract:

    This paper presents a novel method,namely Assume-Guarantee reuse of searching,to verify C programs with respect to temporal safety properties.Its idea is to introduce a conservative assume condition for each program location,and to assume that every path starting from the program location will never violate the property if the evaluation of its variables at that location satisfy the assume condition.All the possible execution paths are traversed based on the assume conditions,and the temporal safety property is checked on the fly.If some assume condition is too weak,it will be continually strengthened based on the spurious counterexamples.The presented verification method can try to adopt the weak assume conditions so as to let more execution paths satisfy the conditions and to reuse the searching efforts.Therefore,a significant reduction of verification cost can be achieved.The verification method has been used to verify the initial handshake process of SSL protocol based on the C source code of openssl-0.9.6c.The experimental results demonstrate that the method is both effective and practical.

    参考文献
    [1]Graf S,Saidi H.Construction of abstract state graphs with PVS.In:Grumberg O,ed.Proc.of the Computer-aided Verification (CAV'97).LNCS 1254,Haifa:Springer-Verlag,1997.72-83.
    [2]Ball T,Majumdar R,Millstein T,Rajamani SK.Automatic predicate abstraction of C programs.In:Proc.of the Programming Language Design and Implementation (PLDI 2001).Snowbird:ACM Press,2001.203-213.http://portal.acm.org/citation.cfm?id= 381694.378846
    [3]Ball T,Rajamani SK.Generating abstract explanations of spurious counterexamples in C programs.Technical Report,MSR-TR-2002-09,Microsoft Research,Microsoft Corporation,2002.http://research.microsoft.com/research/pubs/view.aspx? msr_tr_id=MSR-TR-2002-09
    [4]Henzinger TA,Jhala R,Majumdar R,Sutre G.Software verification with BLAST.In:Proc.of the 10th Int'l SPIN Workshop (SPIN 2003),LNCS 2648,Portland:Springer-Verlag,2003.235-239.http://www-cad.eecs.berkeley.edu/tah/Publications/software_ verification_with_blast.pdf
    [5]Chaki S,Clarke E,Groce A.Modular verification of software components in C.In:Clarke LA,Dillon LK,Tichy W,eds.Proc.of the 25th Int'l Conf.on Software Engineering (ICSE 2003).Portland:IEEE Computer Society.2003.385-395.
    [6]Chaki S,Ouaknine J,Yorav K,Clarke E.Automated compositional abstraction refinement for concurrent C programs:A two-level approach.In:Proc.of the 2nd Workshop on Software Model Checking (SoftMC).2003.http://www.cs.cmu.edu/~chaki/ publications/SOFTMC-2003.pdf
    [7]Chaki S,Clarke E,Sinha N,Thati P.Automated assume-guarantee reasoning for simulation conformance.In:Etessami K,Rajamani SK,eds.Proc.of the Computer Aided Verification (CAV).LNCS 3576,Edinburgh:Springer-Verlag,2005.534-547.
    [8]Chaki S,Ivers J,Sharygina N,Wallnau K.The ComFoRT reasoning framework.In:Etessami K,Rajamani SK,eds.Proc.of the Computer Aided Verification (CAV).LNCS 3576,Edinburgh:Springer-Verlag,2005.164-169.
    [9]Dingel J.Computer-Assisted assume/guarantee reasoning with VeriSoft.In:Clarke LA,Dillon LK,Tichy W,eds.Proc.of the 25th Int'l Conf.on Software Engineering (ICSE 2003).Portland:IEEE Computer Society,2003.138-148.
    [10]Henzinger TA,Minea M,Prabhu V.Assume-Guarantee reasoning for hierarchical hybrid systems.In:Benedetto MDD,Sangiovanni-Vincentelli AL,eds.Proc.of the Hybrid Systems:Computation and Control 4th Int'l Workshop HSCC 2001.Springer-Verlag,2001.275-290.
    [11]Weiser M.Program slicing.IEEE Trans.on Software Engineering (TSE),1982,SE-10(4):352-357.
    [12]Yi XD,Wang J,Yang XJ.Slicing execution for model checking C programs.Int'l Journal of Software Engineering and Knowledge Engineering (IJSEKE),2006,16(5):747-768.
    [13]Yi XD,Wang J,Yang XJ.Verification of C programs using slicing execution.In:Proc.of the 5th Int'l Conf.on Quality Software (QSIC 2005).Melbourne:IEEE Computer Society Press,2005.109-116.http://ieeexplore.ieee.org/iel5/10545/33358/01579126.pdf?tp=&isnumber=&arnumber=1579126
    [14]Clarke EM,Grumberg O,Jha S,Lu Y,Veith H.Counterexample-Guided abstraction refinement.In:Emerson EA,Sistla AP,eds.Proc.of the CAV.LNCS 1855,Springer-Verlag,2000.154-169.
    [15]Gries D.The Science of Programming.Springer-Verlag,1981.
    [16]Zhang J,Wang XX,A constraint solver and its application to path feasibility analysis.Int'l Journal of Software Engineering & Knowledge Engineering,2001,11(2):139-156.
    [17]Shan JH,Wang J,Qi ZC.Improved method to generate path-wise test data.Journal of Computer Science and Technology,2003,18(2):235-240.
    [18]Zhang XY,Gupta R,Zhang YT.Precise dynamic slicing algorithms.In:Clarke LA,Dillon LK,Tichy W,eds.Proc.of the IEEE/ACM Int'l Conf.on Software Engineering (ICSE).Portlandz:IEEE Computer Society,2003.319-329.
    [19]Detlefs D,Nelson G,Saxe J.Simplify:A theorem prover for program checking.2003.http://research.compaq.com/src/esc/simplify.html
    [20]Das M.Unification-Based pointer analysis with directional assignments.In:Lam M,ed.Proc.of the PLDI 2000:Programming Language Design and Implementation.ACM Press,2000.35-46.
    [21]Chaki S,Clarke E,Groce A,Strichman O.Predicate abstraction with minimum predicates.In:Proc.of the 12th Advanced Research Working Conf.on Correct Hardware Design and Verification Methods (CHARME).LNCS 2860,Springer-Verlag.2003.19-34
    [22]Blundell C,Giannakopoulou D,Pasareanu CS.Assume-Guarantee testing.In:Proc.of the SAVCBS 2005.2005.7-14 http://www.cs.iastate.edu/~leavens/SAVCBS/2005/SAVCBS05.pdf
    [23]Wang J,Yi XD,Yang XJ.Towards a framework for scalable model checking of concurrent C programs.In:Proc.of the IsoLA 2006.2006.
    [24]Ashcraft K,Engler DR.Using Programmer-Written Compiler Extensions to Catch Security Holes.IEEE Security and Privacy,2002.143-159.
    [25]Das M,Lerner S,Seigle M.ESP:Path-Sensitive program verification in polynomial time.In:Proc.of the PLDI 2002:Programming Language Design and Implementation.Berlin:ACM Press,2002.http://www.cs.cornell.edu/courses/cs711/2005fa/papers/ dls-pldi02.pdf
    [26]Chen H,Wagner D.MOPS:An infrastructure for examining security properties of software.In:Proc.of the 9th ACM Conf.on Computer and Communications Security (CCS).2002.235-244.
    [27]Cousot P,Cousot R,Feret J,Mauborgne L,Mine A,Monniaux D,Rival X.The ASTREE analyzer.In:Proc.of the ESOP 2005:The European Symp.on Programming.LNCS 3444,Springer-Verlag,2005.21-30.
    [28]Venet A,Brat G.C global surveyor:Designing a static analyzer for NASA flight software.In:Proc.of the VMCAI 2005.LNCS 3385,Paris:Springer-Verlag,2005.
    [29]Musuvathi M,Park DYW,Chou A,Engler DR,Dill DL.CMC:A pragmatic approach to model checking real code.In:Proc.of the 5th Symp.on Operating System Design and Implementation (OSDI).2002.75-88.http://www.stanford.edu/~engler/osdi2002.pdf
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

易晓东,王戟,杨学军.基于Assume-Guarantee搜索复用的C程序验证方法.软件学报,2007,18(9):2130-2140

复制
分享
文章指标
  • 点击次数:4587
  • 下载次数: 5508
  • HTML阅读次数: 0
  • 引用次数: 0
历史
  • 收稿日期:2006-05-28
  • 最后修改日期:2006-05-28
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19987962位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号