Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.31
R. Samanta, Jyotirmoy V. Deshmukh, Allen Emerson
Automatic techniques for software verification focus on obtaining witnesses of program failure. Such counterexamples often fail to localize the precise cause of an error and usually do not suggest a repair strategy. We present an efficient algorithm to automatically generate a repair for an incorrect sequential Boolean program where program correctness is specified using a pre-condition and a post-condition. Our approach draws on standard techniques from predicate calculus to obtain annotations for the program statements. These annotations are then used to generate a synthesis query for each program statement, which if successful, yields a repair. Furthermore, we show that if a repair exists for a given program under specified conditions, our technique is always able to find it.
{"title":"Automatic Generation of Local Repairs for Boolean Programs","authors":"R. Samanta, Jyotirmoy V. Deshmukh, Allen Emerson","doi":"10.1109/FMCAD.2008.ECP.31","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.31","url":null,"abstract":"Automatic techniques for software verification focus on obtaining witnesses of program failure. Such counterexamples often fail to localize the precise cause of an error and usually do not suggest a repair strategy. We present an efficient algorithm to automatically generate a repair for an incorrect sequential Boolean program where program correctness is specified using a pre-condition and a post-condition. Our approach draws on standard techniques from predicate calculus to obtain annotations for the program statements. These annotations are then used to generate a synthesis query for each program statement, which if successful, yields a repair. Furthermore, we show that if a repair exists for a given program under specified conditions, our technique is always able to find it.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132592099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.10
E. Smith, D. Dill
This paper describes an automatic method for proving equivalence of implementations of block ciphers (and similar cryptographic algorithms). The method can compare two object code implementations or compare object code to a formal, mathematical specification. In either case it proves that the computations being compared are bit-for-bit equivalent. The method has two steps. First the computations are represented as large mathematical terms. Then the two terms are proved equivalent using a phased approach that includes domain-specific optimizations for block ciphers and relies on a careful choice of both word-level and bit-level simplifications. The verification also relies on STP [5], a SAT-based decision procedure for bit-vectors and arrays. The method has been applied to verify real, widely-used Java code from Sun Microsystems and the open source Bouncy Castle project. It has been applied to implementations of the block ciphers AES, DES, Triple DES (3DES), Blowfish, RC2, RC6, and Skipjack as well as applications of the cryptographic hash functions SHA-1 and MD5 on fixed-length messages.
本文描述了一种自动证明分组密码(以及类似密码算法)实现等价性的方法。该方法可以比较两个目标代码实现,或者将目标代码与正式的数学规范进行比较。在任何一种情况下,它都证明了被比较的计算是逐位等效的。该方法分为两个步骤。首先,计算被表示为大的数学项。然后,使用分阶段的方法证明这两个术语是等价的,该方法包括针对分组密码的特定领域优化,并依赖于字级和位级简化的仔细选择。验证还依赖于STP[5],这是一种基于sat的位向量和数组决策过程。该方法已被应用于验证来自Sun Microsystems和开源Bouncy Castle项目的真实的、广泛使用的Java代码。它已应用于分组密码AES, DES, Triple DES (3DES), Blowfish, RC2, RC6和Skipjack的实现以及固定长度消息的加密散列函数SHA-1和MD5的应用。
{"title":"Automatic Formal Verification of Block Cipher Implementations","authors":"E. Smith, D. Dill","doi":"10.1109/FMCAD.2008.ECP.10","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.10","url":null,"abstract":"This paper describes an automatic method for proving equivalence of implementations of block ciphers (and similar cryptographic algorithms). The method can compare two object code implementations or compare object code to a formal, mathematical specification. In either case it proves that the computations being compared are bit-for-bit equivalent. The method has two steps. First the computations are represented as large mathematical terms. Then the two terms are proved equivalent using a phased approach that includes domain-specific optimizations for block ciphers and relies on a careful choice of both word-level and bit-level simplifications. The verification also relies on STP [5], a SAT-based decision procedure for bit-vectors and arrays. The method has been applied to verify real, widely-used Java code from Sun Microsystems and the open source Bouncy Castle project. It has been applied to implementations of the block ciphers AES, DES, Triple DES (3DES), Blowfish, RC2, RC6, and Skipjack as well as applications of the cryptographic hash functions SHA-1 and MD5 on fixed-length messages.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"105 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124754793","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.8
A. Mishchenko, R. Brayton
Performing synthesis and verification in isolation has two undesirable consequences: (1) verification runs the risk of becoming intractable, and (2) strong sequential optimizations are not applied because they are hard to verify. This paper proposes a format for recording synthesis information and a methodology for sequential equivalence checking using this feedback from synthesis. An implementation is described and experimentally compared against an efficient general-purpose sequential equivalence checker that does not use synthesis information. Experimental results confirm expected substantial savings in runtime and reliability of equivalence checking for large designs.
{"title":"Recording Synthesis History for Sequential Verification","authors":"A. Mishchenko, R. Brayton","doi":"10.1109/FMCAD.2008.ECP.8","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.8","url":null,"abstract":"Performing synthesis and verification in isolation has two undesirable consequences: (1) verification runs the risk of becoming intractable, and (2) strong sequential optimizations are not applied because they are hard to verify. This paper proposes a format for recording synthesis information and a methodology for sequential equivalence checking using this feedback from synthesis. An implementation is described and experimentally compared against an efficient general-purpose sequential equivalence checker that does not use synthesis information. Experimental results confirm expected substantial savings in runtime and reliability of equivalence checking for large designs.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"48 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121196242","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.30
G. Cabodi, P. Camurati, Luz Garcia, M. Murciano, Sergio Nocco, S. Quer
Interpolant-based model checking has been shown effective on large verification instances, as it efficiently combines automated abstraction and fixed-point checks. On the other hand, methods based on variable quantification have proved their ability to remove free inputs, thus projecting the search space over state variables. In this paper we propose an integrated approach combining the abstraction power of interpolation with techniques relying on AIG and/or BDD representations of states, supporting variable quantification and fixed-point checks. The underlying idea of this combination is to adopt AIG- or BDD-based quantifications to limit and restrict the search space (and the complexity) of the interpolant-based approach. The exploited strategies, individually well-known, are integrated with a new flavor, specifically designed to improve their effectiveness on large verification instances. Experimental results, oriented to hard-to-solve verification problems, show the robustness of our approach.
{"title":"Trading-Off SAT Search and Variable Quantifications for Effective Unbounded Model Checking","authors":"G. Cabodi, P. Camurati, Luz Garcia, M. Murciano, Sergio Nocco, S. Quer","doi":"10.1109/FMCAD.2008.ECP.30","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.30","url":null,"abstract":"Interpolant-based model checking has been shown effective on large verification instances, as it efficiently combines automated abstraction and fixed-point checks. On the other hand, methods based on variable quantification have proved their ability to remove free inputs, thus projecting the search space over state variables. In this paper we propose an integrated approach combining the abstraction power of interpolation with techniques relying on AIG and/or BDD representations of states, supporting variable quantification and fixed-point checks. The underlying idea of this combination is to adopt AIG- or BDD-based quantifications to limit and restrict the search space (and the complexity) of the interpolant-based approach. The exploited strategies, individually well-known, are integrated with a new flavor, specifically designed to improve their effectiveness on large verification instances. Experimental results, oriented to hard-to-solve verification problems, show the robustness of our approach.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114250435","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.26
D. Tabakov, Gila Kamhi, Moshe Y. Vardi, Eli Singerman
We describe a general approach for defining new temporal specification languages, and adopting existing languages, for SystemC. We define the concept of "underlying trace" describing the execution of a SystemC model, and then define a set of important primitive assertions about the states in the trace. Our framework not only provides additional expressive power for making atomic assertions, but also provides very fine control over the temporal resolution of the language. Using the primitives defined here as clock expression allows sampling at different levels, from transaction-level to the level of individual statements. The advantage of our approach is that it defines important SystemC properties that have been overlooked previously, and also provides a uniform mechanism for specifying the sampling rate of temporal languages.
{"title":"A Temporal Language for SystemC","authors":"D. Tabakov, Gila Kamhi, Moshe Y. Vardi, Eli Singerman","doi":"10.1109/FMCAD.2008.ECP.26","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.26","url":null,"abstract":"We describe a general approach for defining new temporal specification languages, and adopting existing languages, for SystemC. We define the concept of \"underlying trace\" describing the execution of a SystemC model, and then define a set of important primitive assertions about the states in the trace. Our framework not only provides additional expressive power for making atomic assertions, but also provides very fine control over the temporal resolution of the language. Using the primitives defined here as clock expression allows sampling at different levels, from transaction-level to the level of individual statements. The advantage of our approach is that it defines important SystemC properties that have been overlooked previously, and also provides a uniform mechanism for specifying the sampling rate of temporal languages.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115897458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.24
Magnus O. Myreen, M. Gordon, Konrad Slind
Realistic formal specifications of machine languages for commercial processors consist of thousands of lines of definitions. Current methods support trustworthy proofs of the correctness of programs for one such specification. However, these methods provide little or no support for reusing proofs of the same algorithm implemented in different machine languages. We describe an approach, based on proof-producing decompilation, which both makes machine-code verification tractable and supports proof reuse between different languages. We briefly present examples based on detailed models of machine code for ARM, PowerPC and x86. The theories and tools have been implemented in the HOL4 system.
{"title":"Machine-Code Verification for Multiple Architectures - An Application of Decompilation into Logic","authors":"Magnus O. Myreen, M. Gordon, Konrad Slind","doi":"10.1109/FMCAD.2008.ECP.24","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.24","url":null,"abstract":"Realistic formal specifications of machine languages for commercial processors consist of thousands of lines of definitions. Current methods support trustworthy proofs of the correctness of programs for one such specification. However, these methods provide little or no support for reusing proofs of the same algorithm implemented in different machine languages. We describe an approach, based on proof-producing decompilation, which both makes machine-code verification tractable and supports proof reuse between different languages. We briefly present examples based on detailed models of machine code for ARM, PowerPC and x86. The theories and tools have been implemented in the HOL4 system.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"2009 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125981489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-05-11DOI: 10.1109/FMCAD.2008.ECP.25
P. Hartel, T. Ruys, M. Geilen
Synchronous data flow (SDF) graphs have a simple and elegant semantics (essentially linear algebra) which makes SDF graphs eminently suitable as a vehicle for studying scheduling optimisations. We extend related work on using SPIN to experiment with scheduling optimisations aimed at minimising buffer requirements. We show that for a benchmark of commonly used case studies the performance of our SPIN based scheduler is comparable to that of state of the art research tools. The key to success is using the semantics of SDF to prove when using (even unsound and/or incomplete) optimisations are justified. The main benefit of our approach lies in gaining deep insight in the optimisations at relatively low cost.
{"title":"Scheduling Optimisations for SPIN to Minimise Buffer Requirements in Synchronous Data Flow","authors":"P. Hartel, T. Ruys, M. Geilen","doi":"10.1109/FMCAD.2008.ECP.25","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.25","url":null,"abstract":"Synchronous data flow (SDF) graphs have a simple and elegant semantics (essentially linear algebra) which makes SDF graphs eminently suitable as a vehicle for studying scheduling optimisations. We extend related work on using SPIN to experiment with scheduling optimisations aimed at minimising buffer requirements. We show that for a benchmark of commonly used case studies the performance of our SPIN based scheduler is comparable to that of state of the art research tools. The key to success is using the semantics of SDF to prove when using (even unsound and/or incomplete) optimisations are justified. The main benefit of our approach lies in gaining deep insight in the optimisations at relatively low cost.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-05-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115635886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: