An Iterative Framework for Simulation Conformance
Sagar
Chaki, Edmund Clarke, Somesh Jha, Helmut Veith,
Journal
of Logic and Computation (JLC), volume 15, number 4, page 465-488,
August 2005
Abstract:
MAGIC is a software verification project for C source code which
verifies conformance of software components against state-machine
specifications. To this aim, MAGIC extracts abstract software models
using predicate abstraction, and resolves the inherent trade-off
between model accuracy and scalability by an iterative abstraction
refinement methodology. This paper presents the core principles
implemented in the MAGIC verification engine, i.e., specification
conformance using simulation and abstraction refinement. Viewing
counterexamples as winning strategies in a simulation game between the
implementation and the specification, we describe an algorithm where
abstractions are refined on the basis of multiple winning strategies
simultaneously. The refinement process is iterated until either a
conformance with the specification is established, or a strategy to
violate the specification is found to be realizable. In addition to
the increase in expressiveness achieved by using simulation instead of
trace containment, experimental results using OpenSSL indicate that
our approach can lead to orders of magnitude improvement in
verification time.
PDF /
Online
© Oxford University Press