effective approaches to abstraction refinement for an
play

Effective Approaches to Abstraction Refinement for an Explicit - PowerPoint PPT Presentation

Jun 22, 2023 •48 likes •318 views

Effective Approaches to Abstraction Refinement for an Explicit Value Analysis Stefan Lwe SoSy-Lab Software Systems Outline of my Thesis Outline of my Talk Value Analysis by Example Value Analysis by Example Value Analysis by the Numbers

  1. Effective Approaches to Abstraction Refinement for an Explicit Value Analysis Stefan Löwe SoSy-Lab Software Systems

  2. Outline of my Thesis

  3. Outline of my Talk

  4. Value Analysis by Example

  5. Value Analysis by Example

  6. Value Analysis by the Numbers Well over 4000 verification • tasks from SV-COMP’16 VA solves almost two thirds • Under SV-COMP’16 rules, • complete evaluation takes 440 hours 410 hours, or 93%, are • wasted for unsolved verification tasks State-space explosion is prime reason for extreme resource consumption

  7. State-Space Explosion

  8. Counterexample-Guided Abstraction Refinement program no error path source SAFE code UNSAFE build & check abstract model e r r o r path found precision is analysis dependent: • e.g., set of predicates refine is feasible ? for a predicate analysis precision • e.g., set of variable identifiers for a value analysis error path is infeasible

  9. Counterexample-Guided Abstraction Refinement program no error path source SAFE code UNSAFE build & check abstract model e r r o r path found interpolate infeasible error path to, • e.g., obtain set of predicates refine is feasible ? for a predicate analysis precision • e.g., obtain set of variable identifiers for a value analysis error path is infeasible

  10. Craig Interpolation [Abstractions from Proofs, 2004, Henzinger, Jhala, Majumdar, McMillan] φ − ψ itp the interpolant φ + At L12 the interpolant ψ for φ − and φ + could be: [flag = 0], or [flag ≤ 0], or ...

  11. Value Interpolation [Explicit-State Software Model Checking Based on CEGAR and Interpolation, 2013, Beyer, Löwe] For a pair of constraint sequences γ − and γ + , such that γ − ∧ γ + is contradicting , an interpolant ψ is a constraint sequence that fulfills the following requirements: γ − 1) γ − implies ψ ∧ γ + is unsatisfiable 2) ψ 3) ψ only contains symbols that are common to both γ − and γ + γ + A L12 the interpolant ψ for φ − and φ + can only be: [flag = 0]

  12. Comparison to Plain Value Analysis Significant improvements in • DeviceDrivers64Linux Significant regressions in • ECA and ProductLines In total solves around 500 • verification task less High number of refinements is prime reason for overall regression

  13. Inspecting Number of Refinements At least three clusters distinguishable Solved by both • #refinements < 200 Solved only by VA-Cegar • #refinements < 500 Solved only by VA-Plain • #refinements > 1000

  14. Reducing Time for Refinements Optimized Interpolation • Deepest Infeasible Suffix • Interpolant-Equality • Optimized Refinement • “Scoped” Precision • Eager Restart • ➢ CEGAR pays off, solving well over 400 tasks more ➢ Lazy abstraction is not well-suited for the Value Analysis

  15. Level of Non-Determinism Low level of non-determinism: High level of non-determinism: Use Plain Value Analysis Use Value Analysis with CEGAR ➢ Valid indicator whether to perform abstraction or not

  16. Versatility of Value Interpolation • Applicable to other analyses Octagon analysis • Symbolic execution analysis • • Enables regression verification • Parallel composition with Predicate Analysis ➢ Availablilty of several effective analyses based on CEGAR ➢ Next: Techniques that may benefit all such analyses

  17. Infeasible Sliced Prefixes and Refinement Selection

  18. Extraction of Infeasible Sliced Prefixes [Sliced Path Prefixes: An Effective Method to Enable Refinement Selection, 2015, Beyer, Löwe, Wendler]

  19. Main Message Any infeasible sliced prefix φ, that is extracted from an infeasible error path σ, can be used for interpolation to exclude the original error path σ from subsequent iterations of CEGAR loop. ➢ We can use any prefix we want for interpolation !

  20. Sliced Prefixes - Further Applications • Enables guided refinement selection • Improves effectiveness and efficiency of static refinement • Speeds up Value Interpolation significantly • Impressive results in combination with symbolic execution • Better control for global refinement • All target states at once • Each target state with an unique refinement • Infeasible Sliced Prefixes for ABE?

  21. Infeasible Sliced Prefixes for ABE? • ABE: block size can have any size • ABE-encoded path represent different paths • Simply pick one? No! • Simply pick all? No! ➢ Just think in blocks • SBE-encoded paths also are made of blocks • SBE: each block contains a single statement ➢ For ABE: apply same approach as for SBE / Value Analysis

  22. Infeasible Sliced Prefixes for ABE

  23. Elimination of Infeasible Sliced Prefixes ! Verification task const_true-unreach-call1.c from the official SVCOMP’16 repository, and a possible infeasible error path when analyzing the task with ABE-lf

  24. Elimination of Infeasible Sliced Prefixes ! Ψ: [y = 2] Verification task const_true-unreach-call1.c from the official SVCOMP’16 repository, and a possible infeasible error path when analyzing the task with ABE-lf

  25. Elimination of Infeasible Sliced Prefixes ! ➢ For ABE: this approach is also not perfect ➢ Any other ideas?

  26. Quite good for LDV

  27. Questions ?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

SAT based Abstraction-Refinement using ILP and Machine Learning Techniques Edmund Clarke Anubhav

SAT based Abstraction-Refinement using ILP and Machine Learning Techniques Edmund Clarke Anubhav

SAT based Abstraction-Refinement using ILP and Machine Learning Techniques 1 SAT based Abstraction-Refinement using ILP and Machine Learning Techniques Edmund Clarke Anubhav Gupta James Kukula Ofer Strichman SAT based Abstraction-Refinement

822 views • 36 slides
Counterexample Guided Abstraction Refinement (CEGAR) Peyman Rasouli Gianluca Turin 1

Counterexample Guided Abstraction Refinement (CEGAR) Peyman Rasouli Gianluca Turin 1

Counterexample Guided Abstraction Refinement (CEGAR) Peyman Rasouli Gianluca Turin 1 Abstraction Definition of abstraction on Wikipedia: Abstractions may be formed by reducing the information content of a concept or an observable

575 views • 18 slides
Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software

Outline Introduction Predicate Abstraction with SATABS Existential Abstraction Predicate Abstraction for Software Counterexample-Guided Abstraction Refinement Computing Existential Abstractions of Programs Version 1.0, 2010 Checking the

429 views • 12 slides
Abstraction refinement and plan revision for control synthesis under high level specifications

Abstraction refinement and plan revision for control synthesis under high level specifications

Abstraction refinement and plan revision for control synthesis under high level specifications Pierre-Jean Meyer Dimos V. Dimarogonas KTH, Royal Institute of Technology July 12 th 2017 Outline Abstraction-based synthesis Global framework

603 views • 34 slides
Data Invariants, Abstraction and Refinement Practice Curtis Millar CSE, UNSW (and Data61) 24

Data Invariants, Abstraction and Refinement Practice Curtis Millar CSE, UNSW (and Data61) 24

Exercise 2 Specification and Refinement Editor Example Administrivia Software System Design and Implementation Data Invariants, Abstraction and Refinement Practice Curtis Millar CSE, UNSW (and Data61) 24 June 2020 1 Exercise 2

1.06k views • 52 slides
Data Abstraction and Modularity Modular program development Step-wise refinement

Data Abstraction and Modularity Modular program development Step-wise refinement

CS 242 Topics Data Abstraction and Modularity Modular program development Step-wise refinement Interface, specification, and implementation Language support for modularity John Mitchell Procedural abstraction Abstract

234 views • 8 slides
Part III: Abstraction Refinement Javier Esparza Technische Universitt Mnchen Javier Esparza

Part III: Abstraction Refinement Javier Esparza Technische Universitt Mnchen Javier Esparza

Part III: Abstraction Refinement Javier Esparza Technische Universitt Mnchen Javier Esparza Part III: Abstraction Refinement Example 1 ( X 0 ) ( X &gt; 0 ) 2 3 The problem: X := X ( Y &gt; 0 ) Is the error label reachable? ( Y

1.18k views • 82 slides
Data Invariants, Abstraction and Refinement Liam OConnor University of Edinburgh LFCS (and

Data Invariants, Abstraction and Refinement Liam OConnor University of Edinburgh LFCS (and

Data Invariants and ADTs Validation Data Refinement Administrivia Software System Design and Implementation Data Invariants, Abstraction and Refinement Liam OConnor University of Edinburgh LFCS (and UNSW) Term 2 2020 1 Data Invariants

1.07k views • 68 slides
Closed-loop Verification of Medical Devices with Model Abstraction and Refinement Zhihao

Closed-loop Verification of Medical Devices with Model Abstraction and Refinement Zhihao

Software Tools for Technology Transfer manuscript No. (will be inserted by the editor) Closed-loop Verification of Medical Devices with Model Abstraction and Refinement Zhihao Jiang, Miroslav Pajic, Rajeev Alur and Rahul Mangharam University

759 views • 22 slides
Effective Approaches to Monitoring National HOPWA Institute 2017 Tampa, FL Effective Approaches to

Effective Approaches to Monitoring National HOPWA Institute 2017 Tampa, FL Effective Approaches to

Effective Approaches to Monitoring National HOPWA Institute 2017 Tampa, FL Effective Approaches to Monitoring Learning Objectives: q Understand common and effective framework to approach grant oversight and monitoring. q Know descriptions of basic

696 views • 34 slides
THETA: a Framework for Abstraction Refinement-Based Model Checking Tams Tth 1 , kos Hajdu

THETA: a Framework for Abstraction Refinement-Based Model Checking Tams Tth 1 , kos Hajdu

THETA: a Framework for Abstraction Refinement-Based Model Checking Tams Tth 1 , kos Hajdu 1,2 , Andrs Vrs 1,2 , Zoltn Micskei 1 , Istvn Majzik 1 1 Budapest University of Technology and Economics Department of Measurement and

786 views • 12 slides
SAT-based Abstraction Refinement for Real-time Systems Stephanie Kemper 1 e Platzer 2 , 3 Andr

SAT-based Abstraction Refinement for Real-time Systems Stephanie Kemper 1 e Platzer 2 , 3 Andr

SAT-based Abstraction Refinement for Real-time Systems Stephanie Kemper 1 e Platzer 2 , 3 Andr 1 Centrum voor Wiskunde en Informatica, Software Engineering, Amsterdam, The Netherlands 2 University of Oldenburg, Department of Computing Science,

773 views • 66 slides
Counterexample-guided Cartesian Abstraction Refinement and Saturated Cost Partitioning for

Counterexample-guided Cartesian Abstraction Refinement and Saturated Cost Partitioning for

Counterexample-guided Cartesian Abstraction Refinement and Saturated Cost Partitioning for Optimal Classical Planning Jendrik Seipp February 28, 2018 University of Basel Planning Find a sequence of actions that achieves a goal. 1/35 Optimal

1.08k views • 85 slides
Predicate Abstraction with SATABS Version 1.0, 2010 Outline Introduction Existential

Predicate Abstraction with SATABS Version 1.0, 2010 Outline Introduction Existential

Predicate Abstraction with SATABS Version 1.0, 2010 Outline Introduction Existential Abstraction Predicate Abstraction for Software Counterexample-Guided Abstraction Refinement Computing Existential Abstractions of Programs Checking the

1.66k views • 162 slides
Software Model Checking and Counter-example Guided Abstraction Refinement Claire Le Goues 1

Software Model Checking and Counter-example Guided Abstraction Refinement Claire Le Goues 1

Software Model Checking and Counter-example Guided Abstraction Refinement Claire Le Goues 1 Motivation: How should we analyze this? * means something we cant analyze (user input, random value) Line 5: the lock is held if and only

886 views • 63 slides
Counterexample Guided Abstraction Refinement in Blast Reading: Checking Memory Safety with Blast

Counterexample Guided Abstraction Refinement in Blast Reading: Checking Memory Safety with Blast

Counterexample Guided Abstraction Refinement in Blast Reading: Checking Memory Safety with Blast 17-654/17-754 Analysis of Software Artifacts Jonathan Aldrich

400 views • 14 slides
Squaring the Circle: How Framedness influences User Behavior around a Seamless Cylindrical

Squaring the Circle: How Framedness influences User Behavior around a Seamless Cylindrical

Squaring the Circle: How Framedness influences User Behavior around a Seamless Cylindrical Display Gilbert Beyer, Florian Kttner, Manuel Schiewe, Ivo Haulsen, Andreas Butz University of Munich and Fraunhofer FOKUS Shaped Displays Digital

640 views • 52 slides
Nonlinear Polynomials, Interpolants and Invariant Generation for System Analysis Deepak Kapur

Nonlinear Polynomials, Interpolants and Invariant Generation for System Analysis Deepak Kapur

Nonlinear Polynomials, Interpolants and Invariant Generation for System Analysis Deepak Kapur Department of Computer Science University of New Mexico Albuquerque, NM, USA with Rodriguez-Carbonell, Zhihai Zhang, Hengjun Zhao, Stephan Falke,

2.07k views • 183 slides
EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical

EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical

The A STR EE Analyzer Xavier R IVAL rival@di.ens.fr Certification of embedded softwares Safety critical applications avionic softwares but also automotive, space... synchronous Properties to prove to guarantee safety:

491 views • 36 slides
LumiCal Design Options 2020.04.15 15:00 indico.ihep.ac.cn/event/11684/ Suen Hou Academia

LumiCal Design Options 2020.04.15 15:00 indico.ihep.ac.cn/event/11684/ Suen Hou Academia

LumiCal Design Options 2020.04.15 15:00 indico.ihep.ac.cn/event/11684/ Suen Hou Academia Sinica Outline BHLUMI : Bhabha cross section boost by beam crossing, small beam pipe &lt; 30 mRad ( Bhabha) &gt; ~ 50 nb OVAL beampipe to

472 views • 35 slides
Universal Quantum Computation with AKLT States and Spectral Gap of AKLT Models Tzu-Chieh Wei (

Universal Quantum Computation with AKLT States and Spectral Gap of AKLT Models Tzu-Chieh Wei (

Universal Quantum Computation with AKLT States and Spectral Gap of AKLT Models Tzu-Chieh Wei ( ) C.N. Yang Institute for Theoretical Physics Workshop on Statistical Physics of Quantum Matter, Taipei, July 2013 Outline I.

715 views • 40 slides
rs srs t

rs srs t

rs srs t rts r rr r srr Prs

1.13k views • 109 slides
Generalised n -gons with symmetry conditions Joy Morris joint work with John Bamberg, Michael

Generalised n -gons with symmetry conditions Joy Morris joint work with John Bamberg, Michael

Generalised n -gons with symmetry conditions Joy Morris joint work with John Bamberg, Michael Giudici, Gordon F. Royle and Pablo Spiga University of Lethbridge CANADAM, June 2013 Generalised polygons A generalised n -gon is a point-line

836 views • 67 slides
The sum of all the interior angles of a polygon is 9900. How many sides does it have? December

The sum of all the interior angles of a polygon is 9900. How many sides does it have? December

December 07, 2015 The sum of all the interior angles of a polygon is 9900. How many sides does it have? December 07, 2015 The interior angles of a regular octagon measure 3x + 33 and -10x + 475. What is the value of x to make one interior

535 views • 7 slides

More recommend