hsf c a software verifier based on horn clauses
play

HSF(C): A Software Verifier based on Horn Clauses Corneliu Popeea - PowerPoint PPT Presentation

Oct 11, 2023 •230 likes •322 views

HSF(C): A Software Verifier based on Horn Clauses Corneliu Popeea Technical University Munich Joint work with Sergey Grebenshchikov, Ashutosh Gupta, Nuno P. Lopes and Andrey Rybalchenko Developing verifiers today Program Model transition

  1. HSF(C): A Software Verifier based on Horn Clauses Corneliu Popeea Technical University Munich Joint work with Sergey Grebenshchikov, Ashutosh Gupta, Nuno P. Lopes and Andrey Rybalchenko

  2. Developing verifiers today Program Model transition system, program with procedures, multi-threaded program, functional program, ... + Proof Rule Invariance, summarization, rely/guarantee, transition invariance, refinement typing, ... + Complex verification effort = Verification Tool 2

  3. Developing verifiers tomorrow Verification Tool = Synthesizer ( Program Model , Proof Rule ) 3

  4. Proof rules Inv(V) Step(V, V') -> ∧ TransInv(V, V') Init(V) -> Inv(V) ∧ TransInv(V, V') Step(V', V'') -> Inv(V) Step(V, V') -> ∧ Inv(V') TransInv(V, V'') Inv(V) Error(V) -> ∧ ⊥ dwf(TransInv(V, V')) ________________________ _____________________________ Transition system is safe Transition system terminates Init(V) → Inv i (V) ∧ Init(V) V'=V -> Summ(V,V') ∧ Summ(V,V') Step(V', V'') -> Summ(V,V'') ∧ Inv i (V) Step i (V, V') → Inv i (V') Summ(V,V') Call(V', V'') V'''=V'' -> ∧ ∧ Summ(V'',V''') ( \/ Inv i (V) ∧ Step i (V,V')) → Env j (V,V') Summ(V,V') Call(V', V'') ∧ ∧ Summ(V'', V''') ∧ Inv i (V) ∧ Env i (V,V') → Inv i (V') ∧ Return(V''', V'''') Local(V', V'''') -> Summ(V,V'''') Inv 1 (V) ∧ .. ∧ Inv N (V) Error(V) → ∧ ⊥ ∧ ⊥ Summ(V,V') Error(V') -> ____________________________________ ________________________ Procedural program is safe Multi-threaded program is safe 4

  5. HSF(C) ● C frontend based on CIL [Necula-et-al, CC 2002] ● translates input program to Horn clauses ● Summarization proof rule [Reps, Horwitz, Sagiv - POPL 1995] ● HSF algorithm [Grebenshchikov, Lopes, Popeea, Rybalchenko - PLDI 2012] 5

  6. 6

  7. HSF(C) results ControlFlowInteger category: • 96 benchmarks Points Place Tool (144 max) 1st CPAChecker-ABE 141 2nd CPAChecker-Memo 140 3rd HSF(C) 140 4th ESBMC 102 94 correct results in 80 minutes 7 2 time/outs

  8. HSF and related work ● Software verification tools ● Slam, Blast, Terminator, CPAchecker, DSolve ● Verifiers - target for automated synthesis ● XSB: generates model checkers for CCS programs ● Getafix: generates model checkers for boolean programs HSF: generates model checkers for C and OCaml programs competitive with mature software verification tools Synthesizing software verifiers from proof rules [Grebenshchikov, Lopes, Popeea, Rybalchenko - PLDI 2012] 8

  9. Questions? 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Compositional Verification of PLC Software using Horn Clauses and Mode Abstraction Dimitri

Compositional Verification of PLC Software using Horn Clauses and Mode Abstraction Dimitri

Compositional Verification of PLC Software using Horn Clauses and Mode Abstraction Dimitri Bohlender | Stefan Kowalewski WODES 2018, June 1, 2018 Introduction CHC-based Verification Conclusion Outline Introduction CHC-based Verification

1.75k views • 118 slides
On Minimal Models for Horn Clauses over Predicate Fuzzy Logics Vicent Costa and Pilar Dellunde

On Minimal Models for Horn Clauses over Predicate Fuzzy Logics Vicent Costa and Pilar Dellunde

On Minimal Models for Horn Clauses over Predicate Fuzzy Logics Vicent Costa and Pilar Dellunde Universitat Aut` onoma de Barcelona and IIIA-CSIC 09/09/17 Main Objective Study of Horn clauses. Minimal models for universal Horn theories.

738 views • 59 slides
Horn clauses A literal is an atomic formula or its negation A clause is a disjunction of

Horn clauses A literal is an atomic formula or its negation A clause is a disjunction of

Horn clauses A literal is an atomic formula or its negation A clause is a disjunction of literals A Horn clause is a clause with exactly one positive literal A Horn formula is a conjunctive normal form formula whose clauses are

347 views • 13 slides
Horn Binary Serialization Analysis HCVS 2016 3rd Workshop on Horn Clauses for Verification

Horn Binary Serialization Analysis HCVS 2016 3rd Workshop on Horn Clauses for Verification

Horn Binary Serialization Analysis HCVS 2016 3rd Workshop on Horn Clauses for Verification and Synthesis Gabriele Paganelli https://gapag.noblogs.org/ gapag@distruzione.org Length Type Data CRC 0 3 4 7 8 N N+1 N+4 Type

502 views • 33 slides
Horn Clauses in Propositional Logic Notions of complexity: In computer science, the efficiency of

Horn Clauses in Propositional Logic Notions of complexity: In computer science, the efficiency of

Horn Clauses in Propositional Logic Notions of complexity: In computer science, the efficiency of algorithms is a topic of paramount practical importance. The best known algorithm for determining the satisfiability of a set of wffs in

734 views • 29 slides
Constrained Horn Clauses as a Basis of Automatic Program Verification: The Higher-order Case

Constrained Horn Clauses as a Basis of Automatic Program Verification: The Higher-order Case

Constrained Horn Clauses as a Basis of Automatic Program Verification: The Higher-order Case Luke Ong (Joint with Toby Cathcart Burn and Steven Ramsay) University of Oxford IFIP WG2.2 Meeting, 18-20 September 2017, Bordeaux Luke Ong

1.08k views • 41 slides
Conjunctive Normal Form & Horn Clauses York University CSE 3401 Vida Movahedi 1 York

Conjunctive Normal Form & Horn Clauses York University CSE 3401 Vida Movahedi 1 York

Conjunctive Normal Form & Horn Clauses York University CSE 3401 Vida Movahedi 1 York University CSE 3401 V. Movahedi Overview Overview Definition of literals, clauses, and CNF , , Conversion to CNF Propositional logic

512 views • 17 slides
Constrained Horn Clauses ( and Refinement Types) Toby Cathcart Burn, Luke Ong and Steven Ramsay

Constrained Horn Clauses ( and Refinement Types) Toby Cathcart Burn, Luke Ong and Steven Ramsay

Higher-Order Constrained Horn Clauses ( and Refinement Types) Toby Cathcart Burn, Luke Ong and Steven Ramsay University of Oxford l l e e t t add add x y = x + y l l e e t t r e c it iter er f m n = i i f f n 0 t t h h e

318 views • 31 slides
Solving Existentially Quantified Horn Clauses Corneliu Popeea - joint work with Tewodros Beyene

Solving Existentially Quantified Horn Clauses Corneliu Popeea - joint work with Tewodros Beyene

Solving Existentially Quantified Horn Clauses Corneliu Popeea - joint work with Tewodros Beyene and Andrey Rybalchenko - Universal properties ... success story Temporal verification of universal properties of various kind of programs

572 views • 27 slides
VA Geriatrics and Extended Care Rachel Horn, LMSW Rachel.horn@va.gov 512-823-4513 Home Based

VA Geriatrics and Extended Care Rachel Horn, LMSW Rachel.horn@va.gov 512-823-4513 Home Based

VA Geriatrics and Extended Care Rachel Horn, LMSW Rachel.horn@va.gov 512-823-4513 Home Based Primary Care (HBPC) Caregivers Support Program Adult Daycare Homemaker and Home Health Aid Care (HHA) Hospice and Palliative Care

718 views • 9 slides
Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from

Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from

Motivation Research Question Results Conclusion Notes Construction of Universal Designated-Verifier Signatures and Identity-Based Signatures from Standard Signatures Siamak Shahandashti 1 Rei Safavi-Naini 2 1 SCSSE & CCISR, Uni

465 views • 46 slides
Strings & Software Model Checking Philipp Rmmer Uppsala University 30 August 2019 Taipei,

Strings & Software Model Checking Philipp Rmmer Uppsala University 30 August 2019 Taipei,

Strings & Software Model Checking Philipp Rmmer Uppsala University 30 August 2019 Taipei, Taiwan 1/121 Outline Constrained Horn Clauses JayHorn Architecture JayHorn Approach to Handling Heap Demos & Examples

1.68k views • 121 slides
Logic programming inference (interpretation) based on SLD-resolution declarativness: the

Logic programming inference (interpretation) based on SLD-resolution declarativness: the

Spring 2006 IA008, Prolog logic program : a finite set of Horn clauses Logic programming inference (interpretation) based on SLD-resolution declarativness: the specification of a program is equal to the program popel@fi.muni.cz 1/18

951 views • 18 slides
Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System

Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System

Simulation Based Formal Verification of Onboard Software A Case Study SyLVer : System Level Verifier Toni Mancini, Annalisa Massini, Federico Mari , Igor Melatti, Ivano Salvo, Enrico Tronci Computer Science Department Sapienza University

668 views • 23 slides
JHF Horn construction status and K2K horn experience YAMANOI Yutaka (KEK) K2K Horn system

JHF Horn construction status and K2K horn experience YAMANOI Yutaka (KEK) K2K Horn system

JHF Horn construction status and K2K horn experience YAMANOI Yutaka (KEK) K2K Horn system The operation result of K2K Horns Trivial troubles (2002-2003) Status of JHF Horns Basic parameters Mechanism and Merit of FSW

390 views • 20 slides
Buffalo Bone Button Presentation https://www.indiamart.com/horn-natural-kamptee/ buffalo horn

Buffalo Bone Button Presentation https://www.indiamart.com/horn-natural-kamptee/ buffalo horn

Buffalo Bone Button Presentation https://www.indiamart.com/horn-natural-kamptee/ buffalo horn plate for optical frames, buffalo horn blanks, buffalo bone buttons. buffalo horn knife scales, water buffalo horn plates, ebony wood, genuine buffalo

525 views • 5 slides
Sp Speedin ing g Up Maxim imal al Ca Causality Reduction wi with th Stati tic Analysis

Sp Speedin ing g Up Maxim imal al Ca Causality Reduction wi with th Stati tic Analysis

Sp Speedin ing g Up Maxim imal al Ca Causality Reduction wi with th Stati tic Analysis Shiyou Huang Jeff Huang huangsy@tamu.edu Parasol Lab, Texas A&M University 1 Ma Maxima mal Ca Causality Reduction (MCR MCR) Concurrent

234 views • 22 slides
Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats

Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats

Validity of SAFE Item Development Pilot testing of Response Generation 40 patients formats (13 items) Body Caricatures Development & Face Facial Expressions Shape Gradients Subathra Jeyaram 1 , Surendran Veeraiah 1 & Vidhubala

501 views • 3 slides
BGP Prefix origin valida1on

BGP Prefix origin valida1on

BGP Prefix origin valida1on dra$-pmohapat-sidr-pfx-validate-04 IETF 77, March 2010, Anaheim, California Recap In-router maintenance of origin

411 views • 11 slides
3.3 Models, Validity, and Satisfiability is valid in A under assignment : A , | : A (

3.3 Models, Validity, and Satisfiability is valid in A under assignment : A , | : A (

3.3 Models, Validity, and Satisfiability is valid in A under assignment : A , | : A ( )( ) = 1 = is valid in A ( A is a model of ): A | : A , | = , for all X U A = is valid (or is a tautology):

550 views • 27 slides
How to Explain Cyber-Physical Systems to Your Verifier Andr e Platzer aplatzer@cs.cmu.edu

How to Explain Cyber-Physical Systems to Your Verifier Andr e Platzer aplatzer@cs.cmu.edu

How to Explain Cyber-Physical Systems to Your Verifier Andr e Platzer aplatzer@cs.cmu.edu Computer Science Department Carnegie Mellon University, Pittsburgh, PA http://symbolaris.com/ 0.5 0.4 0.3 0.2 1.0 0.1 0.8 0.6 0.4 0.2 Andr

1.43k views • 119 slides
Hamiltonian Path I For some problems it is difficult to find an algorithm in P We first discuss

Hamiltonian Path I For some problems it is difficult to find an algorithm in P We first discuss

Hamiltonian Path I For some problems it is difficult to find an algorithm in P We first discuss an example of finding a Hamiltonian Path Definition: for a given directed graph find a path going through all nodes once Fig 7.17 October 30,

321 views • 10 slides
Algorithm Theory Algorithm Theory 01 01 - Introduction I t d ti Dr. Alexander Souza Winter

Algorithm Theory Algorithm Theory 01 01 - Introduction I t d ti Dr. Alexander Souza Winter

Algorithm Theory Algorithm Theory 01 01 - Introduction I t d ti Dr. Alexander Souza Winter term 11/12 Organization Lectures: Tue 14-16 101-00-026 Wed 16-17 101-00-026 Exercises: Thu 8-10 101-01-018 Thu 8-10 051-00-034 Fri

633 views • 37 slides
Network Telescope Data Analysis: IBR Monitoring telescope/darknets/darkspace, 22 Mar 11 Nevil

Network Telescope Data Analysis: IBR Monitoring telescope/darknets/darkspace, 22 Mar 11 Nevil

Network Telescope Data Analysis: IBR Monitoring telescope/darknets/darkspace, 22 Mar 11 Nevil Brownlee IBR Monitoring CAIDA, 2011 p.1/17 Background, Earlier Work Moore, Shannon et al, CAIDA/UCSD, 2000..2006 telescope gives a whole-world

321 views • 17 slides

More recommend