reducing time and efforts when verifying large software
play

Reducing Time and Efforts When Verifying Large Software Systems with - PowerPoint PPT Presentation

Mar 22, 2024 •218 likes •546 views

Reducing Time and Efforts When Verifying Large Software Systems with Klever Ilia Zakharov Ivannikov Institute For System Programming of RAS ilja.zakharov@ispras.ru Klever Verification Framework Intended for finding bugs in large software

  1. Reducing Time and Efforts When Verifying Large Software Systems with Klever Ilia Zakharov Ivannikov Institute For System Programming of RAS ilja.zakharov@ispras.ru

  2. Klever Verification Framework Intended for finding bugs in large software systems using existing software verification tools • C programs • GNU C, Microsoft C • x86, ARM • > 200 KLOC • Requirements supported by software verification tools used as backends • Memory safety • Data races • API usage • Deliver both results and a program-adapted tool • Coverage reports, error traces and results of bugs triage • A tool to check regressions or reproduce results 2

  3. Development • Implement program-specific parts in the framework • Prepare models and Workflow specifications Verification • Find bug • Deliver the tool and results 3

  4. Klever Verification Framework Source Program Decomposition Code Environment Modeling Requirements Modelling Verification Bugs Results Assessment or Proofs 4

  5. Source Code Preparation 5

  6. Goals • Limit scope to specific components, source code versions, architectures • Prepare requirements • Plan development stages • Find bugs or prove correctness • Deliver results or a tool 6

  7. Prepare Build Base Build System Source Code Executables Clade and CIF Build Base 7

  8. Program Decomposition 8

  9. Program Decomposition • Reduce environment modelling efforts • Prevent timeouts • Get rid of unsupported code Fragment I Fragment II Lib 1 Lib 2 Lib 3 Compone Component 2 nt 1 9

  10. Extract Components as Fragments 1. Determine logical components • With unique interface • With common interface 2. Separate libraries 3. Remove auxiliary or irrelevant parts • Debug • Tests 10

  11. Manual or Automatic Decomposition • Define fragments explicitly in Driver1.c Driver2.c advance • Develop algorithms to decompose 3 4 3 the program using its build base lib1.c Helper.c 10 2 lib.c Core.c 11

  12. Provide Environment Models 12

  13. Kinds of Models Kind of a Model External Functions Common Model Undefined functions that init/uninit resources and influence the control flow Requirement Model Specific API that should be properly used by the fragment Environment Model Functions that call entry points and influence these calls Program Fragment Requirement Environment Model Model Common Model 13

  14. Environment Model Component Program Lib 14

  15. Interraction Scenarios 1 2 3 Component 5 4 Program 4 Lib 2 1 15

  16. Intermediate Environment Model tty_alloc_driver (failed) tty_alloc_driver (success) put_tty_driver tty_register_driver (failed) tty_set_operations tty_register_driver (success) tty_unregister_driver moxa_open (failed) Activate/deactivate moxa_open (success) moxa_close moxa_write 16

  17. Environment Model Generator Environment Model Program Fragment Specifications Scenario Model Builders Intermediate Environment Model Translator C Code 17

  18. Environment Model Generator Environment Model Program Fragment Specifications Scenario Model Builders Provide specifications as templates Manually develop environment model Intermediate specifications Environment Model Select auxiliary function models Translator Adjust completeness of the environment model C Code 18

  19. Provide Requirement Specifications 19

  20. Requirement Specification int cnt = 0; int try_module_get( struct module * m) { ret = ldv_random_neg_int(); if (!ret) cnt++; return ret; } void module_put( struct module * m) { cnt--; } void ldv_check_final_state( void ) { ldv_assert(cnt==0); } 20

  21. Requirement Specifications Development 1. Support an empty requirement to measure the coverage 2. Support memory safety and data race safety requirement specifications 3. Implement other requirement specifications 4. Develop tests for requirement models 21

  22. Analyse Results 22

  23. Verification Results • Error traces (witnesses) • Coverage reports • Logs • Resource consumption statistics 23

  24. Development • Uncovered entry points • Complicated code • Classify fails Refinement Use cases • Marks and tags for errors and false positives • Regression tests Verification • Find bugs • Prepare final marks and tags 24

  25. Evaluation 25

  26. Manual Effort at Verification of Linux Device Drivers and Subsystems Serial device All device Subsystems Stage Total drivers (20KLOC) drivers(4MLOC) (1MLOC) Development of 0,25 man-months - 0,25 man-months 0,5 man-months decomposition (100 LOC Python) (100 LOC Python) (200 LOC Python) algorithms Development of 3 man-months - 0,5 man-months 3,5 man-months environment model (3 KLOC Python) (500 LOC Python) (3,5 KLOC Python) builders Development of 4,5 man-months 5,5 man-months - 10 man-months environment model (7 KLOC DSL) (10 KLOC DSL) (17 KLOC DSL) specifications Development of 6 man-months 9 man-months 0,25 man-months 15,25 man-months requirement (550 LOC DSL) (950 LOC DSL) (200 LOC DSL) (1500 LOC DSL) specifications Total 13,75 man- 14,5 man-months 1 man-month 29,25 man-months months 26

  27. BusyBox Applets Verification Stage Efforts Development of 0,25 man-months decomposition (100 LOC Python) algorithms Development of 0 man-months environment model - builders Development of 0,25 man-months (200 LOC DSL) environment model specifications Development of 0,5 man-months requirement (300 LOC DSL) specifications Total 1 man-month 27

  28. Why do you care • Another point of view • Train your verification tool • Get new verification tasks 28

  29. Thank You! https://github.com/ldv-klever/klever - Mirror https://forge.ispras.ru/projects/klever - Issue tracker https://github.com/17451k/cif - CIF https://github.com/17451k/clade - Clade http://linuxtesting.org/kernel - Other links and verification projects 29

  30. Build Base • Various information about the program • Source code • Build command graph • File dependencies graph • Callgraph • … • Easy to access • Movable archive with all sources and data • Python API to access the data 30

  31. Summary Decomposition Environment Requirement Analyzing results Modeling Specifications Development Manually prepared Coarse model Empty requirement Code coverage decomposition without restrictions specification Development Decomposition Scenario model Requirement Code coverage, algorithms builders specifications, marks, tags common model Algorithms to verify Environment model Requirement Code coverage, libraries specifications, tests specifications, marks, tags Refinement common model, tests - - Common model Code coverage, Verification marks, tags 31

  32. Verification Time Verification Job 2 physical cores 4 physical cores 30 * 4 physical cores Serial device drivers (30KLOC) 5h 2.7h 0.5h All device drivers (3MLOC) 600h 195h 11h 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Conventionally, software testing has aimed at verifying functionality but the testing paradigm

1 Conventionally, software testing has aimed at verifying functionality but the testing paradigm

1 Conventionally, software testing has aimed at verifying functionality but the testing paradigm has changed for software services. Developing a full-featured and functioning software service is necessary; however service real time availability

606 views • 19 slides
Mistakes Are Proof That You Are Trying: On Verifying Software Encoding Schemes Resistance to

Mistakes Are Proof That You Are Trying: On Verifying Software Encoding Schemes Resistance to

Mistakes Are Proof That You Are Trying: On Verifying Software Encoding Schemes Resistance to Fault Injection Attacks Jakub Breier, Dirmanto Jap, and Shivam Bhasin Presenter: Wei He Physical Analysis and Cryptographic Engineering Nanyang

525 views • 26 slides
Verifying Multithreaded Software with Impact Bj orn Wachter , Daniel Kroening and Jo el

Verifying Multithreaded Software with Impact Bj orn Wachter , Daniel Kroening and Jo el

Verifying Multithreaded Software with Impact Bj orn Wachter , Daniel Kroening and Jo el Ouaknine University of Oxford Intro Multi-threading C/C++ with POSIX/WIN 32 threads event processing, device drivers, web servers,

1.06k views • 59 slides
Verifying concurrent software using movers in CSPEC Tej Chajed , Frans Kaashoek, Butler Lampson*,

Verifying concurrent software using movers in CSPEC Tej Chajed , Frans Kaashoek, Butler Lampson*,

Verifying concurrent software using movers in CSPEC Tej Chajed , Frans Kaashoek, Butler Lampson*, Nickolai Zeldovich MIT CSAIL and *Microsoft Concurrent software is difficult to get right Programmer cannot reason about code in sequence 2

1.2k views • 72 slides
Randomness in Computing L ECTURE 2 Last time Verifying polynomial identities Probability

Randomness in Computing L ECTURE 2 Last time Verifying polynomial identities Probability

Randomness in Computing L ECTURE 2 Last time Verifying polynomial identities Probability amplification Probability review Discussions Law of Total Probability Bayeslaw Today More probability amplification Verifying

615 views • 8 slides
VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA Daniela Kaufmann, Armin Biere

VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA Daniela Kaufmann, Armin Biere

VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA Daniela Kaufmann, Armin Biere and Manuel Kauers Johannes Kepler University Linz, Austria FMCAD 2019 October 23, 2019 San Jose, CA, USA Circuits Given: Gate-level multiplier for

579 views • 44 slides
Detecting Erroneous Assumptions when verifying software using SMT solvers David R. Cok Eastman

Detecting Erroneous Assumptions when verifying software using SMT solvers David R. Cok Eastman

Detecting Erroneous Assumptions when verifying software using SMT solvers David R. Cok Eastman Kodak Company Research Laboratories 14 July 2008 AFM 08 (Note: E-version distributed at CAV is the preliminary, not final version) Context

455 views • 44 slides
1 Trace Cache Summary of Reducing Cache Hit Time Trace: a dynamic sequence of Small and simple

1 Trace Cache Summary of Reducing Cache Hit Time Trace: a dynamic sequence of Small and simple

Improving Cache Performance 1. Reducing miss rates 3. Reducing miss penalty or miss rates via parallelism Larger block size Lecture 18: Reducing Cache Hit Non-blocking caches larger cache size Time and Main Memory Design

285 views • 3 slides
Verifying and Mining Frequent Patterns from Large Windows over Data Streams Barzan Mozafari,

Verifying and Mining Frequent Patterns from Large Windows over Data Streams Barzan Mozafari,

Verifying and Mining Frequent Patterns from Large Windows over Data Streams Barzan Mozafari, Hetal Thakkar, Carlo Zaniolo Computer Science Department University of California Los Angeles, CA, USA { barzan,hthakkar,zaniolo } @cs.ucla.edu such

137 views • 10 slides
Reducing the cost of large batteries for waterborne transport LC-BAT-11-2020 Project

Reducing the cost of large batteries for waterborne transport LC-BAT-11-2020 Project

Horizon 2020 Framework Programme (H2020) Reducing the cost of large batteries for waterborne transport LC-BAT-11-2020 Project details and HSSMIs contribution The Project - Reducing the cost of large batteries for waterborne transport

446 views • 10 slides
ACHIEVING THE TRIPLE AIM THROUGH LARGE SCALE IMPROVEMENT EFFORTS JASON FOLTZ, D.O. TEACHERS OF

ACHIEVING THE TRIPLE AIM THROUGH LARGE SCALE IMPROVEMENT EFFORTS JASON FOLTZ, D.O. TEACHERS OF

ACHIEVING THE TRIPLE AIM THROUGH LARGE SCALE IMPROVEMENT EFFORTS JASON FOLTZ, D.O. TEACHERS OF QUALITY ACADEMY QI SYMPOSIUM MARCH 2, 2016 OVERVIEW: WHAT, WHO, HOW? What: How do you move a large multi-specialty organization toward achieving

404 views • 25 slides
On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262

On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262

On Bringing Object-Oriented Software Metrics into the Model-Based World Verifying ISO 26262 Compliance in Simulink Lukas Murer, Torben Stolte Tanja Hebecker, Michael Lipaczewski Uwe Mhrstdt, Frank Ortmeier Motivation Functional safety

589 views • 21 slides
Verifying Trigonometric Identities A trigonometric identity is simply an identity involving

Verifying Trigonometric Identities A trigonometric identity is simply an identity involving

Verifying Trigonometric Identities A trigonometric identity is simply an identity involving trigonometric functions. We learn to verify and spend time verifying trigonometric identities because the practice we get verifying trigonometric

661 views • 46 slides
Overview Motivation Verifying Continuous-Time Markov Chains 1 Lecture 1+2: Discrete-Time Markov

Overview Motivation Verifying Continuous-Time Markov Chains 1 Lecture 1+2: Discrete-Time Markov

Verifying Continuous-Time Markov Chains Verifying Continuous-Time Markov Chains Overview Motivation Verifying Continuous-Time Markov Chains 1 Lecture 1+2: Discrete-Time Markov Chains What are discrete-time Markov chains? 2 Reachability

567 views • 34 slides
Overview Verifying Continuous-Time Markov Chains Negative exponential distributions 1 Lecture

Overview Verifying Continuous-Time Markov Chains Negative exponential distributions 1 Lecture

Verifying Continuous-Time Markov Chains Verifying Continuous-Time Markov Chains Overview Verifying Continuous-Time Markov Chains Negative exponential distributions 1 Lecture 3+4: Continuous-Time Markov Chains What are continuous-time Markov

621 views • 30 slides
Parallel Analysis of Parallelism Verifying Concurrent Software System Designs Using GPUs GTC

Parallel Analysis of Parallelism Verifying Concurrent Software System Designs Using GPUs GTC

Parallel Analysis of Parallelism Verifying Concurrent Software System Designs Using GPUs GTC 2015 Anton Wijs Correctness of Concurrent Systems Distributed, concurrent systems common-place, but very

633 views • 52 slides
Hands-on introduction of OpenMX - Practice - Ozaki group Mitsuaki Kawamura Schedule: 14:30

Hands-on introduction of OpenMX - Practice - Ozaki group Mitsuaki Kawamura Schedule: 14:30

1/14 Hands-on introduction of OpenMX - Practice - Ozaki group Mitsuaki Kawamura Schedule: 14:30 15:30 Lecture 15:50 17:20 Practice 2018/7/2 ISS2018 1 st part 2/14 Outline Introduction Computer in this tutorial

426 views • 14 slides
The Compositional Interchange Format Concepts, Semantics and Applications Bert van Beek 1

The Compositional Interchange Format Concepts, Semantics and Applications Bert van Beek 1

intro concepts flavors transformations applications conclusions The Compositional Interchange Format Concepts, Semantics and Applications Bert van Beek 1 December 2010 Bert van Beek FMCO 2010 Graz Compositional Interchange Format 1/24

509 views • 24 slides
I 214 User-centered reporting Elizabeth Goodman November 18, 2010 The four challenges of

I 214 User-centered reporting Elizabeth Goodman November 18, 2010 The four challenges of

I 214 User-centered reporting Elizabeth Goodman November 18, 2010 The four challenges of reporting Choreographing complicated conversations 1) Delivering potentially challenging news 2) Efficiently 3) But usefully 4) And convincingly

622 views • 37 slides
Use Working Group Robert OSullivan, AFOLU WG Co -Chair, Winrock International Africa LEDS

Use Working Group Robert OSullivan, AFOLU WG Co -Chair, Winrock International Africa LEDS

Agriculture, Forestry and Other Land Use Working Group Robert OSullivan, AFOLU WG Co -Chair, Winrock International Africa LEDS Partnership Annual Event Climate Change and Development in Africa: Unlocking LEDS implementation on the African

662 views • 13 slides
Third Quarter 2020 Conference Call Safe Harbor Statement This presentation contains forward -

Third Quarter 2020 Conference Call Safe Harbor Statement This presentation contains forward -

Exhibit 99.2 Third Quarter 2020 Conference Call Safe Harbor Statement This presentation contains forward - looking statements that are subject to risks and uncertainties that could cause the actual results of Darling Ingredients Inc. (the

839 views • 18 slides
Pure state post-selection is universal Lajos Di osi Wigner Centre, Budapest 23 Aug 2017,

Pure state post-selection is universal Lajos Di osi Wigner Centre, Budapest 23 Aug 2017,

Pure state post-selection is universal Lajos Di osi Wigner Centre, Budapest 23 Aug 2017, Kolymbari Lajos Di osi ( Wigner Centre, Budapest ) Pure state post-selection is universal 23 Aug 2017, Kolymbari 1 / 10 Pure state pre- and

296 views • 10 slides
Church Numerals Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Church Numerals Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of

Objectives Church Numerals Church Booleans Arbitrary Data Church Numerals Dr. Mattox Beckman University of Illinois at Urbana-Champaign Department of Computer Science Objectives Church Numerals Church Booleans Arbitrary Data Objectives

619 views • 19 slides
Background Allen Tanner built an SRAM/ROM generator program back in 2004 the ROM seems to

Background Allen Tanner built an SRAM/ROM generator program back in 2004 the ROM seems to

memCellsF09 Single- and Double-port SRAM building blocks Background Allen Tanner built an SRAM/ROM generator program back in 2004 the ROM seems to work fine there are fabricated examples that work the SRAM isnt as good

397 views • 17 slides

More recommend