• Publications
  • Influence
Lazy abstraction
TLDR
This work presents an algorithm for model checking safety properties using lazy abstraction and describes an implementation of the algorithm applied to C programs and provides sufficient conditions for the termination of the method. Expand
The software model checker Blast
TLDR
This paper gives an introduction to Blast and demonstrates, through two case studies, how it can be applied to program verification and test-case generation. Expand
Software Verification with BLAST
TLDR
Blast implements an abstract-model check-refine loop to check for reachability of a specified label in the program, and short-circuits the loop from abstraction to verification to refinement, integrating the three steps tightly through “lazy abstraction”. Expand
Automatic predicate abstraction of C programs
TLDR
This work presents the first algorithm to automatically construct a predicate abstraction of programs written in am industrial programming language such as C, and its implementation in a tool -- C2BP, part of the SLAM toolkit. Expand
Abstractions from proofs
TLDR
The model checker Blast is extended with predicate discovery by Craig interpolation, and applied successfully to C programs with more than 130,000 lines of code, which was not possible with approaches that build less parsimonious abstractions. Expand
The software model checker B last : Applications to software engineering
TLDR
This paper gives an introduction to Blast and demonstrates, through two case studies, how it can be applied to program verification and test-case generation. Expand
Dynamic test input generation for database applications
TLDR
An algorithm that can track symbolic constraints across language boundaries and use those constraints in conjunction with a novel constraint solver to generate both program inputs and database state is developed and a constraints solver is proposed that can solve symbolic constraints consisting of both linear arithmetic constraints over variables as well as string constraints. Expand
Temporal-Safety Proofs for Systems Code
TLDR
This work presents a methodology and tool for verifying and certifying systems code, based on the lazy-abstraction paradigm, that enables the automatic construction of small proof certificates. Expand
Proving non-termination
TLDR
This paper proposes a method to search for counterexamples to termination, and illustrates the utility of the nontermination prover, called TNT, on several nontrivial examples, some of which require bit-level reasoning about integer representations. Expand
Cause clue clauses: error localization using maximum satisfiability
TLDR
An algorithm for error cause localization based on a reduction to the maximal satisfiability problem (MAX-SAT), which asks what is the maximum number of clauses of a Boolean formula that can be simultaneously satisfied by an assignment. Expand
...
1
2
3
4
5
...