SymDIVINE: Tool for Control-Explicit Data-Symbolic State Space Exploration

@inproceedings{Mrzek2016SymDIVINETF,
  title={SymDIVINE: Tool for Control-Explicit Data-Symbolic State Space Exploration},
  author={Jan Mr{\'a}zek and Petr Bauch and Henrich Lauko and Jiri Barnat},
  booktitle={SPIN},
  year={2016}
}
We present SymDIVINE: a tool for bit-precise model checking of parallel C and C++ programs. It builds upon LLVM compiler infrastructure, hence, it uses LLVM IR as an input formalism. Internally, SymDIVINE extends the standard explicit-state state space exploration with SMT machinery to handle non-deterministic data values. As such, SymDIVINE is on a halfway between a symbolic executor and an explicit-state model checker. The key differentiating aspect present in SymDIVINE is the ability to… 
Optimizing and Caching SMT Queries in SymDIVINE - (Competition Contribution)
TLDR
The new version of the tool SymDIVINE employs a refined representation of symbolic states, which allows for efficient caching of smt queries and additional simplifications of first-order bit-vector formulas, such as elimination of unconstrained variables from quantified formulas.
SMT Queries Decomposition and Caching in Semi-Symbolic Model Checking
TLDR
A new scheme for decomposition of symbolic states is introduced, which can be used to significantly improve the performance of any semi-symbolic model checker and is shown on a set of examples from the Software Verification Competition.
Caching SMT Queries in SymDIVINE Bachelor ’ s thesis
TLDR
This thesis proposes dependency-based caching for quantified SMT queries, that are used in SymDIVINE and demonstrates integration and provides experimental evaluation on a diverse set of benchmarks.
2 0 N ov 2 01 7 SMT eries Decomposition and Caching in Semi-Symbolic Model Checking
TLDR
A new scheme for decomposition of symbolic states is introduced, which can be used to significantly improve the performance of any semi-symbolic model checker and is shown on a set of examples from the So‰ware Verification Competition.
Symbolic Computation via Program Transformation
TLDR
This paper proposes and implements a transformation which takes a standard program and outputs a program that performs semantically equivalent, but partially symbolic, computation, and maintains symbolic values internally and operates directly on them hence the program can be processed by a tool without support for symbolic manipulation.
Q3B: An Efficient BDD-based SMT Solver for Quantified Bit-Vectors
TLDR
The first stable release of the tool Q3B for deciding satisfiability of quantified bit-vector formulas is presented, based on translation of a formula to a bdd that represents models of the formula.
Model Checking of C and C++ with DIVINE 4
TLDR
The fourth version of the DIVINE model checker provides a modular platform for verification of real-world programs, built around an efficient interpreter of LLVM code which enables verification of code written in C and C++.
Abstraction of Bit-Vector Operations for BDD-Based SMT Solvers
TLDR
Experimental results show that the bdd-based smt solver Q3B extended with these abstractions can solve more quantified bit-vector formulas from the smt-lib repository than state-of-the-art Smt solvers Boolector, CVC4, and Z3.
Is Satisfiability of Quantified Bit-Vector Formulas Stable Under Bit-Width Changes? (Experimental Paper)
TLDR
It is shown that satisfiability of the vast majority of quantified bit-vector formulas from the smt-lib repository remains the same even after reducing bit-widths of variables to a very small number.
Formal fault injection vulnerability detection in binaries : a software process and hardware validation. (Détection formelle de vulnérabilité créée par injection de faute au niveau binaire : un processus logiciel et une validation matérielle)
TLDR
This thesis demonstrates that not all software-based vulnerabilities can be reproduced in hardware; prior conjectures on the fault model for electromagnetic pulse attacks may not be accurate; and that there is a relationship between software- based and hardware-based approaches.
...
1
2
...

References

SHOWING 1-10 OF 11 REFERENCES
LTL Model Checking of LLVM Bitcode with Symbolic Data
TLDR
A generic framework for automatic verification of linear temporal logic specifications for programs in LLVM bitcode is reported on, guided by the specification in order to prove the correctness.
DiVinE 3.0 - An Explicit-State Model Checker for Multithreaded C & C++ Programs
TLDR
The major improvement in this new release is an extension of the class of systems that may be verified with the model checker, while preserving the unique DiVinE feature, namely parallel and distributed-memory processing.
Model Checking Parallel Programs with Inputs
  • J. Barnat, Petr Bauch, V. Havel
  • Computer Science
    2014 22nd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing
  • 2014
TLDR
The experimental evaluation shows that the alternative state matching causes only a minor increase in the number of states and that, in combination with the heuristics, it considerably extends the scope of applicability of the proposed LTL model checking.
Improved State Space Reductions for LTL Model Checking of C and C++ Programs
TLDR
Substantial improvements in efficiency of explicit-state LTL model checking of C & C++ programs are presented, building on [2], including improvements to state representation and to state space reduction techniques.
Making Software Verification Tools Really Work
TLDR
Simple measures are proposed which the community could adopt to make the design of serious verification tools easier and more credible, and for the community to produce tools that are indispensable for a developer but so seamlessly integrated into a development environment, as to be invisible.
Software Verification and Verifiable Witnesses - (Report on SV-COMP 2015)
TLDR
SV-COMP 2015, the fourth edition of the thorough comparative evaluation of fully-automatic software verifiers, reports effectiveness and efficiency results of the state of the art in software verification.
Software verification and verifiable witnesses
  • Tools and Algorithms for the Construction and Analysis of Systems , volume 9035 of Lecture Notes in Computer Science
  • 2015
Software verification and verifiable witnesses. In Tools and Algorithms for the Construction and Analysis of Systems, volume 9035 of Lecture Notes in Computer Science, pages 401–416
  • 2015
I and J
Making Software Verification Tools
  • Really Work. In ATVA,
  • 2011
...
1
2
...