Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
Symbolic bounds analysis of pointers, array indices, and accessed memory regions
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Automatic predicate abstraction of C programs
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Automated Software Engineering
CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs
CC '02 Proceedings of the 11th International Conference on Compiler Construction
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Localization and register sharing for predicate abstraction
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
DiVer: SAT-based model checking platform for verifying large scale systems
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
Model Checking C Programs Using F-SOFT
ICCD '05 Proceedings of the 2005 International Conference on Computer Design
Disjunctive image computation for embedded software verification
Proceedings of the conference on Design, automation and test in Europe: Proceedings
Disjunctive image computation for software verification
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
State space exploration using feedback constraint generation and Monte-Carlo sampling
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Sound, complete and scalable path-sensitive analysis
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Dynamic inference of likely data preconditions over predicates by tree learning
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Tunneling and slicing: towards scalable BMC
Proceedings of the 45th annual Design Automation Conference
Completeness in SMT-based BMC for software programs
Proceedings of the conference on Design, automation and test in Europe
Model checking sequential software programs via mixed symbolic analysis
ACM Transactions on Design Automation of Electronic Systems (TODAES)
Security benchmarking using partial verification
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Symbolic program analysis using term rewriting and generalization
Proceedings of the 2008 International Conference on Formal Methods in Computer-Aided Design
Semantic Reduction of Thread Interleavings in Concurrent Programs
TACAS '09 Proceedings of the 15th International Conference on Tools and Algorithms for the Construction and Analysis of Systems: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009,
Efficient Decision Procedure for Bounded Integer Non-linear Operations Using SMT($\mathcal{LIA}$)
HVC '08 Proceedings of the 4th International Haifa Verification Conference on Hardware and Software: Verification and Testing
d-TSR: Parallelizing SMT-Based BMC Using Tunnels over a Distributed Framework
HVC '08 Proceedings of the 4th International Haifa Verification Conference on Hardware and Software: Verification and Testing
Efficient Term-ITE Conversion for Satisfiability Modulo Theories
SAT '09 Proceedings of the 12th International Conference on Theory and Applications of Satisfiability Testing
ACM Computing Surveys (CSUR)
Refining the control structure of loops using static analysis
EMSOFT '09 Proceedings of the seventh ACM international conference on Embedded software
LTL Model Checking for Recursive Programs
ATVA '09 Proceedings of the 7th International Symposium on Automated Technology for Verification and Analysis
Program analysis via satisfiability modulo path programs
Proceedings of the 37th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Bounded reachability checking of asynchronous systems using decision diagrams
TACAS'07 Proceedings of the 13th international conference on Tools and algorithms for the construction and analysis of systems
Using counterexamples for improving the precision of reachability computation with polyhedra
CAV'07 Proceedings of the 19th international conference on Computer aided verification
From hardware verification to software verification: re-use and re-learn
HVC'07 Proceedings of the 3rd international Haifa verification conference on Hardware and software: verification and testing
Interval analysis of microcontroller code using abstract interpretation of hardware and software
Proceedings of the 13th International Workshop on Software & Compilers for Embedded Systems
Analysis of invariants for efficient bounded verification
Proceedings of the 19th international symposium on Software testing and analysis
Software model checking without source code
Innovations in Systems and Software Engineering
Proceedings of the 38th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Non-monotonic refinement of control abstraction for concurrent programs
ATVA'10 Proceedings of the 8th international conference on Automated technology for verification and analysis
Modular bug detection with inertial refinement
Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design
Scalable and precise program analysis at NEC
Proceedings of the 2010 Conference on Formal Methods in Computer-Aided Design
An evolutionary approach for program model checking
MEDI'11 Proceedings of the First international conference on Model and data engineering
Making software verification tools really work
ATVA'11 Proceedings of the 9th international conference on Automated technology for verification and analysis
A dataflow analysis to improve SAT-based bounded program verification
SEFM'11 Proceedings of the 9th international conference on Software engineering and formal methods
Efficient state space exploration: interleaving stateless and state-based model checking
Proceedings of the International Conference on Computer-Aided Design
SAT-Based verification methods and applications in hardware verification
SFM'06 Proceedings of the 6th international conference on Formal Methods for the Design of Computer, Communication, and Software Systems
Efficient state merging in symbolic execution
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Synthesizing software verifiers from proof rules
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
TRACER: a symbolic execution tool for verification
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Binary reachability analysis of higher order functional programs
SAS'12 Proceedings of the 19th international conference on Static Analysis
| Hi-index | 0.00 |
In this paper, we describe our verification tool F-Soft, which is developed for the analysis of C programs. Its novelty lies in the combination of several recent advances in formal verification research including SAT-based verification, static analyses and predicate abstraction. As shown in the tool overview in Figure 1, we translate a program into a Boolean model to be analyzed by our verification engine DiVer [4], which includes BDD-based and SAT-based model checking techniques. We include various static analyses, such as computing the control flow graph of the program, program slicing with respect to the property, and performing range analysis as described in Section 2.2. We model the software using a Boolean representation, and use customized heuristics for the SAT-based analysis as described in Section [2.1]. We can also perform a localized predicate abstraction with register sharing as described in Section [2.3], if the user so chooses. The actual analysis of the resulting Boolean model is performed using DiVer. If a counter-example is discovered, we use a testbench generator that automatically generates an executable program for the user to examine the bug in his/her favorite debugger. The F-Soft tool has been applied on numerous case studies and publicly available benchmarks for sequential C programs. We are currently working on extending it to handle concurrent programs.