Model checking and abstraction
ACM Transactions on Programming Languages and Systems (TOPLAS)
Symbolic Model Checking
| Hi-index | 0.00 |
We examine the problem of defining equivalence between two functions (pieces of code) that are intended to perform analogous tasks, but whose interfaces do not correspond in a straightforward way, even to the point of ambiguity. We formalize the notion of what equivalence means in such a case and show how to check it using constraints on a model checking problem. We show that the presence of constraints complicates the issue of predicate abstraction, and show that nevertheless we can use predicates no finer than those needed in the absence of constraints. Our solution is being used to verify the migration of tens of millions of lines of health insurance claims processing code from icd- 9 to icd-10, two versions of the International Statistical Classification of Diseases and Related Health Problems (icd), whose correspondence is complex and ambiguous in both directions. We present experimental results on 90,000 real life functions.