TACAS'08/ETAPS'08 Proceedings of the Theory and practice of software, 14th international conference on Tools and algorithms for the construction and analysis of systems
Hi-index | 0.00 |
The Satisfiability Modulo Theories (SMT) solver, Z3 [1], from Microsoft Research is a state-of-the art theorem prover that integrates specialized solvers for domains that are of relevance for program analysis, testing and verification. Z3 has been used within and outside of Microsoft for the past few years including the Windows 7 static driver verifier, the SAGE white-box fuzzer for finding security vulnerabilities, Pex, in a Verifying C Compiler, the Verve verified operating system kernel and the Dafny safe programming language. This talk delves into some of the more recent efforts around Z3, in particular using Z3 in a firewall analysis engine, and adventures in using Z3 for points-to analysis in JavaScript malware detection, and finally emerging support for reachability queries by solving Satisfiability Modulo Theories for Horn clauses. Z3 is joint work with Leonardo de Moura and Christoph Wintersteiger.