Abstract interpretation and application to logic programs
Journal of Logic Programming
An empirical study of operating systems errors
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
CCured: type-safe retrofitting of legacy code
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Few Graph-Based Relational Numerical Abstract Domains
SAS '02 Proceedings of the 9th International Symposium on Static Analysis
A static analyzer for large safety-critical software
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Thorough static analysis of device drivers
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
Trace partitioning in abstract interpretation based static analyzers
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Formal Verification of a Flash Memory Device Driver --- An Experience Report
SPIN '08 Proceedings of the 15th international workshop on Model Checking Software
Correctness proofs for device drivers in embedded systems
SSV'10 Proceedings of the 5th international conference on Systems software verification
An automata-theoretic approach to hardware/software co-verification
FASE'10 Proceedings of the 13th international conference on Fundamental Approaches to Software Engineering
Efficient reachability analysis of büchi pushdown systems for hardware/software co-verification
CAV'10 Proceedings of the 22nd international conference on Computer Aided Verification
Formalizing hardware/software interface specifications
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Hi-index | 0.00 |
The soundness of device drivers generally cannot be verified in isolation, but has to take into account the reactions of the hardware devices. In critical embedded systems, interfaces often were simple "volatile" variables, and the interface specification typically a list of bounds on these variables. Some newer systems use "intelligent" controllers that handle dynamic worklists in shared memory and perform direct memory accesses, all asynchronously from the main processor. Thus, it is impossible to truly verify the device driver without taking the intelligent device into account, because incorrect programming of the device can lead to dire consequences, such as memory zones being erased. We have successfully verified a device driver extracted from a critical industrial system, asynchronously combined with a model for a USB OHCI controller. This paper studies this case, as well as introduces a model and analysis techniques for this asynchronous composition.