Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Slides:



Advertisements
Similar presentations
Information Software Systems 18 May 2007 Information Software Systems ISS Modern SW Development Practices: Processes and Technologies 18 May 2007 (c) 2007.
Advertisements

Symbol Table.
Creation of Automaton Classes from Graphical Models and Automatic Solution for Inverse Problem Yuri A. Gubin student of SPb SU ITMO supervised by Anatoly.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
SRDC Ltd. 1. Problem  Solutions  Various standardization efforts ◦ Document models addressing a broad range of requirements vs Industry Specific Document.
An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.
AndroidCompiler. Layout Motivation Literature Review AndroidCompiler Future Works.
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
Introduction To System Analysis and Design
1 INTAS Meeting, Moscow Tools for Verification of Specification Given by Basic Protocols Oleksandr Letychevskyi, Ph.D. Glushkov Institute of Cybernetics.
Reference Book: Modern Compiler Design by Grune, Bal, Jacobs and Langendoen Wiley 2000.
Houdini: An Annotation Assistant for ESC/Java Cormac Flanagan and K. Rustan M. Leino Compaq Systems Research Center.
Automatically Extracting and Verifying Design Patterns in Java Code James Norris Ruchika Agrawal Computer Science Department Stanford University {jcn,
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
© 2008 IBM Corporation Behavioral Models for Software Development Andrei Kirshin, Dolev Dotan, Alan Hartman January 2008.
1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.
Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Bernd Bruegge & Allen H. Dutoit Object-Oriented Software Engineering: Using UML, Patterns, and Java 1 Introduction to Software Engineering CEN 4010.
Verification and Validation Yonsei University 2 nd Semester, 2014 Sanghyun Park.
© Janice Regan, CMPT 128, Jan CMPT 128 Introduction to Computing Science for Engineering Students Creating a program.
Balancing Practices: Inspections, Testing, and Others JAXA scenario (formal method) Masa Katahira Japanese Space Agency.
Software Engineering Prof. Dr. Bertrand Meyer March 2007 – June 2007 Chair of Software Engineering Static program checking and verification Slides: Based.
A Simple Method for Extracting Models from Protocol Code David Lie, Andy Chou, Dawson Engler and David Dill Computer Systems Laboratory Stanford University.
Dr. Tom WayCSC Code Reviews & Inspections CSC 4700 Software Engineering.
Chapter 1 Introduction Dr. Frank Lee. 1.1 Why Study Compiler? To write more efficient code in a high-level language To provide solid foundation in parsing.
Introduction CS 3358 Data Structures. What is Computer Science? Computer Science is the study of algorithms, including their  Formal and mathematical.
Verification and Test Automation of UML Projects Nikita Voinov, Vsevolod Kotlyarov (Saint-Petersburg State Polytechnic University) The Third Spring Young.
CS 360 Lecture 6.  A model is a simplification of reality  We build models to better understand the system being developed.  We build models of complex.
Model Based Conformance Testing for Extensible Internet Protocols Anastasia Tugaenko Scientific Adviser: Nikolay Pakulin, PhD.
Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.
Object-Oriented Analysis and Design An Introduction.
1 Module Objective & Outline Module Objective: After completing this Module, you will be able to, appreciate java as a programming language, write java.
Reviewing Recent ICSE Proceedings For:.  Defining and Continuous Checking of Structural Program Dependencies  Automatic Inference of Structural Changes.
Software Engineering Research paper presentation Ali Ahmad Formal Approaches to Software Testing Hierarchal GUI Test Case Generation Using Automated Planning.
Mid-term Presentation Validation of Architecture Rules & Design Patterns 25 th May Shravan Shetty &Vinod J Menezes Supervised by, Prof. Dr. M. v. d. Brand.
DEV337 Modeling Distributed Enterprise Applications Using UML in Visual Studio.NET David Keogh Program Manager Visual Studio Enterprise Tools.
CS Data Structures I Chapter 2 Principles of Programming & Software Engineering.
1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.
1 Overview of the project: Requirement-Driven Development of Distributed Applications School of Information Technology and Engineering (SITE) University.
Symbolic Execution with Abstract Subsumption Checking Saswat Anand College of Computing, Georgia Institute of Technology Corina Păsăreanu QSS, NASA Ames.
Chapter 5: Software Re-Engineering Omar Meqdadi SE 3860 Lecture 5 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.
Toulouse, September 2003 Page 1 JOURNEE ALTARICA Airbus ESACS  ISAAC.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.
Testing OO software. State Based Testing State machine: implementation-independent specification (model) of the dynamic behaviour of the system State:
Generating Software Documentation in Use Case Maps from Filtered Execution Traces Edna Braun, Daniel Amyot, Timothy Lethbridge University of Ottawa, Canada.
Using Symbolic PathFinder at NASA Corina Pãsãreanu Carnegie Mellon/NASA Ames.
Concepts and Realization of a Diagram Editor Generator Based on Hypergraph Transformation Author: Mark Minas Presenter: Song Gu.
PROGRAMMING PRE- AND POSTCONDITIONS, INVARIANTS AND METHOD CONTRACTS B MODULE 2: SOFTWARE SYSTEMS 13 NOVEMBER 2013.
1 Contractual Consistency Between BON Static and Dynamic Diagrams Ali Taleghani July 30, 2004.
CS223: Software Engineering
Andrey Karaulov, Alexander Strabykin Institute for System Programming Russian Academy of Sciences SYRCoSE: Spring Young Researchers Colloquium on Software.
1 CEN 4020 Software Engineering PPT4: Requirement analysis.
Ontologies Reasoning Components Agents Simulations An Overview of Model-Driven Engineering and Architecture Jacques Robin.
Object Oriented Analysis & Design By Rashid Mahmood.
STATIC CODE ANALYSIS. OUTLINE  INTRODUCTION  BACKGROUND o REGULAR EXPRESSIONS o SYNTAX TREES o CONTROL FLOW GRAPHS  TOOLS AND THEIR WORKING  ERROR.
Introduction to Compiler Construction
Security Issues Formalization
SysML v2 Formalism: Requirements & Benefits
Verification and Validation
Verification and Validation
Behavioral Models for Software Development
CodePeer Update Arnaud Charlet CodePeer Update Arnaud Charlet
CodePeer Update Arnaud Charlet CodePeer Update Arnaud Charlet
Software Verification and Validation
Software Verification and Validation
Software Verification and Validation
Software Development Process Using UML Recap
Presentation transcript:

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers Colloquium on Software Engineering Saint-Petersburg May Prof. Vsevolod Kotlyarov Motorola Software Center

SYRCoSE Introduction Problems, goals, and solution One of the features of modern design – software component reuse Problems: how to reuse legacy code? Goals: to quickly understand legacy components for their reuse in a new product Solution: apply verification technologies  Automatic modeling of a legacy component at a higher abstraction level  Formal verification of model properties

SYRCoSE Verification process Requirements Implementation Formalization: Analysis of program or requirements and creation of model in formal language System properties Verification: Searching inconsistencies and checking system properties System model Program system Verdict: the system does or does not meet its requirements

SYRCoSE Types of errors found with verification Documentation inconsistencies – typos, missing or incorrect references, absence of definitions, etc. Transition inconsistency (non-determinism) – non- deterministic behavior. Safety violations – prohibited events may happen, security violation (unauthorized usage of a system) is a particular case. Deadlocks – incomplete specifications. Unreachability – unreachable (never used) system states. Certain run-time errors – like an uninitialized attribute usage or out of bounds error – lists overflow, incorrect array indexing, enumerated type overflow.

SYRCoSE VRS-based verification process System basic protocols VRS reqs formalization Behavior properties verdict verification correction Behavior formal model in form of System can be presented with requirements, source program code, or UML model

SYRCoSE Basic protocol – a simple MSC diagram, which specifies: pre-condition - the state of the system where the system shall perform some activity process part - the activity itself (transmission of a message or performance of an action) post-condition - the state of the system after the activity is performed pre-condition post-condition process part message action

SYRCoSE Goal of the work Reqs semi-automatic basic protocols formalization UML C-program automatic Source system representation Behavior formal model in form of basic protocols basic protocols manual Problem: high efforts for manual formalization of source code Goal: reduce manual efforts through automation

SYRCoSE Proposed solution Klocwork™ as a tool for formalization Static analysis –Control flow visualization –Graphical view of a program structure –… Automated analysis of C, C++, and Java source code – checkers –Detect a wide variety of code defects and security vulnerabilities –Klocwork™ allows to write additional C and C++ code checkers –2 application programming interfaces (API) Code style analysis (AST – Abstract Syntax Tree) Control and data flow (MIR – Medium-level Intermediate Representation) Klocwork provides automated source code analysis and creation of intermediate views of code

SYRCoSE Klocwork™ extensibility feature Defect detection with checkers defects config enable/disable custom defect custom checker Source code defects are reported source file is analyzed, defects are detected Klocwork™ Klocwork + custom checker = instrument for C code analysis and translation into basic protocols

SYRCoSE Custom checker: realization Tree traversal module Nodes handling module: - expression - function call - if-then-else - for - while - switch-case - … Basic protocols Pre-condition Process part Post-condition Abstract Syntax Tree Klocwork interface Checker interface Source code Code analysis and AST creation Module of basic protocol generation

SYRCoSE The autoformalization feature based on Klocwork™ toolset BPX (Basic Protocol eXtractor) –plug-in for Klocwork in form of DLL (dynamically loaded library) –~3.1 KLOC in C Input data –Abstract Syntax Trees of source files Output data –Basic protocols in MSC-PR (Phrase Representation) format Reflect usage and change of variables Reflect function calls Preserve program control flow Represent program semantics Preserve the project structure Automatic extraction of basic protocols from Klocwork AST

SYRCoSE Simple example … int function() { int a,b,c; c = 3; if ( c>5 ) {a = 1; } b = a; return 0; } … Basic protocols automatically extracted from a C-code

SYRCoSE Verification of C-programs with extended VRS technology C program VRS reqs formalization Behavior properties verdict verification correction Behavior formal model in form of BPX KlocWork™ basic protocols

SYRCoSE Creation of multilevel models and architecture recovering … ………… Forward engineering Reverse engineering Function level File level System High-level system model Source code module level

SYRCoSE First experiment results for C-projects Size of project source code Time Manual approach small mediumlarge 1x 10x Automatic approach Decreasing: –formalization time –manual efforts –errors in program model (human factor) Simplifying: –program logic understanding –verification process Formalization time reduction ~10x vs manual formalization

SYRCoSE Further work Verification of large C-projects with VRS technology –Investigating the scalability limits –Creation multilevel behavior models Generation of multilevel behavior scenarios Adaptation to Java code –Reusing AST traversal and basic protocol generation algorithms for JAVA checker creation

SYRCoSE THANK YOU Q&A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.