Presentation is loading. Please wait.

Presentation is loading. Please wait.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Published byJessie Fields Modified over 9 years ago

Similar presentations

Presentation on theme: "Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers."— Presentation transcript:

1 Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers Colloquium on Software Engineering Saint-Petersburg May 29-30 2008 Prof. Vsevolod Kotlyarov Motorola Software Center

2 SYRCoSE 2008 2 Introduction Problems, goals, and solution One of the features of modern design – software component reuse Problems: how to reuse legacy code? Goals: to quickly understand legacy components for their reuse in a new product Solution: apply verification technologies  Automatic modeling of a legacy component at a higher abstraction level  Formal verification of model properties

3 SYRCoSE 2008 3 Verification process Requirements Implementation Formalization: Analysis of program or requirements and creation of model in formal language System properties Verification: Searching inconsistencies and checking system properties System model Program system Verdict: the system does or does not meet its requirements

4 SYRCoSE 2008 4 Types of errors found with verification Documentation inconsistencies – typos, missing or incorrect references, absence of definitions, etc. Transition inconsistency (non-determinism) – non- deterministic behavior. Safety violations – prohibited events may happen, security violation (unauthorized usage of a system) is a particular case. Deadlocks – incomplete specifications. Unreachability – unreachable (never used) system states. Certain run-time errors – like an uninitialized attribute usage or out of bounds error – lists overflow, incorrect array indexing, enumerated type overflow.

5 SYRCoSE 2008 5 VRS-based verification process System basic protocols VRS reqs formalization Behavior properties verdict verification correction Behavior formal model in form of System can be presented with requirements, source program code, or UML model

6 SYRCoSE 2008 6 Basic protocol – a simple MSC diagram, which specifies: pre-condition - the state of the system where the system shall perform some activity process part - the activity itself (transmission of a message or performance of an action) post-condition - the state of the system after the activity is performed pre-condition post-condition process part message action

7 SYRCoSE 2008 7 Goal of the work Reqs semi-automatic basic protocols formalization UML C-program automatic Source system representation Behavior formal model in form of basic protocols basic protocols manual Problem: high efforts for manual formalization of source code Goal: reduce manual efforts through automation

8 SYRCoSE 2008 8 Proposed solution Klocwork™ as a tool for formalization Static analysis –Control flow visualization –Graphical view of a program structure –… Automated analysis of C, C++, and Java source code – checkers –Detect a wide variety of code defects and security vulnerabilities –Klocwork™ allows to write additional C and C++ code checkers –2 application programming interfaces (API) Code style analysis (AST – Abstract Syntax Tree) Control and data flow (MIR – Medium-level Intermediate Representation) Klocwork provides automated source code analysis and creation of intermediate views of code

9 SYRCoSE 2008 9 Klocwork™ extensibility feature Defect detection with checkers defects config enable/disable custom defect custom checker Source code defects are reported source file is analyzed, defects are detected Klocwork™ Klocwork + custom checker = instrument for C code analysis and translation into basic protocols

10 SYRCoSE 2008 10 Custom checker: realization Tree traversal module Nodes handling module: - expression - function call - if-then-else - for - while - switch-case - … Basic protocols Pre-condition Process part Post-condition Abstract Syntax Tree Klocwork interface Checker interface Source code Code analysis and AST creation Module of basic protocol generation

11 SYRCoSE 2008 11 The autoformalization feature based on Klocwork™ toolset BPX (Basic Protocol eXtractor) –plug-in for Klocwork in form of DLL (dynamically loaded library) –~3.1 KLOC in C Input data –Abstract Syntax Trees of source files Output data –Basic protocols in MSC-PR (Phrase Representation) format Reflect usage and change of variables Reflect function calls Preserve program control flow Represent program semantics Preserve the project structure Automatic extraction of basic protocols from Klocwork AST

12 SYRCoSE 2008 12 Simple example … int function() { int a,b,c; c = 3; if ( c>5 ) {a = 1; } b = a; return 0; } … Basic protocols automatically extracted from a C-code

13 SYRCoSE 2008 13 Verification of C-programs with extended VRS technology C program VRS reqs formalization Behavior properties verdict verification correction Behavior formal model in form of BPX KlocWork™ basic protocols

14 SYRCoSE 2008 14 Creation of multilevel models and architecture recovering … ………… Forward engineering Reverse engineering Function level File level System High-level system model Source code module level

15 SYRCoSE 2008 15 First experiment results for C-projects Size of project source code Time Manual approach small mediumlarge 1x 10x Automatic approach Decreasing: –formalization time –manual efforts –errors in program model (human factor) Simplifying: –program logic understanding –verification process Formalization time reduction ~10x vs manual formalization

16 SYRCoSE 2008 16 Further work Verification of large C-projects with VRS technology –Investigating the scalability limits –Creation multilevel behavior models Generation of multilevel behavior scenarios Adaptation to Java code –Reusing AST traversal and basic protocol generation algorithms for JAVA checker creation

17 SYRCoSE 2008 17 THANK YOU Q&A

Download ppt "Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers."

Similar presentations

Information Software Systems 18 May 2007 Information Software Systems ISS Modern SW Development Practices: Processes and Technologies 18 May 2007 (c) 2007.

Information Software Systems 18 May 2007 Information Software Systems ISS Modern SW Development Practices: Processes and Technologies 18 May 2007 (c) 2007.
Symbol Table.

Symbol Table.
Creation of Automaton Classes from Graphical Models and Automatic Solution for Inverse Problem Yuri A. Gubin student of SPb SU ITMO supervised by Anatoly.

Creation of Automaton Classes from Graphical Models and Automatic Solution for Inverse Problem Yuri A. Gubin student of SPb SU ITMO supervised by Anatoly.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.

Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
SRDC Ltd. 1. Problem  Solutions  Various standardization efforts ◦ Document models addressing a broad range of requirements vs Industry Specific Document.

SRDC Ltd. 1. Problem  Solutions  Various standardization efforts ◦ Document models addressing a broad range of requirements vs Industry Specific Document.
An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.

An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.
AndroidCompiler. Layout Motivation Literature Review AndroidCompiler Future Works.

AndroidCompiler. Layout Motivation Literature Review AndroidCompiler Future Works.
Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.

Testing Without Executing the Code Pavlina Koleva Junior QA Engineer WinCore Telerik QA Academy Telerik QA Academy.
Introduction To System Analysis and Design

Introduction To System Analysis and Design
1 INTAS Meeting, Moscow Tools for Verification of Specification Given by Basic Protocols Oleksandr Letychevskyi, Ph.D. Glushkov Institute of Cybernetics.

1 INTAS Meeting, Moscow Tools for Verification of Specification Given by Basic Protocols Oleksandr Letychevskyi, Ph.D. Glushkov Institute of Cybernetics.
Reference Book: Modern Compiler Design by Grune, Bal, Jacobs and Langendoen Wiley 2000.

Reference Book: Modern Compiler Design by Grune, Bal, Jacobs and Langendoen Wiley 2000.
Houdini: An Annotation Assistant for ESC/Java Cormac Flanagan and K. Rustan M. Leino Compaq Systems Research Center.

Houdini: An Annotation Assistant for ESC/Java Cormac Flanagan and K. Rustan M. Leino Compaq Systems Research Center.
Automatically Extracting and Verifying Design Patterns in Java Code James Norris Ruchika Agrawal Computer Science Department Stanford University {jcn,

Automatically Extracting and Verifying Design Patterns in Java Code James Norris Ruchika Agrawal Computer Science Department Stanford University {jcn,
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
© 2008 IBM Corporation Behavioral Models for Software Development Andrei Kirshin, Dolev Dotan, Alan Hartman January 2008.

© 2008 IBM Corporation Behavioral Models for Software Development Andrei Kirshin, Dolev Dotan, Alan Hartman January 2008.
1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.

1CMSC 345, Version 4/04 Verification and Validation Reference: Software Engineering, Ian Sommerville, 6th edition, Chapter 19.
Basic Concepts The Unified Modeling Language (UML) SYSC 3100 - System Analysis and Design.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.

02/06/05 “Investigating a Finite–State Machine Notation for Discrete–Event Systems” Nikolay Stoimenov.
Bernd Bruegge & Allen H. Dutoit Object-Oriented Software Engineering: Using UML, Patterns, and Java 1 Introduction to Software Engineering CEN 4010.

Bernd Bruegge & Allen H. Dutoit Object-Oriented Software Engineering: Using UML, Patterns, and Java 1 Introduction to Software Engineering CEN 4010.

Similar presentations

Ads by Google