A Technique for Automata-based Verification with Residual Reasoning

Analysing programs at a high-level of abstraction reduces the effort required for verification, but may abstract away details required for full verification of a specification. Working at a lower level, e.g. through model checking or runtime verifying program code, can avoid this problem of abstraction, at the expense of much larger resource requirements. To reduce the resources required by verification, analysis techniques at decreasing levels of abstraction can be combined in a complementary manner through partial verification or residual analysis, where any useful partial information discovered at a high-level is used to reduce the verification problem, leaving an easier residual problem for lower-level analyses. Our contribution in this paper is a technology-agnostic symbolic-automata-based framework to project verification effort onto different verification stages. Properties and programs are both represented as symbolic automata, with an event-based view of verification. We give correctness conditions for residual analysis based on equivalence with respect to verification of the original problem. Furthermore we present an intraprocedural residual analysis to identify parts of the property respected by the program, and parts of the program that cannot violate the property.

[1]  Yliès Falcone,et al.  A taxonomy for classifying runtime verification tools , 2018, International Journal on Software Tools for Technology Transfer.

[2]  Matthew B. Dwyer,et al.  Residual dynamic typestate analysis exploiting static analysis: results to reformulate and reduce the cost of dynamic analysis , 2007, ASE.

[3]  Eric Bodden,et al.  Clara: Partially Evaluating Runtime Monitors at Compile Time - Tutorial Supplement , 2010, RV.

[4]  Eric Bodden Efficient hybrid typestate analysis by determining continuation-equivalent states , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[5]  Matthew B. Dwyer,et al.  Residual Checking of Safety Properties , 2008, SPIN.

[6]  Moshe Y. Vardi Automata-Theoretic Model Checking Revisited , 2007, VMCAI.

[7]  Dirk Beyer,et al.  Reducer-Based Construction of Conditional Verifiers , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[8]  Gordon J. Pace,et al.  CLARVA: Model-based Residual Verification of Java Programs , 2020, MODELSWARD.

[9]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[10]  Thomas A. Henzinger,et al.  Conditional model checking: a technique to pass information between verifiers , 2012, SIGSOFT FSE.

[11]  Gordon J. Pace,et al.  Monitoring Smart Contracts: ContractLarva and Open Challenges Beyond , 2018, RV.

[12]  Gordon J. Pace,et al.  A Unified Approach for Static and Runtime Verification: Framework and Applications , 2012, ISoLA.

[13]  Thomas W. Reps,et al.  Program Analysis Using Weighted Pushdown Systems , 2007, FSTTCS.

[14]  Tayssir Touili,et al.  Abstract Error Projection , 2007, SAS.

[15]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[16]  Gordon J. Pace,et al.  Control-Flow Residual Analysis for Symbolic Automata , 2017, PrePost@iFM.