Bandera: extracting finite-state models from Java source code

Finite-state verification techniques, such as model checking, have shown promise as a cost-effective means for finding defects in hardware designs. To date, the application of these techniques to software has been hindered by several obstacles. Chief among these is the problem of constructing a finite-state model that approximates the executable behavior of the software system of interest. Current best-practice involves hand-construction of models which is expensive (prohibitive for all but the smallest systems), prone to errors (which can result in misleading verification results), and difficult to optimize (which is necessary to combat the exponential complexity of verification algorithms). In this paper, we describe an integrated collection of program analysis and transformation components, called Bandera, that enables the automatic extraction of safe, compact finite-state models from program source code. Bandera takes as input Java source code and generates a program model in the input language of one of several existing verification tools; Bandera also maps verifier outputs back to the original source code. We discuss the major components of Bandera and give an overview of how it can be used to model check correctness properties of Java programs.

[1]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[2]  David W. Binkley,et al.  Interprocedural Slicing Using Dependence Graphs , 1988, PLDI.

[3]  David W. Binkley,et al.  Interprocedural slicing using dependence graphs , 1990, TOPL.

[4]  Stephen J. Garland,et al.  Pvs: a Prototype Veriication System , 1992 .

[5]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[6]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[7]  Alan J. Hu,et al.  Protocol verification as a hardware design aid , 1992, Proceedings 1992 IEEE International Conference on Computer Design: VLSI in Computers & Processors.

[8]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[9]  James C. Corbett,et al.  Evaluating Deadlock Detection Methods for Concurrent Software , 1996, IEEE Trans. Software Eng..

[10]  Daniel Jackson,et al.  Elements of style: analyzing a software design feature with a counterexample detector , 1996, ISSTA '96.

[11]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[12]  S. Laubach,et al.  Specializing Conngurable Systems for Finite-state Veriication , 1998 .

[13]  James C. Corbett,et al.  Constructing compact models of concurrent Java programs , 1998, ISSTA '98.

[14]  Matthew B. Dwyer,et al.  Staging Static Analyses Using Abstraction-Based Program Specialization , 1998, PLILP/ALP.

[15]  Matthew B. DwyerKansas Patterns in Property Speciications for Finite-state Veriication , 1999 .

[16]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[17]  Gerard J. Holzmann,et al.  The Engineering of a Model Checker: The Gnu i-Protocol Case Study Revisited , 1999, SPIN.

[18]  James C. Corbett,et al.  A Formal Study of Slicing for Multi-threaded Programs with JVM Concurrency Primitives , 1999, SAS.

[19]  Claudio Demartini,et al.  A deadlock detection tool for concurrent Java programs , 1999, Softw. Pract. Exp..

[20]  Frank Huch,et al.  Verification of Erlang programs using abstract interpretation and model checking , 1999, ICFP '99.

[21]  C. R. Ramakrishnan,et al.  An Optimizing Compiler for Efficient Model Checking , 1999, FORTE.

[22]  Gerard J. Holzmann,et al.  Software Model Checking , 1999, FORTE.

[23]  Laurie Hendren,et al.  Soot---a java optimization framework , 1999 .

[24]  Matthew B. Dwyer,et al.  Slicing Software for Model Construction , 2000, High. Order Symb. Comput..

[25]  Klaus Havelund,et al.  Model checking JAVA programs using JAVA PathFinder , 2000, International Journal on Software Tools for Technology Transfer.

[26]  Michael R. Lowry,et al.  Formal Analysis of a Space-Craft Controller Using SPIN , 2001, IEEE Trans. Software Eng..

[27]  Gerard J. Holzmann,et al.  SOFTWARE TESTING, VERIFICATION AND RELIABILITY , 2022 .