Using symbolic execution for verifying safety-critical systems

Safety critical systems require to be highly reliable and thus special care is taken when verifying them in order to increase the confidence in their behavior. This paper addresses the problem of formal verification of safety critical systems by providing empirical evidence of the practical applicability of symbolic execution and of its usefulness for checking safety-related properties. In this paper, symbolic execution is used for building an operational model of the software on which safety properties, expressed by means of a Path Description Language (PDL), can be assessed.

[1]  Didier Buchs,et al.  Testing Ada Abstract Data Types Using Formal Specifications , 1994, Ada-Europe.

[2]  Carlo Ghezzi,et al.  TRIO: A logic language for executable specifications of real-time systems , 1990, J. Syst. Softw..

[3]  Nancy A. Lynch,et al.  High-level modeling and analysis of TCAS , 1999, Proceedings 20th IEEE Real-Time Systems Symposium (Cat. No.99CB37054).

[4]  Pierluigi San Pietro,et al.  Alias Analysis by Means of a Model Checker , 2001, CC.

[5]  A.J. Offutt,et al.  Using symbolic execution to aid automatic test data generation , 1990, Fifth Annual Conference on Computer Assurance, Systems Integrity, Software Safety and Process Security..

[6]  Lori A. Clarke,et al.  A System to Generate Test Data and Symbolically Execute Programs , 1976, IEEE Transactions on Software Engineering.

[7]  Karl N. Levitt,et al.  SELECT—a formal system for testing and debugging programs by symbolic execution , 1975 .

[8]  Mats Per Erik Heimdahl,et al.  Experiences and lessons from the analysis of TCAS II , 1996, ISSTA '96.

[9]  Richard A. Kemmerer,et al.  Unisex: A unix‐based symbolic executor for pascal , 1985, Softw. Pract. Exp..

[10]  William R. Bush,et al.  A static analyzer for finding dynamic programming errors , 2000 .

[11]  Aniello Cimitile,et al.  Qualifying reusable functions using symbolic execution , 1995, Proceedings of 2nd Working Conference on Reverse Engineering.

[12]  Christopher W. Fraser,et al.  A Retargetable C Compiler: Design and Implementation , 1995 .

[13]  Edmund M. Clarke,et al.  Using Branching Time Temporal Logic to Synthesize Synchronization Skeletons , 1982, Sci. Comput. Program..

[14]  Coen-PorisiniAlberto,et al.  Using symbolic execution for verifying safety-critical systems , 2001 .

[15]  Nancy G. Leveson,et al.  Requirements Specification for Process-Control Systems , 1994, IEEE Trans. Software Eng..

[16]  P. David Coward Symbolic execution systems-a review , 1988, Softw. Eng. J..

[17]  Flavio De Paoli,et al.  SESADA: An Environment Supporting Software Specialization , 1991, ESEC.

[18]  C. V. Ramamoorthy,et al.  On the Automated Generation of Program Test Data , 1976, IEEE Transactions on Software Engineering.

[19]  Brian W. Kernighan,et al.  The C Programming Language , 1978 .

[20]  Thomas J. Ostrand,et al.  Experiments on the effectiveness of dataflow- and control-flow-based test adequacy criteria , 1994, Proceedings of 16th International Conference on Software Engineering.

[21]  David Notkin,et al.  Model checking large software specifications , 1996, SIGSOFT '96.

[22]  Marianne Simonot,et al.  Automatizing Termination Proofs of Recursively Defined Functions , 1994, Theor. Comput. Sci..

[23]  Laura K. Dillon,et al.  Using symbolic execution for verification of Ada tasking programs , 1990, TOPL.

[24]  David W. Binkley C++ in safety critical systems , 1997, Ann. Softw. Eng..

[25]  Franco Turini,et al.  A Flexible Environment for Program Development Based on a Symbolic Interpreter , 1979, ICSE.

[26]  Carlo Ghezzi,et al.  Software Specialization Via Symbolic Execution , 1991, IEEE Trans. Software Eng..

[27]  Moheb R. Girgis An experimental evaluation of a symbolic execution system , 1992, Softw. Eng. J..

[28]  James C. King,et al.  Symbolic execution and program testing , 1976, CACM.

[29]  Luqi,et al.  Formal Methods: Promises And Problems , 1997, IEEE Softw..

[30]  R. A. Kemmerer,et al.  An experience with two symbolic execution-based approaches to formal verification of Ada tasking programs , 1988, [1988] Proceedings. Second Workshop on Software Testing, Verification, and Analysis.

[31]  Jonathan P. Bowen,et al.  Ten Commandments of Formal Methods , 1995, Computer.

[32]  Les Hatton,et al.  Safer C - developing software for high-integrity and safety-critical systems , 1995, McGrawHill international series in software engineering.