论文信息 - Combining static analysis and model checking for software analysis

Combining static analysis and model checking for software analysis

We present an iterative technique in which model checking and static analysis are combined to verify large software systems. The role of the static analysis is to compute partial order information which the model checker uses to reduce the state space. During exploration, the model checker also computes aliasing information that it gives to the static analyzer which can then refine its analysis. The result of this refined analysis is then fed back to the model checker which updates its partial order reduction. At each step of this iterative process, the static analysis computes optimistic information which results in an unsafe reduction of the state space. However, we show that the process converges to a fixed point at which time the partial order information is safe and the whole state space is explored.

Willem Visser | Guillaume Brat

[1] William Landi,et al. Interprocedural aliasing in the presence of pointers , 1992 .

[2] Gerard J. Holzmann,et al. The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[3] Edmund M. Clarke,et al. Model Checking , 1999, Handbook of Automated Reasoning.

[4] Bjarne Steensgaard,et al. Points-to analysis in almost linear time , 1996, POPL '96.

[5] 허윤정,et al. Holzmann의 ˝The Model Checker SPIN˝에 대하여 , 1998 .

[6] Gerard J. Holzmann,et al. An improvement in formal verification , 1994, FORTE.

[7] John Penix,et al. Verification of time partitioning in the DEOS scheduler kernel , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[8] Patrick Cousot,et al. Parallel combination of abstract interpretation and model-based automatic analysis of software , 1997 .

[9] James C. Corbett,et al. A Formal Study of Slicing for Multi-threaded Programs with JVM Concurrency Primitives , 1999, SAS.

[10] Vijay K. Garg,et al. Modeling and Control of Logical Discrete Event Systems , 1994 .

[11] James C. Corbett,et al. Bandera: extracting finite-state models from Java source code , 2000, ICSE.

[12] W. Visser,et al. Second Generation of a Java Model Checker , 2000 .