Software verification for TinyOS

We describe the first software tool for the verification of TinyOS 2, MSP430 applications at compile-time. Given assertions upon the state of the sensor node, the tool boundedly explores all program executions and returns to the programmer an error trace leading to any assertion violation. Besides memory-related errors (out-of-bounds arrays, nullpointer dereferences), we verify application-specific assertions, including low-level assertions upon the state of the registers and peripherals.

[1]  Richard Han,et al.  NodeMD: diagnosing node-level faults in remote wireless sensor systems , 2007, MobiSys '07.

[2]  W. Archer,et al.  Interface Contracts for TinyOS , 2007, 2007 6th International Symposium on Information Processing in Sensor Networks.

[3]  Eric Eide,et al.  Efficient memory safety for TinyOS , 2007, SenSys '07.

[4]  Jonathan W. Hui,et al.  T 2 : A Second Generation OS For Embedded Sensor Networks , 2005 .

[5]  Thomas A. Henzinger,et al.  Race checking by context inference , 2004, PLDI '04.

[6]  Robert Szewczyk,et al.  System architecture directions for networked sensors , 2000, ASPLOS IX.

[7]  Daniel Kroening,et al.  A Tool for Checking ANSI-C Programs , 2004, TACAS.

[8]  Armin Biere,et al.  Bounded Model Checking Using Satisfiability Solving , 2001, Formal Methods Syst. Des..

[9]  Stephan Merz,et al.  Model Checking , 2000 .

[10]  Philip Levis,et al.  Surviving sensor network software faults , 2009, SOSP '09.

[11]  David E. Culler,et al.  The nesC language: A holistic approach to networked embedded systems , 2003, PLDI.

[12]  David E. Culler,et al.  TOSSIM: accurate and scalable simulation of entire TinyOS applications , 2003, SenSys '03.

[13]  John Harrison,et al.  Formal Verification , 2011, Software and Systems Safety - Specification and Verification.

[14]  Ben L. Titzer Virgil: objects on the head of a pin , 2006, OOPSLA '06.

[15]  Doina Bucur,et al.  Bug-Free Sensors: The Automatic Verification of Context-Aware TinyOS Applications , 2009, AmI.

[16]  Ramesh Govindan,et al.  Deriving State Machines from TinyOS Programs Using Symbolic Execution , 2008, 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008).