Formal Verification of a Flash Memory Device Driver - An Experience Report

Flash memory has become virtually indispensable in most mobile devices. In order for mobile devices to operate successfully, it is essential that flash memory be controlled correctly through the device driver software. However, as is typical for embedded software, conventional testing methods often fail to detect hidden flaws in the complex device driver software. This deficiency incurs significant development and operation overhead to the manufacturers. In order to compensate for the weaknesses of conventional testing, we have applied NuSMV, Spin, and CBMC to verify the correctness of a multi-sector read operation of the Samsung OneNANDTMflash device driver and studied their relative strengths and weaknesses empirically. Through this project, we verified the correctness of the multi-sector read operation on a small scale. The results demonstrate the feasibility of using model checking techniques to verify the control algorithm of a device driver in an industrial setting.

[1]  Marco Pistore,et al.  Nusmv version 2: an opensource tool for symbolic model checking , 2002, CAV 2002.

[2]  Daniel Kroening,et al.  Model checking concurrent linux device drivers , 2007, ASE.

[3]  Doron A. Peled,et al.  Comparing Symbolic and Explicit Model Checking of a Software System , 2002, SPIN.

[4]  Michael W. Whalen,et al.  Proving the Shalls Early Validation of Requirements Through Formal Methods , 2004 .

[5]  Yunja Choi,et al.  From NuSMV to SPIN: Experiences with model checking flight guidance systems , 2007, Formal Methods Syst. Des..

[6]  Niklas Sörensson,et al.  An Extensible SAT-solver , 2003, SAT.

[7]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[8]  Beate Bollig,et al.  Improving the Variable Ordering of OBDDs Is NP-Complete , 1996, IEEE Trans. Computers.

[9]  Gerard J. Holzmann,et al.  Model-Driven Software Verification , 2004, SPIN.

[10]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[11]  Ahmed Bouajjani,et al.  Abstract Regular Tree Model Checking of Complex Dynamic Data Structures , 2006, SAS.

[12]  R. Rudell Dynamic variable ordering for ordered binary decision diagrams , 1993, Proceedings of 1993 International Conference on Computer Aided Design (ICCAD).

[13]  Kurt Keutzer,et al.  Why is ATPG easy? , 1999, DAC '99.

[14]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[15]  Bart Selman,et al.  Backdoors To Typical Case Complexity , 2003, IJCAI.

[16]  Moonzoo Kim,et al.  Pre-testing Flash Device Driver through Model Checking Techniques , 2008, 2008 1st International Conference on Software Testing, Verification, and Validation.

[17]  Corina S. Pasareanu,et al.  Symbolic Execution with Abstract Subsumption Checking , 2006, SPIN.

[18]  Daniel Kroening,et al.  A Tool for Checking ANSI-C Programs , 2004, TACAS.

[19]  Gerard J. Holzmann,et al.  Software Tools for Technology Transfer Manuscript No. Fighting Livelock in the Gnu I-protocol: a Case Study in Explicit-state Model Checking , 2022 .

[20]  Jaco Geldenhuys,et al.  A Nearly Memory-Optimal Data Structure for Sets and Mappings , 2003, SPIN.

[21]  Sriram K. Rajamani,et al.  Thorough static analysis of device drivers , 2006, EuroSys.

[22]  Chandrasekhar Boyapati,et al.  Efficient software model checking of data structure properties , 2006, OOPSLA '06.

[23]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[24]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[25]  David Monniaux,et al.  Verification of device drivers and intelligent controllers: a case study , 2007, EMSOFT '07.

[26]  Kenneth L. McMillan,et al.  Verification of Infinite State Systems by Compositional Model Checking , 1999, CHARME.

[27]  Sharad Malik,et al.  The Quest for Efficient Boolean Satisfiability Solvers , 2002, CAV.

[28]  David Notkin,et al.  Model checking large software specifications , 1996, SIGSOFT '96.