Predicate Abstraction of ANSI-C Programs Using SAT

Predicate abstraction is a major method for verification of software. However, the generation of the abstract Boolean program from the set of predicates and the original program suffers from an exponential number of theorem prover calls as well as from soundness issues. This paper presents a novel technique that uses an efficient SAT solver for generating the abstract transition relations of ANSI-C programs. The SAT-based approach computes a more precise and safe abstraction compared to existing predicate abstraction techniques.

[1]  Edmund M. Clarke,et al.  Counterexample-Guided Abstraction Refinement , 2000, CAV.

[2]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[3]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[4]  Zijiang Yang,et al.  SAT-Based Image Computation with Application in Reachability Analysis , 2000, FMCAD.

[5]  Helmut Veith,et al.  SAT Based Predicate Abstraction for Hardware Verification , 2003, SAT.

[6]  Joseph Sifakis,et al.  Property preserving abstractions for the verification of concurrent systems , 1995, Formal Methods Syst. Des..

[7]  Alan J. Hu,et al.  Automatic formal verification of DSP software , 2000, DAC.

[8]  Robert P. Kurshan,et al.  Model Checking and Abstraction , 2002, SARA.

[9]  David Gries,et al.  Assignment and Procedure Call Proof Rules , 1980, TOPL.

[10]  Tomás E. Uribe,et al.  Generating Finite-State Abstractions of Reactive Systems Using Decision Procedures , 1998, CAV.

[11]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[12]  Sriram K. Rajamani,et al.  Automatically validating temporal safety properties of interfaces , 2001, SPIN '01.

[13]  Amir Pnueli,et al.  Control and data abstraction: the cornerstones of practical formal verification , 2000, International Journal on Software Tools for Technology Transfer.

[14]  Sriram K. Rajamani,et al.  Boolean Programs: A Model and Process for Software Analysis , 2000 .

[15]  Alex Groce,et al.  Predicate Abstraction with Minimum Predicates , 2003, CHARME.

[16]  Armin Biere,et al.  A satisfiability procedure for quantified Boolean formulae , 2003, Discret. Appl. Math..

[17]  Daniel Kroening,et al.  Behavioral consistency of C and Verilog programs using bounded model checking , 2003, Proceedings 2003. Design Automation Conference (IEEE Cat. No.03CH37451).

[18]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[19]  Shuvendu K. Lahiri,et al.  A Symbolic Approach to Predicate Abstraction , 2003, CAV.

[20]  Sharad Malik,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[21]  Yassine Lakhnech,et al.  Computing Abstractions of Infinite State Systems Compositionally and Automatically , 1998, CAV.

[22]  Orna Grumberg,et al.  Abstract interpretation of reactive systems , 1997, TOPL.

[23]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[24]  Stephan Merz,et al.  Model Checking , 2000 .

[25]  W. Visser,et al.  Second Generation of a Java Model Checker , 2000 .

[26]  David L. Dill,et al.  Successive approximation of abstract transition relations , 2001, Proceedings 16th Annual IEEE Symposium on Logic in Computer Science.

[27]  Kenneth L. McMillan,et al.  Applying SAT Methods in Unbounded Symbolic Model Checking , 2002, CAV.

[28]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[29]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[30]  David Detlefs,et al.  Simplify: a theorem prover for program checking , 2005, JACM.

[31]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .