autoC: an efficient translator for model checking deterministic scheduler based OSEK/VDX applications

The OSEK/VDX automotive OS standard has been widely adopted by many automobile manufacturers, such as BMW and TOYOTA, as the basis for designing and implementing a vehicle-mounted OS. With the increasing functionalities in vehicles, more and more multi-task applications are developed based on the OSEK/VDX OS. Currently, ensuring the reliability of the developed applications is becoming a challenge for developers. As to ensure the reliability of OSEK/VDX applications, model checking as a potential solution has attracted great attention in the automotive industry. However, existing model checkers are often unable to verify a large-scale OSEK/VDX application that consists of many tasks, since the corresponding application model too complex. To make existing model checkers more scalable in verifying large-scale OSEK/VDX applications, we describe a software tool named autoC to tackle this problem by automatically translating a multi-task OSEK/VDX application into an equivalent sequential model. We conducted a series of experiments to evaluate the efficiency of autoC. The experimental results show that autoC is not only capable of efficiently sequentializing OSEK/VDX applications, but also of improving the scalability and efficiency of existing model checkers in verifying large-scale OSEK/VDX applications.

[1]  Joseph Lemieux,et al.  Programming in the OSEK/VDX Environment , 2001 .

[2]  Toshiaki Aoki,et al.  SMT-Based Bounded Model Checking for OSEK/VDX Applications , 2013, 2013 20th Asia-Pacific Software Engineering Conference (APSEC).

[3]  Armin Biere,et al.  Bounded model checking , 2003, Adv. Comput..

[4]  Lucas C. Cordeiro,et al.  Verifying multi-threaded software using smt-based context-bounded model checking , 2011, 2011 33rd International Conference on Software Engineering (ICSE).

[5]  Zhenhua Duan,et al.  Making CEGAR More Efficient in Software Model Checking , 2014, IEEE Transactions on Software Engineering.

[6]  Toshiaki Aoki,et al.  A Spin-Based Approach for Checking OSEK/VDX Applications , 2014, FTSCS.

[7]  Zhenhua Duan,et al.  Detecting spurious counterexamples efficiently in abstract model checking , 2011, 2013 35th International Conference on Software Engineering (ICSE).

[8]  Toshiaki Aoki,et al.  Yes! You Can Use Your Model Checker to Verify OSEK/VDX Applications , 2015, 2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST).

[9]  Toshiaki Aoki,et al.  Conformance Testing for OSEK/VDX Operating System Using Model Checking , 2011, 2011 18th Asia-Pacific Software Engineering Conference.

[10]  Ofer Strichman,et al.  Bounded model checking , 2003, Adv. Comput..

[11]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[12]  Yunja Choi,et al.  Safety Analysis of Trampoline OS Using Model Checking: An Experience Report , 2011, 2011 IEEE 22nd International Symposium on Software Reliability Engineering.

[13]  Chao Wang,et al.  Model checking sequential software programs via mixed symbolic analysis , 2009, TODE.

[14]  Zdenek Hanzálek,et al.  Formal verification of multitasking applications based on timed automata model , 2007, Real-Time Systems.

[15]  Daniel Kroening,et al.  A Tool for Checking ANSI-C Programs , 2004, TACAS.

[16]  Mathai Joseph,et al.  Specification and verification of fault-tolerance, timing, and scheduling , 1999, TOPL.

[17]  Marco Roveri,et al.  Verifying SystemC: A software model checking approach , 2010, Formal Methods in Computer Aided Design.

[18]  Thorsten Holz,et al.  Slicing droids: program slicing for smali code , 2013, SAC '13.

[19]  Wenhui Zhang,et al.  Combining search space partition and abstraction for LTL model checking , 2007, Science in China Series F: Information Sciences.

[20]  Marco Roveri,et al.  An Analytic Evaluation of SystemC Encodings in Promela , 2011, SPIN.

[21]  Pat Rogers Review of the book: real-time systems and programming languages (4th edition) by Alan Burns and Andy Wellings , 2009, ALET.

[22]  Edmund M. Clarke,et al.  Model Checking and the State Explosion Problem , 2011, LASER Summer School.

[23]  George C. Necula,et al.  CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.

[24]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[25]  Mark A. Hillebrand,et al.  VCC: A Practical System for Verifying Concurrent C , 2009, TPHOLs.

[26]  Victor R. Basili,et al.  Comparing the Effectiveness of Software Testing Strategies , 1987, IEEE Transactions on Software Engineering.

[27]  Joseph Sifakis,et al.  Model checking , 1996, Handbook of Automated Reasoning.

[28]  Salvatore La Torre,et al.  Lazy-CSeq: A Lazy Sequentialization Tool for C - (Competition Contribution) , 2014, TACAS.

[29]  Qin Li,et al.  Modeling and Verifying the Code-Level OSEK/VDX Operating System with CSP , 2011, 2011 Fifth International Conference on Theoretical Aspects of Software Engineering.

[30]  Alan Burns,et al.  Real-Time Systems and Programming Languages , 2009 .