Rewriting Models of Boolean Programs

We show that rewrite systems can be used to give semantics to imperative programs with boolean variables, a class of programs used in software model-checking as over- or underapproximations of real programs. We study the classes of rewrite systems induced by programs with different features like procedures, concurrency, or dynamic thread creation, and survey a number of results on their word problem and their symbolic reachability problem.

[1]  Tayssir Touili,et al.  Regular Symbolic Analysis of Dynamic Networks of Pushdown Systems , 2005, CONCUR.

[2]  Parosh Aziz Abdulla,et al.  General decidability theorems for infinite-state systems , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[3]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[4]  J. Richard Biichi The Collected Works of J. Richard Büchi , 1990, Springer New York.

[5]  Faron Moller,et al.  Verification on Infinite Structures , 2001, Handbook of Process Algebra.

[6]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[7]  S. Rao Kosaraju,et al.  Decidability of reachability in vector addition systems (Preliminary Version) , 1982, STOC '82.

[8]  Didier Caucal,et al.  On the Regular Structure of Prefix Rewriting , 1990, Theor. Comput. Sci..

[9]  Thomas Schwentick,et al.  Numerical document queries , 2003, PODS.

[10]  Pierre Wolper,et al.  A direct symbolic approach to model checking pushdown systems , 1997, INFINITY.

[11]  Philippe Schnoebelen,et al.  The regular viewpoint on PA-processes , 1998, Theor. Comput. Sci..

[12]  Andreas Podelski,et al.  Efficient algorithms for pre* and post* on interprocedural parallel flow graphs , 2000, POPL '00.

[13]  Philippe Schnoebelen,et al.  Well-structured transition systems everywhere! , 2001, Theor. Comput. Sci..

[14]  Javier Esparza,et al.  Reachability Analysis of Multithreaded Software with Asynchronous Communication , 2005, FSTTCS.

[15]  Giorgio Delzanno,et al.  Towards the Automated Verification of Multithreaded Java Programs , 2002, TACAS.

[16]  Richard Mayr,et al.  Process rewrite systems , 1999, EXPRESS.

[17]  Richard Mayr Decidability and complexity of model checking problems for infinite state systems , 1998 .

[18]  Ernst W. Mayr An Algorithm for the General Petri Net Reachability Problem , 1984, SIAM J. Comput..

[19]  Denis Lugiez,et al.  Counting and Equality Constraints for Multitree Automata , 2003, FoSSaCS.

[20]  Jakob Rehof,et al.  Context-Bounded Model Checking of Concurrent Software , 2005, TACAS.

[21]  Tayssir Touili,et al.  On Computing Reachability Sets of Process Rewrite Systems , 2005, RTA.

[22]  John E. Hopcroft,et al.  On the Reachability Problem for 5-Dimensional Vector Addition Systems , 1976, Theor. Comput. Sci..

[23]  David A. Wagner,et al.  MOPS: an infrastructure for examining security properties of software , 2002, CCS '02.

[24]  Javier Esparza,et al.  Efficient Algorithms for Model Checking Pushdown Systems , 2000, CAV.

[25]  J. Richard Büchi Regular canonical systems , 1964 .

[26]  Tayssir Touili,et al.  Reachability Analysis of Process Rewrite Systems , 2003, FSTTCS.

[27]  Tayssir Touili,et al.  A Generic Approach to the Static Analysis of Concurrent Programs with Procedures , 2003, Int. J. Found. Comput. Sci..

[28]  Javier Esparza,et al.  jMoped: A Java Bytecode Checker Based on Moped , 2005, TACAS.

[29]  Javier Esparza,et al.  Reachability Analysis of Pushdown Automata: Application to Model-Checking , 1997, CONCUR.

[30]  Dirk Siefkes,et al.  The collected works of J. Richard Büchi , 1989 .

[31]  Tayssir Touili,et al.  Reachability Analysis of Synchronized PA Systems , 2005, INFINITY.

[32]  Javier Esparza Petri Nets, Commutative Context-Free Grammars, and Basic Parallel Processes , 1995, FCT.

[33]  Dung T. Huynh,et al.  Commutative Grammars: The Complexity of Uniform Word Problems , 1984, Inf. Control..

[34]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.