TCAS software verification using constraint programming

Safety-critical software must be thoroughly verified before being exploited in commercial applications. In particular, any TCAS (Traffic Alert and Collision Avoidance System) implementation must be verified against safety properties extracted from the anti-collision theory that regulates the controlled airspace. This verification step is currently realized with manual code reviews and testing. In our work, we explore the capabilities of Constraint Programming for automated software verification and testing. We built a dedicated constraint solving procedure that combines constraint propagation with Linear Programming to solve conditional disjunctive constraint systems over bounded integers extracted from computer programs and safety properties. An experience we made on verifying a publicly available TCAS component implementation against a set of safety-critical properties showed that this approach is viable and efficient.

[1]  Pascal Van Hentenryck,et al.  CPBPV: a constraint-programming framework for bounded program verification , 2009, Constraints.

[2]  Hanspeter Mössenböck,et al.  Single-pass generation of static single-assignment form for structured languages , 1994, TOPL.

[3]  Toby Walsh,et al.  Handbook of Constraint Programming , 2006, Handbook of Constraint Programming.

[4]  Arnaud Gotlieb,et al.  An Abstract Interpretation Based Combinator for Modelling While Loops in Constraint Programming , 2007, CP.

[5]  Famantanantsoa Randimbivololona Orientations in Verification Engineering of Avionics Software , 2001, Informatics.

[6]  Mats Carlsson,et al.  An Open-Ended Finite Domain Constraint Solver , 1997, PLILP.

[7]  Hélène Collavizza,et al.  Exploration of the Capabilities of Constraint Programming for Software Verification , 2006, TACAS.

[8]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[9]  Pascal Van Hentenryck,et al.  CPBPV: A Constraint-Programming Framework for Bounded Program Verification , 2008, CP.

[10]  E. Balas Disjunctive programming and a hierarchy of relaxations for discrete optimization problems , 1985 .

[11]  Michela Milano,et al.  The Role of Integer Programming Techniques in Constraint Programming's Global Constraints , 2002, INFORMS J. Comput..

[12]  Christian Holzbaur OFAI clp(Q,R) Manual , 1995 .

[13]  Bruno Marre,et al.  PathCrawler: Automatic Generation of Path Tests by Combining Static and Dynamic Analysis , 2005, EDCC.

[14]  Koushik Sen,et al.  CUTE: a concolic unit testing engine for C , 2005, ESEC/FSE-13.

[15]  Thomas A. Henzinger,et al.  Software Verification with BLAST , 2003, SPIN.

[16]  Carlo Ghezzi,et al.  Using symbolic execution for verifying safety-critical systems , 2001, ESEC/FSE-9.

[17]  Koushik Sen DART: Directed Automated Random Testing , 2009, Haifa Verification Conference.

[18]  Arnaud Gotlieb,et al.  Symbolic execution of floating‐point computations , 2006, Softw. Test. Verification Reliab..

[19]  Bernard Botella,et al.  A CLP Framework for Computing Structural Test Data , 2000, Computational Logic.

[20]  Henny B. Sipma,et al.  Efficient Strongly Relational Polyhedral Analysis , 2006, VMCAI.

[21]  Daniel Kroening,et al.  Hardware verification using ANSI-C programs as a reference , 2003, ASP-DAC '03.

[22]  Garth P. McCormick,et al.  Computability of global solutions to factorable nonconvex programs: Part I — Convex underestimating problems , 1976, Math. Program..

[23]  A. Jefferson Offutt,et al.  The dynamic domain reduction procedure for test data generation , 1999, Softw. Pract. Exp..

[24]  Arnaud Gotlieb Euclide: A Constraint-Based Testing Framework for Critical C Programs , 2009, 2009 International Conference on Software Testing Verification and Validation.

[25]  Yahia Lebbah,et al.  A Rigorous Global Filtering Algorithm for Quadratic Constraints* , 2004, Constraints.

[26]  A. Jefferson Offutt,et al.  The dynamic domain reduction procedure for test data generation , 1999, Softw. Pract. Exp..

[27]  A. Jefferson Offutt,et al.  Constraint-Based Automatic Test Data Generation , 1991, IEEE Trans. Software Eng..

[28]  Andris Zarins,et al.  SMOTL - A System to Construct Samples for Data Processing Program Debugging , 1979, IEEE Trans. Software Eng..

[29]  Armin Biere,et al.  C32SAT: Checking C Expressions , 2007, CAV.

[30]  Gregg Rothermel,et al.  Supporting Controlled Experimentation with Testing Techniques: An Infrastructure and its Potential Impact , 2005, Empirical Software Engineering.

[31]  John N. Hooker,et al.  Optimization and , 2000 .

[32]  Philippe Refalo Tight Cooperation and Its Application in Piecewise Linear Optimization , 1999, CP.

[33]  Nancy A. Lynch,et al.  High-level modeling and analysis of TCAS , 1999, Proceedings 20th IEEE Real-Time Systems Symposium (Cat. No.99CB37054).

[34]  Arnaud Gotlieb,et al.  Improving Constraint-Based Testing with Dynamic Linear Relaxations , 2007, The 18th IEEE International Symposium on Software Reliability (ISSRE '07).

[35]  Arnaud Gotlieb,et al.  Goal-oriented test data generation for pointer programs , 2007, Inf. Softw. Technol..

[36]  Arnold Neumaier,et al.  Safe bounds in linear and mixed-integer linear programming , 2004, Math. Program..