Model Checking DSL-Generated C Source Code

We report on the application of SPIN for model-checking C source code which is generated out of a textual domain-specific language (DSL). We have built a tool which automatically generates the necessary SPIN wrapper code using (meta-)information available at the DSL level. The approach is part of a larger tool-chain for developing mission critical applications. The main purpose of SPIN is for bug-finding where error traces resulting from SPIN can be automatically replayed at the DSL level and yield concise explanations in terms of a temporal specification DSL. The tool-chain is applied in some large scale industrial applications.

[1]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[2]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[3]  Gerard J. Holzmann,et al.  Model-Driven Software Verification , 2004, SPIN.

[4]  Constance L. Heitmeyer,et al.  The SCR Approach to Requirements Specification and Analysis , 1997, RE.

[5]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[6]  D. Richard Kuhn,et al.  Pseudo-Exhaustive Testing for Software , 2006, 2006 30th Annual IEEE/NASA Software Engineering Workshop.

[7]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[8]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[9]  Martin Sulzmann,et al.  Constructive Finite Trace Analysis with Linear Temporal Logic , 2012, TAP@TOOLS.