Constraint-Based BMC: A Backward Approach
Résumé
Safety property checking is mandatory in the validation process of critical software. When formal verification tools fail to prove some properties, the automatic generation of counterexamples for a given loop depth is therefore an important issue in practice. We investigate in this paper the capabilities of constraint-based bounded model checking for program verification and counterexample generation on real applications. We introduce DPVS (Dynamic Post-condition Variable driven Strategy), a new non-sequential search strategy we have developed to handle an industrial application from a car manufacturer, the Flasher Manager. This application has been designed and simulated using the Simulink platform. However, this module is concretely embedded as a C program in a car computer, thus we have to check that the safety properties are preserved on this C code. We report experiments on the Flasher Manager application with our constraint-based bounded model checker, and with CBMC, a state-of-the-art bounded model checker. Experiments show that DPVS and CBMC have similar performances on one property of the Flasher Manager; DPVS outperforms CBMC to find a counterexample for two properties; two of the properties of the Flasher Manager remain intractable both for CBMC and DPVS.
Fichier principal
backwardBMC.pdf (716.8 Ko)
Télécharger le fichier
p1.c (12.98 Ko)
Télécharger le fichier
p2.c (13.36 Ko)
Télécharger le fichier
p3a.c (14.34 Ko)
Télécharger le fichier
p3b.c (12.7 Ko)
Télécharger le fichier
p4.c (13.4 Ko)
Télécharger le fichier
simulink1.pdf (7.96 Ko)
Télécharger le fichier
simulink2.pdf (16.47 Ko)
Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Format : Autre
Format : Autre
Format : Autre
Format : Autre
Format : Autre
Format : Autre
Format : Autre