当前期刊: Formal Methods in System Design Go to current issue    加入关注    本刊投稿指南
显示样式:        排序: IF: - GO 导出
  • Automatic verification of concurrent stochastic systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2021-01-22
    Marta Kwiatkowska, Gethin Norman, David Parker, Gabriel Santos

    Automated verification techniques for stochastic games allow formal reasoning about systems that feature competitive or collaborative behaviour among rational agents in uncertain or probabilistic settings. Existing tools and techniques focus on turn-based games, where each state of the game is controlled by a single player, and on zero-sum properties, where two players or coalitions have directly opposing

  • Pegasus: sound continuous invariant generation
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2021-01-20
    Andrew Sogokon, Stefan Mitsch, Yong Kiam Tan, Katherine Cordwell, André Platzer

    Continuous invariants are an important component in deductive verification of hybrid and continuous systems. Just like discrete invariants are used to reason about correctness in discrete systems without having to unroll their loops, continuous invariants are used to reason about differential equations without having to solve them. Automatic generation of continuous invariants remains one of the biggest

  • On solving quantified bit-vector constraints using invertibility conditions
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2021-01-18
    Aina Niemetz, Mathias Preiner, Andrew Reynolds, Clark Barrett, Cesare Tinelli

    We present a novel approach for solving quantified bit-vector constraints in Satisfiability Modulo Theories (SMT) based on computing symbolic inverses of bit-vector operators. We derive conditions that precisely characterize when bit-vector constraints are invertible for a representative set of bit-vector operators commonly supported by SMT solvers. We utilize syntax-guided synthesis techniques to

  • Static analysis for detecting high-level races in RTOS kernels
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2021-01-08
    Rekha Pai, Abhishek Singh, Deepak D’Souza, Meenakshi D’Souza, Prathibha Prakash

    We propose a static analysis based approach for detecting high-level races in RTOS kernels popularly used in safety-critical embedded software. High-Level races are indicators of atomicity violations and can lead to erroneous software behaviour with serious consequences. Hitherto techniques for detecting high-level races have relied on model-checking approaches, which are inefficient and apriori unsound

  • Learning inductive invariants by sampling from frequency distributions
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-11-16
    Grigory Fedyukovich, Samuel J. Kaufman, Rastislav Bodík

    Automated verification for program safety is reduced to the discovery safe inductive invariants, i.e., formulas that over-approximate the sets of reachable program states, but precise enough to prove unreachability of the error state. We present a framework, called FreqHorn, that follows the Syntax-Guided Synthesis paradigm to iteratively sample candidate invariants from a formal grammar and check

  • Boolean functional synthesis: hardness and practical algorithms
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-10-21
    S. Akshay, Supratik Chakraborty, Shubham Goel, Sumith Kulal, Shetal Shah

    Given a relational specification between Boolean inputs and outputs, Boolean functional synthesis seeks to synthesize each output as a function of the inputs such that the specification is met. Despite significant algorithmic advances in Boolean functional synthesis over the past few years, there are relatively small specifications that have remained beyond the reach of all state-of-the-art tools.

  • Integrating formal specifications into applications: the ProB Java API
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-10-21
    Philipp Körner, Jens Bendisposto, Jannik Dunkelau, Sebastian Krings, Michael Leuschel

    The common formal methods workflow consists of formalising a model followed by applying model checking and proof techniques. Once an appropriate level of certainty is reached, code generators are used in order to gain executable code. In this paper, we propose a different approach: instead of generating code from formal models, it is also possible to embed a model checker or animator into applications

  • Quasi-optimal partial order reduction
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-10-12
    Camille Coti, Laure Petrucci, César Rodríguez, Marcelo Sousa

    A dynamic partial order reduction (DPOR) algorithm is optimal when it always explores at most one representative per Mazurkiewicz trace. Existing literature suggests that the reduction obtained by the non-optimal, state-of-the-art Source-DPOR (SDPOR) algorithm is comparable to optimal DPOR. We show the first program with \(\mathop {\mathcal {O}}(n)\) Mazurkiewicz traces where SDPOR explores \(\mathop

  • Automated repair by example for firewalls
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-09-30
    William T. Hallahan, Ennan Zhai, Ruzica Piskac

    Firewalls are widely deployed to manage enterprise networks. Because enterprise-scale firewalls contain hundreds or thousands of rules, ensuring the correctness of firewalls—that the rules in the firewalls meet the specifications of their administrators—is an important but challenging problem. Although existing firewall diagnosis and verification techniques can identify potentially faulty rules, they

  • Multi-scale verification of distributed synchronisation
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-09-20
    Paul Gainer, Sven Linker, Clare Dixon, Ullrich Hustadt, Michael Fisher

    Algorithms for the synchronisation of clocks across networks are both common and important within distributed systems. We here address not only the formal modelling of these algorithms, but also the formal verification of their behaviour. Of particular importance is the strong link between the very different levels of abstraction at which the algorithms may be verified. Our contribution is primarily

  • Exact quantitative probabilistic model checking through rational search
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-07-29
    Umang Mathur, Matthew S. Bauer, Rohit Chadha, A. Prasad Sistla, Mahesh Viswanathan

    Model checking systems formalized using probabilistic models such as discrete time Markov chains (DTMCs) and Markov decision processes (MDPs) can be reduced to computing constrained reachability properties. Linear programming methods to compute reachability probabilities for DTMCs and MDPs do not scale to large models. Thus, model checking tools often employ iterative methods to approximate reachability

  • Abstraction refinement and antichains for trace inclusion of infinite state systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-07-08
    Lukáš Holík, Radu Iosif, Adam Rogalewicz, Tomáš Vojnar

    A generic register automaton is a finite automaton equipped with variables (which may be viewed as counters or, more generally, registers) ranging over infinite data domains. A trace of a generic register automaton is an alternating sequence of alphabet symbols and values taken by the variables during an execution of the automaton. The problem addressed in this paper is the inclusion between the sets

  • Model checking boot code from AWS data centers
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2020-04-15
    Byron Cook, Kareem Khazem, Daniel Kroening, Serdar Tasiran, Michael Tautschnig, Mark R. Tuttle

    This paper describes our experience with symbolic model checking in an industrial setting. We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center. Standard static analysis tools cannot be easily used on boot code without modification owing to issues not commonly found in higher-level

  • Correction to: A survey of challenges for runtime verification from advanced application domains (beyond software)
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-11-15
    César Sánchez, Gerardo Schneider, Wolfgang Ahrendt, Ezio Bartocci, Domenico Bianculli, Christian Colombo, Yliès Falcone, Adrian Francalanza, Srdan Krstić, João M. Lourenço, Dejan Nickovic, Gordon J. Pace, Jose Rufino, Julien Signoles, Dmitriy Traytel, Alexander Weiss

    The correct name of the seventh author is Yliès Falcone.

  • A survey of challenges for runtime verification from advanced application domains (beyond software)
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-11-11
    César Sánchez; Gerardo Schneider; Wolfgang Ahrendt; Ezio Bartocci; Domenico Bianculli; Christian Colombo; Yliès Falcone; Adrian Francalanza; Srđan Krstić; Joa̋o M. Lourenço; Dejan Nickovic; Gordon J. Pace; Jose Rufino; Julien Signoles; Dmitriy Traytel; Alexander Weiss

    Runtime verification is an area of formal methods that studies the dynamic analysis of execution traces against formal specifications. Typically, the two main activities in runtime verification efforts are the process of creating monitors from specifications, and the algorithms for the evaluation of traces against the generated monitors. Other activities involve the instrumentation of the system to

  • Exploiting partial variable assignment in interpolation-based model checking
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-11-07
    Pavel Jančík; Jan Kofroň; Leonardo Alt; Grigory Fedyukovich; Antti E. J. Hyvärinen; Natasha Sharygina

    Craig interpolation has been successfully employed in symbolic program verification as a means of abstraction for sets of program states. In this article, we present the partial variable assignment interpolation system, an extension of the labeled interpolation system, enriched by partial variable assignments. It allows for both generation of smaller interpolants as well as for their faster computation

  • Synthesizing adaptive test strategies from temporal logic specifications
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-10-14
    Roderick Bloem, Goerschwin Fey, Fabian Greif, Robert Könighofer, Ingo Pill, Heinz Riener, Franz Röck

    Constructing good test cases is difficult and time-consuming, especially if the system under test is still under development and its exact behavior is not yet fixed. We propose a new approach to compute test strategies for reactive systems from a given temporal logic specification using formal methods. The computed strategies are guaranteed to reveal certain simple faults in every realization of the

  • Annotation guided collection of context-sensitive parallel execution profiles
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-10-09
    Zachary Benavides; Keval Vora; Rajiv Gupta; Xiangyu Zhang

    Studying the relative behavior of an application’s threads is critical to identifying performance bottlenecks and understanding their root causes. We present context-sensitive parallel (CSP) execution profiles, that capture the relative behavior of threads in terms of the user selected code regions they execute. CSPs can be analyzed to compute execution times spent by the application in interesting

  • Statistical verification of PCTL using antithetic and stratified samples
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-08-28
    Yu Wang; Nima Roohi; Matthew West; Mahesh Viswanathan; Geir E. Dullerud

    In this work, we study the problem of statistically verifying Probabilistic Computation Tree Logic (PCTL) formulas on discrete-time Markov chains (DTMCs) with stratified and antithetic samples. We show that by properly choosing the representation of the DTMCs, semantically negatively correlated samples can be generated for a fraction of PCTL formulas via the stratified or antithetic sampling techniques

  • Foreword to the special issue on the 2017 Static Analysis Symposium
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-08-26
    Francesco Ranzato

    This volume of Formal Methods in System Design (FMSD) features extended and revised versions of a selection of papers presented at the Static Analysis Symposium (SAS) held on 2017 in New York, NY. The series of Static Analysis Symposia serves as a primary venue for the presentation of theoretical, practical, and applicational advances in the area of static analysis of programs and systems. After the

  • Parameterized verification of algorithms for oblivious robots on a ring
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-07-30
    Arnaud Sangnier, Nathalie Sznajder, Maria Potop-Butucaru, Sébastien Tixeuil

    We study verification problems for autonomous swarms of mobile robots that self-organize and cooperate to solve global objectives. In particular, we focus in this paper on the model proposed by Suzuki and Yamashita of anonymous robots evolving in a discrete space with a finite number of locations (here, a ring). A large number of algorithms have been proposed working for rings whose size is not a priori

  • Monitoring hyperproperties
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-06-25
    Bernd Finkbeiner, Christopher Hahn, Marvin Stenger, Leander Tentrup

    Hyperproperties, such as non-interference and observational determinism, relate multiple system executions to each other. They are not expressible in standard temporal logics, like LTL, CTL, and CTL*, and thus cannot be monitored with standard runtime verification techniques. \(\text {HyperLTL}\) extends linear-time temporal logic (LTL) with explicit quantification over traces in order to express hyperproperties

  • Probabilistic black-box reachability checking (extended version)
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-05-21
    Bernhard K. Aichernig; Martin Tappler

    Model checking has a long-standing tradition in software verification. Given a system design it checks whether desired properties are satisfied. Unlike testing, it cannot be applied in a black-box setting. To overcome this limitation Peled et al. introduced black-box checking, a combination of testing, model inference and model checking. The technique requires systems to be fully deterministic. For

  • Incremental column-wise verification of arithmetic circuits using computer algebra
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-02-26
    Daniela Kaufmann, Armin Biere, Manuel Kauers

    Verifying arithmetic circuits and most prominently multiplier circuits is an important problem which in practice still requires substantial manual effort. The currently most effective approach uses polynomial reasoning over pseudo boolean polynomials. In this approach a word-level specification is reduced by a Gröbner basis which is implied by the gate-level representation of the circuit. This reduction

  • Almost event-rate independent monitoring
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-02-06
    David Basin; Bhargav Nagaraja Bhatt; Srđan Krstić; Dmitriy Traytel

    A monitoring algorithm is trace-length independent if its space consumption does not depend on the number of events processed. The analysis of many monitoring algorithms has aimed at establishing their trace-length independence. But a monitor’s space consumption can depend on characteristics of the trace other than its size. We put forward the stronger notion of event-rate independence, where a monitor’s

  • TeLEx: learning signal temporal logic from positive examples using tightness metric
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-01-23
    Susmit Jha; Ashish Tiwari; Sanjit A. Seshia; Tuhin Sahai; Natarajan Shankar

    We propose a novel passive learning approach, TeLex, to infer signal temporal logic (STL) formulas that characterize the behavior of a dynamical system using only observed signal traces of the system. First, we present a template-driven learning approach that requires two inputs: a set of observed traces and a template STL formula. The unknown parameters in the template can include time-bounds of the

  • Quantitative static analysis of communication protocols using abstract Markov chains
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-01-17
    Abdelraouf Ouadjaout; Antoine Miné

    In this paper we present a static analysis of probabilistic programs to quantify their performance properties by taking into account both the stochastic aspects of the language and those related to the execution environment. More particularly, we are interested in the analysis of communication protocols in lossy networks and we aim at inferring statically parametric bounds of some important metrics

  • First-order temporal logic monitoring with BDDs
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-01-07
    Klaus Havelund, Doron Peled, Dogan Ulus

    Runtime verification is aimed at analyzing execution traces stemming from a running program or system. The traditional purpose is to detect the lack of conformance with respect to a formal specification. Numerous efforts in the field have focused on monitoring parametric specifications, where events carry data, and formulas can refer to such. Since a monitor for such specifications has to store observed

  • Some complexity results for stateful network verification
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-01-07
    Kalev Alpernas; Aurojit Panda; Alexander Rabinovich; Mooly Sagiv; Scott Shenker; Sharon Shoham; Yaron Velner

    In modern networks, forwarding of packets often depends on the history of previously transmitted traffic. Such networks contain stateful middleboxes, whose forwarding behaviour depends on a mutable internal state. Firewalls and load balancers are typical examples of stateful middleboxes. This work addresses the complexity of verifying safety properties, such as isolation, in networks with finite-state

  • SAT-based explicit LTL reasoning and its application to satisfiability checking
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2019-01-02
    Jianwen Li; Shufang Zhu; Geguang Pu; Lijun Zhang; Moshe Y. Vardi

    We present here a new explicit reasoning framework for linear temporal logic (LTL), which is built on top of propositional satisfiability (SAT) solving. The crux of our approach is a construction of temporal transition system that is based on SAT-solving rather than tableau to construct states and transitions. As a proof-of-concept of this framework, we describe a new LTL satisfiability algorithm.

  • A new abstraction framework for affine transformers
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-10-18
    Tushar Sharma; Thomas Reps

    This paper addresses the problem of abstracting a set of affine transformers \(\overrightarrow{v}' = \overrightarrow{v} \cdot C + \overrightarrow{d}\), where \(\overrightarrow{v}\) and \(\overrightarrow{v}'\) represent the pre-state and post-state, respectively. We introduce a framework to harness any base abstract domain \(\mathcal {B}\) in an abstract domain of affine transformations. Abstract domains

  • Template polyhedra and bilinear optimization
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-09-04
    Jessica Gronski; Mohamed-Amin Ben Sassi; Stephen Becker; Sriram Sankaranarayanan

    In this paper, we study the template polyhedral abstract domain using connections to bilinear optimization techniques. The connections between abstract interpretation and convex optimization approaches have been studied for nearly a decade now. Specifically, data flow constraints for numerical domains such as polyhedra can be expressed in terms of bilinear constraints. Algorithms such as policy and

  • Abstract semantic diffing of evolving concurrent programs
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-08-21
    Ahmed Bouajjani; Constantin Enea; Shuvendu K. Lahiri

    We present an approach for comparing two closely related concurrent programs, whose goal is to give feedback about interesting differences without relying on user-provided assertions. This approach compares two programs in terms of cross-thread interferences and data-flow, under a parametrized abstraction which can detect any difference in the limit. We introduce a partial order relation between these

  • Finite-trace linear temporal logic: coinductive completeness
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-06-26
    Grigore Roşu

    Linear temporal logic (LTL) is suitable not only for infinite-trace systems, but also for finite-trace systems. In particular, LTL with finite-trace semantics is frequently used as a specification formalism in runtime verification, in artificial intelligence, and in business process modeling. The satisfiability of LTL with finite-trace semantics, a known PSPACE-complete problem, has been recently studied

  • Introduction to the special issue on runtime verification
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-06-21
    Yliès Falcone; César Sánchez

    This article introduces the extended versions of selected papers from the refereed proceedings of the 16th International Conference on Runtime Verification (RV 2016) held in Madrid, Spain, in September 2016. Runtime verification encompasses all aspects of monitoring and analysis of hardware, software, and system executions in general. Runtime verification techniques are lightweight dynamic techniques

  • Quantitative monitoring of STL with edit distance.
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-03-27
    Stefan Jakšić,Ezio Bartocci,Radu Grosu,Thang Nguyen,Dejan Ničković

    In cyber-physical systems (CPS), physical behaviors are typically controlled by digital hardware. As a consequence, continuous behaviors are discretized by sampling and quantization prior to their processing. Quantifying the similarity between CPS behaviors and their specification is an important ingredient in evaluating correctness and quality of such systems. We propose a novel procedure for measuring

  • Inferring event stream abstractions
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-02-27
    Sean Kauffman; Klaus Havelund; Rajeev Joshi; Sebastian Fischmeister

    We propose a formalism for specifying event stream abstractions for use in spacecraft telemetry processing. Our work is motivated by the need to quickly process streams with millions of events generated e.g. by the Curiosity rover on Mars. The approach builds a hierarchy of event abstractions for telemetry visualization and querying to aid human comprehension. Such abstractions can also be used as

  • Compact and efficiently verifiable models for concurrent systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-02-19
    Hernán Ponce de León; Andrey Mokhov

    Partial orders are a fundamental mathematical structure capable of representing concurrency and causality on a set of atomic events. In many applications it is essential to consider multiple partial orders, each representing a particular behavioral scenario or an operating mode of a system. With the exploding growth of the complexity of systems that software and hardware engineers design today, it

  • Inferring functional properties of matrix manipulating programs by abstract interpretation
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-02-12
    Matthieu Journault; Antoine Miné

    We present a new static analysis by abstract interpretation to prove automatically the functional correctness of algorithms implementing matrix operations, such as matrix addition, multiplication, general matrix multiplication, inversion, or more generally Basic Linear Algebra Subprograms. In order to do so, we introduce a family of abstract domains parameterized by a set of matrix predicates as well

  • Solving parity games via priority promotion
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-01-31
    Massimo Benerecetti; Daniele Dell’Erba; Fabio Mogavero

    We consider parity games, a special form of two-player infinite-duration games on numerically labeled graphs, whose winning condition requires that the maximal value of a label occurring infinitely often during a play be of some specific parity. The problem of identifying the corresponding winning regions has a rather intriguing status from a complexity theoretic viewpoint, since it belongs to the

  • Incrementally closing octagons
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-01-24
    Aziem Chawdhary; Ed Robbins; Andy King

    The octagon abstract domain is a widely used numeric abstract domain expressing relational information between variables whilst being both computationally efficient and simple to implement. Each element of the domain is a system of constraints where each constraint takes the restricted form \(\pm \, x_i \pm x_j \le c\). A key family of operations for the octagon domain are closure algorithms, which

  • Securing a compiler transformation
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-01-15
    Chaoqiang Deng; Kedar S. Namjoshi

    A compiler optimization may be correct and yet be insecure. This work focuses on the common optimization that removes dead (i.e., useless) store instructions from a program. This operation may introduce new information leaks, weakening security while preserving functional equivalence. This work presents a polynomial-time algorithm for securely removing dead stores. The algorithm is necessarily approximate

  • Tightening the contract refinements of a system architecture
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2018-01-03
    Alessandro Cimatti; Ramiro Demasi; Stefano Tonetta

    Contract-based design is an emerging paradigm for correct-by-construction hierarchical systems: components are associated with assumptions and guarantees expressed as formal properties; the architecture is analyzed by verifying that each contract of composite components is correctly refined by the contracts of its subcomponents. The approach is very efficient, because the overall correctness proof

  • Improving the results of program analysis by abstract interpretation beyond the decreasing sequence
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-12-09
    Rémy Boutonnet; Nicolas Halbwachs

    The classical method for program analysis by abstract interpretation consists in computing first an increasing sequence using an extrapolation operation, called widening, to correctly approximate the limit of the sequence. Then, this approximation is improved by computing a decreasing sequence without widening, the terms of which are all correct, more and more precise approximations. It is generally

  • Wireless protocol validation under uncertainty
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-11-27
    Jinghao Shi; Shuvendu K. Lahiri; Ranveer Chandra; Geoffrey Challen

    Runtime validation of wireless protocol implementations cannot always employ direct instrumentation of the device under test (DUT). The DUT may not implement the required instrumentation, or the instrumentation may alter the DUT’s behavior when enabled. Wireless sniffers can monitor the DUT’s behavior without instrumentation, but they introduce new validation challenges. Losses caused by wireless propagation

  • Theory and methodology of assumption/commitment based system interface specification and architectural contracts
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-11-25
    Manfred Broy

    This paper addresses the specification of and reasoning about interactive real-time systems, their interfaces, and architectures as well as their properties in terms of assumptions and commitments. Specifications are structured into assumptions restricting the behavior of the operational context of systems and commitments about the system behavior (also called rely/guarantee or assumption/promise specification

  • Learning analysis strategies for octagon and context sensitivity from labeled data generated by static analyses
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-11-21
    Kihong Heo; Hakjoo Oh; Hongseok Yang

    We present a method for automatically learning an effective strategy for clustering variables for the Octagon analysis from a given codebase. This learned strategy works as a preprocessor of Octagon. Given a program to be analyzed, the strategy is first applied to the program and clusters variables in it. We then run a partial variant of the Octagon analysis that tracks relationships among variables

  • An improved algorithm for the control synthesis of nonlinear sampled switched systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-11-11
    Adrien Le Coënt; Julien Alexandre dit Sandretto; Alexandre Chapoutot; Laurent Fribourg

    A novel algorithm for the control synthesis for nonlinear switched systems is presented in this paper. Based on an existing procedure of state-space bisection and made available for nonlinear systems with the help of guaranteed integration, the algorithm has been improved to be able to consider longer patterns of modes with a better pruning approach. Moreover, the use of guaranteed integration also

  • Keeping logic in the trivium of computer science: a teaching perspective
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-10-28
    J. A. Makowsky; A. Zamansky

    In this paper we argue that the traditional syllabus of logic courses for computer science is outdated and missing its purposes, therefore contributing to the gradual relegation of logic from the computing curricula. We further provide some practical recommendations and directions that need to be considered in the adaptation of the logic course syllabi to the needs of modern computing practitioners

  • On the complexity of monitoring Orchids signatures, and recurrence equations
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-10-28
    Jean Goubault-Larrecq; Jean-Philippe Lachance

    Modern monitoring tools such as our intrusion detection tool Orchids work by firing new monitor instances dynamically. Given an Orchids signature (a.k.a. a rule, a specification), what is the complexity of checking that specification, that signature? In other words, let f(n) be the maximum number of monitor instances that can be fired on a sequence of n events: we design an algorithm that decides whether

  • Validating numerical semidefinite programming solvers for polynomial invariants
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-10-14
    Pierre Roux; Yuen-Lam Voronin; Sriram Sankaranarayanan

    Semidefinite programming (SDP) solvers are increasingly used as primitives in many program verification tasks to synthesize and verify polynomial invariants for a variety of systems including programs, hybrid systems and stochastic models. On one hand, they provide a tractable alternative to reasoning about semi-algebraic constraints. However, the results are often unreliable due to “numerical issues”

  • Propagation based local search for bit-precise reasoning
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-10-02
    Aina Niemetz; Mathias Preiner; Armin Biere

    Many applications of computer-aided verification require bit-precise reasoning as provided by satisfiability modulo theories (SMT) solvers for the theory of quantifier-free fixed-size bit-vectors. The current state-of-the-art in solving bit-vector formulas in SMT relies on bit-blasting, where a given formula is eagerly translated into propositional logic (SAT) and handed to an underlying SAT solver

  • Shield synthesis
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-25
    Bettina Könighofer; Mohammed Alshiekh; Roderick Bloem; Laura Humphrey; Robert Könighofer; Ufuk Topcu; Chao Wang

    Shield synthesis is an approach to enforce safety properties at runtime. A shield monitors the system and corrects any erroneous output values instantaneously. The shield deviates from the given outputs as little as it can and recovers to hand back control to the system as soon as possible. In the first part of this paper, we consider shield synthesis for reactive hardware systems. First, we define

  • Para $$^2$$ 2 : parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-20
    Igor Konnov; Marijana Lazić; Helmut Veith; Josef Widder

    Automatic verification of threshold-based fault-tolerant distributed algorithms (FTDA) is challenging: FTDAs have multiple parameters that are restricted by arithmetic conditions, the number of processes and faults is parameterized, and the algorithm code is parameterized due to conditions counting the number of received messages. Recently, we introduced a technique that first applies data and counter

  • A methodology to take credit for high-level verification during RTL verification
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-19
    Frederic Doucet; Robert Kurshan

    High-level verification and synthesis of SystemC models has become increasingly popular as a means to reduce the high RTL verification cost of today’s complex designs. However, the saving derived from performing verification at a higher level of abstraction is largely negated if the RTL then must be completely reverified. We demonstrate how global (system-level) properties may be verified at a behavioral

  • Non-intrusive runtime monitoring through power consumption to enforce safety and security properties in embedded systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-19
    Carlos Moreno; Sebastian Fischmeister

    The increasing complexity and connectivity of modern embedded systems highlight the importance of runtime monitoring to ensure correctness and security. This poses a significant challenge, since monitoring tools can break extra-functional requirements such as timing constraints. Non-intrusive program tracing through side-channel analysis techniques have recently appeared in the literature and constitute

  • Program synthesis for interactive-security systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-16
    William R. Harris; Somesh Jha; Thomas W. Reps; Sanjit A. Seshia

    Developing practical but secure programs remains an important and open problem. Recently, the operating-system and architecture communities have proposed novel systems, which we refer to as interactive-security systems. They provide primitives that a program can use to perform security-critical operations, such as reading from and writing to system storage by restricting some modules to execute with

  • On compiling Boolean circuits optimized for secure multi-party computation
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-14
    Niklas Büscher; Martin Franz; Andreas Holzer; Helmut Veith; Stefan Katzenbeisser

    Secure multi-party computation (MPC) allows two or more distrusting parties to jointly evaluate a function over private inputs. For a long time considered to be a purely theoretical concept, MPC transitioned into a practical and powerful tool to build privacy-enhancing technologies. However, the practicality of MPC is hindered by the difficulty to implement applications on top of the underlying cryptographic

  • Conditions of contracts for separating responsibilities in heterogeneous systems
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-09-13
    Jonas Westman; Mattias Nyberg

    A general, compositional, and component-based contract theory is proposed for modeling and specifying heterogeneous systems, characterized by consisting of parts from different domains, e.g. software, electrical and mechanical. Given a contract consisting of assumptions and a guarantee, clearly separated conditions on a component and its environment are presented where the conditions ensure that the

  • Automating regression verification of pointer programs by predicate abstraction
    Form. Methods Syst. Des. (IF 0.673) Pub Date : 2017-08-31
    Vladimir Klebanov; Philipp Rümmer; Mattias Ulbrich

    Regression verification is an approach complementing regression testing with formal verification. The goal is to formally prove that two versions of a program behave either equally or differently in a precisely specified way. In this paper, we present a novel automated approach for regression verification that reduces the equivalence of two related imperative pointer programs to constrained Horn clauses

Contents have been reproduced by permission of the publishers.
Springer 纳米技术权威期刊征稿
ACS ES&T Engineering
ACS ES&T Water