http: //www. cis. ksu. edu/bandera
The Bandera Perspective
Goals of the Project
In This Talk…
Goals
Model Checking OK Finite-state model or Model Checker Temporal logic formula Error trace
What makes modelchecking software difficult? OK or
Model Construction Problem Model Checker Program Model Description Programming Languages Model Description Languages
Model Construction Problem Code Base
What makes modelchecking software difficult? OK or
Property Specification Problem “Between the window open and the window close, button X can be pushed at most twice. ”
Property Specification Problem
Property Specification Problem Requirement: In general, a heap object has no program-level name that persists throughout the lifetime of the object.
What makes modelchecking software difficult? OK or
State Explosion Problem
What makes modelchecking software difficult? OK or
Output Interpretation Problem Program Model Description Must map line listing onto model description Mapping to source is made difficult by
Checker Inputs Model Checkers Java Source Checker Outputs
Model Construction Problem
Model Construction Problem Code Base
Model Construction Problem Closed. Base Code Unit
Property Specification Problem Between {open} and {close} {push. X} exists at. Most {2} times;
Addressing the State Explosion Problem
Addressing the Output Interpretation Problem Java Source
Bandera Architecture Property Tool Abstraction Analyses Engine BIRC Java Translators BIR Jimple Parser Slicer Error Trace Display Simulator
Bounded Buffer
Property Specification Requirement: Bandera Specification:
Property Specification Requirement: Bandera Specification:
Quantification
Quantification (Cont’d) Original Model Augmented Model
Quantification (Cont’d) Original Model Augmented Model
Quantification (Cont’d) Bandera compiles to…
Front End
Property-directed Slicing
Property-directed Slicing
Abstraction Engine Code Data domains
Compiling In Abstractions
Compiling In Abstractions
Comparing Traces
Choice-bounded Search X X
Property Abstraction Property System Model
 [](x > -2)](https://present5.com/presentation/0ac0058d364d757b17afcc59efecae22/image-44.jpg "Property Abstraction [](x > 0) [](x > -2)")
Property Abstraction [](x > 0) [](x > -2)
Heap Representation
Heap Representation
Heap Issues Observationally Equivalent
Simple Representation … … …
Bounded Buffer BIR
Bounded Buffer BIR
Bounded Search Strategies
Bounded Search Strategies
Bounded Buffer Promela
d. Spin Backend Observationally Equivalent
Case Study
Verification of Abstracted DEOS
Summary Bandera is an open platform for experimentation
Challenging Open Problems
Challenging Open Problems
Strategies for Moving Forward
Скачать презентацию http www cis ksu edu bandera The Bandera
0ac0058d364d757b17afcc59efecae22.ppt