An integrated environment for Spin-based C code checking Towards bringing model-driven code checking closer to practitioners

Model-driven code checking (MDCC) has been successfully used for the verification of functional requirements of C code. An environment model that describes the context, which a program is expected to run in, is defined in Promela, translated to a model checker program by Spin, and linked with the pr...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:International journal on software tools for technology transfer Ročník 21; číslo 3; s. 267 - 286
Hlavní autori: Ratiu, Daniel, Ulrich, Andreas
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Berlin/Heidelberg Springer Berlin Heidelberg 01.06.2019
Predmet:
Computer Science
Software Engineering
Software Engineering/Programming and Operating Systems
Spin 2017
Theory of Computation
Model checking
Domain-specific languages
Code sanitizers
Testing
Code verification
ISSN:1433-2779, 1433-2787
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:Model-driven code checking (MDCC) has been successfully used for the verification of functional requirements of C code. An environment model that describes the context, which a program is expected to run in, is defined in Promela, translated to a model checker program by Spin, and linked with the program acting as system under verification. In this article, we summarise the practical advantages of MDCC which motivate its use in an industrial setting and discuss the challenges to its broader adoption. Environment models exhibit heavily intertwined Promela and C code statements, which make them hard to write and understand. We propose a high-level language for verification harness definition which hides the Spin engine under the hood. A small number of language concepts is sufficient to define verification harnesses for commonly encountered C programs. Widening the scope of the approach, we provide means to verify programs that exhibit internal state and extend the set of checked properties beyond classical assertions to those checked by LLVM/Clang code sanitizers. Thus, a user can focus on finding the best solution to combine exhaustive exploration of the environment with testing strategies. Our approach is prototypically integrated into mbeddr development platform. We present its instantiation on real-world code examples and discuss our experiences gained with the verification of software from the railway domain.
ISSN:1433-2779
1433-2787
DOI:10.1007/s10009-019-00510-w