×

An iterative framework for simulation conformance. (English) Zbl 1105.68351

Summary: MAGIC is a software verification project for C source code which verifies conformance of software components against state-machine specifications. To this aim, MAGIC extracts abstract software models using predicate ahstraction, and resolves the inherent trade-off between model accuracy and scalability by an iterative abstraction refinement methodology. This paper presents the core principles implemented in the MAGIC verification engine, i.e., specification conformance using simulation and abstraction refinement. Viewing counterexamples as winning strategies in a simulation game between the implementation and the specification, we describe an algorithm where abstractions are refined on the basis of multiple winning strategies simultaneously. The refinement process is iterated until either a conformance with the specification is established, or a strategy to violate the specification is found to be realizable. In addition to the increase in expressiveness achieved by using simulation instead of trace containment, experimental results using OpenSSL indicate that our approach can lead to orders of magnitude improvement in verification time.

MSC:

68Q60 Specification and verification (program logics, model checking, etc.)
68Q85 Models and methods for concurrent and distributed computing (process algebras, bisimulation, transition nets, etc.)
91A80 Applications of game theory
68N15 Theory of programming languages

Software:

OpenSSL; MAGIC
PDFBibTeX XMLCite
Full Text: DOI Link