The University of Southampton
×
Filter your search:
University of Southampton Institutional Repository

Handling loops in bounded model checking of C programs via k-induction

Handling loops in bounded model checking of C programs via k-induction
Handling loops in bounded model checking of C programs via k-induction
The first attempts to apply the k-induction method to software verification are only recent. In this paper, we present a novel proof by induction algorithm, which is built on the top of a symbolic context-bounded model checker and uses an iterative deepening approach to verify, for each step k up to a given maximum, whether a given safety property ϕ holds in the program. The proposed k-induction algorithm consists of three different cases, called base case, forward condition, and inductive step. Intuitively, in the base case, we aim to find a counterexample with up to k loop unwindings; in the forward condition, we check whether loops have been fully unrolled and that ϕ holds in all states reachable within k unwindings; and in the inductive step, we check that whenever ϕ holds for k unwindings, it also holds after the next unwinding of the system. The algorithm was implemented in two different ways, a sequential and a parallel one, and the results were compared. Experimental results show that both forms of the algorithm can handle a wide variety of safety properties extracted from standard benchmarks, ranging from reachability to time constraints. And by comparison, the parallel algorithm solves more verification tasks in less time. This paper marks the first application of the k-induction algorithm to a broader range of C programs; in particular, we show that our k-induction method outperforms CPAChecker in terms of correct results, which is a state-of-the-art k-induction-based verification tool for C programs.
1433-2779
97-114
Gadelha, Mikhail Y.R.
61c56e79-5115-4277-b1be-f479d40959a4
I. Ismail, Hussama
43cbf717-b153-43a8-9902-3aaba3866a49
C. Cordeiro, Lucas
911660fe-419c-4f91-801f-45afd802f08e
Gadelha, Mikhail Y.R.
61c56e79-5115-4277-b1be-f479d40959a4
I. Ismail, Hussama
43cbf717-b153-43a8-9902-3aaba3866a49
C. Cordeiro, Lucas
911660fe-419c-4f91-801f-45afd802f08e

Gadelha, Mikhail Y.R., I. Ismail, Hussama and C. Cordeiro, Lucas (2017) Handling loops in bounded model checking of C programs via k-induction. International Journal on Software Tools for Technology Transfer, 19 (1), 97-114. (doi:10.1007/s10009-015-0407-9).

Record type: Article

Abstract

The first attempts to apply the k-induction method to software verification are only recent. In this paper, we present a novel proof by induction algorithm, which is built on the top of a symbolic context-bounded model checker and uses an iterative deepening approach to verify, for each step k up to a given maximum, whether a given safety property ϕ holds in the program. The proposed k-induction algorithm consists of three different cases, called base case, forward condition, and inductive step. Intuitively, in the base case, we aim to find a counterexample with up to k loop unwindings; in the forward condition, we check whether loops have been fully unrolled and that ϕ holds in all states reachable within k unwindings; and in the inductive step, we check that whenever ϕ holds for k unwindings, it also holds after the next unwinding of the system. The algorithm was implemented in two different ways, a sequential and a parallel one, and the results were compared. Experimental results show that both forms of the algorithm can handle a wide variety of safety properties extracted from standard benchmarks, ranging from reachability to time constraints. And by comparison, the parallel algorithm solves more verification tasks in less time. This paper marks the first application of the k-induction algorithm to a broader range of C programs; in particular, we show that our k-induction method outperforms CPAChecker in terms of correct results, which is a state-of-the-art k-induction-based verification tool for C programs.

Text
sttt - Accepted Manuscript
Available under License University of Southampton Accepted Manuscript Licence.
Download (1MB)

More information

e-pub ahead of print date: 23 November 2015
Published date: February 2017
Learn more about Electronics & Computer Science research

Identifiers

Local EPrints ID: 426967
URI: http://eprints.soton.ac.uk/id/eprint/426967
DOI: doi:10.1007/s10009-015-0407-9
ISSN: 1433-2779
PURE UUID: bf5e7959-047b-4c2f-ac43-5b998197ba44

Catalogue record

Date deposited: 19 Dec 2018 17:30
Last modified: 15 Mar 2024 23:23

Export record

Altmetrics

Contributors

Author: Mikhail Y.R. Gadelha
Author: Hussama I. Ismail
Author: Lucas C. Cordeiro

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Library staff additional information
Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×