| ||||||||||||||||||||||||||||||||||||||||||||||||||||
Vol. 15 No. 4, © The Author, 2005. Published by Oxford University Press. All rights reserved.
Original Articles |
An Iterative Framework for Simulation Conformance
1 Computer Science Department, Carnegie Mellon University, Pittsburgh, PA - 15213, USA. Email: chaki{at}cs.cmu.edu, emc{at}cs.cmu.edu, 2 University of Wisconsin, Computer Sciences Department University of Wisconsin Madison, WI 53706, USA. Email: jha{at}cs.wisc.edu, 3 Institut für Informatik (17) Technische Universität München Boltzmannstraße 3 D-85748 Garching bei München, Germany. Email: veith{at}in.tum.edu
MAGIC is a software verification project for C source code which verifies conformance of software components against statemachine specifications. To this aim, MAGIC extracts abstract software models using predicate abstraction, and resolves the inherent trade-off between model accuracy and scalability by an iterative abstraction refinement methodology. This paper presents the core principles implemented in the MAGIC verification engine, i.e. specification conformance using simulation and abstraction refinement. Viewing counterexamples as winning strategies in a simulation game between the implementation and the specification, we describe an algorithm where abstractions are refined on the basis of multiple winning strategies simultaneously. The refinement process is iterated until either a conformance with the specification is established, or a strategy to violate the specification is found to be realizable. In addition to the increase in expressiveness achieved by using simulation instead of trace containment, experimental results using OpenSSL indicate that our approach can lead to orders of magnitude improvement in verification time.
Keywords: Software verification, C programs, concurrency, simulation, abstraction, refinement
Received 1 April 2005.