article

SMT-Based Bounded Model Checking for Embedded ANSI-C Software

Authors:

Lucas Cordeiro,

Bernd Fischer,

Joao Marques-SilvaAuthors Info & Claims

IEEE Transactions on Software Engineering, Volume 38, Issue 4

Pages 957 - 974

https://doi.org/10.1109/TSE.2011.59

Published: 01 July 2012 Publication History

Abstract

Propositional bounded model checking has been applied successfully to verify embedded software, but remains limited by increasing propositional formula sizes and the loss of high-level information during the translation preventing potential optimizations to reduce the state space to be explored. These limitations can be overcome by encoding high-level information in theories richer than propositional logic and using SMT solvers for the generated verification conditions. Here, we propose the application of different background theories and SMT solvers to the verification of embedded software written in ANSI-C in order to improve scalability and precision in a completely automatic way. We have modified and extended the encodings from previous SMT-based bounded model checkers to provide more accurate support for variables of finite bit width, bit-vector operations, arrays, structures, unions, and pointers. We have integrated the CVC3, Boolector, and Z3 solvers with the CBMC front-end and evaluated them using both standard software model checking benchmarks and typical embedded software applications from telecommunications, control systems, and medical devices. The experiments show that our ESBMC model checker can analyze larger problems than existing tools and substantially reduce the verification time.

Cited By

View all

Alshmrany KAldughaim MBhayat ACordeiro L(2024)FuSeBMC v4: Improving Code Coverage with Smart Seeds via BMC, Fuzzing and Static AnalysisFormal Aspects of Computing10.1145/366533736:2(1-25)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3665337
Wu YDeng QZhang W(2023)A Strategy to Unwind Loops in Incremental Bounded Model Checking for SoftwareProceedings of the 2023 3rd Guangdong-Hong Kong-Macao Greater Bay Area Artificial Intelligence and Big Data Forum10.1145/3660395.3660460(382-387)Online publication date: 22-Sep-2023
https://dl.acm.org/doi/10.1145/3660395.3660460
Tihanyi NBisztray TJain RFerrag MCordeiro LMavroeidis VMcIntosh SChoi EHerbold S(2023)The FormAI Dataset: Generative AI in Software Security through the Lens of Formal VerificationProceedings of the 19th International Conference on Predictive Models and Data Analytics in Software Engineering10.1145/3617555.3617874(33-43)Online publication date: 8-Dec-2023
https://dl.acm.org/doi/10.1145/3617555.3617874
Show More Cited By

Index Terms

SMT-Based Bounded Model Checking for Embedded ANSI-C Software
1. Software and its engineering
  1. Software creation and management
    1. Software verification and validation
      1. Formal software verification
  2. Software organization and properties
    1. Software functional properties
      1. Formal methods
        Model checking

Index terms have been assigned to the content through auto-classification.

Recommendations

Handling loops in bounded model checking of C programs via k-induction

The first attempts to apply the k-induction method to software verification are only recent. In this paper, we present a novel proof by induction algorithm, which is built on the top of a symbolic context-bounded model checker and uses an iterative ...
Bounded model checking of high-integrity software
HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technology

Model checking [5] is an automated algorithmic technique for exhaustive verification of systems, described as finite state machines, against temporal logic [9] specifications. It has been used successfully to verify hardware at an industrial scale [6]. ...
SMT-Based Bounded Model Checking for Embedded ANSI-C Software
ASE '09: Proceedings of the 24th IEEE/ACM International Conference on Automated Software Engineering

Propositional bounded model checking has been applied successfully to verify embedded software but is limited by the increasing propositional formula size and the loss of structure during the translation. These limitations can be reduced by encoding ...

Comments

Information & Contributors

Information

Published In

IEEE Transactions on Software Engineering Volume 38, Issue 4

July 2012

255 pages

ISSN:0098-5589

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 July 2012

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

59
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 27 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Alshmrany KAldughaim MBhayat ACordeiro L(2024)FuSeBMC v4: Improving Code Coverage with Smart Seeds via BMC, Fuzzing and Static AnalysisFormal Aspects of Computing10.1145/366533736:2(1-25)Online publication date: 20-May-2024
https://dl.acm.org/doi/10.1145/3665337
Wu YDeng QZhang W(2023)A Strategy to Unwind Loops in Incremental Bounded Model Checking for SoftwareProceedings of the 2023 3rd Guangdong-Hong Kong-Macao Greater Bay Area Artificial Intelligence and Big Data Forum10.1145/3660395.3660460(382-387)Online publication date: 22-Sep-2023
https://dl.acm.org/doi/10.1145/3660395.3660460
Tihanyi NBisztray TJain RFerrag MCordeiro LMavroeidis VMcIntosh SChoi EHerbold S(2023)The FormAI Dataset: Generative AI in Software Security through the Lens of Formal VerificationProceedings of the 19th International Conference on Predictive Models and Data Analytics in Software Engineering10.1145/3617555.3617874(33-43)Online publication date: 8-Dec-2023
https://dl.acm.org/doi/10.1145/3617555.3617874
Luo CMing JFu JPeng GLi Z(2023)Reverse Engineering of Obfuscated Lua Bytecode via Interpreter Semantics TestingIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.328925418(3891-3905)Online publication date: 1-Jan-2023
https://dl.acm.org/doi/10.1109/TIFS.2023.3289254
Leeson WDwyer MFilieri AGrundy JPollock LPenta M(2023)Sibyl: Improving Software Engineering Tools with SMT SelectionProceedings of the 45th International Conference on Software Engineering10.1109/ICSE48619.2023.00184(2185-2197)Online publication date: 14-May-2023
https://dl.acm.org/doi/10.1109/ICSE48619.2023.00184
Song KGadelha MBrauße FMenezes RCordeiro L(2023)ESBMC v7.3: Model Checking C++ Programs Using Clang ASTFormal Methods: Foundations and Applications10.1007/978-3-031-49342-3_9(141-152)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1007/978-3-031-49342-3_9
Fischer BLa Torre SParlato GSchrammel P(2022)CBMC-SSM: Bounded Model Checking of C Programs with Symbolic Shadow MemoryProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3559523(1-5)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3559523
Menezes RMoura DCavalcante Hde Freitas RCordeiro LRyu SSmaragdakis Y(2022)ESBMC-Jimple: verifying Kotlin programs via jimple intermediate representationProceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3543294(777-780)Online publication date: 18-Jul-2022
https://dl.acm.org/doi/10.1145/3533767.3543294
Brauße FShmarov FMenezes RGadelha MKorovin KReger GCordeiro LRyu SSmaragdakis Y(2022)ESBMC-CHERI: towards verification of C programs for CHERI platforms with ESBMCProceedings of the 31st ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3533767.3543289(773-776)Online publication date: 18-Jul-2022
https://dl.acm.org/doi/10.1145/3533767.3543289
Yan ZWang YXu H(2022)NNSMT: Deep Neural Networks for SMT Solvers FuzzingProceedings of the 8th International Conference on Computing and Artificial Intelligence10.1145/3532213.3532221(46-53)Online publication date: 18-Mar-2022
https://dl.acm.org/doi/10.1145/3532213.3532221
Show More Cited By

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Abstract

Cited By

Index Terms

Recommendations

Handling loops in bounded model checking of C programs via k-induction

Bounded model checking of high-integrity software