TY - GEN
T1 - Property directed abstract interpretation
AU - Rinetzky, Noam
AU - Shoham, Sharon
N1 - Publisher Copyright: © Springer-Verlag Berlin Heidelberg 2016.
PY - 2016
Y1 - 2016
N2 - Recently, Bradley proposed the PDR/IC3 model checking algorithm for verifying safety properties, where forward and backward reachability analyses are intertwined, and guide each other. Many variants of Bradley’s original algorithm have been developed and successfully applied to both hardware and software verification. However, these algorithms have been presented in an operational manner, in disconnect with the rich literature concerning the theoretical foundation of static analysis formulated by abstract interpretation. Inspired by PDR, we develop a nonstandard semantics which computes for every 0 ≤ N an over-approximation of the set of traces of length N leading to a safety violation. The over approximation is precise, in the sense that it only includes traces that do not start at an initial state, unless the program is unsafe, and in this case the semantics aborts at a special error state. In a way, the semantics computes multiple over- approximations of bounded unsafe program behaviors using a sequence of abstractions whose precision grows automatically with N. We show that existing PDR algorithms can be described as a specific implementation of our semantics, performing an abstract interpretation of the program, but instead of aiming for a fixpoint, they stop early when either the backward analysis finds a counterexample or the states com- prising one of the bounded traces provides sufficient evidence that the program is safe. This places PDR within the solid framework of abstract interpretation, and thus provides a unified explanation of the different PDR algorithms as well as a new proof of their soundness.
AB - Recently, Bradley proposed the PDR/IC3 model checking algorithm for verifying safety properties, where forward and backward reachability analyses are intertwined, and guide each other. Many variants of Bradley’s original algorithm have been developed and successfully applied to both hardware and software verification. However, these algorithms have been presented in an operational manner, in disconnect with the rich literature concerning the theoretical foundation of static analysis formulated by abstract interpretation. Inspired by PDR, we develop a nonstandard semantics which computes for every 0 ≤ N an over-approximation of the set of traces of length N leading to a safety violation. The over approximation is precise, in the sense that it only includes traces that do not start at an initial state, unless the program is unsafe, and in this case the semantics aborts at a special error state. In a way, the semantics computes multiple over- approximations of bounded unsafe program behaviors using a sequence of abstractions whose precision grows automatically with N. We show that existing PDR algorithms can be described as a specific implementation of our semantics, performing an abstract interpretation of the program, but instead of aiming for a fixpoint, they stop early when either the backward analysis finds a counterexample or the states com- prising one of the bounded traces provides sufficient evidence that the program is safe. This places PDR within the solid framework of abstract interpretation, and thus provides a unified explanation of the different PDR algorithms as well as a new proof of their soundness.
UR - http://www.scopus.com/inward/record.url?scp=84955290034&partnerID=8YFLogxK
U2 - https://doi.org/10.1007/978-3-662-49122-5_5
DO - https://doi.org/10.1007/978-3-662-49122-5_5
M3 - منشور من مؤتمر
SN - 9783662491218
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 104
EP - 123
BT - Verification, Model Checking, and Abstract Interpretation - 17th International Conference, VMCAI 2016, Proceedings
A2 - Rustan, K.
A2 - Leino, M.
A2 - Jobstmann, Barbara
T2 - 17th International Conference on Verification, Model Checking, and Abstract Interpretation, VMCAI 2016
Y2 - 17 January 2016 through 19 January 2016
ER -