Team Pop Art

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: New Results

Static Analysis and Abstract Interpretation

Implementation of the APRON library for numerical abstract domains

Participant : B. Jeannet [ contact person ] .

This new result corresponds to the software described in section  5.4 , in the context of the ACI-SI Apron (see  8.2.3 ). Since november 2006, the library has been improved with (many) bug corrections and the addition of several features, in collaboration with A. Miné from ENS Paris:

The core APRON library represents now 24000 LOC in C (compared to 10000 last year), to which one should add the code for the OCaml and C++ bindings.

We have several external users, as mentioned in section  5.4 , and two new domains should be added by external teams (CEA-LIST, Saclay, France, and Theoretical Science Group, University of Kent, UK).

We have presented a poster at the Static Analysis Symposium (SAS'07) that took place in Lyngby, Denmark, august 2007. This poster has also been displayed at the “Grand Colloque STIC 2007” event, 5–7 november 2007, together with a demo, and we also gave a talk.

Verification of Communication Protocols Using Abstract Interpretation of FIFO queues

Participants : T. Le Gall, B. Jeannet [ contact person ] .

The verification of communication protocols or distributed systems that can be modeled by set of sequential machines communicating via unbounded FIFO channels is the topic of the PhD of Tristan Le Gall. The main challenge of its PhD is the verification of such systems in the case where

The approach we follow is based on the theory of Abstract Interpretation. The applications of such verification techniques are the analysis of communicating protocols, which may contain subtle bugs, the automatic synthesis of controllers for distributed systems in order to ensure a correct global behavior, but also interprocedural analysis, as the queue datatype is very similar to the stack datatype.

We focused last year on the case of Communicating Finite-State Machines (CFSM)  [66] , a model where the values sent into FIFO queues belongs to bounded datatypes.

This year, we have generalized this approach to infinite-state communicating systems, where both processes and values contained in FIFO queues are infinite-state. We propose in [Oops!] a new abstract domain for languages on infinite alphabets, which acts as a functor taking an abstract domain for a concrete alphabet and lift it to an abstract domain for words on this alphabet. More precisely, provided an abstract domain for the elements of a set S , denoted as Im3 ${\#8472 (S)\#8592 A}$ , we build an abstract domain for words on the alphabet S , denoted as Im4 ${\#8472 {(S^*)}\#8592 \#120241 \#120254 \#120256 {(A)}}$ . The abstract representation is based on so-called lattice automata , which are finite automata labelled by the elements of an atomic lattice, that recognize words on atoms of this lattice. We have defined a normal form, standard language operations and a widening operator for these automata. We have applied this abstract lattice for the verification of symbolic communicating machines, and we have discussed its usefulness for interprocedural analysis.

Automatic Test Generation from Interprocedural Specifications

Participants : C. Constant, B. Jeannet [ contact person ] , T. Jéron.

With the Vertecs team, we have continued our collaboration on model-based testing, using static analysis methods for a precise selection. In [Oops!] , we have extended the principles and algorithms of model-based testing for recursive interprocedural specifications that can be modeled by (finite) Push-Down Systems (PDS) Such specifications may be more compact than non-recursive ones and are more expressive. The generated test cases are selected according to a test purpose, a (set of) scenario of interest that one wants to observe during test execution. The test generation method we have proposed is based on program transformations and a coreachability analysis, which allows to decide whether and how the test purpose can still be satisfied. However, despite the possibility to perform an exact analysis, the inability of test cases to inspect their own stack prevents it from using fully the coreachability information. We have analyzed this partial observation problem, its consequences, and we have proposed some solutions to minimize its impact.


Logo Inria