Abstract
Program dependence graphs are a well-established device to represent possible information flow in a program. Path conditions in dependence graphs have been proposed to express more detailed circumstances of a particular flow; they provide precise necessary conditions for information flow along a path or chop in a dependence graph. Ordinary boolean path conditions, however, cannot express temporal properties, e.g. that for a specific flow it is necessary that some condition holds, and later another specific condition holds.
In this contribution, we introduce temporal path conditions, which extend ordinary path conditions by temporal operators in order to express temporal dependencies between conditions for a flow. We present motivating examples, generation and simplification rules, application of model checking to generate witnesses for a specific flow, and a case study. We prove the following soundness property: if a temporal path condition for a path is satisfiable, then the ordinary boolean path condition for the path is satisfiable. The converse does not hold, indicating that temporal path conditions are more precise.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles and news from researchers in related subjects, suggested using machine learning.References
Ammons, G., Bodik, R., Larus, J.R.: Mining specifications. In: Symposium on Principles of Programming Languages, pp. 4–16 (2002)
Ball, T., Rajamani, S.K.: Bebop: a path-sensitive interprocedural dataflow engine. In: Workshop on Program Analysis for Software Tools and Engineering, pp. 97–103 (2001)
Ball, T., Rajamani, S.K.: The SLAM project: debugging system software via static analysis. In: Symposium on Principles of Programming Languages, pp. 1–3 (2002)
Canfora, G., Cimitile, A., De Lucia, A.: Conditioned program slicing. Inf. Softw. Technol. 30, 595–607 (1998)
Cimatti, A., Clarke, E.M., Giunchiglia, F., Roveri, M.: NuSMV: A new symbolic model verifier. In: International Conference on Computer Aided Verification. Lect. Notes Comp. Sci., vol. 1633, pp. 495–499. Springer, Berlin (1999)
Clarke, Jr., E.M., Grumberg, O., Peled, D.A.: Model Checking. The MIT Press, Cambridge (2000)
Corbett, J.C., Dwyer, M.B., Hatcliff, J., Laubach, S., Păsăreanu, C.S., Robby, Zheng, H.: Bandera: Extracting finite-state models from Java source code. In: International Conference on Software Engineering, pp. 439–448 (2000)
Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Efficiently computing static single assignment form and the control dependence graph. ACM Trans. Program. Lang. Syst. 13(4), 451–490 (1991)
Darvas, A., Hähnle, R., Sands, D.: A theorem proving approach to analysis of secure information flow. In: International Conference on Security in Pervasive Computing. Lect. Notes Comp. Sci., vol. 3450, pp. 193–209. Springer, Berlin (2005)
Das, M., Lerner, S., Seigle, M.: ESP: Path-sensitive program verification in polynomial time. In: Prog. Lang. Des. Implement., pp. 57–68. (2002)
Dhurjati, D., Das, M., Yang, Y.: Path-sensitive dataflow analysis with iterative refinement. In: Static Analysis Symposium. Lect. Notes Comp. Sci., vol. 4134, pp. 425–442. Springer, Berlin (2006)
Dwyer, M.B., Hatcliff, J., Joehanes, R., Laubach, S., Păsăreanu, C.S., Robby, Visser, W., Zheng, H.: Tool-supported program abstraction for finite-state verification. In: International Conference on Software Engineering, pp. 177–187 (2001)
Fischer, J., Jhala, R., Majumdar, R.: Joining dataflow with predicates. In: Found. Softw. Eng., pp. 227–236 (2005)
Hammer, C., Krinke, J., Snelting, G.: Information flow control for Java based on path conditions in dependence graphs. In: International Symposium on Secure Software Engineering, pp. 87–96 (2006)
Hampapuram, H., Yang, Y., Das, M.: Symbolic path simulation in path-sensitive dataflow analysis. In: Workshop on Program Analysis for Software Tools and Engineering, pp. 52–58 (2005)
Holzmann, G.J.: The SPIN Model Checker: Primer and Reference Manual. Addison-Wesley, Reading (2003)
Hong, H.S., Cha, S.D., Lee, I., Sokolsky, O., Ural, H.: Data flow testing as model checking. In: International Conference on Software Engineering, pp. 232–242 (2003)
Krinke, J.: Advanced slicing of sequential and concurrent programs. PhD thesis, Universität Passau (2003)
Lochbihler, A.: Temporal path conditions in dependence graphs. Master’s thesis, Universität Passau (2006)
Lochbihler, A., Snelting, G.: On temporal path conditions in dependence graphs. In: International Working Conference on Source Code Analysis and Manipulation, pp. 49–58 (2007)
McMillan, K.L.: Symbolic model checking. PhD thesis, Carnegie Mellon University (1992)
Ranganath, V.P., Amtoft, T., Banerjee, A., Hatcliff, J., Dwyer, M.B.: A new foundation for control dependence and slicing for modern program structures. ACM Trans. Program. Lang. Syst. 29(5), 27 (2007)
Robschink, T.: Pfadbedingungen in Abhängigkeitsgraphen und ihre Anwendung in der Softwaresicherheitstechnik. PhD thesis, Universität Passau (2005)
Robschink, T., Snelting, G.: Efficient path conditions in dependence graphs. In: International Conference on Software Engineering, pp. 478–488 (2002)
Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)
Snelting, G.: Combining slicing and constraint solving for validation of measurement software. In: Static Analysis Symposium. Lect. Notes Comp. Sci., vol. 1145, pp. 332–348. Springer, Berlin (1996)
Snelting, G., Robschink, T., Krinke, J.: Efficient path conditions in dependence graphs for software safety analysis. ACM Trans. Softw. Eng. Methodol. 15(4), 410–457 (2006)
Tip, F.: A survey of program slicing techniques. J. Program. Lang. 3(3), 121–189 (1995)
Xie, Y., Chou, A.: Path sensitive program analysis using Boolean satisfiability. Technical report, Stanford University (2002)
Author information
Authors and Affiliations
Corresponding author
Additional information
An extended abstract of the present article appeared in the 2007 Proceedings of the Seventh IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2007). The research of A. Lochbihler was partially supported by Deutsche Forschungsgemeinschaft, grant Sn11/9-1.
Rights and permissions
About this article
Cite this article
Lochbihler, A., Snelting, G. On temporal path conditions in dependence graphs. Autom Softw Eng 16, 263–290 (2009). https://doi.org/10.1007/s10515-009-0050-3
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10515-009-0050-3