Abstract
The main goal of the Verisoft XT project is the creation of methods and tools which allow for the pervasive formal verification of integrated computer systems, and the prototypical realization of four concrete industrial application tasks.
In this paper, we report on two of Verisoft XT’s sub-projects, where formal verification is applied to real-world system software, namely Microsoft’s Hypervisor and the embedded operating system PikeOS. We describe the deductive verification technology used in Verisoft XT and the tool chain that implements these methods, including the C verifier called VCC and the SMT solver Z3.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
Everything that is not pure equality and propositional connectives is treated as theory in SMT. This includes the uninterpreted function theory, which could be axiomatized with ∀ x 1,…,x n ,y 1,…,y n .x 1=y 1 ∧ ⋅⋅⋅ ∧ x n =y n ⇒ f(x 1,…,x n )=f(y 1,…,y n ) for every function symbol f with arity n.
The E in “E-matching”stands for equality.
References
Ahrendt W, Beckert B, Giese M, Rümmer P (2010) Practical aspects of automated deduction for program verification. Künstl Intell (in this issue)
Barnett M, Leino KRM, Schulte W (2005) The Spec# programming system: an overview. In: Proceedings of the CASSIS 2004. LNCS, vol 3362. Springer, Berlin, pp 49–69
Baumann C, Beckert B, Blasum H, Bormer T (2009) Better avionics software reliability by code verification. In: Proceedings of the embedded world conference
Baumann C, Beckert B, Blasum H, Bormer T (2009) Formal verification of a microkernel used in dependable software systems. In: Proceedings of the SAFECOMP 2009. LNCS. Springer, Berlin
Böhme S, Moskal M, Schulte W, Wolff B (2010) HOL-Boogie: an interactive prover-backend for the verifying C compiler. J Autom Reas 44(1–2) 111–144
Cohen E, Dahlweid M, Hillebrand M, Leinenbach D, Moskal M, Santen T, Schulte W, Tobies S (2009) VCC: a practical system for verifying concurrent C. In: Proceedings of the TPHOLs 2009. LNCS, vol 5674. Springer, Berlin, pp 23–42. Invited paper
Cohen E, Moskal M, Schulte W, Tobies S (2010) Local verification of global invariants in concurrent programs. Technical Report MSR-TR-2010-9, Microsoft Research, January 2010
de Moura L, Bjørner N (2008) Z3: an efficient SMT solver. In: Proceedings of the TACAS 2008. LNCS, vol 4963. Springer, Berlin, pp 337–340
DeLine R, Leino KRM (2005) BoogiePL: a typed procedural language for checking object-oriented programs. Technical Report MSR-TR-2005-70, Microsoft Research
Detlefs DL, Leino KRM, Nelson G, Saxe JB (1998) Extended static checking. SRC Research Report 159, Compaq Systems Research Center, Palo Alto
Flanagan C, Leino KRM, Lillibridge M, Nelson G, Saxe JB, Stata R (2002) Extended static checking for Java. In: Proceedings of the PLDI 2002. SIGPLAN notices, vol 37. ACM, New York, pp 234–245
Kaiser R, Wagner S (2007) Evolution of the PikeOS microkernel. In: Proceedings of the 1st international workshop on microkernels for embedded systems (MIKES). Available at http://ertos.nicta.com.au/publications/papers/Kuz_Petters_07.pdf
Lahiri SK, Qadeer S (2008) Back to the future: revisiting precise program verification using SMT solvers. In: Proceedings of the POPL 2008. ACM, New York, pp 171–182
Leino KRM, Müller P (2004) Object invariants in dynamic contexts. In: Proceedings of the ECOOP 2008. LNCS, vol 3086. Springer, Berlin
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Beckert, B., Moskal, M. Deductive Verification of System Software in the Verisoft XT Project. Künstl Intell 24, 57–61 (2010). https://doi.org/10.1007/s13218-010-0005-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13218-010-0005-7