Skip to main content
SpringerLink
Log in

On temporal path conditions in dependence graphs

  • Published:
Automated Software Engineering Aims and scope Submit manuscript

Abstract

Program dependence graphs are a well-established device to represent possible information flow in a program. Path conditions in dependence graphs have been proposed to express more detailed circumstances of a particular flow; they provide precise necessary conditions for information flow along a path or chop in a dependence graph. Ordinary boolean path conditions, however, cannot express temporal properties, e.g. that for a specific flow it is necessary that some condition holds, and later another specific condition holds.

In this contribution, we introduce temporal path conditions, which extend ordinary path conditions by temporal operators in order to express temporal dependencies between conditions for a flow. We present motivating examples, generation and simplification rules, application of model checking to generate witnesses for a specific flow, and a case study. We prove the following soundness property: if a temporal path condition for a path is satisfiable, then the ordinary boolean path condition for the path is satisfiable. The converse does not hold, indicating that temporal path conditions are more precise.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  • Ammons, G., Bodik, R., Larus, J.R.: Mining specifications. In: Symposium on Principles of Programming Languages, pp. 4–16 (2002)

  • Ball, T., Rajamani, S.K.: Bebop: a path-sensitive interprocedural dataflow engine. In: Workshop on Program Analysis for Software Tools and Engineering, pp. 97–103 (2001)

  • Ball, T., Rajamani, S.K.: The SLAM project: debugging system software via static analysis. In: Symposium on Principles of Programming Languages, pp. 1–3 (2002)

  • Canfora, G., Cimitile, A., De Lucia, A.: Conditioned program slicing. Inf. Softw. Technol. 30, 595–607 (1998)

    Article  Google Scholar 

  • Cimatti, A., Clarke, E.M., Giunchiglia, F., Roveri, M.: NuSMV: A new symbolic model verifier. In: International Conference on Computer Aided Verification. Lect. Notes Comp. Sci., vol. 1633, pp. 495–499. Springer, Berlin (1999)

    Chapter  Google Scholar 

  • Clarke, Jr., E.M., Grumberg, O., Peled, D.A.: Model Checking. The MIT Press, Cambridge (2000)

    Google Scholar 

  • Corbett, J.C., Dwyer, M.B., Hatcliff, J., Laubach, S., Păsăreanu, C.S., Robby, Zheng, H.: Bandera: Extracting finite-state models from Java source code. In: International Conference on Software Engineering, pp. 439–448 (2000)

  • Cytron, R., Ferrante, J., Rosen, B.K., Wegman, M.N., Zadeck, F.K.: Efficiently computing static single assignment form and the control dependence graph. ACM Trans. Program. Lang. Syst. 13(4), 451–490 (1991)

    Article  Google Scholar 

  • Darvas, A., Hähnle, R., Sands, D.: A theorem proving approach to analysis of secure information flow. In: International Conference on Security in Pervasive Computing. Lect. Notes Comp. Sci., vol. 3450, pp. 193–209. Springer, Berlin (2005)

    Google Scholar 

  • Das, M., Lerner, S., Seigle, M.: ESP: Path-sensitive program verification in polynomial time. In: Prog. Lang. Des. Implement., pp. 57–68. (2002)

  • Dhurjati, D., Das, M., Yang, Y.: Path-sensitive dataflow analysis with iterative refinement. In: Static Analysis Symposium. Lect. Notes Comp. Sci., vol. 4134, pp. 425–442. Springer, Berlin (2006)

    Chapter  Google Scholar 

  • Dwyer, M.B., Hatcliff, J., Joehanes, R., Laubach, S., Păsăreanu, C.S., Robby, Visser, W., Zheng, H.: Tool-supported program abstraction for finite-state verification. In: International Conference on Software Engineering, pp. 177–187 (2001)

  • Fischer, J., Jhala, R., Majumdar, R.: Joining dataflow with predicates. In: Found. Softw. Eng., pp. 227–236 (2005)

  • Hammer, C., Krinke, J., Snelting, G.: Information flow control for Java based on path conditions in dependence graphs. In: International Symposium on Secure Software Engineering, pp. 87–96 (2006)

  • Hampapuram, H., Yang, Y., Das, M.: Symbolic path simulation in path-sensitive dataflow analysis. In: Workshop on Program Analysis for Software Tools and Engineering, pp. 52–58 (2005)

  • Holzmann, G.J.: The SPIN Model Checker: Primer and Reference Manual. Addison-Wesley, Reading (2003)

    Google Scholar 

  • Hong, H.S., Cha, S.D., Lee, I., Sokolsky, O., Ural, H.: Data flow testing as model checking. In: International Conference on Software Engineering, pp. 232–242 (2003)

  • Krinke, J.: Advanced slicing of sequential and concurrent programs. PhD thesis, Universität Passau (2003)

  • Lochbihler, A.: Temporal path conditions in dependence graphs. Master’s thesis, Universität Passau (2006)

  • Lochbihler, A., Snelting, G.: On temporal path conditions in dependence graphs. In: International Working Conference on Source Code Analysis and Manipulation, pp. 49–58 (2007)

  • McMillan, K.L.: Symbolic model checking. PhD thesis, Carnegie Mellon University (1992)

  • Ranganath, V.P., Amtoft, T., Banerjee, A., Hatcliff, J., Dwyer, M.B.: A new foundation for control dependence and slicing for modern program structures. ACM Trans. Program. Lang. Syst. 29(5), 27 (2007)

    Article  Google Scholar 

  • Robschink, T.: Pfadbedingungen in Abhängigkeitsgraphen und ihre Anwendung in der Softwaresicherheitstechnik. PhD thesis, Universität Passau (2005)

  • Robschink, T., Snelting, G.: Efficient path conditions in dependence graphs. In: International Conference on Software Engineering, pp. 478–488 (2002)

  • Sabelfeld, A., Myers, A.C.: Language-based information-flow security. IEEE J. Sel. Areas Commun. 21(1), 5–19 (2003)

    Article  Google Scholar 

  • Snelting, G.: Combining slicing and constraint solving for validation of measurement software. In: Static Analysis Symposium. Lect. Notes Comp. Sci., vol. 1145, pp. 332–348. Springer, Berlin (1996)

    Google Scholar 

  • Snelting, G., Robschink, T., Krinke, J.: Efficient path conditions in dependence graphs for software safety analysis. ACM Trans. Softw. Eng. Methodol. 15(4), 410–457 (2006)

    Article  Google Scholar 

  • Tip, F.: A survey of program slicing techniques. J. Program. Lang. 3(3), 121–189 (1995)

    Google Scholar 

  • Xie, Y., Chou, A.: Path sensitive program analysis using Boolean satisfiability. Technical report, Stanford University (2002)

Download references

Author information

Authors and Affiliations

  1. Lehrstuhl Programmierparadigmen, Universität Karlsruhe (TH), Karlsruhe, Germany

    Andreas Lochbihler & Gregor Snelting

Authors
  1. Andreas Lochbihler
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gregor Snelting
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Andreas Lochbihler.

Additional information

An extended abstract of the present article appeared in the 2007 Proceedings of the Seventh IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM 2007). The research of A. Lochbihler was partially supported by Deutsche Forschungsgemeinschaft, grant Sn11/9-1.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Lochbihler, A., Snelting, G. On temporal path conditions in dependence graphs. Autom Softw Eng 16, 263–290 (2009). https://doi.org/10.1007/s10515-009-0050-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10515-009-0050-3

Keywords

Search

Navigation