skip to main content
article

Ivy: safety verification by interactive generalization

Published:02 June 2016Publication History
Skip Abstract Section

Abstract

Despite several decades of research, the problem of formal verification of infinite-state systems has resisted effective automation. We describe a system --- Ivy --- for interactively verifying safety of infinite-state systems. Ivy's key principle is that whenever verification fails, Ivy graphically displays a concrete counterexample to induction. The user then interactively guides generalization from this counterexample. This process continues until an inductive invariant is found. Ivy searches for universally quantified invariants, and uses a restricted modeling language. This ensures that all verification conditions can be checked algorithmically. All user interactions are performed using graphical models, easing the user's task. We describe our initial experience with verifying several distributed protocols.

References

  1. P. A. Abdulla, K. Cerans, B. Jonsson, and Y. Tsay. Algorithmic analysis of programs with well quasi-ordered domains. Inf. Comput., 160(1-2):109–127, 2000. Google ScholarGoogle ScholarCross RefCross Ref
  2. A. R. Bradley. Sat-based model checking without unrolling. In Verification, Model Checking, and Abstract Interpretation - 12th International Conference, VMCAI, pages 70–87, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. E. Chang and R. Roberts. An improved algorithm for decentralized extrema-finding in circular configurations of processes. Communications of the ACM, 22(5):281–283, 1979. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. L. M. de Moura and N. Bjørner. Z3: An efficient SMT solver. In TACAS, pages 337–340, 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. E. W. Dijkstra. A Discipline of Programming. Prentice-Hall, 1976.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. C. Flanagan and K. R. M. Leino. Houdini, an annotation assistant for esc/java. In FME 2001: Formal Methods for Increasing Software Productivity, International Symposium of Formal Methods Europe, pages 500–517, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. S. M. German and A. P. Sistla. Reasoning about systems with many processes. J. ACM, 39(3):675–735, 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Hawblitzel, J. Howell, M. Kapritsos, J. R. Lorch, B. Parno, M. L. Roberts, S. T. V. Setty, and B. Zill. Ironfleet: proving practical distributed systems correct. In Proceedings of the 25th Symposium on Operating Systems Principles, SOSP, pages 1– 17, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. J. G. Henriksen, J. L. Jensen, M. E. Jørgensen, N. Klarlund, R. Paige, T. Rauhe, and A. Sandholm. Mona: Monadic second-order logic in practice. In Tools and Algorithms for Construction and Analysis of Systems, First International Workshop, TACAS, pages 89–110, 1995. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. C. A. R. Hoare. An axiomatic basis for computer programming. Commun. ACM, 12(10):576–580, 1969. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. G. Huet, G. Kahn, and C. Paulin-Mohring. The coq proof assistant a tutorial. Rapport Technique, 178, 1997.Google ScholarGoogle Scholar
  12. IronFleet Project. Distributed lock service protocol source code. https:// github.com/Microsoft/Ironclad/blob/ 40b281f9f9fa7cfca5a00a7085cb302e6b1a9aa6/ ironfleet/src/Dafny/Distributed/Protocol/ Lock/Node.i.dfy. Accessed: 2016-03-20.Google ScholarGoogle Scholar
  13. S. Itzhaky, A. Banerjee, N. Immerman, O. Lahav, A. Nanevski, and M. Sagiv. Modular reasoning about heap paths via effectively propositional formulas. In the 41st Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL, pages 385–396, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. S. Itzhaky, A. Banerjee, N. Immerman, A. Nanevski, and M. Sagiv. Effectively-propositional reasoning about reachability in linked data structures. In Computer Aided Verification - 25th International Conference, CAV, pages 756–772, 2013.Google ScholarGoogle Scholar
  15. Ivy PLDI’16 web page. https://www.cs.tau.ac.il/ ˜odedp/ivy/.Google ScholarGoogle Scholar
  16. D. Jackson. Software Abstractions: Resources and Additional Materials. MIT Press, 2011.Google ScholarGoogle Scholar
  17. A. Karbyshev, N. Bjørner, S. Itzhaky, N. Rinetzky, and S. Shoham. Property-directed inference of universal invariants or proving their absence. In Computer Aided Verification - 27th International Conference, CAV, pages 583–602, 2015.Google ScholarGoogle Scholar
  18. G. Klein, J. Andronick, K. Elphinstone, G. Heiser, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood. sel4: formal verification of an operating-system kernel. Commun. ACM, 53(6):107– 115, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. K. R. M. Leino. Dafny: An automatic program verifier for functional correctness. In Logic for Programming, Artificial Intelligence, and Reasoning - 16th International Conference, LPAR-16, pages 348–370, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. X. Leroy. Formal verification of a realistic compiler. Communications of the ACM, 52(7):107–115, 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. H. R. Lewis. Complexity results for classes of quantificational formulas. Journal of Computer and System Sciences, 21(3):317 – 353, 1980.Google ScholarGoogle ScholarCross RefCross Ref
  22. P. Madhusudan and X. Qiu. Efficient decision procedures for heaps using STRAND. In Static Analysis - 18th International Symposium, SAS 2011, Venice, Italy, September 14-16, 2011. Proceedings, pages 43–59, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. T. Nipkow, L. C. Paulson, and M. Wenzel. Isabelle/HOL - A Proof Assistant for Higher-Order Logic, volume 2283 of Lecture Notes in Computer Science. Springer, 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. B. Parno. private communication, 2016.Google ScholarGoogle Scholar
  25. F. Pérez and B. E. Granger. IPython: a system for interactive scientific computing. Computing in Science and Engineering, 9(3):21–29, May 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. R. Piskac, L. M. de Moura, and N. Bjørner. Deciding effectively propositional logic using DPLL and substitution sets. J. Autom. Reasoning, 44(4):401–424, 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. A. Pnueli, S. Ruah, and L. D. Zuck. Automatic deductive verification with invisible invariants. In Tools and Algorithms for the Construction and Analysis of Systems, 7th International Conference, TACAS, pages 82–97, 2001. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. J. R. Wilcox, D. Woos, P. Panchekha, Z. Tatlock, X. Wang, M. D. Ernst, and T. E. Anderson. Verdi: a framework for implementing and formally verifying distributed systems. In Proceedings of the 36th ACM SIGPLAN Conference on Programming Language Design and Implementation, pages 357– 368, 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. P. Zave. How to make chord correct (using a stable base). CoRR, abs/1502.06461, 2015.Google ScholarGoogle Scholar
  30. Y. Zhang, R. Power, S. Zhou, Y. Sovran, M. K. Aguilera, and J. Li. Transaction chains: achieving serializability with low latency in geo-distributed storage systems. In Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles, pages 276–291. ACM, 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Ivy: safety verification by interactive generalization

              Recommendations

              Comments

              Login options

              Check if you have access through your login credentials or your institution to get full access on this article.

              Sign in

              Full Access

              • Published in

                cover image ACM SIGPLAN Notices
                ACM SIGPLAN Notices  Volume 51, Issue 6
                PLDI '16
                June 2016
                726 pages
                ISSN:0362-1340
                EISSN:1558-1160
                DOI:10.1145/2980983
                • Editor:
                • Andy Gill
                Issue’s Table of Contents
                • cover image ACM Conferences
                  PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
                  June 2016
                  726 pages
                  ISBN:9781450342612
                  DOI:10.1145/2908080
                  • General Chair:
                  • Chandra Krintz,
                  • Program Chair:
                  • Emery Berger

                Copyright © 2016 ACM

                Publisher

                Association for Computing Machinery

                New York, NY, United States

                Publication History

                • Published: 2 June 2016

                Check for updates

                Qualifiers

                • article

              PDF Format

              View or Download as a PDF file.

              PDF

              eReader

              View online with eReader.

              eReader
              About Cookies On This Site

              We use cookies to ensure that we give you the best experience on our website.

              Learn more

              Got it!