Nothing Special   »   [go: up one dir, main page]

skip to main content
10.1145/271771.271800acmconferencesArticle/Chapter ViewAbstractPublication PagesisstaConference Proceedingsconference-collections
Article
Free access

Model checking without a model: an analysis of the heart-beat monitor of a telephone switch using VeriSoft

Published: 01 March 1998 Publication History

Abstract

VeriSoft is a tool for systematically exploring the state spaces of systems composed of several concurrent processes executing arbitrary code written in full-fledged programming languages such as C or C++. The state space of a concurrent system is a directed graph that represents the combined behavior of all concurrent components in the system. By exploring its state space, VeriSoft can automatically detect coordination problems between the processes of a concurrent system.We report in this paper our analysis with VeriSoft of the "Heart-Beat Monitor" (HBM), a telephone switching application developed at Lucent Technologies. The HBM of a telephone switch determines the status of different elements connected to the switch by measuring propagation delays of messages transmitted via these elements. This information plays an important role in the routing of data in the switch, and can significantly impact switch performance.We discuss the steps of our analysis of the HBM using VeriSoft. Because no modeling of the HBM code is necessary with this tool, the total elapsed time before being able to run the first tests was on the order of a few hours, instead of several days or weeks that would have been needed for the (error-prone) modeling phase required with traditional model checkers or theorem provers.We then present the results of our analysis. Since VeriSoft automatically generates, executes and evaluates thousands of tests per minute and has complete control over nondeterminism, our analysis revealed HBM behavior that is virtually impossible to detect or test in a traditional lab-testing environment. Specifically, we discovered flaws in the existing documentation on this application and unexpected behaviors in the software itself. These results are being used as the basis for the redesign of the HBM software in the next commercial release of the switching software.

References

[1]
M. Adams, J. Coplien, R. Gamoke, tL Hanmer, F. Keeve, and K. Nicodemus. Fault-Tolerant Telecommunication System Patterns. In Vlissidesi Coplien, and Kerth, editors, Pattern Languages of Program Design - 2, pages 549-562. Addison-Wesley, 1996.
[2]
B. Alpern and F. B. Schneider. 'Recognizing safeiy and liveness. Distribut~ Computing, 2:1177-126, 1987.
[3]
A.,Aho, R. Sethl, and J. Ullman. Compilers: Principles, Techniques and Tools. Addison- Wesley, 1986.
[4]
B'. 'Boigelot and P. Godefroid. Automat{c Synthesis of SpecifiCations from the Dynamic Observation of Reactive Programs. In Proceedings of the Third International Woi'kshop on Tools and Algorithms for the Construction and Analysis ofSystems (TA GAS'97), volume 1217 of Lecture Notes in Computer Science, pages 321-333, Twente, April 1997. Springer-Verlag.
[5]
P. Cousot and R. Cousot. Abstract interpretstion: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Proceedings of the Fourth Annual A CM Symposium on Principles of Programming Languages, January 1977.
[6]
E.M. Clarke, E.A. Emerson, and A.P. sistla. Automatic verification of finite-state concurrent s~rstems using temporal logic specifica}tions. A CM Transactions on Programming Languages and Systems, 8(2):244-263, January 1986.
[7]
J.-D. Choi, B. P. Miller, and R. H. B. Netzer. Techniques for debugging parallel programs with fiowback analysis. A CM Transactions on Programming Languages and Systems, pages 491- 530, October 1991.'
[8]
J.C. Corbett. Constructing abstract models of concurrent real-time software. In Proceedings of ISSTA '96 (International Symposium on Software Testing and Analysis), pages 250-260, San Diego, January 1996.
[9]
R. Cleaveland, J. Parrow, and B. Steffen. The concurrency workbench: A semantics based tool for the verification of concurrent systems. A CM Transactions on Programming Languages and Systems, 1(15):36-72, 1993.
[10]
J. Chang, D. Richardson, and S. Sankar. 'Structural Specification-based Testing with ADL. In Proceedings of ISSTA '96 (International Symposium on Software Testing and Analysis), pages 62-70, San Diego, January 1996.
[11]
D. L. Dilll A. J. Drexler, A. J. Hu, and C. H. Yang. Protocol verification as a hardware design aid. In 1992 IEEE International Conference on Computer Design: VLSI in Computers and Processors, pages 522-525, Cambridge, MA, October 1992. IEEE Computer Society.
[12]
L.K. Dillon and Q. Yu. Oracles for checking temporal properties of concurrent systems. Software Engineering Notes, 19(5):140-153, December 1994. Proceedings of the 2nd ACM SIG- SOFT Symposium on Foundations of Software Engineering. ~,
[13]
J.C. Fernandez, H. Caravel, L. Mounter, A. Rasse, C. Rodriguez, and J. Sifakis. A toolbox for the verification of LOTOS programs. In Proc. of the 14th International Conference on Software Engineering iCSE'I~, Melbourne, Australia, May 1992. ACM.
[14]
Patrice Godefroid. Partial-Order Methods for the Verification of Concurrent Systems - An Approach to the State-Ezplosion Problem, volume 1032 of Lecture Notes in Computer Science. Springer-Verlag, January 1996.
[15]
P. Godefroid. Model Checking for Programming Languages using VeriSoft. In Proceedings of the 24th A CM Symposium on Principles of Programming Languages, pages 174-186, Paris, January 1997.
[16]
Z. Her'S1 and R. P. Kurshan. Software for ana~ lyrical development of communication protocols. AT~4T Technical Journal, 1990.
[17]
G. 3. Holzmann. Design and Validation of Computer Protocols. Prentice Hall, 1991.
[18]
L. Jagadeesan, A. Porter, C. Puchol, J.C. Ramruing, and L. Votta. Specification-based testing of reactive software: Tools and experiments. In Proceedings of the 19th IEEE International Conference on Software Engineering, 1997.
[19]
D.L. Long and L. A. Clarke. Data flow analysis of concurrent systems that use the rendezvous model of synchronization. In Proceedings of A CM Symposium on Testing, Analysis, and verification (TAVd), pages 21-35, Vancouver, October 1991.
[20]
O. Lichtenstein and A. Pnueli. Checking that finite state concurrent programs satisfy their linear specification. In Proceedings of the Twelfth A CM Symposium on Principles of Programming Languages, pages 97-107, New Orleans, January 1985.
[21]
K.L. McMillan. Symbolic Model Checking. Kluwer Academic Publishers, 1993.
[22]
S.S. Muchnick and N.D. Jones. Program Flow Analysis: Theory and Applications. Prentice- Hall, 1981.
[23]
S.P. Masticola and B. G. Ryder. Nonconcurrency analysis. In Proceedings of Fourth A CM SIGPLAN SympOsium on Principles f.4 Practice of Parallel programming, pages 129- 138, San Diego, May 1993.
[24]
J.P. q uielle and J. Sifakis. Specification and veriflcation of concurrent systems in CESAR. In Proc. 5th Int'l Syrup. on Programming, volume 137 of Lecture Notes in Computer Science, pages 337-351. Springer-Verlag, 1981.
[25]
D.J. Richardson. TAOS: Testing with analysis and oracle support. In Proceedings o/the' I99d international Symposium on Software Test-'~ ing and Analysis, August 1994.
[26]
R.N. Taylor. A general-purpose algorithm for analyzing concurrent programs. Communications of the A CM, pages 362-376, May 1983.
[27]
M.Y. Vardi and P. Wolper. An automatatheoretic approach to automafAc program verification. In Proceedings of the First Symposium on Logic in Computer Science, pages 322-331, Cambridge, June 1986.

Cited By

View all
  • (2024)Trading Space for Simplicity in Stateless Model CheckingReal Time and Such10.1007/978-3-031-73751-0_8(79-97)Online publication date: 23-Oct-2024
  • (2024)Parsimonious Optimal Dynamic Partial Order ReductionComputer Aided Verification10.1007/978-3-031-65630-9_2(19-43)Online publication date: 24-Jul-2024
  • (2023)Tailoring Stateless Model Checking for Event-Driven Multi-threaded ProgramsAutomated Technology for Verification and Analysis10.1007/978-3-031-45332-8_9(176-198)Online publication date: 19-Oct-2023
  • Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
ISSTA '98: Proceedings of the 1998 ACM SIGSOFT international symposium on Software testing and analysis
March 1998
170 pages
ISBN:0897919718
DOI:10.1145/271771
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 1998

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Article

Conference

ISSTA98
Sponsor:
ISSTA98: International Symposium on Software Testing and Analysis
March 2 - 4, 1998
Florida, Clearwater Beach, USA

Acceptance Rates

ISSTA '98 Paper Acceptance Rate 16 of 47 submissions, 34%;
Overall Acceptance Rate 58 of 213 submissions, 27%

Upcoming Conference

ISSTA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)81
  • Downloads (Last 6 weeks)12
Reflects downloads up to 13 Nov 2024

Other Metrics

Citations

Cited By

View all
  • (2024)Trading Space for Simplicity in Stateless Model CheckingReal Time and Such10.1007/978-3-031-73751-0_8(79-97)Online publication date: 23-Oct-2024
  • (2024)Parsimonious Optimal Dynamic Partial Order ReductionComputer Aided Verification10.1007/978-3-031-65630-9_2(19-43)Online publication date: 24-Jul-2024
  • (2023)Tailoring Stateless Model Checking for Event-Driven Multi-threaded ProgramsAutomated Technology for Verification and Analysis10.1007/978-3-031-45332-8_9(176-198)Online publication date: 19-Oct-2023
  • (2021)BAM: Efficient Model Checking for BarriersNetworked Systems10.1007/978-3-030-91014-3_16(223-239)Online publication date: 2-Dec-2021
  • (2020)HMCProceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems10.1145/3373376.3378480(1157-1171)Online publication date: 9-Mar-2020
  • (2020)Parallel Graph-Based Stateless Model CheckingAutomated Technology for Verification and Analysis10.1007/978-3-030-59152-6_21(377-393)Online publication date: 12-Oct-2020
  • (2019)Optimal stateless model checking for reads-from equivalence under sequential consistencyProceedings of the ACM on Programming Languages10.1145/33605763:OOPSLA(1-29)Online publication date: 10-Oct-2019
  • (2018)Optimal stateless model checking under the release-acquire semanticsProceedings of the ACM on Programming Languages10.1145/32765052:OOPSLA(1-29)Online publication date: 24-Oct-2018
  • (2013)Variable and thread bounding for systematic testing of multithreaded programsProceedings of the 2013 International Symposium on Software Testing and Analysis10.1145/2483760.2483764(145-155)Online publication date: 15-Jul-2013
  • (2009)State-space exploration for concurrent algorithms under weak memory orderingsACM SIGARCH Computer Architecture News10.1145/1556444.155645336:5(65-71)Online publication date: 20-Jun-2009
  • Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Get Access

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media