Symbolic Model Checking of Software

Symbolic Model Checking of Software

In hardware verification, the introduction of symbolic model checking has been considered a breakthrough, allowing to verify systems clearly out-of-reach of any explicit-state model checker. In contrast, in the verification of concurrent software, model checking is still predominantly performed by explicitstate model checkers such as SPIN. These methods gain much of their efficiency from state-...

Efficient Symbolic Model Checking of Software Using Partial Disjunctive Partitioning

Comparing Symbolic and Explicit Model Checking of a Software System

There are two main paradigms for model checking: symbolic model checking, as is performed by the tool RuleBase, and explicit state model checking, as is performed by Spin. It is often accepted that the former is better for verifying hardware systems, while the latter has advantages for verifying software. We examine this piece of common wisdom in light of experience in verifying the software of...

Software Model Checking with Explicit Scheduler and Symbolic Threads

In many practical application domains, the software is organized into a set of threads, whose activation is exclusive and controlled by a cooperative scheduling policy: threads execute, without any interruption, until they either terminate or yield the control explicitly to the scheduler. The formal verification of such software poses significant challenges. On the one side, each thread may hav...

A Symbolic Model Checking Approach to Verifying Satellite Onboard Software

This paper discusses the use of symbolic model checking technology to verify the design of an embedded satellite software control system called attitude and orbit control system (AOCS). This system is mission-critical because it is responsible for maintaining the attitude of the satellite and for performing fault detection, isolation, and recovery decisions of the satellite. An executable AOCS ...