Abstract
We show that abstract interpretation-based static program analysis can be made efficient and precise enough to formally verify a class of properties for a family of large programs with few or no false alarms. This is achieved by refinement of a general purpose static analyzer and later adaptation to particular programs of the family by the end-user through parametrization. This is applied to the proof of soundness of data manipulation operations at the machine level for periodic synchronous safety critical embedded software. The main novelties are the design principle of static analyzers by refinement and adaptation through parametrization (Sect. 3 and 7), the symbolic manipulation of expressions to improve the precision of abstract transfer functions (Sect. 6.3), the octagon (Sect. 6.2.2), ellipsoid (Sect. 6.2.3), and decision tree (Sect. 6.2.4) abstract domains, all with sound handling of rounding errors in floating point computations, widening strategies (with thresholds: Sect. 7.1.2, delayed: Sect. 7.1.3) and the automatic determination of the parameters (parametrized packing: Sect. 7.2).
| Original language | English (US) |
|---|---|
| Pages (from-to) | 196-207 |
| Number of pages | 12 |
| Journal | ACM SIGPLAN Notices |
| Volume | 38 |
| Issue number | 5 |
| DOIs | |
| State | Published - May 2003 |
| Event | Proceedings of the ACM Sigplan 2003 Conference on Programming Language Design and Implementation - San Diego, CA, United States Duration: Jun 9 2003 → Jun 11 2003 |
Keywords
- Abstract domains
- Abstract interpretation
- Embedded
- Floating point
- Reactive
- Real-time
- Safety-critical software
- Static analysis
- Verification
ASJC Scopus subject areas
- Software
- Computer Graphics and Computer-Aided Design