Abstract
This paper describes several new features of the open-source model checker Kind 2. Its input language and model checking engines have been extended to allow users to model and reason about systems with machine integers. In addition, Kind 2 can now provide traceability information between specification and design elements, which can be used for several purposes, including assessing the quality of a system specification, tracking the safety impact of model changes, and analyzing the tolerance and resilience of a system against faults or cyber-attacks. Finally, Kind 2 is also able to check whether a component contract is realizable or not, and provide a deadlocking computation and a set of conflicting guarantees when the contract is unrealizable.
- Haniel Barbosa, ClarkW. Barrett, Martin Brain, Gereon Kremer, Hanna Lachnitt, Makai Mann, Abdalrhman Mohamed, Mudathir Mohamed, Aina Niemetz, Andres Nötzli, Alex Ozdemir, Mathias Preiner, Andrew Reynolds, Ying Sheng, Cesare Tinelli, and Yoni Zohar. 2022. cvc5: A Versatile and Industrial-Strength SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems - 28th International Conference, TACAS 2022, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022, Munich, Germany, April 2--7, 2022, Proceedings, Part I (Lecture Notes in Computer Science, Vol. 13243), Dana Fisman and Grigore Rosu (Eds.). Springer, 415--442. https://doi.org/10.1007/978--3-030--99524--9_24Google Scholar
- Aaron R. Bradley. 2011. SAT-Based Model Checking without Unrolling. In Verification, Model Checking, and Abstract Interpretation - 12th International Conference, VMCAI 2011, Austin, TX, USA, January 23--25, 2011. Proceedings (Lecture Notes in Computer Science, Vol. 6538), Ranjit Jhala and David A. Schmidt (Eds.). Springer, 70--87. https://doi.org/10.1007/978--3--642--18275--4_7Google Scholar
- Adrien Champion, Arie Gurfinkel, Temesghen Kahsai, and Cesare Tinelli. 2016. CoCoSpec: A Mode-Aware Contract Language for Reactive Systems. In Software Engineering and Formal Methods - 14th International Conference, SEFM 2016, Held as Part of STAF 2016, Vienna, Austria, July 4--8, 2016, Proceedings (Lecture Notes in Computer Science, Vol. 9763), Rocco De Nicola and eva Kühn (Eds.). Springer, 347--366. https://doi.org/10.1007/978--3--319--41591--8_24Google Scholar
- Adrien Champion, Alain Mebsout, Christoph Sticksel, and Cesare Tinelli. 2016. The Kind 2 Model Checker. In Computer Aided Verification - 28th International Conference, CAV 2016, Toronto, ON, Canada, July 17--23, 2016, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 9780), Swarat Chaudhuri and Azadeh Farzan (Eds.). Springer, 510-- 517. https://doi.org/10.1007/978--3--319--41540--6_29Google Scholar
- Hana Chockler, Daniel Kroening, and Mitra Purandare. 2010. Coverage in interpolation-based model checking. In Proceedings of the 47th Design Automation Conference, DAC 2010, Anaheim, California, USA, July 13--18, 2010, Sachin S. Sapatnekar (Ed.). ACM, 182--187. https://doi.org/10.1145/1837274.1837320Google ScholarDigital Library
- Leonardo Mendonça de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings (Lecture Notes in Computer Science, Vol. 4963), C. R. Ramakrishnan and Jakob Rehof (Eds.). Springer, 337--340. https://doi.org/10.1007/978- 3--540--78800--3_24Google ScholarCross Ref
- Kind 2 Developers. 2022. The Kind 2 user manual. The University of Iowa. https://kind.cs.uiowa.edu/kind2_user_doc/Google Scholar
- Grigory Fedyukovich, Arie Gurfinkel, and Aarti Gupta. 2019. Lazy but Effective Functional Synthesis. In Verification, Model Checking, and Abstract Interpretation - 20th International Conference, VMCAI 2019, Cascais, Portugal, January 13--15, 2019, Proceedings (Lecture Notes in Computer Science, Vol. 11388), Constantin Enea and Ruzica Piskac (Eds.). Springer, 92--113. https://doi.org/10.1007/978--3-030--11245--5_5Google Scholar
- Elaheh Ghassabani, Andrew Gacek, and Michael W. Whalen. 2016. Efficient generation of inductive validity cores for safety properties. In Proceedings of the 24th ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2016, Seattle, WA, USA, November 13--18, 2016, Thomas Zimmermann, Jane Cleland-Huang, and Zhendong Su (Eds.). ACM, 314--325. https://doi.org/10.1145/2950290. 2950346Google ScholarDigital Library
- Elaheh Ghassabani, Andrew Gacek, MichaelW. Whalen, Mats Per Erik Heimdahl, and Lucas G. Wagner. 2017. Proof-based coverage metrics for formal verification. In Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering, ASE 2017, Urbana, IL, USA, October 30 - November 03, 2017, Grigore Rosu, Massimiliano Di Penta, and Tien N. Nguyen (Eds.). IEEE Computer Society, 194--199. https://doi.org/10.1109/ASE.2017.8115632Google Scholar
- Nicolas Halbwachs, Fabienne Lagnier, and Christophe Ratel. 1992. Programming and Verifying Real-Time Systems by Means of the Synchronous Data-Flow Language LUSTRE. IEEE Trans. Software Eng. 18, 9 (1992), 785--793. https://doi.org/10.1109/32.159839Google ScholarDigital Library
- Andreas Katis, Grigory Fedyukovich, Huajun Guo, Andrew Gacek, John Backes, Arie Gurfinkel, and Michael W. Whalen. 2018. Validity- Guided Synthesis of Reactive Systems from Assume-Guarantee Contracts. In Tools and Algorithms for the Construction and Analysis of Systems - 24th International Conference, TACAS 2018, Held as Part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2018, Thessaloniki, Greece, April 14--20, 2018, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 10806), Dirk Beyer and Marieke Huisman (Eds.). Springer, 176--193. https://doi.org/10.1007/978--3--319- 89963--3_10Google Scholar
- Robert Könighofer, Georg Hofferek, and Roderick Bloem. 2013. Debugging formal specifications: a practical approach using model-based diagnosis and counterstrategies. Int. J. Softw. Tools Technol. Transf. 15, 5--6 (2013), 563--583. https://doi.org/10.1007/s10009-011-0221-yGoogle ScholarDigital Library
- Orna Kupferman and Moshe Y. Vardi. 2003. Vacuity detection in temporal model checking. Int. J. Softw. Tools Technol. Transf. 4, 2 (2003), 224--233. https://doi.org/10.1007/s100090100062Google ScholarCross Ref
- Daniel Larraz, Mickaël Laurent, and Cesare Tinelli. 2021. Merit and Blame Assignment with Kind 2. In Formal Methods for Industrial Critical Systems - 26th International Conference, FMICS 2021, Paris, France, August 24--26, 2021, Proceedings (Lecture Notes in Computer Science, Vol. 12863), Alberto Lluch-Lafuente and Anastasia Mavridou (Eds.). Springer, 212--220. https://doi.org/10.1007/978--3-030--85248--1_14Google Scholar
- Daniel Larraz, Mickaël Laurent, and Cesare Tinelli. 2021. Merit and Blame Assignment with Kind 2. CoRR abs/2105.06575 (2021). arXiv:2105.06575 https://arxiv.org/abs/2105.06575Google Scholar
- Daniel Larraz and Cesare Tinelli. 2022. Realizability Checking of Contracts with Kind 2. CoRR abs/2205.09082 (2022). https://doi.org/ 10.48550/arXiv.2205.09082 arXiv:2205.09082Google Scholar
- Alain Mebsout and Cesare Tinelli. 2016. Proof certificates for SMTbased model checkers for infinite-state systems. In 2016 Formal Methods in Computer-Aided Design, FMCAD 2016, Mountain View, CA, USA, October 3--6, 2016, Ruzica Piskac and Muralidhar Talupur (Eds.). IEEE, 117--124. https://doi.org/10.1109/FMCAD.2016.7886669Google Scholar
- Anitha Murugesan, Michael W. Whalen, Elaheh Ghassabani, and Mats Per Erik Heimdahl. 2016. Complete Traceability for Requirements in Satisfaction Arguments. In 24th IEEE International Requirements Engineering Conference, RE 2016, Beijing, China, September 12--16, 2016. IEEE Computer Society, 359--364. https://doi.org/10.1109/RE.2016.35Google Scholar
- Mary Sheeran, Satnam Singh, and Gunnar Stålmarck. 2000. Checking Safety Properties Using Induction and a SAT-Solver. In Formal Methods in Computer-Aided Design, Third International Conference, FMCAD 2000, Austin, Texas, USA, November 1--3, 2000, Proceedings (Lecture Notes in Computer Science, Vol. 1954),Warren A. Hunt Jr. and Steven D. Johnson (Eds.). Springer, 108--125. https://doi.org/10.1007/3--540--40922-X_8Google Scholar
- Kit Siu, Abha Moitra, Meng Li, Michael Durling, Heber Herencia- Zapana, John Interrante, Baoluo Meng, Cesare Tinelli, Omar Chowdhury, Daniel Larraz, et al. 2019. Architectural and Behavioral Analysis for Cyber Security. In 2019 IEEE/AIAA 38th Digital Avionics Systems Conference (DASC). IEEE, 1--10.Google Scholar
- Danielle Stewart, Jing Janet Liu, MichaelWWhalen, Darren Cofer, and Michael Peterson. 2020. Safety Annex for the Architecture Analysis and Design Language. (2020).Google Scholar
Recommendations
Model Checking CTL*[DC]
TACAS 2001: Proceedings of the 7th International Conference on Tools and Algorithms for the Construction and Analysis of SystemsWe define a logic called CTL*[DC] which extends CTL* with ability to specify past-time and quantitative timing properties using the formulae of Quantified Discrete-time Duration Calculus (QDDC). Alternately, we can consider CTL*[DC] as extending logic ...
Safety Analysis of Trampoline OS Using Model Checking: An Experience Report
ISSRE '11: Proceedings of the 2011 IEEE 22nd International Symposium on Software Reliability EngineeringModel checking is an effective technique used to identify subtle problems in software safety. Its comprehensive search method on system state space provides high-level confidence regarding verification results, and its automated counterexample ...
Statistical model checking of Timed Rebeca models
The actor-based language, Timed Rebeca, was introduced to model distributed and asynchronous systems with timing constraints and message passing communication. A toolset was developed for automated translation of Timed Rebeca models to Erlang. The ...
Comments