Software Verification: 12th International Conference, VSTTE 2020, and 13th International Workshop, NSV 2020, Los Angeles, CA, USA, July 19-21, 2020, Revised Selected Papers 3030636178, 9783030636173

This book constitutes the refereed proceedings of the 12th International Conference on Verified Software, VSTTE 2020, an

131 101 14MB

English Pages 235 [257] Year 2021

Report DMCA / Copyright


Software Verification: 12th International Conference, VSTTE 2020, and 13th International Workshop, NSV 2020, Los Angeles, CA, USA, July 19-21, 2020, Revised Selected Papers
 3030636178, 9783030636173

Table of contents :
VSTTE 2020 Preface
VSTTE 2020 Organization
NSV 2020 Preface
NSV 2020 Organization
VSTTE 2020 Invited Talks
Goal-Directed Static Analysis and Software Frameworks
Formal Methods for Database Application Evolution
Automated Verification of Systems Software with Serval
NSV 2020 Invited Talks
Minimum Precision Requirements of Deep Neural Networks
Towards Numerical Assistants
Automatic Testing and Falsification with Dynamically Constrained Reinforcement Learning
VSTTE 2020
SARL: OO Framework Specification for Static Analysis
1 Introduction
1.1 Example SARL Specification
2 Related Work
3 Julia
4 The SARL Language
5 Experimental Results
5.1 WindowsForms
6 Conclusion
QPR Verify: A Static Analysis Tool for Embedded Software Based on Bounded Model Checking
1 Introduction
2 Challenges and Requirements for the Verification of Industrial Embedded Software
3 Architecture of QPR Verify
4 Application of QPR Verify
4.1 Setup and Preprocessing
4.2 Solving Strategies and Abstractions
4.3 Error Traces and Result Display
5 Evaluation
6 Conclusion and Future Work
Verified Translation Between Purely Functional and Imperative Domain Specific Languages in HELIX
1 Introduction
2 The Approach
3 MHCOL: An Intermediate Language
4 DHCOL: An Imperative Language
4.1 Definition
4.2 Proof of Semantics Preservation
5 Connecting the Dots: From FHCOL to LLVM IR
5.1 Correctness Proof Using Numerical Analysis
5.2 Compiling to LLVM IR
5.3 Implementation Details and Related Work
6 Conclusions and Future Work
Automatic Detection and Repair of Transition- Based Leakage in Software Binaries
1 Introduction
2 Background and Problem Formalization
2.1 Abstract State Machines
2.2 Leakage Modeling
2.3 Masking and Threat Model
3 Motivating Example
3.1 Transition-Based Leakage
3.2 Complications Ahead: Value-Based Leakage
4 Detection of Transition-Based Leakage
4.1 Potential and Genuine Leakage
4.2 Detection of Genuine Transition-Based Leakage
5 Repair of Transition-Based Leakage
6 Battl: Binary Analysis for Transition-Based Leakage
6.1 Implementation
6.2 Evaluation
7 Related Work
8 Conclusion and Future Work
BanditFuzz: A Reinforcement-Learning Based Performance Fuzzer for SMT Solvers
1 Introduction
2 Preliminaries
3 BanditFuzz: An RL-Based Performance Fuzzer
3.1 Description of the BanditFuzz Algorithm
3.2 Fuzzer: Instance Generator and Grammar-Preserving Mutator
3.3 RL Agent and Reward-Driven Feedback Loop in BanditFuzz
4 Results: BanditFuzz vs. Standard Fuzzing Approaches
4.1 Experimental Setup
4.2 Quantitative Method for Comparing Fuzzing Algorithms
4.3 Performance Fuzzing Results for FP SMT Solvers
4.4 Performance Fuzzing for String SMT Solvers
5 Related Work
6 Conclusions and Future Work
Synthesis of Solar Photovoltaic Systems: Optimal Sizing Comparison
1 Introduction
2 Background
2.1 Program Synthesis
2.2 Sizing Stand-Alone Solar PV Systems
3 Synthesizing Optimal Sizing of Stand-Alone Solar Photovoltaic Systems
4 Results and Discussion
4.1 Description of the Case Studies
4.2 Optimization/Simulation Tools and Assumptions
4.3 Objectives and Setup
4.4 Results
4.5 Comparison Between Formal Synthesis and HOMER Pro
4.6 Threats to Validity
5 Conclusions
Verified Transformations and Hoare Logic: Beautiful Proofs for Ugly Assembly Language
1 Introduction
2 Background: Vale and Assembly Language
3 Verified Code Transformers
3.1 Developer Workflow
3.2 Proving a Code Transformer Correct
3.3 Example Transformers
4 Verifying AES-GCM
4.1 Background on AES-GCM
4.2 Verifying AES-GCM via Code Transformations
5 Optimizing Code for Each Processor Generation
6 Related Work
7 Conclusions and Future Work
MCBAT: Model Counting for Constraints over Bounded Integer Arrays
1 Introduction
1.1 Overview
2 Array Theory: Background, Syntax, and Semantics
3 Model Counting Algorithm: MCBAT
3.1 The MCBAT Algorithm
3.2 Correctness
4 Experiments and Implementation
4.1 The MCBAT Implementation
4.2 MCBAT Experiments
5 Related Work
6 Conclusions and Future Work
Verification of an Optimized NTT Algorithm
1 Introduction
2 The Number Theoretic Transform
2.1 Basic NTT Implementation
2.2 Longa and Naehrig's Reduction
3 Verification
3.1 Out-of-the-Box Verification Techniques
3.2 Proofs by Abstract Interpretation
4 Discussion and Future Work
5 Conclusion
NSV 2020
Can We Avoid Rounding-Error Estimation in HPC Codes and Still Get Trustworthy Results?
1 Introduction
2 Discrete Stochastic Arithmetic (DSA)
2.1 DSA in a Nutshell
2.2 The CADNA Library
3 Error Induced by Perturbed Data
4 Combining DSA and Standard Floating-Point Arithmetic
5 Accuracy Comparison
5.1 Experimental Setup
5.2 Matrix Multiplication
5.3 Matrix-Vector Multiplication
6 Performance Comparison
6.1 Experimental Setup
6.2 Matrix Multiplication (Compute-Bound)
6.3 Matrix-Vector Multiplication (Memory-Bound)
7 Discussion: Pros and Cons of the Proposed Approach
7.1 Pros: Performance and Applicability
7.2 Cons: Instability Detection and Accuracy
8 Conclusion
An Efficient Floating-Point Bit-Blasting API for Verifying C Programs
1 Introduction
2 Floating-Point Arithmetic
3 A Floating-Point Bit-Blasting API for Verifying C Programs
3.1 Bit-Blasting Floating-Point Arithmetic
4 Experimental Evaluation
4.1 Experimental Setup
4.2 Floating-Point API Evaluation
4.3 Comparison to Other Software Verifiers
5 Related Work
6 Conclusions
Rigorous Enclosure of Round-Off Errors in Floating-Point Computations
1 Introduction
1.1 Motivating Example
2 Notation and Definitions
3 A Constraint System for Round-Off Error
3.1 Computing Rounding Errors
3.2 A CSP with Three Domains
3.3 Projection Functions
3.4 Links Between Domains of Values and Domains of Errors
3.5 Constraints over Errors
4 A Branch-and-Bound Algorithm to Maximize the Error
5 Related Work
6 Experimentation
7 Conclusion
Towards Numerical Assistants
1 Trust and Measurement in Herbie
2 Community and Generality in FPBench
3 The Future
Combining Zonotope Abstraction and Constraint Programming for Synthesizing Inductive Invariants
1 Introduction
2 Refinement-Based Inductive Invariant Inference
3 Zonotope Abstraction and Constraint Solving
3.1 Affine Forms and Zonotopes
3.2 Zonotope Operators
3.3 Coverage Operation
4 Experiments
5 Conclusion and Future Work
Author Index

Polecaj historie