CN114297063A - Method and system for automated formal modeling and verification of source code - Google Patents
Method and system for automated formal modeling and verification of source code Download PDFInfo
- Publication number
- CN114297063A CN114297063A CN202111623804.3A CN202111623804A CN114297063A CN 114297063 A CN114297063 A CN 114297063A CN 202111623804 A CN202111623804 A CN 202111623804A CN 114297063 A CN114297063 A CN 114297063A
- Authority
- CN
- China
- Prior art keywords
- attribute
- source code
- verification
- security
- generator
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Debugging And Monitoring (AREA)
- Stored Programmes (AREA)
Abstract
The invention discloses a method and a system for automatic formal modeling and verification of a source code, which is a general and automatic formal modeling and verification scheme oriented to software and hardware of a computer system, wherein the whole process of the scheme is carried out automatically without manual intervention; particularly, through effective compression and efficient search of the state space, the problem of state space explosion can be solved to a certain extent, and formal verification work aiming at large-scale software and hardware source codes can be completed within a limited time.
Description
Technical Field
The invention relates to the field of automated security analysis of software and hardware of a computer system, in particular to a method and a system for automated formal modeling and verification of source codes.
Background
Today, formal modeling and verification techniques are widely used in the fields of software, hardware, security protocols, and the like.
In the field of C language program verification, CPAChecker (Beyer D, Keremoglu M E. CPAChecker: A tool for configurable software version [ C ]// International Conference on Computer aid version. Springer, Berlin, Heidelberg,2011: 184-; CBMC (Kroening D, Tautschnig M. CBMC-C bound model checker [ C ]// International Conference on Tools and Algorithms for the Construction and Analysis of systems. Springer, Berlin, Heidelberg,2014: 389-; NuSMV (Cimatti A, Clarke E, Giunciglia F, et al. NuSMV: A new symbololic model modifier [ C ]// International conference on computer aided modifier. Springer, Berlin, Heidelberg,1999:495-499.) employs a symbolic model detection algorithm to compress the state space to be verified to some extent. However, the above tools have limited capacity for reducing the state space and use less efficient state space search strategies, which makes it difficult to perform the verification work on larger-scale programs in a limited time.
In the field of Smart contract verification, SMARTPULSE (Stephens J, Ferles K, Mariano B, et al SmartPulse: Automated Checking of Temporal Properties in Smart controls [ C ]// IEEE S & P.2021.) can convert a Smart contract into a buchi automaton and automatically verify given timing attributes; VerX (Permenev A, Dimitrov D, Tsankov P, et al. Verx: Safety verification of smart spectra [ C ]//2020IEEE Symposium on Security and Privacy (SP). IEEE,2020:1661-1677.) verifies a manually defined timing Security specification using symbolic execution and abstract interpretation techniques. The problem with both of these efforts is that the security attributes or specifications of the intelligent contract need to be manually provided, which is difficult to apply to large-scale automatic verification of the intelligent contract.
In the field of safety protocol verification, ProVerif (blanche B. an effective cryptographic protocol verifier based on protocol rules [ C ]// csfw.2001,1:82-96.) supports the verification of an infinite round number protocol based on a logic programming language (PROLOG) rule; Maude-NPA (Escorbar S, Meadows C, Meseguer J. Maude-NPA: Cryptographic protocol Analysis module essential properties [ M ]// provisions of Security Analysis and Design V. Springer, Berlin, Heidelberg,2009:1-50.) supports infinite session model, not only can attack and vulnerability search be realized, but also can safety certification be realized; tamarin (Meier S, Schmidt B, Cremers C, et al. the TAMARIN protocol for the systematic analysis of security protocols [ C ]// International Conference on Computer aid verification. Springer, Berlin, Heidelberg,2013: 696-containing 701.) describes the protocol flow based on the multiple set rewrite rule, and utilizes first-order logic to quantify the protocol message and time nodes, thereby realizing the description of the protocol attribute and supporting the verification of the protocol with complex control flow. The main problem with these types of tools is that their authentication process is based on static policies, which may prove to be untenable for a particular protocol.
In the field of hardware Verification, BtorMC (ArminBiere, AinanNiemetz, MathiasPreiner, et al. Btor2, BtorMC and Boorector 3.0[ J ]. International Conference on Computer aid Verification,2018.) uses a bounded model detection technique to solve the problem of invariant at word level; CoSA (Mattarei C, Mann M, Barrett C, et al. CoSA: Integrated Verification for Agile Hardware Design [ C ]// reference on Formal Methods in Computer aid design.0.) based on techniques such as K-induction, equivalence checking, etc. to verify the safety attribute and the activity attribute; EBMC (Mukherjee R, D Kroening, Melham t.hardware Verification Using Software Analyzers [ C ]// vlsi. ieee,2015.) translates the hardware description language into an equivalent word-level ANSI-C program, validating the specified attributes Using path-based symbolic simulation and predicate abstraction, etc. The tools mainly verify the functional attributes of the hardware, the support for the safety attributes of the hardware is lacked, and meanwhile, the attributes to be verified need to be manually set and cannot be automatically generated. In addition, they are only suitable for small-scale circuit verification, which would be difficult to verify for circuits of the order of billions of gates.
Disclosure of Invention
The invention aims to provide a method and a system for automatic formal modeling and verification of a source code, which are a general and automatic formal modeling and verification scheme oriented to software and hardware of a computer system, do not need manual intervention, can effectively compress state spaces of target software and hardware models according to security attributes, and adopt an intelligent state space search algorithm to ensure that correct verification results are obtained within a limited time.
The purpose of the invention is realized by the following technical scheme:
(corresponding to the claims, tentatively)
According to the technical scheme provided by the invention, the whole process is carried out automatically without manual intervention; particularly, through effective compression and efficient search of the state space, the problem of state space explosion can be solved to a certain extent, and formal verification work aiming at large-scale software and hardware source codes can be completed within a limited time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flow chart of a method for automated formal modeling and verification of source code according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of intelligent contract code provided by an embodiment of the present invention;
FIG. 3 is a schematic diagram of a C language code according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a system for automated formal modeling and verification of source code according to an embodiment of the present invention;
fig. 5 is a schematic diagram of a processing apparatus according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
The terms that may be used herein are first described as follows:
the terms "comprising," "including," "containing," "having," or other similar terms of meaning should be construed as non-exclusive inclusions. For example: including a feature (e.g., material, component, ingredient, carrier, formulation, material, dimension, part, component, mechanism, device, process, procedure, method, reaction condition, processing condition, parameter, algorithm, signal, data, product, or article of manufacture), is to be construed as including not only the particular feature explicitly listed but also other features not explicitly listed as such which are known in the art.
The following describes a method for automated formal modeling and verification of source code provided by the present invention in detail. Details which are not described in detail in the embodiments of the invention belong to the prior art which is known to the person skilled in the art. Those not specifically mentioned in the examples of the present invention were carried out according to the conventional conditions in the art or conditions suggested by the manufacturer.
As shown in fig. 1, a method for automated formal modeling and verification of source code mainly includes the following steps:
The embodiment of the invention provides a general and automatic formalized modeling and verification scheme oriented to software and hardware of a computer system, and source codes comprise but are not limited to general software languages, hardware description languages, network protocol languages and the like, such as C, C + +, Java, Verilog, intelligent contract languages and the like.
And 2, combining the given abstract strategy abstract source code running process to obtain an attribute independent model for describing all running paths when the source code is executed.
As shown in FIG. 1, this step may be implemented by a generic formal model generator. The general formal model generator abstracts the running process of the source code to obtain an attribute-independent model, and reduces the related variables of the attribute-independent model by using a given abstraction strategy to obtain a final attribute-independent model. Specifically, the method comprises the following steps:
1) the generated attribute-independent model is independent of the specific security attributes: the attribute-independent model only represents the running process of the abstracted source code, and no further abstraction is made according to the security attribute. The attribute-independent model cannot be used directly for security verification of a certain security attribute.
2) The running process of the source code is abstracted: according to the given abstract strategy, the generator reduces the related variables in the attribute-independent model, thereby reducing the state space of the model.
In the embodiment of the invention, the attribute-independent model is a formal model, and comprises but is not limited to a Kripke structure model, a Hall triad model, a state transfer machine model, a Turing machine model and the like. The attribute-independent model describes all possible execution paths of the code as it executes.
In the embodiment of the invention, the abstract strategy is used as external information and input into the general formal model generator, or the abstract strategy is embedded and fixed in the general formal model generator. Fig. 1 illustrates an example of the case where an abstract policy is input as external information to the generic formal model generator.
And 3, combining the given attribute generation strategy with the source code content to obtain a security attribute set.
This step may be implemented by a security attribute generator, as shown in fig. 1. The security attribute generator intelligently judges whether security risks exist according to the context of the source code, sets corresponding security attributes according to the judgment result, and reduces the set security attributes by combining a given attribute generation strategy to obtain a security attribute set. Specifically, the method comprises the following steps:
1) intelligently judging the possible security risks according to the context of the source code, thereby setting the security attributes: for example, existing keywords are used to determine possible risks, and if malloc keywords occur, relevant heap attributes are generated; and if the send keyword occurs, generating related concurrent attributes or network security attributes and the like. For example, the coupling relationship between the modules is determined, and whether a local attribute or a global attribute is set is determined. The main objective here is to reduce useless attributes, to improve the judgment efficiency of formal verification, and to reduce the possibility of false positives.
2) The given attribute generation policy is used to further reduce useless security attributes. For example: if a source code only concerns the security of the memory heap, the attribute generation policy only contains the setting of the security attribute, and the security attribute generator can exclude other irrelevant policies according to the attribute generation policy. Therefore, the attribute generation strategy further reduces useless attributes and improves the automatic verification efficiency.
In the embodiment of the present invention, the security attribute refers to a requirement that needs to be met at a certain time of program operation or after the operation is finished, such as reachability, privacy, and the like, and the expression manner of the security attribute includes, but is not limited to, a constraint expression such as LTL, CTL, and the like.
In the embodiment of the invention, the attribute generation strategy is used as external information and is input into the security attribute generator, or the attribute generation strategy is fixed in the security attribute generator in an embedded manner. Fig. 1 illustrates an example of a case where an attribute generation policy is input to the security attribute generator as external information.
And 4, combining the attribute-independent model and the security attribute set to obtain a series of constraint solving problems.
This step may be implemented by an attribute-dependent model generator, as shown in FIG. 1. The attribute-dependent model generator abstracts the attribute-independent model by using the security attribute set to obtain a series of constraint solving problems, and reduces the state space of the attribute-independent model, thereby reducing the difficulty of verifying a certain security attribute.
In the embodiment of the invention, the constraint solving problem describes a system comprising a plurality of variables, a plurality of constraint relations exist among the variables, and the solving goal of the problem is to judge whether a group of solutions related to the variables exist or not so as to meet all the constraint relations. Generally speaking, if a solution exists in the constraint solving problem, a corresponding certain security attribute is not established, and the solution is an opposite example against the security attribute; otherwise, if no solution exists, the security attribute is established. The constraint relational expressions include, but are not limited to, the following forms: propositional logic, first order logic, high order logic, temporal logic, etc.
And 5, verifying each constraint solving problem, and summarizing all verification results to serve as verification results of the source codes.
As shown in fig. 1, this step may be implemented by a verifier; the input corresponding to each verifier is used for solving the problem in a single constraint mode, and the output of all verifiers is finally summarized (namely all verification results are listed together) to form the verification result of the source code.
In an embodiment of the present invention, each verifier includes: an option generator and a selection engine; wherein:
1) the option generator inputs a constraint solving problem and outputs a tree structure; the tree root represents a proposition corresponding to the verification target, the child node of each node represents an available option proposition when whether the corresponding node is established is verified, and the leaf node is a proposition which is supposed to be established certainly;
in the embodiment of the invention, the generation process of the tree structure is on demand. When all child nodes of a certain node need to be acquired, the child nodes of the certain node need to be calculated, and particularly in the process of tree walking, when the child nodes of the certain node need to be searched, related child nodes need to be constructed and then used for searching. The purpose of this process is to reduce the computational and memory overhead of the tree generation process.
2) The input of the selection engine is a tree structure and child nodes of the currently explored node (as alternate items), and the output is an option, namely a verification result; after selecting the child node of the currently explored node, equivalently exploring one step, continuously using a selection engine to continuously explore, and finally reaching the leaf node, wherein the formed exploration path is the verification result.
In the embodiment of the present invention, the selection algorithm of the selection engine may be selected by using a machine learning algorithm, including but not limited to deep learning such as DQN or an algorithm such as reinforcement learning.
According to the scheme of the embodiment of the invention, the whole process is carried out automatically without manual intervention. Particularly, through effective compression and efficient search of the state space, the problem of state space explosion can be solved to a certain extent, and formal verification work aiming at large-scale software and hardware source codes can be completed within a limited time.
For ease of understanding, the above aspects of the invention are described below with reference to two specific examples.
Example 1
As shown in fig. 2, for the intelligent contract code obtained in this example, the following steps are performed with reference to the foregoing scheme:
1. a generic formal model generator: inputting source code and given abstract strategy, and outputting a multiple set duplication system (namely an attribute-independent model) to describe all possible operation paths of the code during execution. The related variables in the source code are symbolized in the multi-set copy system.
2. A security attribute generator: firstly, generating an invariance attribute according to the keyword transfer of the line 15 of the code, and requiring the sum of the amount of each account and the balance of the Ethernet currency to be kept unchanged during the execution of the transaction. And then, generating equivalent attributes according to the read-write static state of the global variable existing by the gift function and the withdraw function, and requiring that the transaction execution sequence of calling the two functions does not influence the balance of the Ethernet currency of each account. Finally, assuming that the given attribute generation policy is directed to Ethernet balance security, the security attributes are all preserved.
3. An attribute-dependent model generator: and inputting an attribute independent model and a security attribute set, and outputting a series of constraint solving problems. And modifying the infinite round of transaction execution simulated by the attribute-independent model according to the invariance attribute and the characteristic of the equivalent attribute in transaction units, so that the final model simulates only one transaction execution or limited transaction executions each time. And then, converting the verification target of the existing model into a reachability problem, namely whether the execution of the withdraw function and the gift function can be completed on the premise that the invariance attribute or the equivalence attribute is not established. If so, solving whether the constraints on the corresponding execution paths can be simultaneously satisfied.
4. A verifier: the plurality of verifiers solve the reachability problem and the constraint solving problem simultaneously. The selection generator of each verifier inputs the constraint solving problem and outputs a tree structure. The tree root represents a proposition corresponding to the verification target, the child node of each node represents an option proposition available when the node is verified to be established, and the leaf node is a proposition assumed to be established in the constraint system. And the selection engine uses the DQN, selects a leaf node in the tree structure to continue option generation until the tree structure is trapped in endless loop, assigns a negative reward value to the path on the current tree, generates the tree structure again according to the initial target until the problem solving is completed, and obtains a verification result.
Example 2
As shown in fig. 3, for the C language code obtained in this example, the following steps are performed with reference to the foregoing scheme:
1. a generic formal model generator: the method comprises the steps of inputting source code and a given abstract strategy, and outputting an automatic machine model (namely an attribute-independent model) based on program control flow and data flow.
2. A security attribute generator: the purpose of deriving this loop is to ensure that larget is greater than every element in array x, and that array [ ] is of length SIZE, according to the laws of operation of lines 15 and 16 of the code. Therefore, to verify whether the loop body of lines 14-18 can be properly operated, the following assertion is generated:
int x;
for(x=0;x<SIZE;x++){
__VERIFIER_assert(largest>=array[x]);
}
the assertion is the generated safety attribute, the assertion is placed at the tail part of the code, and the verification problem of the C language program is converted into the problem whether the condition in the assertion can be reached or not.
3. An attribute-dependent model generator: and inputting an attribute independent model and a security attribute set, and outputting a series of constraint solving problems. In order to reduce the state space scale of the model to be verified of the target program, the generator performs longitudinal slicing and transverse partitioning on the C language program according to the key variables of larges and array [ x ] in the assertion. Then, each program block and slice segment are respectively converted into a constraint solving formula, and whether the constraint solving formula set is solvable or not is further calculated, namely whether assertions in the program can be reached or not along different control flow paths.
4. A verifier: the plurality of verifiers solve the reachability problem and the constraint solving problem simultaneously. The selection generator of each verifier inputs a constraint solving problem and outputs a tree structure. The tree root represents a proposition corresponding to the verification target, the child node of each node represents an option proposition available when the node is verified to be established, and the leaf node is a proposition assumed to be established in the constraint system. The selection engine uses the A3C network to select a leaf node in the tree structure to continue the option generation. If a false counterexample (spurrious counterexample) occurs in the verification process, the selection engine assigns a negative reward value to the path on the current tree at the moment, and generates a tree structure according to the initial target again until the problem solution is completed and a correct verification result is generated.
Another embodiment of the present invention further provides a system for automated formal modeling and verification of source code, which is mainly used to implement the method provided in the foregoing embodiment, as shown in fig. 4, the system mainly includes:
a source code obtaining unit for obtaining a source code to be verified;
the universal formal model generator is used for combining the given abstract strategy abstract source code running process to obtain an attribute-independent model for describing all running paths when the source code is executed;
the security attribute generator is used for combining a given attribute generation strategy and source code content to obtain a security attribute set;
the attribute-dependent model generator is used for combining the attribute-independent model and the security attribute set to obtain a series of constraint solving problems;
and the verifier is used for verifying each constraint solving problem and summarizing all verification results to be used as the verification results of the source codes.
It will be clear to those skilled in the art that, for convenience and simplicity of description, the foregoing division of the functional modules is merely used as an example, and in practical applications, the above function distribution may be performed by different functional modules according to needs, that is, the internal structure of the system is divided into different functional modules to perform all or part of the above described functions.
It should be noted that, the main technical details related to the above system have been described in detail in the previous embodiment of the method, and therefore, are not described again.
Another embodiment of the present invention further provides a processing apparatus, as shown in fig. 5, which mainly includes: one or more processors; a memory for storing one or more programs; wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the methods provided by the foregoing embodiments.
Further, the processing device further comprises at least one input device and at least one output device; in the processing device, a processor, a memory, an input device and an output device are connected through a bus.
In the embodiment of the present invention, the specific types of the memory, the input device, and the output device are not limited; for example:
the input device can be a touch screen, an image acquisition device, a physical button or a mouse and the like;
the output device may be a display terminal;
the Memory may be a Random Access Memory (RAM) or a non-volatile Memory (non-volatile Memory), such as a disk Memory.
Another embodiment of the present invention further provides a readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the method provided by the foregoing embodiment.
The readable storage medium in the embodiment of the present invention may be provided in the foregoing processing device as a computer readable storage medium, for example, as a memory in the processing device. The readable storage medium may be various media that can store program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a magnetic disk, or an optical disk.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for automated formal modeling and verification of source code, comprising:
acquiring a source code to be verified;
obtaining attribute-independent models describing all running paths of the source code during execution by combining the running process of the abstract source code with a given abstract strategy;
combining a given attribute generation strategy with source code content to obtain a security attribute set;
combining the attribute-independent model and the security attribute set to obtain a series of constraint solving problems;
and verifying each constraint solving problem, and summarizing all verification results to be used as the verification result of the source code.
2. The method for automated formal modeling and verification of source code according to claim 1, wherein abstracting the source code runtime in conjunction with a given abstract policy, obtaining attribute-independent models that describe all runtime paths of the source code when executing is implemented by a generic formal model generator;
the general formal model generator abstracts the running process of the source code to obtain an attribute-independent model, and reduces the related variables of the attribute-independent model by using a given abstraction strategy to obtain a final attribute-independent model.
3. The method for automated formal modeling and verification of source code according to claim 2, wherein the abstract policy is input into the generic formal model generator as external information or is fixed in-line in the generic formal model generator.
4. The method for automated formal modeling and verification of source code according to claim 1, wherein the generating of the policy in conjunction with the given attributes and the source code content to obtain the set of security attributes is implemented by a security attribute generator;
the security attribute generator intelligently judges whether security risks exist according to the context of the source code, sets corresponding security attributes according to the judgment result, and reduces the set security attributes by combining a given attribute generation strategy to obtain a security attribute set; the security attribute is a requirement which needs to be met at a certain time of running of the source code or after running is finished.
5. The method for automated formal modeling and verification for source code according to claim 4, wherein the attribute generation policy is input into the security attribute generator as external information or is fixed in-line in the security attribute generator.
6. The method for automated formal modeling and verification for source code according to claim 1, wherein the combining of the attribute-independent model with the set of security attributes to obtain a series of constraint solving problems is implemented by an attribute-dependent model generator;
the attribute-dependent model generator abstracts the attribute-independent model by using a security attribute set to obtain a series of constraint solving problems and reduce the state space of the attribute-independent model; the problem is solved by determining whether a set of solutions for the variables exists to satisfy all the constraint relationships.
7. The method for automated formal modeling and verification of source code according to claim 1, wherein the verification of each constraint solving problem is performed by a verifier; inputting a single constraint solving problem corresponding to each verifier;
each verifier includes: an option generator and a selection engine; wherein, the option generator inputs constraint solving problem and outputs a tree structure; the tree root represents a proposition corresponding to the verification target, the child node of each node represents an available option proposition when whether the corresponding node is established is verified, and the leaf node is a proposition which is supposed to be established certainly; the input of the selection engine is a tree structure and child nodes of the currently explored node, the child nodes of the currently explored node are used as alternative items, the output is an option, the child nodes of the currently explored node are selected to represent exploration of one step, the selection engine is continuously used to conduct exploration, the leaf nodes are finally reached, and the formed exploration path is the verification result.
8. A system for automated formal modeling and verification of source code for implementing the method of any one of claims 1 to 7, the system comprising:
a source code obtaining unit for obtaining a source code to be verified;
the universal formal model generator is used for combining the given abstract strategy abstract source code running process to obtain an attribute-independent model for describing all running paths when the source code is executed;
the security attribute generator is used for combining a given attribute generation strategy and source code content to obtain a security attribute set;
the attribute-dependent model generator is used for combining the attribute-independent model and the security attribute set to obtain a series of constraint solving problems;
and the verifier is used for verifying each constraint solving problem and summarizing all verification results to be used as the verification results of the source codes.
9. A processing device, comprising: one or more processors; a memory for storing one or more programs;
wherein the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method of any of claims 1-7.
10. A readable storage medium, storing a computer program, characterized in that the computer program, when executed by a processor, implements the method according to any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111623804.3A CN114297063B (en) | 2021-12-28 | 2021-12-28 | Method and system for automated formal modeling and verification of source code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111623804.3A CN114297063B (en) | 2021-12-28 | 2021-12-28 | Method and system for automated formal modeling and verification of source code |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114297063A true CN114297063A (en) | 2022-04-08 |
| CN114297063B CN114297063B (en) | 2022-09-30 |
Family
ID=80971945
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111623804.3A Active CN114297063B (en) | 2021-12-28 | 2021-12-28 | Method and system for automated formal modeling and verification of source code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114297063B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460297A (en) * | 2022-09-06 | 2022-12-09 | 中国科学技术大学 | Automatic formal verification method for network security protocol |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020100022A1 (en) * | 2000-05-08 | 2002-07-25 | Holzmann Gerard J. | Method and apparatus for automatic verification of properties of a concurrent software system |
| CN105049283A (en) * | 2015-07-07 | 2015-11-11 | 天津大学 | Security exchange protocol model detection method |
| CN110532176A (en) * | 2019-07-31 | 2019-12-03 | 平安科技(深圳)有限公司 | A kind of formalization verification method, electronic device and the storage medium of intelligence contract |
| CN112685315A (en) * | 2021-01-05 | 2021-04-20 | 电子科技大学 | C-source code-oriented automatic formal verification tool and method |
-
2021
- 2021-12-28 CN CN202111623804.3A patent/CN114297063B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20020100022A1 (en) * | 2000-05-08 | 2002-07-25 | Holzmann Gerard J. | Method and apparatus for automatic verification of properties of a concurrent software system |
| CN105049283A (en) * | 2015-07-07 | 2015-11-11 | 天津大学 | Security exchange protocol model detection method |
| CN110532176A (en) * | 2019-07-31 | 2019-12-03 | 平安科技(深圳)有限公司 | A kind of formalization verification method, electronic device and the storage medium of intelligence contract |
| CN112685315A (en) * | 2021-01-05 | 2021-04-20 | 电子科技大学 | C-source code-oriented automatic formal verification tool and method |
Non-Patent Citations (4)
| Title |
|---|
| ZIHAN ZHOU 等: "SPrune: A Code Pruning Tool for Ethereum", 《2020 6TH INTERNATIONAL CONFERENCE ON BIG DATA COMPUTING AND COMMUNICATIONS (BIGCOM)》 * |
| 李晓宇: "以太坊代币智能合约形式化验证技术研究", 《中国优秀硕士论文全文数据库 信息科技辑》 * |
| 欧阳恒一 等: "一种代币智能合约的形式化建模与验证方法", 《计算机工程》 * |
| 欧阳恒一: "基于强化学习的网络安全协议形式化验证与应用技术研究", 《中国优秀硕士论文全文数据库 信息科技辑》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115460297A (en) * | 2022-09-06 | 2022-12-09 | 中国科学技术大学 | Automatic formal verification method for network security protocol |
| CN115460297B (en) * | 2022-09-06 | 2023-06-30 | 中国科学技术大学 | Automatic form verification method for network security protocol |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114297063B (en) | 2022-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Huang et al. | Automated model checking and testing for composite web services | |
| Burch et al. | Symbolic model checking: 1020 states and beyond | |
| Cyrluk et al. | Effective theorem proving for hardware verification | |
| Saidi | Model checking guided abstraction and analysis | |
| Ioannides et al. | Coverage-directed test generation automated by machine learning--a review | |
| Dávid et al. | Foundations for streaming model transformations by complex event processing | |
| Heule et al. | Software model synthesis using satisfiability solvers | |
| US7587707B2 (en) | Predicate abstraction via symbolic decision procedures | |
| Fan et al. | Answering graph pattern queries using views | |
| Li et al. | Automatic loop-invariant generation anc refinement through selective sampling | |
| Tulsian et al. | MUX: algorithm selection for software model checkers | |
| Fan et al. | Answering pattern queries using views | |
| Wachter et al. | Probabilistic model checking modulo theories | |
| Giacobbe et al. | Neural termination analysis | |
| CN114297063B (en) | Method and system for automated formal modeling and verification of source code | |
| Błądek et al. | Counterexample-driven genetic programming: heuristic program synthesis from formal specifications | |
| Brady et al. | Learning conditional abstractions | |
| CN107748716A (en) | The lookup method and terminal device of a kind of bug | |
| CN112131587A (en) | Intelligent contract pseudo-random number security inspection method, system, medium and device | |
| Di Pompeo et al. | An Efficient Performance-Driven Approach for HW/SW Co-Design | |
| Elgendy et al. | A Survey of the Metrics, Uses, and Subjects of Diversity-Based Techniques in Software Testing | |
| Yuan et al. | Making better use of repair templates in automated program repair: a multi-objective approach | |
| Kong et al. | On accelerating smt-based bounded model checking of hstm designs | |
| Jeppu et al. | Active learning of abstract system models from traces using model checking | |
| Yogananda Jeppu et al. | Active learning of abstract system models from traces using model checking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |