A Simple Method for Extracting Models from Protocol Code
Abstract
The use of model checking for validation requires that models of the underlying system be created. Creating such models is both difficult and error prone and as a result verification is rarely used despite its advantages. In this paper, we present a method for automatically extracting models from low level software implementations. Our method is based on the use of an extensible compiler system, xg++, to perform the extraction. The extracted model is combined with a model of the hardware, a description of correctness, and an initial state. The whole model is then checked with the Mur phi model checker. As a case study, we apply our method to the cache coherence protocols of the Stanford FLASH multiprocessor Our system has a number of advantages. First, it reduces the cost of creating models, which allows model checking to be used more frequently. Second, it increases the effectiveness of model checking since the automatically extracted models are more accurate and faithful to the underlying implementation. We found a total of 8 errors using our system. Two errors were global resource errors, which would be difficult to find through any other means. We feel the approach is applicable to other low level systems.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jan 01, 2000
- Accession Number
- ADA419583
Entities
People
- Andy Chou
- David L. Dill
- David Lie
- Dawson Engler
Organizations
- Stanford University