Correnson, A., Nießen, T., Finkbeiner, B., & Weissenbacher, G. (2024). Finding ∀∃ Hyperbugs using Symbolic Execution. Proceedings of the ACM on Programming Languages, 8(OOPSLA2), 1420–1445. https://doi.org/10.1145/3689761
E192-04 - Forschungsbereich Formal Methods in Systems Engineering
-
Journal:
Proceedings of the ACM on Programming Languages
-
Date (published):
8-Oct-2024
-
Number of Pages:
26
-
Publisher:
Association for Computing Machinery (ACM)
-
Peer reviewed:
Yes
-
Keywords:
Bounded model checking; Hyperproperties; Infinite-state systems; Symbolic execution
en
Abstract:
Many important hyperproperties, such as refinement and generalized non-interference, fall into the class of ∀∃ hyperproperties and require, for each execution trace of a system, the existence of another trace relating to the first one in a certain way. The alternation of quantifiers renders ∀∃ hyperproperties extremely difficult to verify, or even just to test. Indeed, contrary to trace properties, where it suffices to find a single counterexample trace, refuting a ∀∃ hyperproperty requires not only to find a trace, but also a proof that no second trace satisfies the specified relation with the first trace. As a consequence, automated testing of ∀∃ hyperproperties falls out of the scope of existing automated testing tools. In this paper, we present a fully automated approach to detect violations of ∀∃ hyperproperties in software systems. Our approach extends bug-finding techniques based on symbolic execution with support for trace quantification. We provide a prototype implementation of our approach, and demonstrate its effectiveness on a set of challenging examples.
en
Project title:
Logics for Computer Science Program at TU Wien: 101034440 (European Commission)
