Abstract
We propose a certification approach for checking the analysis results produced by symbolic execution. Given a program P under test, an analysis producer performs symbolic execution on P and creates a certificate C that represents the results of symbolic execution. The analysis consumer checks the validity of C with respect to P using efficient symbolic re-execution of P. The certificates are simple to create and easy to validate. Each certificate is a list of witnesses that include: test inputs that validate path feasibility without requiring any constraint solving; and infeasibility summaries that provide hints on how to efficiently establish path infeasibility. To account for incompleteness in symbolic execution (due to incompleteness of the backend solver), the certificate also contains an incompleteness summary. Our approach deploys constraint slicing and other heuristics as performance optimizations. Experimental results using a prototype certification tool based on Symbolic PathFinder for Java show that certification can be 3X to 370X (on average, 75X) faster than traditional symbolic execution. We also show the benefits of the approach for the reliability assessment of a software component under different probabilistic environment conditions.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
