Ivy: Safety verification by interactive generalization

Oded Padon; Kenneth L. McMillan; Aurojit Panda; Mooly Sagiv; Sharon Shoham

doi:10.1145/2908080.2908118

Ivy: Safety verification by interactive generalization

Oded Padon, Kenneth L. McMillan, Aurojit Panda, Mooly Sagiv, Sharon Shoham

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

142 Scopus citations

Abstract

Despite several decades of research, the problem of formal verification of infinite-state systems has resisted effective automation. We describe a system - Ivy - for interactively verifying safety of infinite-state systems. Ivy's key principle is that whenever verification fails, Ivy graphically displays a concrete counterexample to induction. The user then interactively guides generalization from this counterexample. This process continues until an inductive invariant is found. Ivy searches for universally quantified invariants, and uses a restricted modeling language. This ensures that all verification conditions can be checked algorithmically. All user interactions are performed using graphical models, easing the user's task. We describe our initial experience with verifying several distributed protocols.

Original language	English
Title of host publication	PLDI '16
Subtitle of host publication	Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation
Editors	Chandra Krintz, Emery Berger
Publisher	Association for Computing Machinery (ACM)
Pages	614-630
Number of pages	17
ISBN (Electronic)	9781450342612
DOIs	https://doi.org/10.1145/2908080.2908118
State	Published - 2 Jun 2016
Event	37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016 - Santa Barbara, United States Duration: 13 Jun 2016 → 17 Jun 2016

Publication series

Name	Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)
Volume	13-17-June-2016

Conference

Conference	37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016
Country/Territory	United States
City	Santa Barbara
Period	13/06/16 → 17/06/16

Funding

Funders	Funder number
Intel Corporation
Seventh Framework Programme
European Research Council	321174
Israel Science Foundation	652/11
Vikram Sarabhai Space Centre

Keywords

Counterexamples to induction
Distributed systems
Invariant inference
Safety verification

Access to Document

10.1145/2908080.2908118

Cite this

Padon, O., McMillan, K. L., Panda, A., Sagiv, M., & Shoham, S. (2016). Ivy: Safety verification by interactive generalization. In C. Krintz, & E. Berger (Eds.), PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation (pp. 614-630). (Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI); Vol. 13-17-June-2016). Association for Computing Machinery (ACM). https://doi.org/10.1145/2908080.2908118

Padon, Oded ; McMillan, Kenneth L. ; Panda, Aurojit et al. / Ivy : Safety verification by interactive generalization. PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation. editor / Chandra Krintz ; Emery Berger. Association for Computing Machinery (ACM), 2016. pp. 614-630 (Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)).

@inproceedings{b74ba28d2fdb43beb21298c56cfbd3a2,

title = "Ivy: Safety verification by interactive generalization",

abstract = "Despite several decades of research, the problem of formal verification of infinite-state systems has resisted effective automation. We describe a system - Ivy - for interactively verifying safety of infinite-state systems. Ivy's key principle is that whenever verification fails, Ivy graphically displays a concrete counterexample to induction. The user then interactively guides generalization from this counterexample. This process continues until an inductive invariant is found. Ivy searches for universally quantified invariants, and uses a restricted modeling language. This ensures that all verification conditions can be checked algorithmically. All user interactions are performed using graphical models, easing the user's task. We describe our initial experience with verifying several distributed protocols.",

keywords = "Counterexamples to induction, Distributed systems, Invariant inference, Safety verification",

author = "Oded Padon and McMillan, {Kenneth L.} and Aurojit Panda and Mooly Sagiv and Sharon Shoham",

note = "Publisher Copyright: {\textcopyright} 2016 ACM.; 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016 ; Conference date: 13-06-2016 Through 17-06-2016",

year = "2016",

month = jun,

day = "2",

doi = "10.1145/2908080.2908118",

language = "אנגלית",

series = "Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)",

publisher = "Association for Computing Machinery (ACM)",

pages = "614--630",

editor = "Chandra Krintz and Emery Berger",

booktitle = "PLDI '16",

address = "ארצות הברית",

}

Padon, O, McMillan, KL, Panda, A, Sagiv, M & Shoham, S 2016, Ivy: Safety verification by interactive generalization. in C Krintz & E Berger (eds), PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation. Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), vol. 13-17-June-2016, Association for Computing Machinery (ACM), pp. 614-630, 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016, Santa Barbara, United States, 13/06/16. https://doi.org/10.1145/2908080.2908118

Ivy: Safety verification by interactive generalization. / Padon, Oded; McMillan, Kenneth L.; Panda, Aurojit et al.
PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation. ed. / Chandra Krintz; Emery Berger. Association for Computing Machinery (ACM), 2016. p. 614-630 (Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI); Vol. 13-17-June-2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Ivy

T2 - 37th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2016

AU - Padon, Oded

AU - McMillan, Kenneth L.

AU - Panda, Aurojit

AU - Sagiv, Mooly

AU - Shoham, Sharon

PY - 2016/6/2

Y1 - 2016/6/2

N2 - Despite several decades of research, the problem of formal verification of infinite-state systems has resisted effective automation. We describe a system - Ivy - for interactively verifying safety of infinite-state systems. Ivy's key principle is that whenever verification fails, Ivy graphically displays a concrete counterexample to induction. The user then interactively guides generalization from this counterexample. This process continues until an inductive invariant is found. Ivy searches for universally quantified invariants, and uses a restricted modeling language. This ensures that all verification conditions can be checked algorithmically. All user interactions are performed using graphical models, easing the user's task. We describe our initial experience with verifying several distributed protocols.

AB - Despite several decades of research, the problem of formal verification of infinite-state systems has resisted effective automation. We describe a system - Ivy - for interactively verifying safety of infinite-state systems. Ivy's key principle is that whenever verification fails, Ivy graphically displays a concrete counterexample to induction. The user then interactively guides generalization from this counterexample. This process continues until an inductive invariant is found. Ivy searches for universally quantified invariants, and uses a restricted modeling language. This ensures that all verification conditions can be checked algorithmically. All user interactions are performed using graphical models, easing the user's task. We describe our initial experience with verifying several distributed protocols.

KW - Counterexamples to induction

KW - Distributed systems

KW - Invariant inference

KW - Safety verification

UR - http://www.scopus.com/inward/record.url?scp=84975883211&partnerID=8YFLogxK

U2 - 10.1145/2908080.2908118

DO - 10.1145/2908080.2908118

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:84975883211

T3 - Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)

SP - 614

EP - 630

BT - PLDI '16

A2 - Krintz, Chandra

A2 - Berger, Emery

PB - Association for Computing Machinery (ACM)

Y2 - 13 June 2016 through 17 June 2016

ER -

Padon O, McMillan KL, Panda A, Sagiv M , Shoham S. Ivy: Safety verification by interactive generalization. In Krintz C, Berger E, editors, PLDI '16: Proceedings of the 37th ACM SIGPLAN Conference on Programming Language Design and Implementation. Association for Computing Machinery (ACM). 2016. p. 614-630. (Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)). doi: 10.1145/2908080.2908118

Ivy: Safety verification by interactive generalization

Abstract

Publication series

Conference

Funding

Keywords

Access to Document

Other files and links

Fingerprint

Cite this