English
Related papers

Related papers: Verifying Security Vulnerabilities in Large Softwa…

200 papers

This paper reports on our experiences with verifying automotive C code by state-of-the-art open source software model checkers. The embedded C code is automatically generated from Simulink open-loop controller models. Its diverse features…

Logic in Computer Science · Computer Science 2020-03-27 Lukas Westhofen , Philipp Berger , Joost-Pieter Katoen

The Efficient SMT-Based Context-Bounded Model Checker (ESBMC) has grown from a research prototype for verifying embedded ANSI-C software into one of the most versatile and industrially capable formal verification platforms available today.…

Software Engineering · Computer Science 2026-05-27 Pierre Dantas , Lucas Cordeiro , Waldir Junior

Most software verification tools can be classified into one of a number of established families, each of which has their own focus and strengths. For example, concrete counterexample generation in model checking, invariant inference in…

Logic in Computer Science · Computer Science 2015-06-30 Martin Brain , Saurabh Joshi , Daniel Kroening , Peter Schrammel

Existing techniques to ensure functional correctness and hardware trust during pre-silicon verification face severe limitations. In this work, we systematically leverage two key ideas: 1) Symbolic Quick Error Detection (Symbolic QED or…

Hardware Architecture · Computer Science 2021-06-18 Karthik Ganesan , Srinivasa Shashank Nuthakki

Software vulnerabilities often persist or re-emerge even after being fixed, revealing the complex interplay between code evolution and socio-technical factors. While source code metrics provide useful indicators of vulnerabilities, software…

Software Engineering · Computer Science 2026-01-21 Samiha Shimmi , Nicholas M. Synovic , Mona Rahimi , George K. Thiruvathukal

Program verification is a resource-hungry task. This paper looks at the problem of parallelizing SMT-based automated program verification, specifically bounded model-checking, so that it can be distributed and executed on a cluster of…

Programming Languages · Computer Science 2020-05-19 Prantik Chatterjee , Subhajit Roy , Bui Phi Diep , Akash Lal

Smart contracts written in Solidity are programs used in blockchain networks, such as Etherium, for performing transactions. However, as with any piece of software, they are prone to errors and may present vulnerabilities, which malicious…

Logic in Computer Science · Computer Science 2021-11-29 Kunjian Song , Nedas Matulevicius , Eddie B. de Lima Filho , Lucas C. Cordeiro

Artificial Neural networks (ANNs) are powerful computing systems employed for various applications due to their versatility to generalize and to respond to unexpected inputs/patterns. However, implementations of ANNs for safety-critical…

Logic in Computer Science · Computer Science 2019-07-31 Luiz H. Sena , Iury V. Bessa , Mikhail R. Gadelha , Lucas C. Cordeiro , Edjard Mota

Critical software systems face stringent requirements in safety, security, and reliability due to the circumstances surrounding their operation. Safety and security have progressively gained importance over the years due to the integration…

Software Engineering · Computer Science 2015-12-16 Julio Escribano-Barreno , Marisol García-Valls

The implementation of digital filters in processors based on fixed-point arithmetic can lead to problems related to the finite word-length. In particular, the processing of signals in such filters can produce overflows and unwanted noise…

Software Engineering · Computer Science 2013-07-24 Renato B. Abreu , Lucas Cordeiro , Eddie B. L. Filho

While vehicles have primarily been controlled through mechanical means in years past, an increasing number of embedded control systems are being installed and used, keeping pace with advances in electronic control technology and…

The article "Interpolation and SAT-Based Model Checking" (McMillan, 2003) describes a formal-verification algorithm, which was originally devised to verify safety properties of finite-state transition systems. It derives interpolants from…

Software Engineering · Computer Science 2024-03-14 Dirk Beyer , Nian-Ze Lee , Philipp Wendler

Transaction-level modeling with SystemC has been very successful in describing the behavior of embedded systems by providing high-level executable models, in which many of them have inherent probabilistic behaviors, e.g., random data and…

Software Engineering · Computer Science 2017-12-07 Van Chan Ngo , Axel Legay

The next generation of AI systems requires strong safety guarantees. This report looks at the software implementation of neural networks and related memory safety properties, including NULL pointer deference, out-of-bound access,…

Software Engineering · Computer Science 2024-05-16 Yiannis Charalambous , Edoardo Manino , Lucas C. Cordeiro

Software testing and verification are critical for ensuring the reliability and security of modern software systems. Traditionally, formal verification techniques, such as model checking and theorem proving, have provided rigorous…

Software Engineering · Computer Science 2025-03-17 Norbert Tihanyi , Tamas Bisztray , Mohamed Amine Ferrag , Bilel Cherif , Richard A. Dubniczky , Ridhi Jain , Lucas C. Cordeiro

Bounded Model Checking is one the most successful techniques for finding bugs in program. However, model checkers are resource hungry and are often unable to verify programs with loops iterating over large arrays.We present a transformation…

Logic in Computer Science · Computer Science 2017-03-08 Anushri Jana , Uday P. Khedker , Advaita Datar , R Venkatesh , C Niyas

The Software Bill of Materials (SBOM) is a critical tool for securing the software supply chain (SSC), but its practical utility is undermined by inaccuracies in both its generation and its application in vulnerability scanning. This paper…

Cryptography and Security · Computer Science 2026-04-20 Li Zhou , Marc Dacier , Charalambos Konstantinou

Critical embedded systems (CES) have become ubiquitous in whether medical, automotive, or industrial. Software failures in such systems are potentially disastrous and could lead to serious consequences not only financially but also…

Software Engineering · Computer Science 2022-08-11 Hafsa Cheddadi , Saad Motahhir , Abdelaziz El Ghzizal

Despite various approaches being employed to detect vulnerabilities, the number of reported vulnerabilities shows an upward trend over the years. This suggests the problems are not caught before the code is released, which could be caused…

Cryptography and Security · Computer Science 2025-02-14 Karl Tamberg , Hayretdin Bahsi

Bounded model checking (BMC) is an efficient formal verification technique which allows for desired properties of a software system to be checked on bounded runs of an abstract model of the system. The properties are frequently described in…

Logic in Computer Science · Computer Science 2026-02-19 Ramchandra Phawade , Tephilla Prince , S. Sheerazuddin