Project List
- Chris Phillips: A BDD package in
Python.
DEMO: June 12, 10:00AM
- Merritt Miller: Proving absence of deadlocks in a
delay tolerant scheme.
- Kunal Arya: Automated translation of hardware protocols
to SMV.
DEMO: June 13th, 2:30PM
- Fang Yu: Symbolic string verification with length constraints.
- Zachary Stengel: Verifying correctness of channel contracts in
Singularity operating system using the Spin model checker.
DEMO: June 11, 2:00PM
- Michal Wegiel: Using model checking and static analysis techniques
to check for the no-shared-to-private-pointers property.
DEMO: June 13th, 1:30PM
- Chris Bunch, Taylor Ettema: Modular verification of PHP applications
written in the Zend framework
based on the MVC architecture.
DEMO: June 10, 11:00AM
- Muath Alkhalaf: Adding non-deterministic choice to
Ruby-on-Rails's built-in unit test module for exhaustive testing.
DEMO: June 12, 4:00PM
- Chris Ferguson: Translating WS-CDL specifications to collaboration
diagrams for verification and analysis.
DEMO: June 12, 11:00AM
- Adam Doupe, Scott Bonebrake: Bounded model checking of binary code
fragments.
DEMO: June 12, 2:00PM
CS 267 Class Project
As a class project you will do a research project on automated verification.
You should think of this project as a research project that would be
publishable in a workshop or a conference. You can conduct your project
as two or three people groups if you can find partners.
Here are three types of
projects that could be done for this course:
- Case study: Find an application area and an interesting
and non-trivial program or specification in that area.
Use one of the model checking
tools to analyze it (and hopefully find bugs in it). This type of project
may require manual translation of a program or specification to the
input language of model checker, or some manual abstractions or reductions
to get the verification tool working.
- Translator: Find a language which would benefit from
automated verification. Write a translator from this language to the input
language of one of the existing verification tools. It may be necessary to
make some restrictions on the language in order to make the translation
feasible. Find some examples demonstrating the technology.
- Tool Extension: Extend one of the existing
verification tools by adding a new feature to it. There are a bunch of
automated verification tools listed at the end of the class webpage.
- Tool: Find a language (or create your own)
which would benefit from
automated verification. Use verification technologies we will
discuss in the class (such as symbolic
model checking, explicit state model checking, infinite state model checking,
or bounded model checking) to develop a verification tool for this language.
For all these projects the first thing to figure out is the application
area and the language, i.e., to find the thing you want to verify.
You have to figure this out
as soon as possible, I list some things that are on my mind below.
Please choose a topic that is related to your interests so that the
project is fun for you!
Project Deliverables
- Project topic: Send me one paragraph describing your
project. List the team members if it is a team project.
Due: Monday, April 7.
- Progress report: Prepare a 3-5 page
progress report about your project.
In the progress report you should explain the topic of your study,
and discuss your findings so far.
Due: Monday, May 12.
- Final Report:
You will need to turn in a final project report up to 10 pages
at the end of the quarter.
Due: Wednesday, June 11.
- Project Presentation:
Depending on the number of projects, availability of time
and level of interest, I will consider
scheduling 15 minute project presentations
for the last week of classes.
Some Project Topics
Students are welcome to come up with their own project topics
related to their research interests. Model checking is an active
area and there are lots of research opportunities both for applying
model checking to new problems and also extending the existing
model checking techniques.
Below I will list some project topics that I find interesting:
- Exhaustive testing with JUnit: Adding nondeterministic-choice
primitive to JUnit test cases and then writing a verification tool that
exchaustively explores all possible choices.
Related paper:
-
Andreas Leitner, Ilinca Ciupa, Manuel Oriol, Bertrand Meyer and Arno Fiva,
"Contract-Driven Development = Test Driven Development - Writing Test Cases,"
in ESEC/FSE'07: European Software Engineering Conference and
ACM SIGSOFT Symposium on Foundations of Software Engineering,
Dubrovnik (Croatia), September 2007.
Available
here.
- String analysis: Application of model checking
techniques to string analysis.
Related paper:
-
X. Fu, X. Lu, K. Qian, B. Peltsverger, L. Tao, and
S. Chen.
"A Static Analysis Framework for Detecting SQL Injection
Vulnerabilities." In
Proceedings of the 31st
IEEE Annual Computer Software and Applications Conference
(COMPSAC
2007), Beijing,
July 2007.
Available
here.
- Shape analysis: Applying shape analysis and model checking
techniques to verification of data structure implementations in Java.
Related paper:
- Wilhelm, R., Sagiv, M., and Reps, T.,
"Shape analysis."
In Proc. of CC 2000: 9th Int. Conf. on Compiler Construction,
(Berlin, Ger., Mar. 27 - Apr. 2, 2000).
Available
here.
- Verification of UML models: Application of model
checking techniques to UML diagrams such as collaboration diagrams,
sequence diagrams, etc.
Related paper:
-
Tevfik Bultan and Xiang Fu. "Specification of Realizable Service Conversations Using Collaboration Diagrams." Proceedings of the IEEE International Conference on Service-Oriented Computing and Applications (SOCA 2007), pp. 122-130, Newport Beach, California, June 19-20, 2007.
Available here
- Size analysis: Size analysis for programs using infinite
state model checking. The
basic idea is
to check properties relating to sizes of collections using infinite state
model checking.
Multiple projects are possible on this topic:
- Size analysis for JML.
- Size analysis in programs for strings or arrays.
Related paper:
-
Fang Yu, Tevfik Bultan and Erik Peterson.
"Automated Size Analysis for OCL."
Proceedings of the 6th joint meeting of
the European Software Engineering Conference and
the ACM SIGSOFT Symposium on the Foundations of Software Engineering
(ESEC/FSE 2007),
pp. 331-340, Dubrovnik, Croatia, September 3-7, 2007.
Available here
- Interface grammars:
Modular verification using interface
grammars. Multiple projects are
possible on this
topic:
- Extending interface grammars for GUI testing
- Extending
interface grammars for testing distributed programs.
- Looking for
restricted interface grammars that lead to efficient verification.
Related paper:
-
Graham Hughes and Tevfik Bultan. "Interface Grammars for Modular Software Model Checking." Proceedings of the 2007 ACM/SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2007), pp. 39-49, London, United Kingdom, July 9-12, 2007.
Available here
- Design for verification:
Design for verification has been used for verification of synchronization
in concurrent Java programs and for verification of
interactions among web services. This porject would involve extending the
design for verification framework to other domains, for example GUI
testing.
Related paper:
-
Tevfik Bultan and Aysu Betin-Can. "Scalable Software Model Checking Using Design for Verification." Proceedings of the IFIP Working Conference on Verified Software: Theories, Tools, Experiments (VSTTE), Bertrand Meyer (ed.), LNCS 4171, Zurich, Switzerland, October 10-14, 2005.
Available here
- Symbolic binary analysis:
Analyzing binary code using a BDD manipulator or a SAT solver.
This will require some kind of abstraction or
approximation technique to be feasible.
It would be interesting to see if one could compute an over approximation
of the set of memory addresses accessed by a small piece of given code.
Related paper:
Balakrishnan, G., Reps, T., Kidd, N., Lal, A., Lim, J., Melski, D., Gruian, R., Yong, S., Chen, C.-H., and Teitelbaum, T.,
"Model checking x86 executables with CodeSurfer/x86 and WPDS++,"
In Proc. Computer-Aided Verification, 2005.
Available here
- Model checking interactive web applications:
This project will involve translating web applications written in some
scripting language (you can shooce which one) to the input language
of a model checker in order to check its properties.
- Model checking for model-view-controller architecture:
Investigating efficient verification techniques for
the model-view-controller architecture. Especially focusing on
Ruby-on-Rails applications.
- Model checking web services:
There are a number of languages proposed for web services.
Some of these languages enable behavioral specifications such as
BPEL and WS-CDL. This project will investigate verification of
web service specifications by translating them to the input language
of a model checker.
- Symbolic representation and analysis for XML:
In this project you will investigate using different symbolic
representations (such as BDDs or automata) for representing a set
of XML documents symbolically.