Abstract
Software has been under scrutiny by the verification community from various angles in the recent past. There are two major algorithmic approaches to ensure the correctness of and to eliminate bugs from such systems: software model checking and static analysis. Those approaches are typically complementary. In this paper we use a model checking approach to solve static analysis problems. This not only avoids the scalability and abstraction issues typically associated with model checking, it allows for specifying new properties in a concise and elegant way, scales well to large code bases, and the built-in optimizations of modern model checkers enable scalability also in terms of numbers of properties to be checked. In particular, we present Goanna, the first C/C++ static source code analyzer using the off-the-shelfmodel checker NuSMV, and we demonstrate Goanna's suitability for developer machines by evaluating its run-time performance, memory consumption and scalability using the source code of OpenSSL as a test bed.
| Original language | English |
|---|---|
| Title of host publication | First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering, TASE 2007 |
| Publisher | IEEE Computer Society |
| Pages | 45-56 |
| Number of pages | 12 |
| ISBN (Print) | 978-0-7695-2856-4 |
| DOIs | |
| Publication status | Published - 2007 |
| Externally published | Yes |
| Event | First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering 2007 - Shanghai, China Duration: 6 Jun 2007 → 8 Jun 2008 Conference number: 1 |
Conference
| Conference | First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering 2007 |
|---|---|
| Abbreviated title | TASE 2007 |
| Country/Territory | China |
| City | Shanghai |
| Period | 6/06/07 → 8/06/08 |