Combining k‑Induction with Continuously‑Refined Invariants
Abstract
Bounded model checking (BMC) is a well-known and successful technique for finding bugs in software. k‑induction is an approach to extend BMC-based approaches from falsification to verification. Automatically generated auxiliary invariants can be used to strengthen the induction hypothesis. We improve this approach and further increase effectiveness and efficiency in the following way: we start with light-weight invariants and refine these invariants continuously during the analysis. We present and evaluate an implementation of our approach in the open-source verification-framework CPAchecker. Our experiments show that combining k‑induction with continuously-refined invariants significantly increases effectiveness and efficiency, and outperforms all existing implementations of k‑induction-based software verification in terms of successful verification results.
Content
The supplementary archive contains all data from our experiments. The following files are in this archive:
- The additional test-set definitions and configurations required for the paper
- The CBMC executable (version 5.0) and k‑induction wrapper script provided by Michael Tautschnig
- ESBMC version 2.24.1 and the ESBMC wrapper script of SV-COMP 2013 as recommended by Lucas Cordeiro
- The results presented in our paper
- A README file explaining how to reproduce the results
Results
The result tables of the figures in the paper are available here:
- k‑Induction comparison between CBMC, ESBMC (sequential and parallel versions) and CPAchecker
- Comparison between the CPAchecker implementations of k‑Induction and predicate abstraction
You can click on the cells in the status columns of the CPAchecker configurations in these tables to see their output. Due to their size, the log files of CBMC and ESBMC are not included in the online version, but the data, including the tables with clickable cells, are available in the downloadable supplementary archive.