Abstract
Probabilistic software analysis aims at quantifying how likely a target event is to occur during program execution. Current approaches rely on symbolic execution to identify the conditions to reach the target event and try to quantify the fraction of the input domain satisfying these conditions. Precise quantification is usually limited to linear constraints, while only approximate solutions can be provided in general through statistical approaches. However, statistical approaches may fail to converge to an acceptable accuracy within a reasonable time.
We present a compositional statistical approach for the efficient quantification of solution spaces for arbitrarily complex constraints over bounded floating-point domains. The approach leverages interval constraint propagation to improve the accuracy of the estimation by focusing the sampling on the regions of the input domain containing the sought solutions. Preliminary experiments show significant improvement on previous approaches both in results accuracy and analysis time.
- Mathematica NIntegrate, 2013. http://reference.wolfram.com/mathematica/ref/NIntegrate.html.Google Scholar
- VolComp, 2013. http://systems.cs.colorado.edu/research/cyberphysical/probabilistic-program-analysis/.Google Scholar
- A. Adje, O. Bouissou, E. Goubault, J. Goubault-Larrecq, and S. Putot. Static analysis of programs with imprecise probabilistic inputs. In Verified Software: Theories, Tools and Experiments (VSTTE'13), 2013.Google Scholar
- L. Baresi, E. Di Nitto, and C. Ghezzi. Toward open-world software: Issues and challenges. Computer, 39(10):36--43, 2006. Google ScholarDigital Library
- O. Bouissou, E. Goubault, J. Goubault-Larrecq, and S. Putot. A generalization of p-boxes to affine arithmetic. Computing, 94:189--201, 2012. Google ScholarDigital Library
- C. Cadar, V. Ganesh, P. M. Pawlowski, D. L. Dill, and D. R. Engler. Exe: Automatically generating inputs of death. ACM Transactions on Information and System Security, 12(2):10:1--10:38, 2008. Google ScholarDigital Library
- L. A. Clarke. A system to generate test data and symbolically execute programs. IEEE TSE, 2(3):215--222, 1976. Google ScholarDigital Library
- E. Davis. Constraint propagation with interval labels. Artificial Intelligence, 32(3):281--331, July 1987. Google ScholarDigital Library
- J. A. De Loera, B. Dutra, M. Köppe, S. Moreinis, G. Pinto, and J. Wu. Software for Exact Integration of Polynomials Over Polyhedra. ACM Communications in Computer Algebra, 45(3/4):169--172, 2012. Google ScholarDigital Library
- M. D. Ernst, J. H. Perkins, P. J. Guo, S. McCamant, C. Pacheco, M. S. Tschantz, and C. Xiao. The Daikon System for Dynamic Detection of Likely Invariants. SCP, 69(1--3):35--45, 2007. Google ScholarDigital Library
- A. Filieri, C. S. Pasareanu, and W. Visser. Reliability analysis in symbolic pathfinder. In ICSE, pages 622--631, 2013. Google ScholarDigital Library
- J. Geldenhuys, M. B. Dwyer, and W. Visser. Probabilistic symbolic execution. In ISSTA, pages 166--176, 2012. Google ScholarDigital Library
- P. Godefroid, N. Klarlund, and K. Sen. Dart: directed automated random testing. In PLDI, pages 213--223, 2005. Google ScholarDigital Library
- L. Granvilliers and F. Benhamou. Algorithm 852: Realpaver: an interval solver using constraint satisfaction techniques. ACM Transactions on Mathematical Software, 32:138--156, 2006. Google ScholarDigital Library
- R. Haggarty. Fundamentals of mathematical analysis. Addison-Wesley New York, 1989.Google Scholar
- A. Hinton, M. Kwiatkowska, G. Norman, and D. Parker. PRISM: A Tool for Automatic Verification of Probabilistic Systems. In TACAS, pages 441--444. 2006. Google ScholarDigital Library
- F. James. Monte carlo theory and practice. Reports on Progress in Physics, 43(9):1145, 1980.Google ScholarCross Ref
- J. C. King. Symbolic execution and program testing. Communications of the ACM, 19(7):385--394, July 1976. Google ScholarDigital Library
- D. P. Kroese, T. Taimre, and Z. I. Botev. Handbook of Monte Carlo Methods, volume 706. John Wiley & Sons, 2011.Google Scholar
- M. Kwiatkowska. Quantitative verification: Models, techniques and tools. In ESEC-FSE, pages 449--458, 2007. Google ScholarDigital Library
- M. A. Malcolm and R. B. Simpson. Local versus global strategies for adaptive quadrature. ACM Transactions on Mathematical Software, 1 (2):129--146, June 1975. Google ScholarDigital Library
- D. Monniaux. An abstract monte-carlo method for the analysis of probabilistic programs. In POPL, pages 93--101, 2001. Google ScholarDigital Library
- C. S. Pasareanu, J. Schumann, P. Mehlitz, M. Lowry, G. Karasai, H. Nine, and S. Neema. Model based analysis and test generation for flight software. In SMC-IT, pages 83--90, 2009. Google ScholarDigital Library
- C. S. Pasareanu, W. Visser, D. H. Bushnell, J. Geldenhuys, P. C. Mehlitz, and N. Rungta. Symbolic pathfinder: integrating symbolic execution with model checking for java bytecode analysis. Autom. Softw. Eng., 20(3):391--425, 2013.Google ScholarCross Ref
- E. Pavese, V. A. Braberman, and S. Uchitel. Automated reliability estimation over partial systematic explorations. In ICSE, pages 602--611, 2013. Google ScholarDigital Library
- W. Pestman. Mathematical Statistics. De Gruyter, 2009.Google Scholar
- W. H. Press, S. A. Teukolsky, W. T. Vetterling, and B. P. Flannery. Numerical Recipes: The Art of Scientific Computing. Cambridge University Press, 3 edition, 2007. Google ScholarDigital Library
- C. S. Păsăreanu and N. Rungta. Symbolic pathfinder: symbolic execution of java bytecode. ASE, pages 179--180. ACM, 2010. Google ScholarDigital Library
- C. P. Robert and G. Casella. Monte Carlo Statistical Methods. Springer-Verlag New York, Inc., 2005. Google ScholarDigital Library
- S. Sankaranarayanan, A. Chakarov, and S. Gulwani. Static analysis for probabilistic programs: inferring whole program properties from finitely many paths. In PLDI, pages 447--458, 2013. Google ScholarDigital Library
- N. Tillmann and J. de Halleux. Pex-white box test generation for .net. In TAP, pages 134--153, 2008. Google ScholarDigital Library
- P. Zuliani, C. Baier, and E. M. Clarke. Rare-event verification for stochastic hybrid systems. In HSCC, pages 217--226, 2012. Google ScholarDigital Library
Index Terms
- Compositional solution space quantification for probabilistic software analysis
Recommendations
Exact and approximate probabilistic symbolic execution for nondeterministic programs
ASE '14: Proceedings of the 29th ACM/IEEE International Conference on Automated Software EngineeringProbabilistic software analysis seeks to quantify the likelihood of reaching a target event under uncertain environments. Recent approaches compute probabilities of execution paths using symbolic execution, but do not support nondeterminism. ...
On the probabilistic analysis of neural networks
SEAMS '20: Proceedings of the IEEE/ACM 15th International Symposium on Software Engineering for Adaptive and Self-Managing SystemsNeural networks are powerful tools for automated decision-making, seeing increased application in safety-critical domains, such as autonomous driving. Due to their black-box nature and large scale, reasoning about their behavior is challenging. ...
Iterative distribution-aware sampling for probabilistic symbolic execution
ESEC/FSE 2015: Proceedings of the 2015 10th Joint Meeting on Foundations of Software EngineeringProbabilistic symbolic execution aims at quantifying the probability of reaching program events of interest assuming that program inputs follow given probabilistic distributions. The technique collects constraints on the inputs that lead to the target ...
Comments