Ecole Polytechnique Fédérale de Lausanne
and Max Planck Institute for Computer Science
SWS Colloquium
Andrey Rybalchenko is researcher at Max Planck Institute for Computer Science in Saarbruecken and at Ecole Polytechnique Federale de Lausanne. He holds Dipl.-Inf. (2002) and Dr.-Ing. (summa cum laude, 2005) degrees from the University of Saarland, Germany. Andrey's research interests focus on automated methods and tools for formal software verification, ranging from the design of program analysis
methods to the development of algorithms for symbolic computation and automated deduction. Andrey's doctoral research revolutionized verification of liveness properties for software systems by introducing ``transition invariants''. Jointly with Microsoft Research, Andrey developed the Terminator tool, which is the first tool to perform automatic verification of liveness properties for
software. He is also developing the ARMC tool for automatically proving safety properties of complex infinite state systems, which has been successfully applied for the verification of safety critical parts of the European Train Control System. Andrey is a recipient of Guenther Hotz medal (2002) from the University of Saarland and Otto Hahn medal (2005) from the Max Planck Society.
We present new approaches to verification of liveness and safety
properties of software. Proving liveness properties of programs is
central to the process of ensuring that software systems can always
react. Verification of liveness properties had been an open problem
since 1970s, due to the lack of modular termination arguments and
adequate abstraction techniques. We highlight our experience in
developing the theoretical foundations for the first software
verification tool for termination that provides capacity for large
program fragments (of more than 20,000 lines of code) together with
support for programming language features such as arbitrarily nested
loops, pointers, function-pointers, side-effects, etc. We also
describe our experience in applying the tool on device driver dispatch
routines from the Windows operating system. In the second part of the
talk, we will focus on abstraction techniques that are at heart of
state-of-the-art verification tools for safety. We address their
limitations, which severely restrict the practical applicability. We
propose a new approach for finding abstraction of a program that
overcomes the inherent limitations of current abstraction refinement
schemes.