Article

Unbounded data model verification using SMT solvers

Authors:

Jaideep Nijjar,

Tevfik BultanAuthors Info & Claims

ASE '12: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering

Pages 210 - 219

https://doi.org/10.1145/2351676.2351706

Published: 03 September 2012 Publication History

Abstract

The growing influence of web applications in every aspect of society makes their dependability an immense concern. A fundamental building block of web applications that use the Model-View-Controller (MVC) pattern is the data model, which specifies the object classes and the relations among them. We present an approach for unbounded, automated verification of data models that 1) extracts a formal data model from an Object Relational Mapping, 2) converts verification queries about the data model to queries about the satisfiability of formulas in the theory of uninterpreted functions, and 3) uses a Satisfiability Modulo Theories (SMT) solver to check the satisfiability of the resulting formulas. We implemented this approach and applied it to five open-source Rails applications. Our results demonstrate that the proposed approach is feasible, and is more efficient than SAT-based bounded verification.

References

[1]

S. Berezin, S. V. A. Campos, and E. M. Clarke. Compositional reasoning in model checking. In Proc. COMPOS, pages 81–102, 1997.

Digital Library

[2]

M. Book and V. Gruhn. Modeling web-based dialog ﬂows for automatic dialog control. In Proc. ASE, pages 100–109, 2004.

Digital Library

[3]

B. Bordbar and K. Anastasakis. MDA and analysis of web applications. In Proc. Work. Trends in Enterprise Appl. Arch., pages 44–55, 2005.

Digital Library

[4]

R. E. Bryant, S. M. German, and M. N. Velev. Exploiting positive equality in a logic of equality with uninterpreted functions. In Proc. CAV, pages 470–482, 1999.

Digital Library

[5]

J. C. Corbett, M. B. Dwyer, J. Hatcliﬀ, and Robby. Bandera: a source-level interface for model checking java programs. In Proc. ICSE, pages 439–448, 2000.

Digital Library

[6]

L. Cordeiro, B. Fischer, and J. Marques-Silva. SMT-based bounded model checking for embedded ANSI-C software. In Proc. ASE, pages 137–148, 2009.

Digital Library

[7]

A. Cunha and H. Pacheco. Mapping between Alloy speciﬁcations and database implementations. In Proc. SEFM, pages 285–294, 2009.

Digital Library

[8]

L. M. de Moura and N. Bjørner. Eﬃcient e-matching for SMT solvers. In Proc. CADE, pages 183–198, 2007.

Digital Library

[9]

A. A. E. Ghazi and M. Taghdiri. Relational reasoning via SMT solving. In Proc. FM, pages 133–148, 2011.

Digital Library

[10]

S. Hallé, T. Ettema, C. Bunch, and T. Bultan. Eliminating navigation errors in web applications via model checking and runtime enforcement of navigation state machines. In Proc. ASE, pages 235–244, 2010.

Digital Library

[11]

T. Halpin and T. Morgan. Information Modeling and Relational Databases . Morgan Kaufmann, 2008.

Digital Library

[12]

M. Han and C. Hofmeister. Relating navigation and request routing models in web applications. In Proc. MoDELS, pages 346–359, 2007.

Digital Library

[13]

D. Jackson. Alloy: A lightweight object modelling notation. ACM Trans. Softw. Eng. Meth., 11(2):256–290, 2002.

Digital Library

[14]

G. E. Krasner and S. T. Pope. A cookbook for using the model-view controller user interface paradigm in smalltalk-80. Jour. Object-Orient. Program., 1(3):26–49, 1988.

Digital Library

[15]

M. J. McGill, L. K. Dillon, and R. E. K. Stirewalt. Scalable analysis of conceptual data models. In Proc. ISSTA, pages 56–66, 2011.

Digital Library

[16]

J. Nijjar and T. Bultan. Bounded veriﬁcation of Ruby on Rails data models. In Proc. ISSTA, pages 67–77, 2011.

Digital Library

[17]

Y. Smaragdakis, C. Csallner, and R. Subramanian. Scalable satisﬁability checking and test data generation from modeling diagrams. Autom. Softw. Eng., 16(1):73–99, 2009.

Digital Library

[18]

SMT-LIB. http://www.smtlib.org/.

[19]

L. Wang, G. Dobbie, J. Sun, and L. Groves. Validating ORA-SS data models using Alloy. In Proc. ASWEC, pages 231–242, 2006.

Digital Library

[20]

Z3. http://research.microsoft.com/projects/z3/.

Cited By

Renner JSanchez-Stern ABrown FLerner SStefan DFreund SYahav E(2021)Scooter & Sidecar: a domain-specific approach to writing secure database migrationsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454072(710-724)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454072
Bocić IBultan TRosner N(2019)Inductive verification of data model invariants in web applications using first-order logicAutomated Software Engineering10.1007/s10515-018-0249-226:2(379-416)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s10515-018-0249-2
Bocić IBultan TUchitel SOrso ARobillard M(2017)Symbolic model extraction for web application verificationProceedings of the 39th International Conference on Software Engineering10.1109/ICSE.2017.72(724-734)Online publication date: 20-May-2017
https://dl.acm.org/doi/10.1109/ICSE.2017.72
Show More Cited By

Index Terms

Unbounded data model verification using SMT solvers

Recommendations

Validating SMT solvers via semantic fusion
PLDI 2020: Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation

We introduce Semantic Fusion, a general, effective methodology for validating Satisfiability Modulo Theory (SMT) solvers. Our key idea is to fuse two existing equisatisfiable (i.e., both satisfiable or unsatisfiable) formulas into a new formula that ...
Bounded model checking of software using SMT solvers instead of SAT solvers
SPIN'06: Proceedings of the 13th international conference on Model Checking Software

C Bounded Model Checking (CBMC) has proven to be a successful approach to automatic software analysis. The key idea is to (i) build a propositional formula whose models correspond to program traces (of bounded length) that violate some given property ...
Detecting critical bugs in SMT solvers using blackbox mutational fuzzing
ESEC/FSE 2020: Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering

Formal methods use SMT solvers extensively for deciding formula satisfiability, for instance, in software verification, systematic test generation, and program synthesis. However, due to their complex implementations, solvers may contain critical bugs ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASE '12: Proceedings of the 27th IEEE/ACM International Conference on Automated Software Engineering

September 2012

409 pages

ISBN:9781450312042

DOI:10.1145/2351676

General Chair:
Michael Goedicke,
Program Chairs:
Tim Menzies,
Motoshi Saeki

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

In-Cooperation

SIGAI: ACM Special Interest Group on Artificial Intelligence
Universität Duisburg Essen: Universität Duisburg Essen
TCSE: IEEE Computer Society's Tech. Council on Software Engin.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 September 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

ASE'12

Sponsor:

SIGSOFT

ASE'12: IEEE/ACM International Conference on Automated Software Engineering

September 3 - 7, 2012

Essen, Germany

Acceptance Rates

Overall Acceptance Rate 82 of 337 submissions, 24%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
248
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 14 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Renner JSanchez-Stern ABrown FLerner SStefan DFreund SYahav E(2021)Scooter & Sidecar: a domain-specific approach to writing secure database migrationsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454072(710-724)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454072
Bocić IBultan TRosner N(2019)Inductive verification of data model invariants in web applications using first-order logicAutomated Software Engineering10.1007/s10515-018-0249-226:2(379-416)Online publication date: 1-Jun-2019
https://dl.acm.org/doi/10.1007/s10515-018-0249-2
Bocić IBultan TUchitel SOrso ARobillard M(2017)Symbolic model extraction for web application verificationProceedings of the 39th International Conference on Software Engineering10.1109/ICSE.2017.72(724-734)Online publication date: 20-May-2017
https://dl.acm.org/doi/10.1109/ICSE.2017.72
Bowles JBordbar BAlwanain M(2016)Weaving True-Concurrent Aspects Using Constraint Solvers2016 16th International Conference on Application of Concurrency to System Design (ACSD)10.1109/ACSD.2016.19(35-44)Online publication date: Jun-2016
https://doi.org/10.1109/ACSD.2016.19
Nijjar JBocić IBultan T(2015)Data Model Property Inference, Verification, and Repair for Web ApplicationsACM Transactions on Software Engineering and Methodology10.1145/269969124:4(1-27)Online publication date: 2-Sep-2015
https://dl.acm.org/doi/10.1145/2699691
Bocić IBultan TCohen MGrunske LWhalen M(2015)Efficient data model verification with many-sorted logicProceedings of the 30th IEEE/ACM International Conference on Automated Software Engineering10.1109/ASE.2015.48(42-52)Online publication date: 9-Nov-2015
https://dl.acm.org/doi/10.1109/ASE.2015.48
Bocić IBultan TJalote PBriand LHoek A(2014)Inductive verification of data model invariants for web applicationsProceedings of the 36th International Conference on Software Engineering10.1145/2568225.2568281(620-631)Online publication date: 31-May-2014
https://dl.acm.org/doi/10.1145/2568225.2568281
Nijjar JBultan TPezzè MHarman M(2013)Data model property inference and repairProceedings of the 2013 International Symposium on Software Testing and Analysis10.1145/2483760.2483768(202-212)Online publication date: 15-Jul-2013
https://dl.acm.org/doi/10.1145/2483760.2483768
Nijjar JBocic IBultan T(2013)An integrated data model verifier with property templates2013 1st FME Workshop on Formal Methods in Software Engineering (FormaliSE)10.1109/FormaliSE.2013.6612274(29-35)Online publication date: May-2013
https://doi.org/10.1109/FormaliSE.2013.6612274

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents