Automatic formal verification for EPICS

Download: PDF, slides (PDF), talk video (YouTube).

“Automatic formal verification for EPICS” by Jonathan Jacky, Stefani Banerian, Michael D. Ernst, Calvin Loncaric, Stuart Pernsteiner, Zachary Tatlock, and Emina Torlak. In ICALEPCS 2017: 16th International Conference on Accelerator and Large Experimental Physics Control Systems, (Barcelona, Spain), Oct. 2017.

Abstract

We built an EPICS-based radiation therapy machine control program and are using it to treat patients at our hospital. To help ensure safety, the control program uses a restricted subset of EPICS constructs and programming techniques, and we developed several new automated formal verification tools for this subset.

To check our control program, we built a Symbolic Interpeter that finds errors in EPICS database programs, using symbolic execution and satisfiability checking. It found serious errors in our control program that were missed by reviews and testing.

To check the EPICS runtime (EPICS Core) itself, we first developed a Formal Semantics for EPICS database programs, based on the EPICS Record Reference Manual (RRM) and expressed in the specification language of an automated theorem prover. We built a formally-verified Trace Validator and used it to check the EPICS runtime against our semantics by differential testing with millions of randomly generated programs. The testing process generally corroborated that the EPICS runtime conforms to its specification in the RRM, but it did find several omissions and ambiguities in the RRM that might mislead users. Our formal semantics for EPICS enables valuable future developments: a full proof of correctness for our EPICS program, verified analyses for arbitrary EPICS programs, and a Verified Compiler that could compile an EPICS database to a verified standalone program, while dispensing with much of the unverified EPICS toolchain and runtime.

Download: PDF, slides (PDF), talk video (YouTube).

BibTeX entry:

@inproceedings{JackyBELPTT2017,
   author = {Jonathan Jacky and Stefani Banerian and Michael D. Ernst and
	Calvin Loncaric and Stuart Pernsteiner and Zachary Tatlock and
	Emina Torlak},
   title = {Automatic formal verification for {EPICS}},
   booktitle = {ICALEPCS 2017: 16th International Conference on
	Accelerator and Large Experimental Physics Control Systems},
   address = {Barcelona, Spain},
   month = oct,
   year = {2017}
}

(This webpage was created with bibtex2web.)

Back to Michael Ernst's publications.