This dissertation is concerned with abstract interpretation of programs whose semantics is defined over finite machine words. Most notably, the considered class of programs contains executable binary code, the analysis of which turns out demanding due to the complexity and the sheer number of involved operations. Challenging for correct yet precise abstract interpretation of binary code are transfer functions, which simulate the execution of any concrete operation in a program in an abstract domain. Crucially for correctness, over- and underflows need to be supported faithfully. This dissertation argues that transfer functions and abstractions for sequences of operations over finite machine words can precisely and efficiently be generated, ...
Abstract interpretation is very useful for program analysis, because it provides a (sound) over-appr...
We consider the problem of synthesizing provably non-overflowing integer arithmetic expressions or B...
We present a way to abstract functional units in symbolic simulation of actual circuits, thus achiev...
We present a new decision procedure for finite-precision bitvector arithmetic with arbitrary bit-vec...
One approach to verifying bit-twiddling algorithms is to derive invariants between the bits that con...
Traditionally, transfer functions have been manually designed for each operation in a program. Recen...
This dissertation explores the use of abstraction in two areas of automated reasoning: verification ...
In a computer program, basic functionalities may be implemented using bit-wise operations. To formal...
This paper presents a framework for binary code analysis that uses only SAT-based algorithms. Within...
International audienceIn a computer program, basic functionalities may be implemented using bit-wise...
In a computer program, basic functionalities may be implemented using bit-wise operations. This can ...
Given a concrete domain C, a concrete operation tau: C -> C, and an abstract domain A, a fundamental...
Logical deduction and abstraction from detail are fundamental, yet distinct aspects of reasoning abo...
Recently it has been shown how transfer functions for linear template constraints can be derived for...
AbstractSymbolic decision trees are not the only way to correlate the relationship between flags and...
Abstract interpretation is very useful for program analysis, because it provides a (sound) over-appr...
We consider the problem of synthesizing provably non-overflowing integer arithmetic expressions or B...
We present a way to abstract functional units in symbolic simulation of actual circuits, thus achiev...
We present a new decision procedure for finite-precision bitvector arithmetic with arbitrary bit-vec...
One approach to verifying bit-twiddling algorithms is to derive invariants between the bits that con...
Traditionally, transfer functions have been manually designed for each operation in a program. Recen...
This dissertation explores the use of abstraction in two areas of automated reasoning: verification ...
In a computer program, basic functionalities may be implemented using bit-wise operations. To formal...
This paper presents a framework for binary code analysis that uses only SAT-based algorithms. Within...
International audienceIn a computer program, basic functionalities may be implemented using bit-wise...
In a computer program, basic functionalities may be implemented using bit-wise operations. This can ...
Given a concrete domain C, a concrete operation tau: C -> C, and an abstract domain A, a fundamental...
Logical deduction and abstraction from detail are fundamental, yet distinct aspects of reasoning abo...
Recently it has been shown how transfer functions for linear template constraints can be derived for...
AbstractSymbolic decision trees are not the only way to correlate the relationship between flags and...
Abstract interpretation is very useful for program analysis, because it provides a (sound) over-appr...
We consider the problem of synthesizing provably non-overflowing integer arithmetic expressions or B...
We present a way to abstract functional units in symbolic simulation of actual circuits, thus achiev...