Verifying Security Vulnerabilities in Large Software Systems using Multi-Core k-Induction

by   Thales Silva, et al.

Computer-based systems have been used to solve several domain problems, such as industrial, military, education, and wearable. Those systems need high-quality software to guarantee security and safety. We advocate that Bounded Model Checking (BMC) techniques can detect security vulnerabilities in the early stages of development processes. However, this technique struggles to scale up and verify large software commonly found on computer-based systems. Here, we develop and evaluate a pragmatic approach to verify large software systems using a state-of-the-art bounded model checker. In particular, we pre-process the input source-code files and then guide the model checker to explore the code systematically. We also present a multi-core implementation of the k-induction proof algorithm to verify and falsify large software systems iteratively. Our experimental results using the Efficient SMT-based Model Checker (ESBMC) show that our approach can guide ESBMC to efficiently verify large software systems. We evaluate our approach using the PuTTY application to verify 136 files and 2803 functions in less than 86 minutes, and the SlimGuard allocator, where we have found real security vulnerabilities confirmed by the developers. We conclude that our approach can successfully guide a bounded model checker to verify large software systems systematically.


A New Era in Software Security: Towards Self-Healing Software via Large Language Models and Formal Verification

In this paper we present a novel solution that combines the capabilities...

Automatic Extraction of Time-windowed ROS Computation Graphs from ROS Bag Files

Robotic systems react to different environmental stimuli, potentially re...

Model Checking C++ Programs

In the last three decades, memory safety issues in system programming la...

Verifying Software Vulnerabilities in IoT Cryptographic Protocols

Internet of Things (IoT) is a system that consists of a large number of ...

ESBMC-Jimple: Verifying Kotlin Programs via Jimple Intermediate Representation

In this work, we describe and evaluate the first model checker for verif...

The FormAI Dataset: Generative AI in Software Security Through the Lens of Formal Verification

This paper presents the FormAI dataset, a large collection of 112, 000 A...

CBMC: The C Bounded Model Checker

The C Bounded Model Checker (CBMC) demonstrates the violation of asserti...

Please sign up or login with your details

Forgot password? Click here to reset