TBFV-SE: Testing-Based Formal Verification with Symbolic Execution

摘要

Testing-Based Formal Verification (TBFV) is a rigorous and potentially automated approach to verifying the correctness of traversed program paths based on specification-based testing and Hoare logic, but its capability is limited due to the fact that Hoare logic may not be applicable. To address this challenge, we propose to use symbolic execution to replace Hoare logic in the existing TBFV, thus enhance the capability of TBFV. We call the newly proposed approach TBFV-SE (TBFV - Symbolic Execution). The advantage of TBFV-SE over the existing TBFV lies in its applicability to wide range of programs while preserving its characteristic of full automation. We descirbe the principle of TBFV-SE and present two case studies to demonstrate its feability and usability. We also discuss the condition under which TBFV-SE can be effectively used and potential challenges in building a tool support.