Differences between static analysis and model checking - IAR Systems
Differences between static analysis and model checking - IAR Systems
Differences between static analysis and model checking - IAR Systems
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
expressions can never be true after some point in time. This must be repeated for all events that can<br />
trigger a transition out of a state. And so far we have only checked one state…<br />
So given ordinary C code it is difficult to express the dead-end property in any meaningful way; in fact, is<br />
does not really get any simpler by realizing that the code is a pure state machine. And this is mainly<br />
because there is a gap <strong>between</strong> the semantics of the state machine abstraction <strong>and</strong> the implementation<br />
language.<br />
This gap is not unique for the state machine abstraction, so given that you work in a problem domain<br />
where some form of formal verification or <strong>model</strong> <strong>checking</strong> is available you might reap huge benefits by<br />
using it – together with a competent <strong>static</strong> <strong>analysis</strong> tool, of course!<br />
Page 6