{"title":"Optimization of Farkas' Lemma-based linear invariant generation using divide-and-conquer with pruning","authors":"Ruibang Liu, Hongming Liu, Guoqiang Li","doi":"10.1016/j.scico.2025.103361","DOIUrl":"10.1016/j.scico.2025.103361","url":null,"abstract":"<div><div>Formal verification plays a critical role in contemporary computer science, offering mathematically rigorous methods to ensure the correctness, reliability, and security of programs. Loops, due to their complexity and uncertainty, have become a major challenge in program verification. Loop invariants are often employed to abstract the properties of loops within a program, making the automatic generation of such invariants a pivotal challenge. Among the various methods, template-based frameworks grounded in Farkas' Lemma are recognized for their effectiveness in generating tight invariants in the realm of constraint solving. Recent advances have identified the conversion from conjunctive normal form (CNF) to disjunctive normal form (DNF) as a major bottleneck, leading to a combinatorial explosion. In this study, we introduce an optimized algorithm to address the combinatorial explosion by trading off space for time efficiency. Our approach employs two key strategies, divide-and-conquer, and pruning, to boost speed. First, we apply a divide-and-conquer strategy to decompose a complex problem into smaller, more manageable subproblems that can be solved quickly and in parallel. Second, we intelligently apply a pruning strategy, navigating the depth-first search process to avoid unnecessary checks. These improvements maintain the accuracy and speed up the analysis. We constructed a small dataset to showcase the superiority of our tool, which achieved an average speedup of 9.27x on this dataset. The experiments demonstrate that our method provides significant acceleration while maintaining accuracy and indicate that our approach outperforms the state-of-the-art methods.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103361"},"PeriodicalIF":1.5,"publicationDate":"2025-07-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144656371","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yibo Dai , Li Xie , Peng Wu , Shecheng Cui , Linhai Ma
{"title":"Intrathread method orders based adaptive testing of concurrent objects","authors":"Yibo Dai , Li Xie , Peng Wu , Shecheng Cui , Linhai Ma","doi":"10.1016/j.scico.2025.103362","DOIUrl":"10.1016/j.scico.2025.103362","url":null,"abstract":"<div><div>Concurrent data structures or classes are designed to provide safe accesses and simultaneous updates by multiple threads to shared objects in a concurrent environment, with the goal of enhancing parallelism and throughput. However, testing concurrent objects poses significant challenges due to the potential explosion of concurrency test spaces, the variety of programming vulnerabilities, and the inherent nondeterminism of concurrent test executions. In this paper, we propose an Intrathread Method Orders based Adaptive Concurrency Testing (IMOACT) framework for concurrent objects. IMOACT can capture diverse behaviors of interthread method pairs through characterizing concurrent execution contexts with intrathread method orders. Moreover, IMOACT can adaptively optimize concurrent test executions by generating scheduling sequences based on the key scheduling points visited so far, streamlining test generation and execution organically across multiple tests. Experimental case studies with typical C/C++ concurrent classes demonstrate that IMOACT outperforms baseline approaches. On average, IMOACT promotes the effectiveness of detecting concurrency bugs by 65%, and achieves a speedup of 2.43x compared to the underlying state-of-the-art concurrency testing approach.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"248 ","pages":"Article 103362"},"PeriodicalIF":1.5,"publicationDate":"2025-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144663008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Wang Zili, Gamboa Guzman Laura P., Rozier Kristin Y.
{"title":"WEST: Interactive validation of Mission-time Linear Temporal Logic (MLTL)","authors":"Wang Zili, Gamboa Guzman Laura P., Rozier Kristin Y.","doi":"10.1016/j.scico.2025.103365","DOIUrl":"10.1016/j.scico.2025.103365","url":null,"abstract":"<div><div>Mission-time Linear Temporal Logic (MLTL) is a finite, discrete, closed-interval-bounded variant of Metric Temporal Logic (MTL) that formal methods practitioners use to specify requirements for safety-critical systems, such as aircraft and spacecraft. Our tool addresses the specification bottleneck of formal verification by providing an interactive visualization tool for MLTL that allows practitioners to validate that their MLTL specifications do indeed match the intended requirements. We provide an overview of the functionalities of the command-line interface and the graphical user interface of the WEST tool. Additionally, we provide five independent methods used to validate the tool's correctness, as well as experimental results demonstrating the tool's scalability on three suites of randomly generated MLTL formulas.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"248 ","pages":"Article 103365"},"PeriodicalIF":1.5,"publicationDate":"2025-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144662956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Adrian Francalanza , Gerard Tabone , Frank Pfenning
{"title":"Grits: A message-passing programming language based on the semi-axiomatic sequent calculus","authors":"Adrian Francalanza , Gerard Tabone , Frank Pfenning","doi":"10.1016/j.scico.2025.103360","DOIUrl":"10.1016/j.scico.2025.103360","url":null,"abstract":"<div><div>This paper introduces <span>Grits</span>, a channel-based message-passing concurrent language based on the semi-axiomatic sequent calculus, a logical foundation underpinning intuitionistic session types. The language leverages modalities from adjoint logic to express a number of programming idioms such as broadcast communication and message cancellation. The <span>Grits</span> interpreter is developed using Go, and consists primarily of two components: a type-checker and an evaluator.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"248 ","pages":"Article 103360"},"PeriodicalIF":1.5,"publicationDate":"2025-07-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144685667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Kangliang Zhu , Wenhua Yang , Minxue Pan , Yu Zhou
{"title":"Detecting duplicate vulnerability records across databases","authors":"Kangliang Zhu , Wenhua Yang , Minxue Pan , Yu Zhou","doi":"10.1016/j.scico.2025.103357","DOIUrl":"10.1016/j.scico.2025.103357","url":null,"abstract":"<div><div>Vulnerability databases are critical repositories that aggregate information about known security vulnerabilities across various software products. However, the existence of multiple, heterogeneous databases often leads to duplicate vulnerability records, necessitating significant manual effort by maintainers to identify and consolidate these duplicates. This study addresses the challenge of detecting duplicate vulnerabilities across different databases by proposing a combined method that integrates cosine similarity measures with a fine-tuned BERT-based language model. We constructed a comprehensive duplicate vulnerability dataset by analyzing records from prominent databases such as CVE, OSV, and the GitHub Advisory Database. Our method was evaluated against several baseline techniques, including similarity-based and deep learning-based approaches, demonstrating superior performance across multiple metrics, including Hit Rate@N, Mean Reciprocal Rank (MRR), Mean Rank, and Median Rank. Additionally, our method proved effective in practical scenarios involving ongoing database maintenance, showcasing its ability to generalize to unseen data. The findings highlight the potential of integrating traditional similarity measures with advanced language models to enhance the accuracy and efficiency of duplicate vulnerability detection, thereby facilitating more reliable vulnerability management.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103357"},"PeriodicalIF":1.5,"publicationDate":"2025-07-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144571314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pieter J.L. Cuijpers , Jonas Hansen , Kim G. Larsen
{"title":"Safe and infinite resource scheduling using energy timed automata","authors":"Pieter J.L. Cuijpers , Jonas Hansen , Kim G. Larsen","doi":"10.1016/j.scico.2025.103358","DOIUrl":"10.1016/j.scico.2025.103358","url":null,"abstract":"<div><div>We study the existence of infinite and safe schedules for resource-dependent real-time systems, in the setting of multiple continuous resources. Specifically, we explore the multi-variable extension of Energy Timed Automata, where variables are bounded by polyhedra in <span><math><msup><mrow><mi>R</mi></mrow><mrow><mi>n</mi></mrow></msup></math></span>. We ask the question of whether there exist infinite runs satisfying such boundary constraints and show how schedules can be synthesized by characterising these runs as limit sets using quantifier elimination for linear real arithmetic. We show that for linear limit sets, it is possible to characterise such infinite runs.</div><div>Additionally, we relate this to an earlier decidability result for single-variable Energy Timed Automata that are flat and segmented, and show constructively that there exist flat and segmented multi-variable Energy Timed Automata that give rise to non-linear limit sets.</div><div>Lastly, we solidify our framework and method with a case study. Specifically, a multi-agent extension of an industrial case concerned with oil tanks, originally provided by the HYDAC company.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103358"},"PeriodicalIF":1.5,"publicationDate":"2025-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144571313","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Random test generators demystified: Differences and potential for compiler reliability","authors":"Yang Wang, Zeyu Lu, Beining Wu, Yibiao Yang, Hongmin Lu, Yuming Zhou","doi":"10.1016/j.scico.2025.103359","DOIUrl":"10.1016/j.scico.2025.103359","url":null,"abstract":"<div><div>Compiler testing requires diverse programs as inputs. Various random program generators that can produce programs from scratch have been developed for this purpose. However, there is a gap in understanding (1) the differences among the generated programs and (2) how to make better use of these generators. To fill this gap, we selected five C random program generators and conducted the first comprehensive empirical analysis. For generated programs, our study focuses on three key areas: comparing the variations in features from multiple perspectives, analyzing the impact of compiling these programs on open-source compilers, and exploring their application potential in non-traditional testing scenarios. Programs from different generators show distinctive differences in various program features. Each has unique abilities to increase coverage of specific compiler components. Moreover, they can spot inconsistencies in the coverage statistics provided by different compilers, indicating promising application potential. Our study demonstrates that existing generators involve trade-offs in their design, making it challenging for any single implementation to balance efficiency, usability, and diversity for all scenarios. This motivates us to both maximize the potential of current generators and innovate to create more high-quality test programs for modern compiler quality assurance.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103359"},"PeriodicalIF":1.5,"publicationDate":"2025-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144563540","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Low-code design of collective systems with ScaFi-Blocks","authors":"Gianluca Aguzzi, Matteo Cerioni, Mirko Viroli","doi":"10.1016/j.scico.2025.103356","DOIUrl":"10.1016/j.scico.2025.103356","url":null,"abstract":"<div><div>ScaFi-Blocks is a visual, low-code programming environment for designing and implementing swarm algorithms. Built on the ScaFi aggregate computing framework and the Blockly visual programming library, ScaFi-Blocks enables users to visually compose algorithms using intuitive building blocks, abstracting away the complexities of traditional swarm programming frameworks. This approach simplifies the development of collective behaviours for a wide range of swarm systems, including robot swarms, IoT device ensembles, and sensor networks, fostering broader accessibility and innovation within the field. This contribution bridges the gap between visual programming and textual code, lowering the barrier to entry for non-experts while promoting a deeper understanding of aggregate computing principles.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103356"},"PeriodicalIF":1.5,"publicationDate":"2025-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144518309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"PN2CCS: A tool to encode Petri nets into calculus of communicating systems","authors":"Benjamin Bogø , Andrea Burattin , Alceste Scalas","doi":"10.1016/j.scico.2025.103355","DOIUrl":"10.1016/j.scico.2025.103355","url":null,"abstract":"<div><div>PN2CCS is a software tool to encode Petri nets (PN) into the Calculus of Communication Systems (CCS). Its purpose is to allow Petri nets generated by most process mining algorithms (for instance, the <em>α</em>-miner) to be encoded into CCS, with the longer term goal of enabling the application tools and techniques developed for process calculi to the realm of process mining. PN2CCS is written in JavaScript and runs in modern web browsers with an interactive graphical user interface. The interface allows users to input a Petri net either by drawing it in the tool or importing a Petri net from a common file format for Petri nets. The tool then classifies the input Petri net and encodes it into CCS. The tool allows to encode a slight generalization of free-choice (workflow) nets as well as Petri nets directly expressible in CCS.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103355"},"PeriodicalIF":1.5,"publicationDate":"2025-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144579430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Fossil 2.0: Design, usage and impact of a software tool for verification and control of dynamical models","authors":"Alec Edwards , Andrea Peruffo , Alessandro Abate","doi":"10.1016/j.scico.2025.103354","DOIUrl":"10.1016/j.scico.2025.103354","url":null,"abstract":"<div><div>This paper introduces <span>Fossil</span> 2.0, an advanced software tool designed for synthesizing certificates such as Lyapunov and barrier functions for dynamical systems represented by ordinary differential equations and difference equations. <span>Fossil</span> 2.0 features a range of significant enhancements, including improved user interfaces, an expanded library of certificates, controller synthesis capabilities, and an extensible architecture. These advancements are detailed as part of this paper. The core of <span>Fossil</span> is a counterexample-guided inductive synthesis (CEGIS) framework that ensures soundness. The tool employs neural networks as templates to generate candidate functions, which are rigorously validated using a satisfiability modulo theories (SMT) solver. Key improvements over the previous release include support for a broader class of certificates, integration of control law synthesis, and compatibility with discrete-time models.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"247 ","pages":"Article 103354"},"PeriodicalIF":1.5,"publicationDate":"2025-06-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"144472132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}