<p>Bounded model checking (BMC) is a widely used technique for detecting security vulnerabilities and verifying the correctness of critical software components. While highly effective on small to medium-sized codebases, its application to large-scale software systems remains difficult due to scalability limitations. In this work, we present a practical methodology to enable the use of BMC in real-world, complex software projects. Our approach includes automated preprocessing of source code and a guided verification process that helps a model checker systematically explore a codebase. We also introduce a function-level prioritization mechanism that focuses verification efforts on the most critical code parts. We evaluated our method on popular open-source C projects, discovering security vulnerabilities that the respective developers confirmed. The results demonstrate that, with appropriate strategies, BMC can effectively scale to verify large software systems while maintaining low memory usage.</p>

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Finding software vulnerabilities in large C projects via bounded model checking

  • Janislley O. De Sousa,
  • Bruno C. de Farias,
  • Thales A. Da Silva,
  • Norbert Tihanyi,
  • Richard A. Dubniczky,
  • Eddie B. L. Filho,
  • Lucas C. Cordeiro

摘要

Bounded model checking (BMC) is a widely used technique for detecting security vulnerabilities and verifying the correctness of critical software components. While highly effective on small to medium-sized codebases, its application to large-scale software systems remains difficult due to scalability limitations. In this work, we present a practical methodology to enable the use of BMC in real-world, complex software projects. Our approach includes automated preprocessing of source code and a guided verification process that helps a model checker systematically explore a codebase. We also introduce a function-level prioritization mechanism that focuses verification efforts on the most critical code parts. We evaluated our method on popular open-source C projects, discovering security vulnerabilities that the respective developers confirmed. The results demonstrate that, with appropriate strategies, BMC can effectively scale to verify large software systems while maintaining low memory usage.