Falsification of Hybrid Systems Using Adaptive Probabilistic Search.

Dr. Philipp Wendler

Akademischer Rat

Picture of Dr. Philipp Wendler

Software and Computational Systems Lab
Department of Computer Science
Ludwig-Maximilians-Universität München (LMU Munich)
Oettingenstraße 67
80538 Munich (Germany)

Room F 008, Oettingenstr. 67
Office hours
Monday 10-11 please contact via e-mail
+49 89 2180-9181
lastname @ sosy.ifi.lmu.de
Personal Homepage


Please send me encrypted mails!
My GPG key: 0x31A9DE8C
Fingerprint: 19D5 A10B 2D97 88D8 7CBE E5ED 62C0 F78C 31A9 DE8C

Thesis Mentoring

Available topics
Refinement Selection with Adjustable-Block Encoding [1, 2, 3]
Improve replicability of BenchExec results [1, 2]

To improve replicability of results, it would be good if our benchmarking framework BenchExec would store as much information as possible about each executed benchmarking run, for example hashes of the respective input files (#418). For this we need code that generates SWHIDs, which could even be developed as a separate library. Afterwards, we also need a way for providing this information to users, e.g., together with #524.

Currently assigned topics
Consolidate pointer-aliasing analyses in CPAchecker [1]

CPAchecker has several different implementations of pointer-aliasing analyses, and the current state of what they support is unclear. This leads to the fact that they are rarely used and causes wrong results in case of pointer aliasing. The goal of this thesis is to create a strong CPA for pointer aliasing (either by merging the existing CPAs or rewriting them) that supports all necessary use cases (fast and imprecise as well as more precise) and migrate all existing uses of other pointer CPAs, such that the old code can be deleted (#358). Afterwards, it may be possible to add additional features (e.g., #742) or extend other components of CPAchecker to make use of the new CPA (e.g., #527, #398).

String analysis in CPAchecker [1, 2]
Support for exceptions in the Java analysis of CPAchecker
Verification Coverage: what parts of a program are covered by a verifier? [1]
Byte-level heap of predicate analysis CPAchecker [1, 2, 3]

CPAchecker currently models a program's heap as arrays of ints/floats/etc., depending on the types used in the program (cf. Section 4.4.3 of [3]). This is imprecise and prevents us from supporting functions like memset, which treat memory as an array of bytes. The goal of this project is to add an alternative heap encoding to CPAchecker's predicate analysis that allows byte-wise access to the heap and support for memset/memcpy/etc.

Use cgroups v2 for BenchExec to improve container isolation [1, 2]

Our benchmarking framework BenchExec uses cgroups in order to limit and measure time and memory usage during benchmarking. The Linux kernel is replacing cgroups with a new API (v2) and we need to support this in BenchExec (#133). Once we have it, we can use cgroup namespaces to better isolate our containers and provide full support for nested containers (#436).

Finished topics
String analysis in CPAchecker [1, 2]
LTL software model checking
A JavaScript frontend for CPAchecker
Improve analysis of Java programs in CPAchecker
Towards understandability of verification result: visualization of graphs produced by verifiers
Predicate analysis based on splitting states for CPAchecker [1, 2]
Improve predicate analysis based on domain-type of variables in CPAchecker [1, 2]
Good, bad, ugly interpolants. Measure interpolants and build heuristics. Topic might be related to refinement selection. [1]
Modern architecture and tests for HTML tables of BenchExec [1]
Improve usability of summary tab for HTML tables of BenchExec [1]

If you're a student interested in writing your thesis at our chair, you should also have a look at our full list of currently available theses.



(List at DBLPMy ORCID)

Other Responsibilities