Software engineering frequently employs formal verification to guarantee program correctness, a process frequently facilitated by bounded model checking (BMC). Traditional verification tools use explicit type information, making Python, a dynamic programming language, difficult to verify. The lack of clear type information in Python programs makes ensuring their safety a challenging process, especially in systems with high-security demands.
Current traditional methods involve transforming codes into forms that can be examined by verification tools. Researchers have considered converting Python codes into C for analyzing them with C verification tools. However, this technique is deemed impractical due to the significant disparities between Python’s dynamic features and C’s static typing requirements.
Addressing this issue, scientists from the University of Manchester and TPV Technology have launched ESBMC-Python, a new tool developed to verify Python programs. ESBMC-Python uses the ESBMC framework, a proficient SMT-based bounded model checker, to formally verify Python codes. This tool enables Python program verification by manipulating them into abstract syntax trees (ASTs), which are subsequently type-annotated and formatted to fit the BMC pipeline.
ESBMC-Python’s process includes parsing the Python code to generate an AST, annotating the AST with type information, and converting it into an intermediate representation that the ESBMC framework can then analyze. This transformation involves expressing Python statements and expressions into symbols compatible with the ESBMC’s model-checking structure.
The efficacy of ESBMC-Python was evaluated using 85 Python programs, covering a wide array of real-world features in Python applications. Evaluation results were overall positive, with average verification times between 24.5 and 49.1 milliseconds and memory usage ranging between 14.5 and 26.4 megabytes. These performance metrics underscore ESBMC-Python’s potential efficacy in analyzing large codebases and extensive program sets in relatively short timeframes.
Notably, ESBMC-Python was successful in identifying a severe division-by-zero error within the Ethereum consensus specification, which governs processes such as node inclusion, validation, and validator penalty within the Ethereum blockchain. This error could have caused notable service interruptions and potential security vulnerabilities within the network, further underlining ESBMC-Python’s real-world application potential.
In conclusion, ESBMC-Python’s capabilities in pinpointing important errors, together with its efficacy in verifying the safety and correctness of Python programs, spotlight its practical significance and dependability. The research team plans to extend ESBMC-Python’s abilities by adding more features and improving the type inference algorithm to deal with complex program flows. All credit for this research goes to the researchers of this project.