ESBMC-Python: The First BMC-based Python-code Verifier
Practical Solutions and Value
Formal verification is crucial in software engineering to ensure program correctness through mathematical proof. One widely used technique for this purpose is bounded model checking (BMC), which involves verifying the correctness of a program within specified bounds.
Python, a programming language favored for its simplicity and extensive libraries, presents unique challenges for formal verification due to its dynamic nature and lack of explicit type information.
ESBMC-Python is a novel tool designed to verify Python programs by converting them into abstract syntax trees (ASTs) and then using the efficient SMT-based bounded model checker framework to formally verify Python code.
The tool’s performance was evaluated using a benchmark suite comprising 85 Python programs, showing impressive verification times and memory usage, indicating its efficiency in handling large codebases and extensive program sets.
ESBMC-Python’s standout achievement was its ability to identify a critical division-by-zero error in the Ethereum consensus specification, underscoring its practical utility and effectiveness in real-world applications.
ESBMC-Python ensures the safety and correctness of Python programs, providing a valuable benchmark for future verification tools and plans to extend its capabilities by including more features and enhancing the type inference algorithm to handle complex program flows.
