Written in C++ License Commercial | Available in English | |
Developer(s) Commissariat à l'Énergie Atomique Operating system Type Formal verification, Static code analysis | ||
Fluctuat has been developed by Commissariat à l'Énergie Atomique et aux Énergies Alternatives since 2001. Fluctuat enables the static analysis of C and Ada programs, with a special focus on floating-point operations.
Contents
Theoretical Background
Fluctuat is a static analyser, based on abstract interpretation. Compared to similar tools like Polyspace or Astrée, it relies on zonotopes as an abstract domain. It means that the value of each program variable is abstracted by a linear expression over noise symbols (internal variables that range in [-1,1]).
Let us now consider the following program:
x=[0,1]; y = 2*x+1; z = x * y;The first line means that the value of x can be anything in [0,1]. It can be written as x= 0.5 + 0.5*ε, where ε is a noise symbol. The second line implies that y= 2 + ε; since x and y share the same noise symbol, this abstract domain is relational. When there are non-linear operations, like in the third line, new noise symbols are introduced. The accurate symbolic expression would be z=1+1.5*ε + 0.5*ε*ε, but we abstract it as z=1.25+1.5ε+0.25η.
Features
Fluctuat's features include: