Swarat Chaudhuri and Rajeev Alur, "Instrumenting C Programs With Nested Word Monitors", Lecture Notes in Computer Science: Model Checking Software 4595, 279-283. July 2007. http://dx.doi.org/10.1007/978-3-540-73370-6_20
In classical automata-theoretic model checking of safety properties , a system model generates a language L of words modeling system executions, and verification involves checking if L ∩ L′ = ∅, L′ being the language of words deemed “unsafe” by the specification. This view is also used in recent program analyzers like Blast  and Slam , where a specification is a word automaton (or monitor) with finite-state control-flow that accepts all “unsafe” program executions. Typical analysis constructs the “product” of a program and a monitor, in effect instrumenting the program with extra commands and assertions, so that the input program fails its specification if and only if the product program fails an assertion. The latter is then checked for possible assertion failures. Monitors also find use in testing and runtime verification, where we try finding assertion violations in the product program at runtime.
CPS Formal Methods
Date of this Version
Lecture Notes in Computer Science: Model Checking Software
The original publication is available at www.springerlink.com
Date Posted: 10 July 2012