Abstract
Compositional verification is a promising approach to addressing the state explosion problem associated with model checking. One compositional technique advocates proving properties of a system by checking properties of its components in an assume-guarantee style. However, the application of this technique is dificult because it involves non-trivial human input. This paper presents a novel framework for performing assume-guarantee reasoning in an incremental and fully automated fashion. To check a component against a property, our approach generates assumptions that the environment needs to satisfy for the property to hold. These assumptions are then discharged on the rest of the system. Assumptions are computed by a learning algorithm. They are initially approximate, but become gradually more precise by means of counterexamples obtained by model checking the component and its environment, alternately. This iterative process may at any stage conclude that the property is either true or false in the system. We have implemented our approach in the LTSA tool and applied it to a NASA system.
This author is grateful for the support received from RIACS to undertake this research while participating in the Summer Student Research Program at the NASA Ames Research Center.
Chapter PDF
References
R. Alur, T. A. Henzinger, and O. Kupferman. Alternating-time temporal logic. In Compositionality: The Significant Difference-An International Symposium, 1997.
R. Alur, T. A. Henzinger, F. Y. C. Mang, S. Qadeer, S. K. Rajamani, and S. Tasiran. MOCHA: Modularity in model checking. In Proc. of the 10th Int. Conf. on Computer-Aided Verification, pages 521–525, June 28–July 2, 1998.
D. Angluin. Learning regular sets from queries and counterexamples. Information and Computation, 75(2):87–106, Nov. 1987.
S. C. Cheung and J. Kramer. Context constraints for compositional reachability analysis. ACM Transactions on Software Engineering and Methodology, 5(4):334–377, Oct. 1996.
S. C. Cheung and J. Kramer. Checking safety properties using compositional reachability analysis. ACM Transactions on Software Engineering and Methodology, 8(1):49–78, Jan. 1999.
T. S. Chow. Testing software design modeled by finite-state machines. IEEE Transactions on Software Engineering, SE-4(3):178–187, May 1978.
E. M. Clarke, D. E. Long, and K. L. McMillan. Compositional model checking. In Proc. of the 4th Symp. on Logic in Computer Science, pages 353–362, June 1989.
E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. MIT Press, 1999.
L. de Alfaro and T. A. Henzinger. Interface automata. In Proc. of the 8th European Software Engineering Conf. held jointly with the 9th ACM SIGSOFT Symp. on the Foundations of Software Engineering, pages 109–120, Sept. 2001.
L. de Alfaro and T. A. Henzinger. Interface theories for component-based design. In Proc. of the 1st Int. Workshop on Embedded Software, pages 148–165, Oct. 2001.
T. Dean and M. S. Boddy. An analysis of time-dependent planning. In Proc. of the 7th National Conf. on Artificial Intelligence, pages 49–54, Aug. 1988.
C. Flanagan, S. N. Freund, and S. Qadeer. Thread-modular verification for sharedmemory programs. In Proc. of the 11th European Symp. on Programming, pages 262–277, Apr. 2002.
D. Giannakopoulou, J. Kramer, and S. C. Cheung. Behaviour analysis of distributed systems using the Tracta approach. Automated Software Engineering, 6(1):7–35, July 1999.
D. Giannakopoulou, C. S. Păsăreanu, and H. Barringer. Assumption generation for software component verification. In Proc. of the 17th IEEE Int. Conf. on Automated Software Engineering, Sept. 2002.
A. Groce, D. Peled, and M. Yannakakis.Adaptive model checking. In Proc. of the 8th Int. Conf. on Tools and Algorithms for the Construction and Analysis of Systems, pages 357–370, Apr. 2002.
O. Grumberg and D. E. Long. Model checking and modular verification. In Proc. of the 2nd Int. Conf. on Concurrency Theory, pages 250–265, Aug. 1991.
T. A. Henzinger, S. Qadeer, and S. K. Rajamani. You assume, we guarantee: Methodology and case studies. In Proc. of the 10th Int. Conf. on Computer-Aided Verification, pages 440–451, June 28–July 2, 1998.
C. B. Jones. Specification and design of (parallel) programs. In R. Mason, editor, Information Processing 83: Proc. of the IFIP 9th World Congress, pages 321–332. IFIP: North Holland, 1983.
J.-P. Krimm and L. Mounier. Compositional state space generation from Lotos programs. In Proc. of the 3rd Int. Workshop on Tools and Algorithms for the Construction and Analysis of Systems, pages 239–258, Apr. 1997.
J. Magee and J. Kramer. Concurrency: State Models & Java Programs. John Wiley & Sons, 1999.
A. Pnueli. In transition from global to modular temporal reasoning about programs. In K. Apt, editor, Logic and Models of Concurrent Systems, volume 13, pages 123–144, New York, 1984. Springer-Verlag.
R. L. Rivest and R. E. Schapire. Inference of finite automata using homing sequences. Information and Computation, 103(2):299–347, Apr. 1993.
W. Visser, K. Havelund, G. Brat, and S.-J. Park. Model checking programs. In Proc. of the 15th IEEE Int. Conf. on Automated Software Engineering, Sept. 2000.
Q. Xu, W. P. de Roever, and J. He. The rely-guarantee method for verifying shared variable concurrent programs. Formal Aspects of Computing, 9(2):149–174, 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cobleigh, J.M., Giannakopoulou, D., PĂsĂreanu, C.S. (2003). Learning Assumptions for Compositional Verification. In: Garavel, H., Hatcliff, J. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2003. Lecture Notes in Computer Science, vol 2619. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36577-X_24
Download citation
DOI: https://doi.org/10.1007/3-540-36577-X_24
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00898-9
Online ISBN: 978-3-540-36577-8
eBook Packages: Springer Book Archive