Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
skip to main content
10.1145/349360.351126acmconferencesArticle/Chapter ViewAbstractPublication PagesfmspConference Proceedingsconference-collections
Article
Free access

Specification, validation, and synthesis of email agent controllers: A case study in function rich reactive system design

Published: 24 August 2000 Publication History

Abstract

With a few exceptions, previous formal methods for reactive system design have focused on finite state machines represented in terms of boolean states and boolean next-state functions. By contrast, in many reactive system domains requirements engineers and developers think in terms of complex data types and expressive next-state functions. Formal methods for reactive system design must be extended to meet their needs as well. I term a reactive system function rich if expressing its state, next-state function, or output function naturally requires this higher expressive power. ISAT, a prototype formal-methods based tool environment, is intended to assist in the creation of function rich reactive systems. This paper describes a case study I have carried out using ISAT to design, validate, synthesize, and evolve controllers for the email agent components making up a novel spam-free email system that I deployed in a user trial in July 1999. The trial has been running since, with high availability, through several evolutionary specification changes and resulting software releases. In addition to summarizing ISAT and the trial, this paper discusses tool requirements placed by the domain and task, the simple and powerful platform/controller/pure-functions software architecture of the components, as well as lessons learned from the study.

References

[1]
P. Abdulla, A. Annichini, S. Bensalem, A. Bouajjani, P. Habermehl, & Y. Lakhnech; Verification of infinite-state systems by combining abstraction and reachability analysis; In Proc. 11th Intl. Conf. on Computer Aided Verification, LNCS(1633), Berlin: Springer Verlag, 146-159, 1999.]]
[2]
R.Alur & T.Henzinger; Reactive modules; In Proc. 11th IEEE Symposium on Logic in Computer Science, 207-218, 1996.]]
[3]
R.Alur, L.Jagadeesan, J.Kott, J.Von Olnhausen; Model checking of real-time systems: a telecommunications application; In Proc. 19th Intl. Conf. Software Eng., 1997, ACM Press, 514-524.]]
[4]
Planware - domain-specific synthesis of high performance schedulers; In Proc. 13th IEEE Intl. Conf. on Automated Software Engineering, 270-279, IEEE Comp. Soc., 1998.]]
[5]
T. Bultan, R. Gerber, & C. League; Verifying systems with integer constraints and boolean predicates: a composite approach; In Proc. 1998 Intl. Symp. Software Testing and Analysis, ACM SIGSOFT SEN 23(2), 113-123, 1998.]]
[6]
J.R. Burch, E.M. Clarke, K.L. McMillan, D.L. Dill, & L.J. Hwang; Symbolic model checking: 1020 states and beyond; Info. and Comput. 98, 142-170, 1992.]]
[7]
B. Costales, E. Allman, & N. Rickert; Sendmail; Sebastopol, CA: O'Reilly and Assoc; 1993.]]
[8]
P. Godefroid, R. Hanmer, & L. Jagadeesan; Model checking without a model: an analysis of the heart-beat monitor of a telephone switch using verisoft; In Proc. 1998 ACM SIG- SOFT Intl. Symp. on Software Testing and Analysis, New York, NY: ACM Press, SEN 23(2), 124-133, 1998]]
[9]
S. Graf & H. Saidi; Construction of abstract state graphs with PVS. In Proc. Conf. on Computer Aided Verification, LNCS 1254; Springer Verlag, 1997.]]
[10]
R.J. Hall; Systematic incremental validation of reactive systems via sound scenario generalization; J. Automated Software Eng. 2(2), 131-166, 1995; Norwell, MA: Kluwer Acad.]]
[11]
R.J. Hall; INFOMOD: a knowledge-based moderator for electronic mail help lists; In Proc. Fifth Intl. Conf. on Information and Knowledge Management, 107-114, ACM Press, 1996. See also http://pcalvoid.research.att.com/.]]
[12]
R.J. Hall; Reactive system validation using automated reasoning over a fragment library; in Proc. 1997 IEEE Automated Software Engineering Conf. (ASE'97). IEEE 1997.]]
[13]
R.J. Hall; How to avoid unwanted email; Comm. ACM 41(3), 88-95, March 1998.]]
[14]
R.J. Hall; Feature combination and interaction detection via foreground/background models; in Proc. Fifth Intl. Workshop on Feature Interactions in Telecommunications and Software Systems; IOS Press, 1998.]]
[15]
R.J. Hall; Email channels help web site, 1999-2000; http://pcalvoid.research.att.com/]]
[16]
D. Harel; Statecharts: a visual approach to complex systems; Sci. of Computer Programming, 8(3) (June 1987) 231-274.]]
[17]
M. Heimdahl & N. Leveson; Completeness and consistency analysis of state-based requirements; IEEE Transactions on Software Engineering, 22(6), 363-377, 1996.]]
[18]
C.L. Heitmeyer, R.D. Jeffords, & B.G. Labaw; Automated consistency checking of requirements specifications; ACM Trans. Software Eng. and Methodology 5(3), 1996, 231-261.]]
[19]
G.J. Holzmann; Design and validation of computer protocols; Englewood Cliffs, NJ: Prentice Hall, 1991.]]
[20]
M. Lowry, M.Boyd, D. Kulkarni; Towards a theory for integration of mathematical verification and empirical testing; In Proc. 13th IEEE Intl. Automated Software Engineering Conf.; 322-331, IEEE Computer Society, 1998.]]
[21]
G. Manku, R. Hojati, & R. Brayton; Structural symmetry and model checking; In Proc. 10th Intl. Conf. on Computer Aided Verification, LNCS(1427), Berlin: Springer Verlag, 159-171, 1998.]]
[22]
J. Myers & M. Rose;"\Post Office Protocol - Version 3"; Network Working Group Request for Comments 1725 (RFC 1725, November 1994); http://andrew2.andrew.cmu.edu/rfc/rfc1725.]]
[23]
M. Nakamura, Y. Kakuda, & T. Kikuno; Petri-net based detection method for non-deterministic feature interactions and its experimental evaluation; in Feature Interactions in Telecommunications IV, 138-152, IOS Press, 1996.]]
[24]
C. Rich & Y. Feldman; Seven layers of knowledge representation and reasoning in support of software development; IEEE Trans. on Software Eng. 18(6), 451-469, June 1992.]]
[25]
J. Rushby; Integrated formal verification: using model checking with automated abstraction, invariant generation, and theorem proving; in Proc. Theoretical and Practical Aspects of SPIN Model Checking: 5th and 6th International SPIN Workshops Springer Verlag Lecture Notes in Computer Science volume 1680, pp. 1-11.]]
[26]
Y. Srinivas & R. Jullig; Specware: formal support for composing software; In Proc. Conf. on Mathematics of Program Construction, Kloster Irsee, Germany, 1995.]]
[27]
K. Williamson & M. Healy; Industrial applications of software synthesis via category theory; in Proc. 14th IEEE Intl. Conf. on Automated Software Engineering, 35-43, IEEE Computer Society, 1999.]]
[28]
P. Wolper & B. Boigelot; Verifying systems with infinite but regular state spaces; In Proc. 10th Intl. Conf. on Computer Aided Verification, LNCS(1427), Berlin: Springer Verlag, 88-97, 1998.]]

Cited By

View all
  • (2006)RE 05IEEE Software10.1109/MS.2006.7923:3(16-18)Online publication date: 1-May-2006
  • (2001)Specification Modeling and Validation Applied to a Family of Network Security ProductsProceedings of the 16th IEEE international conference on Automated software engineering10.5555/872023.872554Online publication date: 26-Nov-2001
  • (2001)Specification modeling and validation applied to a family of network security productsProceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)10.1109/ASE.2001.989792(71-80)Online publication date: 2001
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FMSP '00: Proceedings of the third workshop on Formal methods in software practice
August 2000
112 pages
ISBN:158113262X
DOI:10.1145/349360
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 24 August 2000

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Electronic Mail
  2. Formal Methods
  3. Reactive Systems

Qualifiers

  • Article

Conference

FMSP00
Sponsor:

Acceptance Rates

FMSP '00 Paper Acceptance Rate 9 of 31 submissions, 29%;
Overall Acceptance Rate 21 of 75 submissions, 28%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)42
  • Downloads (Last 6 weeks)9
Reflects downloads up to 17 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2006)RE 05IEEE Software10.1109/MS.2006.7923:3(16-18)Online publication date: 1-May-2006
  • (2001)Specification Modeling and Validation Applied to a Family of Network Security ProductsProceedings of the 16th IEEE international conference on Automated software engineering10.5555/872023.872554Online publication date: 26-Nov-2001
  • (2001)Specification modeling and validation applied to a family of network security productsProceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)10.1109/ASE.2001.989792(71-80)Online publication date: 2001
  • (2000)Specification modeling and validation applied to network security gatewaysProceedings Fifth IEEE International Symposium on Requirements Engineering10.1109/ISRE.2001.948589(289-289)Online publication date: 2000
  • (2000)Upgrading legacy instances of reactive systemsProceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering10.1109/ASE.2000.873651(63-72)Online publication date: 2000

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media