Paulius Stankaitis,Alexei Iliasov,David Adjepon-Yamoah,Alexander Romanovsky

DOI: https://doi.org/10.48550/arXiv.1611.02923

2016-11-09

Abstract:Event-B is one of more popular notations for model-based, proof driven specification. It offers a fairly high-level mathematical lan- guage based on FOL and ZF set theory and an economical yet expres- sive modelling notation. Model correctness is established by discharging proving a number conjectures constructed via a syntactic instantiation of schematic conditions. A large proportion of provable conjectures re- quires proof hints from a user. For larger models this becomes extremely onerous as identical or similar proofs have to be repeated over and over, especially after model refactoring stages. In the paper we briefly present a new Rodin Platform proof back-end based on the Why3 umbrella prover.

Software Engineering

Mirtha Lina Fernández Venero,Flávio Soares Corrêa da Silva

DOI: https://doi.org/10.48550/arXiv.1403.7991

2014-03-31

Abstract:Nested Petri nets have been applied for modeling interaction protocols, mobility, adaptive systems and interorganizational workflows. However, few results have been reported on the use of automated tools for analyzing the behavior of these nets. In this paper we present a general translation from nested Petri nets into PROMELA and explain how some properties of these nets can be studied using SPIN model checker. Besides, we discuss how to deal with the main limitations that may influence SPIN performance when verifying practical examples.

Logic in Computer Science

Oana Andrei,Maribel Fernández,Hélène Kirchner,Guy Melançon,Olivier Namet,Bruno Pinaud

DOI: https://doi.org/10.4204/EPTCS.48.7

2011-02-14

Abstract:This paper investigates the use of graph rewriting systems as a modelling tool, and advocates the embedding of such systems in an interactive environment. One important application domain is the modelling of biochemical systems, where states are represented by port graphs and the dynamics is driven by rules and strategies. A graph rewriting tool's capability to interactively explore the features of the rewriting system provides useful insights into possible behaviours of the model and its properties. We describe PORGY, a visual and interactive tool we have developed to model complex systems using port graphs and port graph rewrite rules guided by strategies, and to navigate in the derivation history. We demonstrate via examples some functionalities provided by PORGY.

Computational Engineering, Finance, and Science,Software Engineering

Samuel Vogel,Peter Arnold

DOI: https://doi.org/10.48550/arXiv.1712.07204

2017-12-19

Software Engineering

Abstract:The ongoing digital transformation in industry applies to all product life cycle's stages. The design decisions and dimensioning carried out in the early conceptual design stages determine a huge part of the product's life cycle costs (LCC). The automation of the conceptual design phase promises therefore huge gains in terms of LCC. Design grammars encode design processes in production systems made up of rule sequences which automatically create an abstract central product model (central data model) from given requirements. Graph-based design languages use the Unified-Modeling-Language (UML) to define the product entities (classes) supporting object-oriented inheritance. Graphical rules instantiate the classes and iteratively assemble the central model. This paper proposes to extend the design languages by introducing methods (operations). This allows the use of object-oriented design patterns and interface mechanisms as object-oriented principles are then fully implemented. A graphical mechanism to model the method calls is presented which integrates seamlessly into the graph-based design language's graphical rule specification. The object oriented design grammar enables modularization and reusability of engineering knowledge. The integration of engineering domains is enhanced and multistakeholder collaboration with access control (information security) becomes feasible.

Yi Yang,Tom Holvoet

2024-06-25

Abstract:Developing autonomous decision-making requires safety assurance. Agent programming languages like AgentSpeak and Gwendolen provide tools for programming autonomous decision-making. However, despite numerous efforts to apply model checking to these languages, challenges persist such as a faithful semantic mapping between agent programs and the generated models, efficient model generation, and efficient model checking. As an extension of the agent programming language GOAL, vGOAL has been proposed to formally specify autonomous decisions with an emphasis on safety. This paper tackles the mentioned challenges through two automated model-checking processes for vGOAL: one for Computation Tree Logic and another for Probabilistic Computation Tree Logic. Compared with the existing model-checking approaches of agent programming languages, it has three main advantages. First, it efficiently performs automated model-checking analysis for a given vGOAL specification, including efficiently generating input models for NuSMV and Storm and leveraging these efficient model checkers. Second, the semantic equivalence is established for both nondeterministic models and probabilistic models of vGOAL: from vGOAL to transition systems or DTMCs. Third, an algorithm is proposed for efficiently detecting errors, which is particularly useful for vGOAL specifications that describe complex scenarios. Validation and experiments in a real-world autonomous logistic system with three autonomous mobile robots illustrate both the efficiency and practical usability of the automated CTL and PCTL model-checking process for vGOAL.

Multiagent Systems

ZHANG Pin,LUO Gui-ming

2007-01-01

Journal of Computer Applications

Abstract:Unified Modeling Language(UML)is the most commonly used method in software system design and analysis,and how to verify that the UML model satisfies some properties is a very important issue.Model Checking is an efficient automatic technique for the improvement of system's reliability,and this paper is a research into how to check UML model through the Simple PROMELA Interpreter(SPIN)model-checker.After describing the UML model using formal method,we first used hierarchical automata to express statecharts diagram.In addition,we translated the statecharts and part of the class diagram into PROMELA based on the operational semantic of hierarchical automata,and verified the model by using Simple Promela Interpreter(SPIN)to test if it satisfied the LTL properties.We also verified the consistency between sequence diagram and statecharts diagram by using LTL formula to express sequence diagram.Finally,based on the method,we developed a model checker tool called UMLChecker.

JIANG Yang,LUO Gui-ming

2007-01-01

Journal of Computer Applications

Abstract:Petri-net is a precise mathematic model which is suitable to describe concurrency,synchronism and non-determinism,and it has been widely used in the design of software/hardware systems.In this paper,we extended the basic simple Petri-net,advanced MCPN(Petri-net for model checking) which is more suitable for model checking,and transformed MCPN models into PROMELA — the input language of model checker SPIN.Then we can use the SPIN tools to do the model checking work in order to enhance the reliability of system design.We considered simultaneous firing of sets of transitions(Transitions in the set have no conflict with each other).Also we developed a method to handle the fairness problem effectively.Finally our approach is exemplified by a case study.

Bruno Pereira Cipriano,Pedro Alves,Paul Denny

DOI: https://doi.org/10.48550/arXiv.2403.08396

2024-03-13

Software Engineering

Abstract:Much research has highlighted the impressive capabilities of large language models (LLMs), like GPT and Bard, for solving introductory programming exercises. Recent work has shown that LLMs can effectively solve a range of more complex object-oriented programming (OOP) exercises with text-based specifications. This raises concerns about academic integrity, as students might use these models to complete assignments unethically, neglecting the development of important skills such as program design, problem-solving, and computational thinking. To address this, we propose an innovative approach to formulating OOP tasks using diagrams and videos, as a way to foster problem-solving and deter students from a copy-and-prompt approach in OOP courses. We introduce a novel notation system for specifying OOP assignments, encompassing structural and behavioral requirements, and assess its use in a classroom setting over a semester. Student perceptions of this approach are explored through a survey (n=56). Generally, students responded positively to diagrams and videos, with video-based projects being better received than diagram-based exercises. This notation appears to have several benefits, with students investing more effort in understanding the diagrams and feeling more motivated to engage with the video-based projects. Furthermore, students reported being less inclined to rely on LLM-based code generation tools for these diagram and video-based exercises. Experiments with GPT-4 and Bard's vision abilities revealed that they currently fall short in interpreting these diagrams to generate accurate code solutions.

Michele Chiari,Luca Geatti,Nicola Gigante,Matteo Pradella

2024-05-19

Abstract:Operator Precedence Languages (OPL) have been recently identified as a suitable formalism for model checking recursive procedural programs, thanks to their ability of modeling the program stack. OPL requirements can be expressed in the Precedence Oriented Temporal Logic (POTL), which features modalities to reason on the natural matching between function calls and returns, exceptions, and other advanced programming constructs that previous approaches, such as Visibly Pushdown Languages, cannot model effectively. Existing approaches for model checking of POTL have been designed following the explicit-state, automata-based approach, a feature that severely limits their scalability. In this paper, we give the first symbolic, SMT-based approach for model checking POTL properties. While previous approaches construct the automaton for both the POTL formula and the model of the program, we encode them into a (sequence of) SMT formulas. The search of a trace of the model witnessing a violation of the formula is then carried out by an SMT-solver, in a Bounded Model Checking fashion. We carried out an experimental evaluation, which shows the effectiveness of the proposed solution.

Logic in Computer Science

Daniel Castanho,Mário Pereira

DOI: https://doi.org/10.48550/arXiv.2207.09854

2022-07-20

Abstract:Functional programming offers the perfect ground for building correct-by-construction software. Languages of such paradigm normally feature state-of-the-art type systems, good abstraction mechanisms, and well-defined execution models. We claim that all of these make software written in a functional language excellent targets for formal certification. Yet, somehow surprising, techniques such as deductive verification have been seldom applied to large-scale programs, written in mainstream functional languages. In this paper, we wish to address this situation and present the auto-active proof of realistic OCaml implementations. We choose implementations issued from the OCamlgraph library as our target, since this is both a large-scale and widely-used piece of OCaml code. We use Cameleer, a recently proposed tool for the deductive verification of OCaml programs, to conduct the proofs of the selected case studies. The vast majority of such proofs are completed fully-automatically, using SMT solvers, and when needed we can apply lightweight interactive proof inside the Why3 IDE (Cameleer translates an input program into an equivalent WhyML one, the language of the Why3 verification framework). To the best of our knowledge, these are the first mechanized, mostly-automated proofs of graph algorithms written in OCaml.

Logic in Computer Science

Maribel Fernández,Sébastien Maulat

DOI: https://doi.org/10.4204/EPTCS.101.3

2012-11-17

Abstract:The biologically inspired framework of port-graphs has been successfully used to specify complex systems. It is the basis of the PORGY modelling tool. To facilitate the specification of proof normalisation procedures via graph rewriting, in this paper we add higher-order features to the original port-graph syntax, along with a generalised notion of graph morphism. We provide a matching algorithm which enables to implement higher-order port-graph rewriting in PORGY, thus one can visually study the dynamics of the systems modelled. We illustrate the expressive power of higher-order port-graphs with examples taken from proof-net reduction systems.

Logic in Computer Science

Anas AlSobeh

DOI: https://doi.org/10.30935/ojcmt/13771

2024-03-03

Abstract:In the intricate domain of software systems verification, dynamically model checking multifaceted system characteristics remains paramount, yet challenging. This research proposes the advanced observe-based statistical model-checking (OSM) framework, devised to craft executable formal models directly from foundational system code. Leveraging model checking predicates, the framework melds seamlessly with aspect-oriented programming paradigms, yielding a potent method for the analytical verification of varied behavioral attributes. Exploiting the transformative capacity of OSM framework, primary system code undergoes a systematic metamorphosis into multifaceted analysis constructs. This not only simplifies the model verification process but also orchestrates feature interactions using an innovative observing join point abstraction mechanism. Within this framework, components encompassing parsing, formal verification, computational analytics, and rigorous validation are intrinsically interwoven. Marrying the principles of model checking with aspect-oriented (AO) modularization, OSM framework stands as a paragon, proficiently scrutinizing and affirming system specifications. This ensures the unyielding performance of electronic health record systems amidst shifting preconditions. OSM framework offers runtime verification of both object-oriented and AO deployments, positioning itself as an indispensable open-source resource, poised to automate the enhancement of system performance and scalability.

Software Engineering

Sven Schneider,Maria Maximova,Holger Giese

DOI: https://doi.org/10.48550/arXiv.2106.08418

2021-06-16

Abstract:Cyber-physical systems often encompass complex concurrent behavior with timing constraints and probabilistic failures on demand. The analysis whether such systems with probabilistic timed behavior ad-here to a given specification is essential. When the states of the system can be represented by graphs, the rule-based formalism of Probabilistic Timed Graph Transformation Systems (PTGTSs) can be used to suitably capture structure dynamics as well as probabilistic and timed behavior of the system. The model checking support for PTGTSs w.r.t. properties specified using Probabilistic Timed Computation Tree Logic (PTCTL) has been already presented. Moreover, for timed graph-based runtime monitoring, Metric Temporal Graph Logic (MTGL) has been developed for stating metric temporal properties on identified subgraphs and their structural changes over time. In this paper, we (a) extend MTGL to the Probabilistic Metric Temporal Graph Logic (PMTGL) by allowing for the specification of probabilistic properties, (b) adapt our MTGL satisfaction checking approach to PTGTSs, and (c) combine the approaches for PTCTL model checking and MTGL satisfaction checking to obtain a Bounded Model Checking (BMC) approach for PMTGL. In our evaluation, we apply an implementation of our BMC approach in AutoGraph to a running example.

Software Engineering

Hai Wan,Drey, Z.,Zhiyang You,Liu

DOI: https://doi.org/10.1109/icsssm.2010.5530198

2010-01-01

Abstract:Various forms of pervasive computing environments are being deployed in an increasing number of areas including hospitals, homes and military settings. Entities in this environment provide rich functionalities (i.e. services). How to organize these heterogeneous and distributed entities to deliver user-defined services is challenging. Pantagruel is an approach to integrate a taxonomical description of a pervasive computing environment into a visual programming language. A taxonomy describes the relevant entities of a given pervasive computing area and serves as a parameter to a sensor-controller-actuator development paradigm. The orchestration of area-specific entities is supported by high-level constructs, customized with respect to taxonomical information. Pantagruel is also a language that describes and manages services. Further more, Pantagruel can be viewed as a high level service contract between the service designer and the program implementer. This paper presents a formalization of Pantagruel, both its syntax and semantics. Four kinds of static properties are stated based on the formalization. Predicate abstraction based algorithms are designed to verify the properties.

Lu Jinzhi,Ma Junda,Xiaochen Zheng,Guoxin Wang,Dimitris Kiritsis

DOI: https://doi.org/10.48550/arXiv.2010.07627

2020-10-15

Abstract:Model-based systems engineering (MBSE) provides an important capability for managing the complexities of system development. MBSE empowers the formalisms of system architectures for supporting model-based requirement elicitation, specification, design, development, testing, fielding, etc. However, the modeling languages and techniques are quite heterogeneous, even within the same enterprise system, which creates difficulties for data interoperability. The discrepancies among data structures and language syntaxes make information exchange among MBSE models even more difficult, resulting in considerable information deviations when connecting data flows across the enterprise. For this reason, this paper presents an ontology based upon graphs, objects, points, properties, roles, and relationships with entensions (GOPPRRE), providing meta models that support the various lifecycle stages of MBSE formalisms. In particular, knowledge-graph models are developed to support unified model representations to further implement ontological data integration based on GOPPRRE throughout the entire lifecycle. The applicability of the MBSE formalism is verified using quantitative and qualitative approaches. Moreover, the GOPPRRE ontologies are generated from the MBSE language formalisms in a domain-specific modeling tool, \textit{MetaGraph} in order to evaluate its availiablity. The results demonstrate that the proposed ontology supports both formal structures and the descriptive logic of the systems engineering lifecycle.

Software Engineering,Systems and Control

Mateus de Oliveira Oliveira

DOI: https://doi.org/10.48550/arXiv.1402.2698

2014-02-12

Abstract:In this work we provide algorithmic solutions to five fundamental problems concerning the verification, synthesis and correction of concurrent systems that can be modeled by bounded p/t-nets. We express concurrency via partial orders and assume that behavioral specifications are given via monadic second order logic. A c-partial-order is a partial order whose Hasse diagram can be covered by c paths. For a finite set T of transitions, we let P(c,T,\phi) denote the set of all T-labelled c-partial-orders satisfying \phi. If N=(P,T) is a p/t-net we let P(N,c) denote the set of all c-partially-ordered runs of N. A (b, r)-bounded p/t-net is a b-bounded p/t-net in which each place appears repeated at most r times. We solve the following problems: 1. Verification: given an MSO formula \phi and a bounded p/t-net N determine whether P(N,c)\subseteq P(c,T,\phi), whether P(c,T,\phi)\subseteq P(N,c), or whether P(N,c)\cap P(c,T,\phi)=\emptyset. 2. Synthesis from MSO Specifications: given an MSO formula \phi, synthesize a semantically minimal (b,r)-bounded p/t-net N satisfying P(c,T,\phi)\subseteq P(N, c). 3. Semantically Safest Subsystem: given an MSO formula \phi defining a set of safe partial orders, and a b-bounded p/t-net N, possibly containing unsafe behaviors, synthesize the safest (b,r)-bounded p/t-net N' whose behavior lies in between P(N,c)\cap P(c,T,\phi) and P(N,c). 4. Behavioral Repair: given two MSO formulas \phi and \psi, and a b-bounded p/t-net N, synthesize a semantically minimal (b,r)-bounded p/t net N' whose behavior lies in between P(N,c) \cap P(c,T,\phi) and P(c,T,\psi). 5. Synthesis from Contracts: given an MSO formula \phi^yes specifying a set of good behaviors and an MSO formula \phi^no specifying a set of bad behaviors, synthesize a semantically minimal (b,r)-bounded p/t-net N such that P(c,T,\phi^yes) \subseteq P(N,c) but P(c,T,\phi^no ) \cap P(N,c)=\emptyset.

Logic in Computer Science,Distributed, Parallel, and Cluster Computing,Data Structures and Algorithms

Stephane Grumbach,Zhilin Wu

DOI: https://doi.org/10.48550/arXiv.0904.1902

2009-04-13

Abstract:We consider distributed model-checking of Monadic Second-Order logic (MSO) on graphs which constitute the topology of communication networks. The graph is thus both the structure being checked and the system on which the distributed computation is performed. We prove that MSO can be distributively model-checked with only a constant number of messages sent over each link for planar networks with bounded diameter, as well as for networks with bounded degree and bounded tree-length. The distributed algorithms rely on nontrivial transformations of linear time sequential algorithms for tree decompositions of bounded tree-width graphs.

Logic in Computer Science,Distributed, Parallel, and Cluster Computing

Olga Shumsky Matlin,William McCune,Ewing Lusk

DOI: https://doi.org/10.48550/arXiv.cs/0312012

2003-12-06

Abstract:We report on an effort to develop methodologies for formal verification of parts of the Multi-Purpose Daemon (MPD) parallel process management system. MPD is a distributed collection of communicating processes. While the individual components of the collection execute simple algorithms, their interaction leads to unexpected errors that are difficult to uncover by conventional means. Two verification approaches are discussed here: the standard model checking approach using the software model checker SPIN and the nonstandard use of a general-purpose first-order resolution-style theorem prover OTTER to conduct the traditional state space exploration. We compare modeling methodology and analyze performance and scalability of the two methods with respect to verification of MPD.

Logic in Computer Science,Distributed, Parallel, and Cluster Computing

Sihem Mallek,Nicolas Daclin,Vincent Chapurlat,Bruno Vallespir

DOI: https://doi.org/10.1080/17517575.2013.879211

2014-01-20

Enterprise Information Systems

Abstract:Interoperability is a prerequisite for partners involved in performing collaboration. As a consequence, the lack of interoperability is now considered a major obstacle. The research work presented in this paper aims to develop an approach that allows specifying and verifying a set of interoperability requirements to be satisfied by each partner in the collaborative process prior to process implementation. To enable the verification of these interoperability requirements, it is necessary first and foremost to generate a model of the targeted collaborative process; for this research effort, the standardised language BPMN 2.0 is used. Afterwards, a verification technique must be introduced, and model checking is the preferred option herein. This paper focuses on application of the model checker UPPAAL in order to verify interoperability requirements for the given collaborative process model. At first, this step entails translating the collaborative process model from BPMN into a UPPAAL modelling language called ‘Network of Timed Automata’. Second, it becomes necessary to formalise interoperability requirements into properties with the dedicated UPPAAL language, i.e. the temporal logic TCTL.

computer science, information systems

Yinling Liu,Jean-Michel Bruel

DOI: https://doi.org/10.1145/3640822

2024-02-05

Formal Aspects of Computing

Abstract:The relationship between states (status of a system) and modes (capabilities of a system) used to describe system requirements is often poorly defined. The unclear relationship could make systems of interest out of control because of the out of boundaries of the systems caused by the newly added modes. Formally modeling and verifying requirements can clarify the relationship, making the system safer. To this end, an innovative approach to analyzing requirements is proposed. The MoSt language (a Domain Specific Language implemented on the Xtext framework) is firstly designed for requirements modeling and a model validator is realized to check requirements statically. A code generator is then provided to realize the automatic model transformation from the MoSt model to a NuSMV model, laying the foundation for the dynamic checks of requirements through symbolic model checking. Next, a NuSMV runner is designed to connect the NuSMV with the validator to automate the whole dynamic checks. The grammar, the model validator, the code generator, and the NuSMV runner are finally integrated into a publicly available Eclipse-based tool. Two case studies have been employed to illustrate the feasibility of our approach. For each case study, we injected 14 errors. The results show that the static and dynamic checks can successfully detect all the errors.

computer science, software engineering