Modal specification theories for component-based design

Component-based software engineering has emerged as an important software engineering discipline to cope with the growing complexity of today’s software systems. Components are encapsulated software units with well-defined interfaces. A key principle of component-based development is to build larger systems by composition of smaller, less complex components. An important application area concerns reactive systems in which the modelling and verification of component behaviours is essential. To support correct usage and implementation of reactive components, interfaces should be equipped with rigorous formal specifications of component behaviours. This thesis presents a comprehensive study and analysis of specifications of interfaces for reactive components on the basis of modal input/output automata (MIOs), with a focus on interface refinement, interface composition and interface compatibility. MIOs are based on modal transition systems that were introduced by Larsen and Thomsen and that generalize labelled transition systems by distinguishing between may and must modalities for transitions. MIOs explicitly support loose specifications and offer an elegant approach to stepwise refinement. However, they lack a compatibility notion that is preserved by weak modal refinement, and support neither the integration of data specifications nor the specification of quantitative properties. In this thesis we develop an upwards and downwards closed hierarchy of novel specification theories for MIOs that remedy these shortcomings. Specification theories within the hierarchy are related by theory embeddings. The top element of our hierarchy of specification theories is given by a weak modal specification theory for MIOs including data and quantitative specifications, the bottom element is given by a strong modal specification theory for deterministic MIOs. On the one hand, we define MIOs with data constraints that integrate control flow and data flow of an interface. This new model extends MIOs by variables which are controlled by the owning component and visible to the environment. Transitions are augmented with preand postconditions to describe the dependencies between communication and data states. On the other hand, K -weighted MIOs address quantitative properties by labelling transitions with weights from a partially ordered weight structure K . This generalized formalism is capable of expressing constraints on non-functional properties such as

[1]  Amir Pnueli,et al.  Impartiality, Justice and Fairness: The Ethics of Concurrent Termination , 1981, ICALP.

[2]  K. Mani Chandy,et al.  Proofs of Networks of Processes , 1981, IEEE Transactions on Software Engineering.

[3]  Kim G. Larsen,et al.  Quantitative analysis of weighted transition systems , 2010, J. Log. Algebraic Methods Program..

[4]  Roberto Passerone,et al.  Multiple Viewpoint Contract-Based Specification and Design , 2008, FMCO.

[5]  Azaria Paz,et al.  Probabilistic automata , 2003 .

[6]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[7]  Elie Najm,et al.  Assembling components with behavioural contracts , 2005, Ann. des Télécommunications.

[8]  Sebastián Uchitel,et al.  A foundation for behavioural conformance in software product line architectures , 2006, ROSATEA '06.

[9]  Jeff Magee,et al.  Concurrency - state models and Java programs , 2006 .

[10]  Michael Huth Refinement is complete for implementations , 2005, Formal Aspects of Computing.

[11]  Jean-Baptiste Raclet,et al.  Residual for Component Specifications , 2008, Electron. Notes Theor. Comput. Sci..

[12]  Roberto Passerone,et al.  Why Are Modalities Good for Interface Theories? , 2009, 2009 Ninth International Conference on Application of Concurrency to System Design.

[13]  Luca de Alfaro,et al.  Linear and Branching Metrics for Quantitative Transition Systems , 2004, ICALP.

[14]  C. A. R. Hoare,et al.  Stuck-Free Conformance , 2004, CAV.

[15]  Robert J. Hall,et al.  Feature Interactions in Electronic Mail , 2000, FIW.

[16]  Nancy A. Lynch,et al.  Hierarchical correctness proofs for distributed algorithms , 1987, PODC '87.

[17]  Jeff Magee,et al.  Concurrency - state models and Java programs (2. ed.) , 2006 .

[18]  K. Larsen Context-dependent bisimulation between processes , 1986 .

[19]  Maurice H. ter Beek,et al.  Formal Description of Variability in Product Families , 2011, 2011 15th International Software Product Line Conference.

[20]  Philip Mayer,et al.  MDD4SOA: model-driven development for service-oriented architectures , 2010 .

[21]  J. Michael Spivey,et al.  The Z notation - a reference manual , 1992, Prentice Hall International Series in Computer Science.

[22]  Claus Thrane Quantitative Models and Analysis for Reactive Systems , 2013 .

[23]  Kim G. Larsen,et al.  Metrics for weighted transition systems: Axiomatization and complexity , 2011, Theor. Comput. Sci..

[24]  David Garlan,et al.  A formal basis for architectural connection , 1997, TSEM.

[25]  Thomas A. Henzinger,et al.  The Embedded Systems Design Challenge , 2006, FM.

[26]  Rob J. van Glabbeek,et al.  Branching time and abstraction in bisimulation semantics , 1996, JACM.

[27]  Axel Legay,et al.  A Modal Interface Theory for Component-based Design , 2011, Fundam. Informaticae.

[28]  Jean-François Raskin,et al.  Almost ASAP semantics: from timed models to timed implementations , 2004, Formal Aspects of Computing.

[29]  Thomas A. Henzinger,et al.  Web service interfaces , 2005, WWW '05.

[30]  Nathalie Bertrand,et al.  Refinement and Consistency of Timed Modal Specifications , 2009, LATA.

[31]  Kim G. Larsen,et al.  Moving from Specifications to Contracts in Component-Based Design , 2012, FASE.

[32]  Samir Chouali,et al.  Refinement of Interface Automata Strengthened by Action Semantics , 2009, Electron. Notes Theor. Comput. Sci..

[33]  Kim G. Larsen,et al.  Abstract Probabilistic Automata , 2011, VMCAI.

[34]  Kim G. Larsen,et al.  20 Years of Modal and Mixed Specifications , 2008, Bull. EATCS.

[35]  Thomas A. Henzinger,et al.  Interface automata , 2001, ESEC/FSE-9.

[36]  Jean-Baptiste Raclet,et al.  Modal Contracts for Component-Based Design , 2009, 2009 Seventh IEEE International Conference on Software Engineering and Formal Methods.

[37]  Cliff B. Jones,et al.  Developing methods for computer programs including a notion of interference , 1981 .

[38]  Farhad Arbab,et al.  A Coinductive Calculus of Component Connectors , 2002, WADT.

[39]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[40]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[41]  Kim G. Larsen,et al.  Modal transition systems with weight intervals , 2012, J. Log. Algebraic Methods Program..

[42]  Frantisek Plasil,et al.  Behavior Protocols for Software Components , 2002, IEEE Trans. Software Eng..

[43]  Alexander Knapp,et al.  Semantics of OCL Operation Specifications , 2004, OCL 2.0 @ UML.

[44]  Rolf Hennicker,et al.  On Weak Modal Compatibility, Refinement, and the MIO Workbench , 2010, TACAS.

[45]  Paul Clements,et al.  Software product lines - practices and patterns , 2001, SEI series in software engineering.

[46]  Dz Du,et al.  The complexity of mean payoff games , 1995 .

[47]  Axel Legay,et al.  Ticc: A Tool for Interface Compatibility and Composition , 2006, CAV.

[48]  Nathalie Bertrand,et al.  A Compositional Approach on Modal Specifications for Timed Systems , 2009, ICFEM.

[49]  Orna Grumberg,et al.  Monotonic Abstraction-Refinement for CTL , 2004, TACAS.

[50]  R. V. Glabbeek The Linear Time - Branching Time Spectrum II: The Semantics of Sequential Systems with Silent Moves , 1993 .

[51]  Dimitra Giannakopoulou,et al.  Fluent model checking for event-based systems , 2003, ESEC/FSE-11.

[52]  Radha Jagadeesan,et al.  Abstraction-Based Model Checking Using Modal Transition Systems , 2001, CONCUR.

[53]  Kim G. Larsen,et al.  Constraint Markov Chains , 2011, Theor. Comput. Sci..

[54]  Pierre-Yves Schobbens,et al.  Model checking lots of systems: efficient verification of temporal properties in software product lines , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[55]  Thomas A. Henzinger,et al.  Interface theories with component reuse , 2008, EMSOFT '08.

[56]  Scott A. Smolka,et al.  CCS expressions, finite state processes, and three problems of equivalence , 1983, PODC '83.

[57]  Corina S. Pasareanu,et al.  Assume-Guarantee Verification for Interface Automata , 2008, FM.

[58]  Kim G. Larsen,et al.  On Modal Refinement and Consistency , 2007, CONCUR.

[59]  Kim G. Larsen,et al.  Equation solving using modal transition systems , 1990, [1990] Proceedings. Fifth Annual IEEE Symposium on Logic in Computer Science.

[60]  Robin Milner,et al.  Algebraic laws for nondeterminism and concurrency , 1985, JACM.

[61]  Nancy A. Lynch,et al.  Hybrid I/O automata , 1995, Inf. Comput..

[62]  M. Droste,et al.  Handbook of Weighted Automata , 2009 .

[63]  Farhad Arbab,et al.  Reo: A Channel-based Coordination Model for Component Composition , 2005 .

[64]  Ludovic Henrio,et al.  Behavioural models for distributed Fractal components , 2009, Ann. des Télécommunications.

[65]  Christel Baier,et al.  Probabilistic ω-automata , 2012, JACM.

[66]  Stefania Gnesi,et al.  A Model Checking Approach for Verifying COWS Specifications , 2008, FASE.

[67]  Dana N. Xu,et al.  Probabilistic Contracts for Component-Based Design , 2010, ATVA.

[68]  Edsger W. Dijkstra,et al.  Guarded commands, nondeterminacy and formal derivation of programs , 1975, Commun. ACM.

[69]  Kim G. Larsen,et al.  Timed I/O automata: a complete specification theory for real-time systems , 2010, HSCC '10.

[70]  Jan Kofron,et al.  Extending Behavior Protocols With Data and Multisynchronization ∗ Technical report , 2006 .

[71]  하수철,et al.  [서평]「Component Software」 - Beyond Object-Oriented Programming - , 2000 .

[72]  Kim G. Larsen,et al.  Extending modal transition systems with structured labels , 2012, Mathematical Structures in Computer Science.

[73]  Thomas A. Henzinger,et al.  Timed Interfaces , 2002, EMSOFT.

[74]  Kim G. Larsen,et al.  Interface Input/Output Automata , 2006, FM.

[75]  Axel Legay,et al.  Probabilistic contracts: a compositional reasoning methodology for the design of systems with stochastic and/or non-deterministic aspects , 2011, Formal Methods Syst. Des..

[76]  Sophie Quinton,et al.  Contract-Based Verification of Hierarchical Systems of Components , 2008, 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods.

[77]  Rupak Majumdar,et al.  Quantitative solution of omega-regular games , 2004, J. Comput. Syst. Sci..

[78]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[79]  Rolf Hennicker,et al.  Interface Theories for (A)synchronously Communicating Modal I/O-Transition Systems , 2010, FIT.

[80]  Ivana Cerná,et al.  Modal Transition Systems: Composition and LTL Model Checking , 2011, ATVA.

[81]  Jifeng He,et al.  rCOS: Refinement of Component and Object Systems , 2004, FMCO.

[82]  Jeannette M. Wing,et al.  A behavioral notion of subtyping , 1994, TOPL.

[83]  Pavlína Vareková,et al.  Component Substitutability via Equivalencies of Component-Interaction Automata , 2007, FACS.

[84]  Amir Pnueli,et al.  On the Development of Reactive Systems , 1989, Logics and Models of Concurrent Systems.

[85]  Axel Legay,et al.  General Quantitative Specification Theories with Modalities , 2012, CSR.

[86]  Sebastián Uchitel,et al.  MTSA: The Modal Transition System Analyser , 2008, 2008 23rd IEEE/ACM International Conference on Automated Software Engineering.

[87]  Edward A. Lee,et al.  Comparing models of computation , 1996, ICCAD 1996.

[88]  Colin Stirling,et al.  Local model checking games (extended abstract) , 1995 .

[89]  Michel Bidoit,et al.  A Modal Interface Theory with Data Constraints , 2010, SBMF.

[90]  Axel Legay,et al.  Modal interfaces: unifying interface automata and modal specifications , 2009, EMSOFT '09.

[91]  Joseph Sifakis Embedded systems design — Scientific challenges and work directions , 2010, Formal Methods in Computer Aided Design.

[92]  Kim G. Larsen,et al.  Modal Specifications , 1989, Automatic Verification Methods for Finite State Systems.

[93]  J. Woodcock,et al.  Refinement in Circus , 2002, FME.

[94]  Ingo Claßen,et al.  Revised ACT ONE: Categorical Constructions for an Algebraic Specification Language , 1988, Categorial Methods in Computer Science.

[95]  Nancy A. Lynch,et al.  Timed I/O automata: a mathematical framework for modeling and analyzing real-time systems , 2003, RTSS 2003. 24th IEEE Real-Time Systems Symposium, 2003.

[96]  Michael Huth,et al.  Assume-Guarantee Model Checking of Software: A Comparative Case Study , 1999, SPIN.

[97]  Antonín Kucera,et al.  Equivalence-checking on infinite-state systems: Techniques and results , 2002, Theory and Practice of Logic Programming.

[98]  Orna Grumberg,et al.  Don't Know in the µ-Calculus , 2005, VMCAI.

[99]  Thomas A. Henzinger,et al.  Quantifying Similarities Between Timed Systems , 2005, FORMATS.

[100]  Jan A. Bergstra,et al.  Process Algebra for Synchronous Communication , 1984, Inf. Control..

[101]  Edward A. Lee,et al.  Component-based design for the future , 2011, 2011 Design, Automation & Test in Europe.

[102]  John Derrick,et al.  Specification, Refinement and Verification of Concurrent Systems—An Integration of Object-Z and CSP , 2001, Formal Methods Syst. Des..

[103]  Adam Antonik,et al.  Efficient Patterns for Model Checking Partial State Spaces in CTL intersection LTL , 2006, MFPS.

[104]  Joseph A. Goguen,et al.  Institutions: abstract model theory for specification and programming , 1992, JACM.

[105]  C. A. R. Hoare,et al.  Communicating Sequential Processes (Reprint) , 1983, Commun. ACM.

[106]  Rolf Hennicker,et al.  Behaviour Protocols for Interacting Stateful Components , 2010, Electron. Notes Theor. Comput. Sci..

[107]  Elie Najm,et al.  Behavioural Contracts for a Sound Assembly of Components , 2003, FORTE.

[108]  Joseph Sifakis,et al.  Automatic Verification Methods for Finite State Systems , 1989, Lecture Notes in Computer Science.

[109]  Axel Legay,et al.  MIO Workbench: A Tool for Compositional Design with Modal Input/Output Interfaces , 2011, ATVA.

[110]  Joseph Sifakis,et al.  A vision for computer science — the system perspective , 2011, Central European Journal of Computer Science.

[111]  J. Michael Spivey,et al.  Z Notation - a reference manual (2. ed.) , 1992, Prentice Hall International Series in Computer Science.

[112]  Frantisek Plasil,et al.  Behavior Protocols Capturing Errors and Updates , 2004 .

[113]  Kim G. Larsen,et al.  A Logic for Accumulated-Weight Reasoning on Multiweighted Modal Automata , 2012, 2012 Sixth International Symposium on Theoretical Aspects of Software Engineering.

[114]  Luca de Alfaro,et al.  Linear and Branching System Metrics , 2009, IEEE Transactions on Software Engineering.

[115]  Jan Kretínský,et al.  Process Algebra for Modal Transition Systemses , 2010, MEMICS.

[116]  Kim G. Larsen,et al.  A modal process logic , 1988, [1988] Proceedings. Third Annual Information Symposium on Logic in Computer Science.

[117]  Thomas A. Henzinger,et al.  Interface Theories for Component-Based Design , 2001, EMSOFT.

[118]  Joseph Sifakis,et al.  The Algebra of Connectors—Structuring Interaction in BIP , 2007, IEEE Transactions on Computers.

[119]  Kim G. Larsen,et al.  ECDAR: An Environment for Compositional Design and Analysis of Real Time Systems , 2010, ATVA.

[120]  Rajeev Alur,et al.  The Theory of Timed Automata , 1991, REX Workshop.

[121]  Thomas A. Henzinger,et al.  INTERFACE-BASED DESIGN , 2005 .

[122]  Marvin Minsky,et al.  Computation : finite and infinite machines , 2016 .

[123]  Kim G. Larsen,et al.  Modal I/O Automata for Interface and Product Line Theories , 2007, ESOP.

[124]  Jan Friso Groote,et al.  Proof Theory for µCRL: A Language for Processes with Data , 1993, Semantics of Specification Languages.

[125]  Naranker Dulay,et al.  Specifying Distributed Software Architectures , 1995, ESEC.

[126]  Christel Baier,et al.  Modeling component connectors in Reo by constraint automata , 2004, Sci. Comput. Program..

[127]  Kim Guldstrand Larsen,et al.  Timed Modal Specification —Theory and Tools , 1997 .

[128]  Kim G. Larsen,et al.  The Use of Static Constructs in A Modal Process Logic , 1989, Logic at Botik.

[129]  Kim G. Larsen,et al.  Quantitative Refinement for Weighted Modal Transition Systems , 2011, MFCS.

[130]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[131]  Jean-Claude Royer,et al.  The STSLib Project: Towards a Formal Component Model Based on STS , 2008, FACS.

[132]  Philip Mayer,et al.  A Strict-Observational Interface Theory for Analysing Service Orchestrations , 2010, Electron. Notes Theor. Comput. Sci..

[133]  Patrice Godefroid,et al.  Generalized Model Checking: Reasoning about Partial State Spaces , 2000, CONCUR.

[134]  Joseph A. Goguen,et al.  Introducing Institutions , 1983, Logic of Programs.

[135]  A. Tarski A LATTICE-THEORETICAL FIXPOINT THEOREM AND ITS APPLICATIONS , 1955 .

[136]  José Luiz Fiadeiro,et al.  Categorical Semantics of Parallel Program Design , 1997, Sci. Comput. Program..

[137]  Nancy A. Lynch,et al.  An introduction to input/output automata , 1989 .

[138]  Rocco De Nicola,et al.  TAPAs: A Tool for the Analysis of Process Algebras , 2008, Trans. Petri Nets Other Model. Concurr..

[139]  Alexander Knapp,et al.  Glass-box and black-box views on object-oriented specifications , 2004, Proceedings of the Second International Conference on Software Engineering and Formal Methods, 2004. SEFM 2004..

[140]  Faron Moller,et al.  Techniques for Decidability and Undecidability of Bisimilarity , 1999, CONCUR.

[141]  Thierry Coupaye,et al.  An Open Component Model and Its Support in Java , 2004, CBSE.

[142]  Clemens Fischer CSP-OZ: a combination of object-Z and CSP , 1997 .

[143]  Kim G. Larsen,et al.  A modal specification theory for components with data , 2011, Sci. Comput. Program..

[144]  Robin Milner,et al.  A Calculus of Communicating Systems , 1980, Lecture Notes in Computer Science.

[145]  Alexander Knapp,et al.  On the Observable Behaviour of Composite Components , 2010, Electron. Notes Theor. Comput. Sci..

[146]  Kim G. Larsen,et al.  Parametric Modal Transition Systems , 2011, ATVA.

[147]  Thomas A. Henzinger,et al.  Discounting the Future in Systems Theory , 2003, ICALP.

[148]  Sebastián Uchitel,et al.  MTSA: Eclipse support for modal transition systems construction, analysis and elaboration , 2007, eclipse '07.

[149]  Martin Wirsing,et al.  Interface theories for concurrency and data , 2011, Theor. Comput. Sci..

[150]  Axel Legay,et al.  Component Interfaces with Contracts on Ports , 2012, FACS.

[151]  Rolf Hennicker,et al.  Views on Behaviour Protocols and Their Semantic Foundation , 2009, CALCO.

[152]  Jim Woodcock,et al.  The Semantics of Circus , 2002, ZB.

[153]  Harald Fecher,et al.  Comparing disjunctive modal transition systems with an one-selecting variant , 2008, J. Log. Algebraic Methods Program..

[154]  Kim G. Larsen,et al.  On Greatest Lower Bound of Modal Transition Systems , 2010 .

[155]  Stephan Janisch,et al.  Behaviour and refinement of port-based components with synchronous and asynchronous communication , 2010 .

[156]  José Luiz Fiadeiro,et al.  Interconnecting formalisms: supporting modularity, reuse and incrementality , 1995, SIGSOFT FSE.

[157]  Anuj Puri Dynamical Properties of Timed Automata , 2000, Discret. Event Dyn. Syst..

[158]  Uri Zwick,et al.  The Complexity of Mean Payoff Games , 1995, COCOON.

[159]  Markus Roggenbach,et al.  CSP-CASL - A new integration of process algebra and algebraic specification , 2006, Theor. Comput. Sci..

[160]  D. Kozen Results on the Propositional µ-Calculus , 1982 .

[161]  Sebastián Uchitel,et al.  A Sound Observational Semantics for Modal Transition Systems , 2009, ICTAC.

[162]  Martin Wirsing,et al.  Algebraic Specification , 1991, Handbook of Theoretical Computer Science, Volume B: Formal Models and Sematics.

[163]  Kim G. Larsen,et al.  Checking Thorough Refinement on Modal Transition Systems Is EXPTIME-Complete , 2009, ICTAC.

[164]  Kim G. Larsen,et al.  On determinism in modal transition systems , 2009, Theor. Comput. Sci..

[165]  Stefania Gnesi,et al.  A behavioural model for product families , 2007, ESEC-FSE '07.