Inferring Finite-State Models with Temporal Constraints

Finite state machine-based abstractions of software behaviour are popular because they can be used as the basis for a wide range of (semi-) automated verification and validation techniques. These can however rarely be applied in practice, because the specifications are rarely kept up- to-date or even generated in the first place. Several techniques to reverse-engineer these specifications have been proposed, but they are rarely used in practice because their input requirements (i.e. the number of execution traces) are often very high if they are to produce an accurate result. An insufficient set of traces usually results in a state machine that is either too general, or incomplete. Temporal logic formulae can often be used to concisely express constraints on system behaviour that might otherwise require thousands of execution traces to identify. This paper describes an extension of an existing state machine inference technique that accounts for temporal logic formulae, and encourages the addition of new formulae as the inference process converges on a solution. The implementation of this process is openly available, and some preliminary results are provided.

[1]  A. Nerode,et al.  Linear automaton transformations , 1958 .

[2]  Siau-Cheng Khoo,et al.  QUARK: Empirical Assessment of Automaton-based Specification Miners , 2006, 2006 13th Working Conference on Reverse Engineering.

[3]  Alexander L. Wolf,et al.  Discovering models of software processes from event-based data , 1998, TSEM.

[4]  Sophia Drossopoulou,et al.  Java Type Soundness Revisited , 2000 .

[5]  Neil Walkinshaw,et al.  Evaluation and Comparison of Inferred Regular Grammars , 2008, ICGI.

[6]  Pierre Dupont,et al.  Generating annotated behavior models from end-user scenarios , 2005, IEEE Transactions on Software Engineering.

[7]  Barak A. Pearlmutter,et al.  Results of the Abbadingo One DFA Learning Competition and a New Evidence-Driven State Merging Algorithm , 1998, ICGI.

[8]  Pierre Dupont,et al.  THE QSM ALGORITHM AND ITS APPLICATION TO SOFTWARE BEHAVIOR MODEL INDUCTION , 2008, Appl. Artif. Intell..

[9]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[10]  Kenneth L. McMillan,et al.  Symbolic model checking: an approach to the state explosion problem , 1992 .

[11]  Dana Angluin,et al.  Learning Regular Sets from Queries and Counterexamples , 1987, Inf. Comput..

[12]  Corina S. Pasareanu,et al.  Learning Assumptions for Compositional Verification , 2003, TACAS.

[13]  Shin Nakajima,et al.  The SPIN Model Checker : Primer and Reference Manual , 2004 .

[14]  A. Prasad Sistla,et al.  Safety, liveness and fairness in temporal logic , 1994, Formal Aspects of Computing.

[15]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[16]  Jerome A. Feldman,et al.  On the Synthesis of Finite-State Machines from Samples of Their Behavior , 1972, IEEE Transactions on Computers.

[17]  Helena Sofia Pinto,et al.  Using a More Powerful Teacher to Reduce the Number of Queries of the L* Algorithm in Practical Applications , 2005, EPIA.

[18]  Neil Walkinshaw,et al.  Improving dynamic software analysis by applying grammar inference principles , 2008 .

[19]  Marsha Chechik,et al.  Behaviour Model Synthesis from Properties and Scenarios , 2007, 29th International Conference on Software Engineering (ICSE'07).

[20]  Siau-Cheng Khoo,et al.  SMArTIC: towards building an accurate, robust and scalable specification miner , 2006, SIGSOFT '06/FSE-14.

[21]  James R. Larus,et al.  Mining specifications , 2002, POPL '02.

[22]  Neil Walkinshaw,et al.  Reverse Engineering State Machines by Interactive Grammar Inference , 2007, 14th Working Conference on Reverse Engineering (WCRE 2007).

[23]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).