SMT-based generation of symbolic automata

Open pNets are formal models that can express the behaviour of open systems, either synchronous, asynchronous, or heterogeneous. They are endowed with a symbolic operational semantics in terms of open automata, which allows us to check properties of such systems in a compositional manner. We present an algorithm computing these semantics, building predicates expressing the synchronisation conditions between the events of pNet sub-systems. Checking such predicates requires symbolic reasoning about first order logics and application-specific data. We use the Z3 SMT engine to check satisfiability of the predicates. We also propose and implement an optimised algorithm that performs part of the pruning on the fly, and show its correctness with respect to the original one. We illustrate the approach using two use-cases: the first one is a classical process-algebra operator for which we provide several encodings, and prove some basic properties. The second one is industry-oriented and based on the so-called “BIP architectures”, which have been used to specify the control software of a nanosatellite at the EPFL Space Engineering Center. We use pNets to encode a BIP architecture extended with explicit data, compute its semantics and discuss its properties, and then show how our algorithms scale up, using a composition of two such architectures.

[1]  Xinxin Liu,et al.  Compositionality through an Operational Semantics of Contexts , 1990, J. Log. Comput..

[2]  Min Zhang,et al.  Using SMT engine to generate Symbolic Automata -Extended version , 2018 .

[3]  Huimin Lin,et al.  Symbolic Transition Graph with Assignment , 1996, CONCUR.

[4]  Arend Rensink,et al.  Bisimilarity of open terms , 1999, EXPRESS.

[5]  Kim G. Larsen A Context Dependent Equivalence Between Processes , 1987, Theor. Comput. Sci..

[6]  Robert de Simone,et al.  Higher-Level Synchronising Devices in Meije-SCCS , 1985, Theor. Comput. Sci..

[7]  Huimin Lin,et al.  Model checking value-passing processes , 2001, Proceedings Eighth Asia-Pacific Software Engineering Conference.

[8]  Ludovic Henrio,et al.  pNets: An Expressive Model for Parameterised Networks of Processes , 2014, 2015 23rd Euromicro International Conference on Parallel, Distributed, and Network-Based Processing.

[9]  Roberto Bruni,et al.  Bisimulation by Unification , 2002, AMAST.

[10]  Simon Bliudze,et al.  Offer semantics: Achieving compositionality, flattening and full expressiveness for the glue operators in BIP , 2015, Sci. Comput. Program..

[11]  Silvio Ghilardi,et al.  Towards SMT Model Checking of Array-Based Systems , 2008, IJCAR.

[12]  Ludovic Henrio,et al.  Verification of Concurrent Design Patterns with Data , 2019, COORDINATION.

[13]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[14]  Cesare Tinelli,et al.  The Kind 2 Model Checker , 2016, CAV.

[15]  Philippe Schnoebelen,et al.  Well-structured transition systems everywhere! , 2001, Theor. Comput. Sci..

[16]  Alberto Griggio,et al.  IC3 Modulo Theories via Implicit Predicate Abstraction , 2013, TACAS.

[17]  Robin Milner,et al.  Communicating and mobile systems - the Pi-calculus , 1999 .

[18]  Joseph Sifakis,et al.  A general framework for architecture composability , 2014, Formal Aspects of Computing.

[19]  Matthew Hennessy,et al.  Symbolic Bisimulations , 1995, Theor. Comput. Sci..

[20]  David Déharbe Integration of SMT-solvers in B and Event-B development environments , 2013, Sci. Comput. Program..

[21]  Elena Pagani,et al.  Universal Guards, Relativization of Quantifiers, and Failure Models in Model Checking Modulo Theories , 2012, J. Satisf. Boolean Model. Comput..

[22]  Min Zhang,et al.  A Theory for the Composition of Concurrent Processes , 2016, FORTE.

[23]  Iso. Lotos,et al.  A Formal Description Technique Based on the Temporal Ordering of Observational Behaviour , 1985 .

[24]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[25]  Benjamin Grégoire,et al.  A Modular Integration of SAT/SMT Solvers to Coq through Proof Witnesses , 2011, CPP.

[26]  Matthew S. Bauer A PSPACE-complete first-order fragment of computability logic , 2012, ACM Trans. Comput. Log..

[27]  Joseph Sifakis,et al.  Rigorous Component-Based System Design Using the BIP Framework , 2011, IEEE Software.

[28]  Joseph Sifakis,et al.  The Algebra of Connectors—Structuring Interaction in BIP , 2007, IEEE Transactions on Computers.

[29]  Qiang Wang,et al.  Parameterized Systems in BIP: Design and Model Checking , 2016, CONCUR.

[30]  Clark W. Barrett,et al.  The SMT-LIB Standard Version 2.0 , 2010 .

[31]  Simon Bliudze,et al.  Using SMT Engine to Generate Symbolic Automata , 2018, AVOCS 2018.

[32]  Joseph Sifakis,et al.  Causal semantics for the algebra of connectors , 2008, Formal Methods Syst. Des..

[33]  Joseph Sifakis,et al.  Architecture-Based Design: A Satellite On-Board Software Case Study , 2016, FACS.

[34]  Julian Rathke,et al.  Bisimulations for a Calculus of Broadcasting Systems , 1995, Theor. Comput. Sci..

[35]  Robin Milner,et al.  Calculi for Synchrony and Asynchrony , 1983, Theor. Comput. Sci..

[36]  Joseph Sifakis,et al.  Architecture Diagrams: A Graphical Language for Architecture Style Specification , 2016, ICE.

[37]  Simon Bliudze,et al.  Using SMT Engine to Generate Symbolic Automata , 2018, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..

[38]  Ludovic Henrio,et al.  Verifying the correct composition of distributed components: Formalisation and Tool , 2014, FOCLASA.

[39]  Yuan Feng,et al.  Symbolic Bisimulation for Quantum Processes , 2012, TOCL.

[40]  Diego Calvanese,et al.  Verification of Data-Aware Processes via Array-Based Systems (Extended Version) , 2018, ArXiv.

[41]  Marco Roveri,et al.  The nuXmv Symbolic Model Checker , 2014, CAV.

[42]  Roberto Bruni,et al.  Bisimilarity Congruences for Open Terms and Term Graphs via Tile Logic , 2000, CONCUR.

[43]  Deng,et al.  ALGORITHM FOR VERIFYING STRONG OPEN BISIMULATION IN FULL , 2001 .

[44]  Pascal Fontaine,et al.  Integrating SMT solvers in Rodin , 2014, Sci. Comput. Program..

[45]  Robin Milner,et al.  Deriving Bisimulation Congruences for Reactive Systems , 2000, CONCUR.