Abstraction and abstraction refinement in the verification of graph transformation systems

Graph transformation systems (GTSs) form a natural and convenient specification language which is used for modelling concurrent and distributed systems with dynamic topologies. These can be, for example, network and Internet protocols, mobile processes with dynamic behavior and dynamic pointer structures in programming languages. All this, together with the possibility to visualize and explain system behavior using graphical methods, makes GTSs a well-suited formalism for the specification of complex dynamic distributed systems. Under these circumstances the problem of checking whether a certain property of GTSs holds – the verification problem – is considered to be a very important question. Unfortunately the verification of GTSs is in general undecidable because of the Turing-completeness of GTSs. In the last few years a technique for analysing GTSs based on approximation by Petri graphs has been developed. Petri graphs are Petri nets having additional graph structure. In this work we focus on the verification techniques based on counterexample-guided abstraction refinement (CEGAR approach). It starts with a coarse initial over-approximation of a system and an obtained counterexample. If the counterexample is spurious then one starts a refinement procedure of the approximation, based on the structure of the counterexample. The CEGAR approach has proved to be very successful for the verification of systems based on their over-approximations. This thesis investigates a counterexample-guided abstraction refinement approach for systems modelled with GTSs. Starting with a given spurious counterexample, we describe here how to construct a more exact approximation (by separating merged nodes) for which this counterexamples disappears. This procedure can be performed repeatedly for any number of spurious counterexamples. Furthermore, an incremental coverability approach for Petri nets is developed, which allows one to speed-up the construction of over-approximations of GTSs. A well-known approach is to extend a modelling language with the possibility of describing attributes as values of some data types. The approximation-based verification technique, including a counterexample-guided abstraction refinement, is hence also generalized in this work to attributed GTSs (AGTSs), where the attributes are abstracted in the framework of abstract interpretation. In the practical part, a verification tool Augur 2 is developed, which supports the whole verification process for GTSs and AGTSs. A number of case studies (both attributed and non-attributed GTSs) were successfully solved with Augur 2.

[1]  Jörg Hoffmann,et al.  The Metric-FF Planning System: Translating ''Ignoring Delete Lists'' to Numeric State Variables , 2003, J. Artif. Intell. Res..

[2]  Horst Herrlich,et al.  Abstract and concrete categories , 1990 .

[3]  Albert Zündorf,et al.  Graph Pattern Matching in PROGRES , 1994, TAGT.

[4]  Gabriele Taentzer AGG: A Tool Environment for Algebraic Graph Transformation , 1999, AGTIVE.

[5]  Arend Rensink,et al.  A Modal-Logic Based Graph Abstraction , 2008, ICGT.

[6]  Hartmut Ehrig,et al.  Fundamental Theory for Typed Attributed Graph Transformation , 2004, ICGT.

[7]  Roswitha Bardohl GENGED: a generic graphical editor for visual languages based on algebraic graph grammars , 1998, Proceedings. 1998 IEEE Symposium on Visual Languages (Cat. No.98TB100254).

[8]  Glynn Winskel,et al.  A New Definition of Morphism on Petri Nets , 1984, STACS.

[9]  Leila Ribeiro,et al.  Parallel composition and unfolding semantics of graph grammars , 1996 .

[10]  Samson Abramsky,et al.  Handbook of logic in computer science. , 1992 .

[11]  Ernst W. Mayr An Algorithm for the General Petri Net Reachability Problem , 1984, SIAM J. Comput..

[12]  Barbara König,et al.  Graph transformation systems, Petri nets and Semilinear Sets: Checking for the Absence of Forbidden Paths in Graphs , 2007, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..

[13]  Alain Finkel,et al.  The Minimal Coverability Graph for Petri Nets , 1991, Applications and Theory of Petri Nets.

[14]  Andrea Corradini,et al.  A Temporal Graph Logic for Verification of Graph Transformation Systems , 2006, WADT.

[15]  Dániel Varró,et al.  Graph Transformation with Incremental Updates , 2004, GT-VMT@ETAPS.

[16]  Wolfgang Reisig Petri Nets: An Introduction , 1985, EATCS Monographs on Theoretical Computer Science.

[17]  Joseph Sifakis,et al.  Property Preserving Homomorphisms of Transition Systems , 1983, Logic of Programs.

[18]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[19]  Barbara König,et al.  Augur 2 - A New Version of a Tool for the Analysis of Graph Transformation Systems , 2008, GT-VMT@ETAPS.

[20]  Karsten Wolf,et al.  LoLA: A Low Level Analyser , 2000, ICATPN.

[21]  Seif Haridi,et al.  Distributed Algorithms , 1992, Lecture Notes in Computer Science.

[22]  Stefan Edelkamp,et al.  Action Planning for Directed Model Checking of Petri Nets , 2006, MoChArt@CONCUR/SPIN.

[23]  Dániel Varró,et al.  Model Checking Graph Transformations: A Comparison of Two Approaches , 2004, ICGT.

[24]  Dániel Varró,et al.  Adaptive Graph Pattern Matching for Model Transformations using Model-sensitive Search Plans , 2006, GRaMoT@GPCE.

[25]  Barbara König,et al.  Augur - A Tool for the Analysis of Graph Transformation Systems , 2005, Bull. EATCS.

[26]  Fernando Luís Dotti,et al.  A Case Study: Verifying a Mutual Exclusion Protocol with Process Creation using Graph Transformation Systems , 2004 .

[27]  Kurt Mehlhorn,et al.  Data Structures and Algorithms 1: Sorting and Searching , 2011, EATCS Monographs on Theoretical Computer Science.

[28]  Manuel Koch,et al.  Integration of graph transformation and temporal logic for the specification of distributed systems , 2000 .

[29]  Gavin Lowe,et al.  An Attack on the Needham-Schroeder Public-Key Authentication Protocol , 1995, Inf. Process. Lett..

[30]  Jörg Kreiker Analysis of communication topologies by partner abstraction , 2006 .

[31]  Hartmut Ehrig,et al.  Algebraic High-Level Nets: Petri Nets Revisited , 1992, COMPASS/ADT.

[32]  Leen Lambers A New Version of GTXL : An Exchange Format for Graph Transformation Systems , 2005, Electron. Notes Theor. Comput. Sci..

[33]  Edmund M. Clarke,et al.  Model checking and abstraction , 1994, TOPL.

[34]  Gernot Veit Batz An Optimization Technique for Subgraph Matching Strategies , 2006 .

[35]  Francis Borceux,et al.  A Handbook of Categorical Algebra 3: Categories of sheaves , 1994 .

[36]  Fernando Luís Dotti,et al.  Verification of Distributed Object-Based Systems , 2003, FMOODS.

[37]  Karsten Wolf Model-Checking with Coverability Graphs , 1999, Formal Methods Syst. Des..

[38]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[39]  Arend Rensink,et al.  Isomorphism Checking in GROOVE , 2007, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..

[40]  Reiko Heckel,et al.  A Fully Abstract Model for Graph-Interpreted Temporal Logic , 1998, TAGT.

[41]  Javier Larrosa,et al.  Constraint satisfaction algorithms for graph pattern matching , 2002, Mathematical Structures in Computer Science.

[42]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[43]  Sriram K. Rajamani,et al.  Automatically validating temporal safety properties of interfaces , 2001, SPIN '01.

[44]  William Crawford,et al.  J2EE Design Patterns , 2003 .

[45]  Barbara König,et al.  Towards the Verification of Attributed Graph Transformation Systems , 2008, ICGT.

[46]  Philippe Schnoebelen,et al.  Well-structured transition systems everywhere! , 2001, Theor. Comput. Sci..

[47]  César Muñoz,et al.  An Overview of SAL , 2000 .

[48]  Barbara König,et al.  Counterexample-Guided Abstraction Refinement for the Analysis of Graph Transformation Systems , 2006, TACAS.

[49]  Ugo Montanari,et al.  Unfolding and Event Structure Semantics for Graph Grammars , 1999, FoSSaCS.

[50]  Patrick Cousot,et al.  Abstract Interpretation Based Formal Methods and Future Challenges , 2001, Informatics.

[51]  Andreas Winter,et al.  An Overview of the GXL Graph Exchange Language , 2001, Software Visualization.

[52]  Richard M. Karp,et al.  Parallel Program Schemata , 1969, J. Comput. Syst. Sci..

[53]  Andrea Corradini,et al.  Verifying Red-Black Trees , 2005 .

[54]  Walter Vogler,et al.  An Improvement of McMillan's Unfolding Algorithm , 1996, Formal Methods Syst. Des..

[55]  Barbara König,et al.  A general framework for types in graph rewriting , 2000, Acta Informatica.

[56]  Arend Rensink,et al.  Canonical Graph Shapes , 2004, ESOP.

[57]  Christophe Reutenauer,et al.  Aspects mathématiques des réseaux de pétri , 1988 .

[58]  Reinhard Wilhelm,et al.  Parametric shape analysis via 3-valued logic , 1999, POPL '99.

[59]  Thomas A. Henzinger,et al.  Abstractions from proofs , 2004, POPL.

[60]  B. König,et al.  Verifying Finite-State Graph Grammars: An Unfolding-Based Approach , 2004, CONCUR.

[61]  Vitaly Kozyura,et al.  Verification of Random Graph Transformation Systems , 2006, GT-VC@CONCUR.

[62]  Arend Rensink,et al.  Towards model checking graph grammars , 2003 .

[63]  Michael Löwe,et al.  An algebraic framework for the transformation of attributed graphs , 1993 .

[64]  Ranjit Jhala,et al.  A Practical and Complete Approach to Predicate Refinement , 2006, TACAS.

[65]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[66]  Grzegorz Rozenberg,et al.  Handbook of Graph Grammars and Computing by Graph Transformations, Volume 1: Foundations , 1997 .

[67]  Arend Rensink State Space Abstraction using Shape Graphs , 2004 .

[68]  Kurt Jensen,et al.  Coloured Petri Nets: Modelling and Validation of Concurrent Systems , 2009 .

[69]  Parosh Aziz Abdulla,et al.  A General Approach to Partial Order Reductions in Symbolic Verification (Extended Abstract) , 1998, CAV.

[70]  David L. Dill,et al.  Experience with Predicate Abstraction , 1999, CAV.

[71]  Dániel Varró Towards Symbolic Analysis of Visual Modeling Languages , 2003, Electron. Notes Theor. Comput. Sci..

[72]  Andy Schürr,et al.  GXL: A graph-based standard exchange format for reengineering , 2006, Sci. Comput. Program..

[73]  Reiko Heckel,et al.  Compositional Verification of Reactive Systems Specified by Graph Transformation , 1998, FASE.

[74]  Jean-François Raskin,et al.  A counter-example to the minimal coverability tree algorithm , 2005 .

[75]  Barbara König,et al.  Incremental construction of coverability graphs , 2007, Inf. Process. Lett..

[76]  Patrick Cousot,et al.  Abstract interpretation , 1996, CSUR.

[77]  Marek A. Bednarczyk,et al.  General Morphisms of Petri Nets (Extended Abstract) , 1999, ICALP.

[78]  Michael Rudolf Utilizing Constraint Satisfaction Techniques for Efficient Graph Pattern Matching , 1998, TAGT.

[79]  Stephan Merz,et al.  Model Checking , 2000 .

[80]  Hartmut Ehrig Behaviour and Instantiation of High-Level Petri Net Processes , 2005, Fundam. Informaticae.

[81]  Paolo Baldan,et al.  Static Analysis of Distributed Systems with Mobility Specified by Graph Grammars - A Case Study , 2002 .

[82]  Kenneth L. McMillan,et al.  The SMV System , 1993 .

[83]  Paolo Baldan,et al.  A Logic for Analyzing Abstractions of Graph Transformation Systems , 2003, SAS.

[84]  Hartmut Ehrig,et al.  Algebraic Approach to Graph Transformation Based on Single Pushout Derivations , 1991, WG.

[85]  Hartmut Ehrig,et al.  Fundamental Theory for Typed Attributed Graphs and Graph Transformation based on Adhesive HLR Categories , 2006, Fundam. Informaticae.

[86]  Kurt Jensen Coloured Petri Nets: Status and Outlook , 2003, ICATPN.

[87]  Barbara König,et al.  Regular Languages, Sizes of Syntactic Monoids, Graph Colouring, State Complexity Results, and How These Topics are Related to Each Other (Column: Formal Language Theory) , 2004, Bull. EATCS.

[88]  Mark Minas Specifying Diagram Languages by Means of Hypergraph Grammars , 2002, Diagrammatic Representation and Reasoning.

[89]  Andy Schürr PROGRESS: A VHL-Language Based on Graph Grammars , 1990, Graph-Grammars and Their Application to Computer Science.

[90]  Paolo Baldan,et al.  Approximating the Behaviour of Graph Transformation Systems , 2002, ICGT.

[91]  Rüdiger Valk,et al.  Petri Nets and Regular Languages , 1981, J. Comput. Syst. Sci..

[92]  Hartmut Ehrig,et al.  High-Level Nets with Nets and Rules as Tokens , 2005, ICATPN.

[93]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[94]  Thomas Reps,et al.  Abstraction Refinement for 3-Valued-Logic Analysis , 2004 .

[95]  Javier Esparza,et al.  Abstraction Refinement with Craig Interpolation and Symbolic Pushdown Systems , 2006, J. Satisf. Boolean Model. Comput..

[96]  Andrea Corradini,et al.  A Static Analysis Technique for Graph Transformation Systems , 2001, CONCUR.

[97]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[98]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[99]  Arend Rensink,et al.  Abstract Graph Transformation , 2006, SVV@ICFEM.