State-based model checking of event-driven system requirements

In this paper, we demonstrate how model checking can be used to verify safety properties for event-driven systems. SCR tabular requirements describe required system behavior in a format that is intuitive, easy to read, and scalable to large systems (e.g., the software requirements for the A7 aircraft). Model checking of temporal logics has been established as a sound technique for verifying properties of hardware systems. We have developed an automated technique for formalizing the semiformal SCR requirements and for transforming the resultant formal specification onto a finite structure that a model checker can analyze. This technique was effective in uncovering violations of system invariants in both an automobile cruise control system and a water-level monitoring system.

[1]  David Lorge Parnas,et al.  Software Requirements for the A-7E Aircraft. , 1992 .

[2]  Kathryn L. Heninger Specifying Software Requirements for Complex Systems: New Techniques and Their Application , 2001, IEEE Transactions on Software Engineering.

[3]  Joanne M. Atlee Automated analysis of software requirements , 1992 .

[4]  Edmund M. Clarke,et al.  A language for compositional specification and verification of finite state hardware controllers , 1991 .

[5]  Edmund M. Clarke,et al.  Using Branching Time Temporal Logic to Synthesize Synchronization Skeletons , 1982, Sci. Comput. Program..

[6]  Matthew K. Franklin,et al.  Multilevel specification of real time systems , 1991, CACM.

[7]  A. Gabrielian,et al.  Integrating automata and temporal logic: a framework for specification of real-time systems and software , 1992 .

[8]  Edmund M. Clarke,et al.  Automatic Verification of Sequential Circuits Using Temporal Logic , 1986, IEEE Transactions on Computers.

[9]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[10]  M. Browne Automatic verification of finite state machines using temporal logic , 1989 .

[11]  Z. Manna,et al.  Tools and rules for the practicing verifier , 1990 .

[12]  Aloysius K. Mok,et al.  Safety analysis of timing properties in real-time systems , 1986, IEEE Transactions on Software Engineering.

[13]  W. W. Bledsoe,et al.  Variable Elimination and Chaining in a Resolution-based Prover for Inequalities , 1980, CADE.

[14]  David Lorge Parnas,et al.  State determination in hard-embedded systems , 1989 .

[15]  Amnon Naamad,et al.  Statemate: a working environment for the development of complex reactive systems , 1988, ICSE '88.

[16]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[17]  Carlo Ghezzi,et al.  TRIO: A logic language for executable specifications of real-time systems , 1990, J. Syst. Softw..

[18]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[19]  Fred Krögr Temporal Logic Of Programs , 1987 .

[20]  Armen Gabrielian,et al.  HMS Machines: A Unified Framework for Specification, Verification and Reasoning for Real-Time Systems , 1991 .

[21]  Jonathan S. Ostroff,et al.  Modelling, Specifying, and Verifying Real-Time Embedded Computer Systems , 1987, IEEE Real-Time Systems Symposium.

[22]  Franco Turini,et al.  RSF: A Formalism for Executable Requirement Specifications , 1990, IEEE Trans. Software Eng..

[23]  Sharon L. Smith,et al.  STATEMATE and cruise control: a case study , 1988, Proceedings COMPSAC 88: The Twelfth Annual International Computer Software & Applications Conference.

[24]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..