Parameterized specification and verification of the Chilean electronic invoices system

We present the complete process of a formal specification and verification of the Chilean electronic invoice system which has been defined by the tax agency. We use this case study as a real-world and real-size example to illustrate our methodology for specification and verification of distributed applications. Our approach is based on a new hierarchical and parameterized model for synchronised networks of labelled transition systems. In this case study, we use a subset of the model as a graphical specification language. We check this formal specification of the invoice system against its informal requirements, described in terms of parameterized temporal logic formulas. Their satisfiability cannot be checked directly on the parameterized model: we introduce a method and a tool to instantiate the parameterized models and properties, allowing to use standard (finite-state, bisimulation-based) model-checkers for the verification. We also illustrate the use of different methods to avoid the state explosion problem by taking advantage of the parameterized structure and instantiations.

[1]  Robin Milner,et al.  A Calculus of Mobile Processes, II , 1992, Inf. Comput..

[2]  Iso. Lotos,et al.  A Formal Description Technique Based on the Temporal Ordering of Observational Behaviour , 1985 .

[3]  Rance Cleaveland,et al.  Testing-Based Abstractions for Value-Passing Systems , 1994, CONCUR.

[4]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[5]  Rabéa Ameur-Boulifa,et al.  Parameterized Models for Distributed Java Objects , 2004, FORTE.

[6]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[7]  J. Bergstra,et al.  Handbook of Process Algebra , 2001 .

[8]  André Arnold,et al.  Finite transition systems - semantics of communicating systems , 1994, Prentice Hall international series in computer science.

[9]  Frédéric Tronel,et al.  Compositional Verification Using CADP of the ScalAgent Deployment Protocol for Software Components , 2003, FMOODS.

[10]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[11]  Mihaela Sighireanu,et al.  Efficient on-the-fly model-checking for regular alternation-free mu-calculus , 2003, Sci. Comput. Program..

[12]  Robert de Simone,et al.  The FC2TOOLS Set , 1996, AMAST.

[13]  Denis Caromel,et al.  Towards seamless computing and metacomputing in Java , 1998 .

[14]  Frédéric Lang,et al.  NTIF: A General Symbolic Model for Communicating Sequential Processes with Data , 2002, FORTE.

[15]  Radu Mateescu,et al.  An overview of CADP 2001 , 2001 .

[16]  Huimin Lin,et al.  Symbolic Transition Graph with Assignment , 1996, CONCUR.

[17]  Rocco De Nicola,et al.  Action versus State based Logics for Transition Systems , 1990, Semantics of Systems of Concurrent Processes.

[18]  André Arnold,et al.  Finite transition systems , 1994 .

[19]  James Riely,et al.  Applications of Abstraction for Concurrent Programs , 1999 .

[20]  A. Lakas,et al.  Les transformations lotomaton : une contribution a la pre-implementation des systemes lotos , 1996 .