Tool support for verifying UML activity diagrams

We describe a tool that supports verification of workflow models specified in UML activity diagrams. The tool translates an activity diagram into an input format for a model checker according to a mathematical semantics. With the model checker, arbitrary propositional requirements can be checked against the input model. If a requirement fails to hold, an error trace is returned by the model checker, which our tool presents by highlighting a corresponding path in the activity diagram. We summarize our formal semantics, discuss the techniques used to reduce an infinite state space to a finite one, and motivate the need for strong fairness constraints to obtain realistic results. We define requirement-preserving rules for state space reduction. Finally, we illustrate the whole approach with a few example verifications.

[1]  Amnon Naamad,et al.  The STATEMATE semantics of statecharts , 1996, TSEM.

[2]  Thomas A. Henzinger,et al.  What Good Are Digital Clocks? , 1992, ICALP.

[3]  Rik Eshuis,et al.  A Real-Time Execution Semantics for UML Activity Diagrams , 2001, FASE.

[4]  Randall P. Sadowski,et al.  Simulation with Arena , 1998 .

[5]  Wil M. P. van der Aalst,et al.  Diagnosing Workflow Processes using Woflan , 2001, Comput. J..

[6]  Karl Aberer,et al.  CrossFlow: Cross-Organizational Workflow Management in Dynamic Virtual Enterprises , 2000 .

[7]  Masahiro Fujita,et al.  Program slicing for VHDL , 2002 .

[8]  Dimitra Giannakopoulou,et al.  Model checking of workflow schemas , 2000, Proceedings Fourth International Enterprise Distributed Objects Computing Conference. EDOC2000.

[9]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[10]  Johan Lilius,et al.  vUML: a tool for verifying UML models , 1999, 14th IEEE International Conference on Automated Software Engineering.

[11]  Gerhard Weikum,et al.  Enterprise-wide workflow management based on state and activity charts , 1998 .

[12]  Amir Pnueli,et al.  On Discretization of Delays in Timed Automata and Digital Circuits , 1998, CONCUR.

[13]  Frank Tip,et al.  A survey of program slicing techniques , 1994, J. Program. Lang..

[14]  Amir Pnueli,et al.  A Platform for Combining Deductive with Algorithmic Verification , 1996, CAV.

[15]  Gérard Berry,et al.  The Esterel Synchronous Programming Language: Design, Semantics, Implementation , 1992, Sci. Comput. Program..

[16]  Fausto Giunchiglia,et al.  NUSMV: a new symbolic model checker , 2000, International Journal on Software Tools for Technology Transfer.

[17]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[18]  Roel Wieringa,et al.  Regular database update logics , 2001, Theor. Comput. Sci..

[19]  Diego Latella,et al.  Automatic Verification of a Behavioural Subset of UML Statechart Diagrams Using the SPIN Model-checker , 1999, Formal Aspects of Computing.

[20]  David Notkin,et al.  Optimizing Symbolic Model Checking for Statecharts , 2001, IEEE Trans. Software Eng..

[21]  W. Janssen,et al.  Verifying business processes using spin , 1998 .

[22]  Amir Pnueli,et al.  A Compositional Real-Time Semantics of STATEMATE Designs , 1997, COMPOS.

[23]  Rik Eshuis,et al.  Semantics and Verification of UML Activity Diagrams for Workflow Modelling , 2002 .

[24]  Richard M. Karp,et al.  Parallel Program Schemata , 1969, J. Comput. Syst. Sci..

[25]  Amir Pnueli,et al.  Algorithmic Verification of Linear Temporal Logic Specifications , 1998, ICALP.

[26]  Amir Pnueli,et al.  On the Development of Reactive Systems , 1989, Logics and Models of Concurrent Systems.

[27]  Javier Esparza,et al.  Decidability of model checking for infinite-state concurrent systems , 1997, Acta Informatica.

[28]  Zohar Manna,et al.  Verification of Clocked and Hybrid Systems , 1996, European Educational Forum: School on Embedded Systems.

[29]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[30]  Matthew B. Dwyer,et al.  Slicing Software for Model Construction , 2000, High. Order Symb. Comput..

[31]  Rik Eshuis,et al.  Comparing Petri Net and Activity Diagram Variants for Workflow Modelling - A Quest for Reactive Petri Nets , 2003, Petri Net Technology for Communication-Based Systems.

[32]  Rik Eshuis,et al.  An Execution Algorithm for UML Activity Graphs , 2001, UML.

[33]  David Notkin,et al.  Model checking large software specifications , 1996, SIGSOFT '96.

[34]  Krzysztof R. Apt,et al.  Logics and Models of Concurrent Systems , 1989, NATO ASI Series.

[35]  Roelf J. Wieringa,et al.  Toolkit for Conceptual Modeling (TCM): User's Guide and Reference , 1997 .

[36]  David Harel,et al.  Modeling Reactive Systems With Statecharts : The Statemate Approach , 1998 .

[37]  Rik Eshuis,et al.  Verification support for workflow design with UML activity graphs , 2002, ICSE '02.

[38]  Roel Wieringa Design Methods for Reactive Systems , 2003 .

[39]  Christoph Bussler Enterprise-Wide Workflow Management , 1999, IEEE Concurr..

[40]  Tadao Murata,et al.  Petri nets: Properties, analysis and applications , 1989, Proc. IEEE.

[41]  R. Goldblatt Logics of Time and Computation , 1987 .