Automated Support for Building Behavioral Models of Event-Driven Systems

Programmers understand a piece of software by building simplified mental models of it. Aspects of these models lend themselves naturally to formalization – e.g., structural relationships can be partly captured by module dependency graphs. Automated support for generating and analyzing such structural models has proven useful. For event-driven systems, behavioral models, which capture temporal and causal relationships between events, are important and deserve similar methodological and tool support. In this paper, we describe such a technique. Our method supports building and elaboration of behavioral models, as well as maintaining such models as systems evolve. The method is based on model-checking and witness generation, using strategies to create goal-driven simulation traces. We illustrate it on a two-lift/three-floor elevator system, and describe our tool, Sawblade, which provides automated support for the method.

[1]  Malte Plath,et al.  SFI: a Feature Integration Tool , 1998, Tool Support for System Specification, Development and Verification.

[2]  Emden R. Gansner,et al.  AC++ Data Model Supporting Reachability Analysis and Dead Code Detection , 1998, IEEE Trans. Software Eng..

[3]  Marsha Chechik,et al.  A framework for counterexample generation and exploration , 2005, International Journal on Software Tools for Technology Transfer.

[4]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[5]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[6]  Andreas Podelski,et al.  Boolean and Cartesian abstraction for model checking C programs , 2001, International Journal on Software Tools for Technology Transfer.

[7]  Dimitrie O. Paun,et al.  On Closure Under Stuttering , 2003, Formal Aspects of Computing.

[8]  Hausi A. Müller,et al.  A reverse-engineering approach to subsystem structure identification , 1993, J. Softw. Maintenance Res. Pract..

[9]  Hausi A. Müller,et al.  The Software Bookshelf , 1997, IBM Syst. J..

[10]  Ivar Jacobson,et al.  The Unified Software Development Process , 1999 .

[11]  Martin P. Robillard,et al.  Concern graphs: finding and describing concerns using structural program dependencies , 2002, Proceedings of the 24th International Conference on Software Engineering. ICSE 2002.

[12]  Marsha Chechik,et al.  Proof-Like Counter-Examples , 2003, TACAS.

[13]  Georg Gottlob,et al.  On ACTL Formulas Having Linear Counterexamples , 2001, J. Comput. Syst. Sci..

[14]  David Notkin,et al.  Software reflexion models: bridging the gap between source and high-level models , 1995, SIGSOFT FSE.

[15]  Gerard J. Holzmann,et al.  Design tools for requirements engineering , 1997, Bell Labs Technical Journal.

[16]  David Harel,et al.  LSCs: Breathing Life into Message Sequence Charts , 1999, Formal Methods Syst. Des..

[17]  Matthew B. Dwyer,et al.  Bandera: extracting finite-state models from Java source code , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[18]  R. J. A. Buhr,et al.  Use Case Maps for Object-Oriented Systems , 1995 .

[19]  Ric Holt Software Architecture as a Shared Mental Model , 2005 .

[20]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[21]  William Chan Temporal-logic queries , 2000 .

[22]  Zohar Manna,et al.  The Temporal Logic of Reactive and Concurrent Systems , 1991, Springer New York.

[23]  Marsha Chechik,et al.  chi-Chek: A Multi-valued Model-Checker , 2002, CAV.

[24]  Rudolf K. Keller,et al.  Pattern-based design recovery with SPOOL , 2002 .

[25]  David Notkin,et al.  An empirical study of static call graph extractors , 1998, TSEM.