Symbolic model checking of software product lines

We study the problem of model checking software product line (SPL) behaviours against temporal properties. This is more difficult than for single systems because an SPL with n features yields up to 2n individual systems to verify. As each individual verification suffers from state explosion, it is crucial to propose efficient formalisms and heuristics. We recently proposed featured transition systems (FTS), a compact representation for SPL behaviour, and defined algorithms for model checking FTS against linear temporal properties. Although they showed to outperform individual system verifications, they still face a state explosion problem as they enumerate and visit system states one by one. In this paper, we tackle this latter problem by using symbolic representations of the state space. This lead us to consider computation tree logic (CTL) which is supported by the industry-strength symbolic model checker NuSMV. We first lay the foundations for symbolic SPL model checking by defining a feature-oriented version of CTL and its dedicated algorithms. We then describe an implementation that adapts the NuSMV language and tool infrastructure. Finally, we propose theoretical and empirical evaluations of our results. The benchmarks show that for certain properties, our algorithm is over a hundred times faster than model checking each system with the standard algorithm.

[1]  Salil P. Vadhan,et al.  Computational Complexity , 2005, Encyclopedia of Cryptography and Security.

[2]  Stefania Gnesi,et al.  A behavioural model for product families , 2007, ESEC/SIGSOFT FSE.

[3]  Randal E. Bryant,et al.  Symbolic Boolean manipulation with ordered binary-decision diagrams , 1992, CSUR.

[4]  Pierre-Yves Schobbens,et al.  Feature Diagrams: A Survey and a Formal Semantics , 2006, 14th IEEE International Requirements Engineering Conference (RE'06).

[5]  Pierre-Yves Schobbens,et al.  Model checking lots of systems: efficient verification of temporal properties in software product lines , 2010, 2010 ACM/IEEE 32nd International Conference on Software Engineering.

[6]  Sebastián Uchitel,et al.  A foundation for behavioural conformance in software product line architectures , 2006, ROSATEA '06.

[7]  Michal Antkiewicz,et al.  Mapping features to models: a template approach based on superimposed variants , 2005, GPCE'05.

[8]  Brice Morin,et al.  Taming Dynamically Adaptive Systems using models and aspects , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[9]  Paul Clements,et al.  Software product lines - practices and patterns , 2001, SEI series in software engineering.

[10]  Capers Jones,et al.  Embedded Software: Facts, Figures, and Future , 2009, Computer.

[11]  Antonio Ruiz Cortés,et al.  Automated analysis of feature models: challenges ahead , 2006, CACM.

[12]  Kim G. Larsen,et al.  Modal Specifications , 1989, Automatic Verification Methods for Finite State Systems.

[13]  Mario Kolberg,et al.  Feature interaction: a critical review and considered forecast , 2003, Comput. Networks.

[14]  Klaus Pohl,et al.  Model Checking of Domain Artifacts in Product Line Engineering , 2009, 2009 IEEE/ACM International Conference on Automated Software Engineering.

[15]  Stefania Gnesi,et al.  Formal Modeling for Product Families Engineering , 2008, 2008 12th International Software Product Line Conference.

[16]  Christel Baier,et al.  Principles of model checking , 2008 .

[17]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[18]  Maurice H. ter Beek,et al.  A Deontic Logical Framework for Modelling Product Families , 2010, VaMoS.

[19]  Kyo Chul Kang,et al.  Feature-Oriented Domain Analysis (FODA) Feasibility Study , 1990 .

[20]  Jing Liu,et al.  Safety analysis of software product lines using state-based modeling , 2005, 16th IEEE International Symposium on Software Reliability Engineering (ISSRE'05).

[21]  Martin Leucker,et al.  Modeling and Model Checking Software Product Lines , 2008, FMOODS.

[22]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[23]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[24]  Ira R. Forman,et al.  Superimposition for Interacting Processes , 1990, CONCUR.

[25]  Pierre-Yves Schobbens,et al.  What ' s in a Feature ? A Requirements Engineering Perspective , 2008 .

[26]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[27]  Jean-Marc Jézéquel,et al.  Towards a UML Profile for Software Product Lines , 2003, PFE.

[28]  Kim G. Larsen,et al.  Modal I/O Automata for Interface and Product Line Theories , 2007, ESOP.

[29]  Maurice H. ter Beek,et al.  A Logical Framework to Deal with Variability , 2010, IFM.

[30]  Joseph Sifakis,et al.  Automatic Verification Methods for Finite State Systems , 1989, Lecture Notes in Computer Science.

[31]  Bashar Nuseibeh,et al.  Towards safer composition , 2009, 2009 31st International Conference on Software Engineering - Companion Volume.

[32]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching Time Temporal Logic , 2008, 25 Years of Model Checking.

[33]  Carsten Sinz,et al.  Configuration Lifting: Verification meets Software Configuration , 2008, 2008 23rd IEEE/ACM International Conference on Automated Software Engineering.

[34]  Andreas Classen,et al.  Relating requirements and feature configurations: a systematic approach , 2009, SPLC.

[35]  Kathi Fisler,et al.  Verifying cross-cutting features as open systems , 2002, SIGSOFT '02/FSE-10.

[36]  Mark Ryan,et al.  Feature integration using a feature construct , 2001, Sci. Comput. Program..