Taming Interface Specifications

Software is often being assembled using third-party components where the developers have little knowledge of, and even less control over, the internals of the components comprising the overall system. One obstacle to composing agents is that current formal methods are mainly concerned with "closed" systems that are built from the ground up. Such systems are fully under the control of the user.Hence, problems arising from ill-specified components can be resolved by a close inspection of the systems. When composing systems using "off-the-shelf" components, this is often no longer the case.The paper addresses the problem of under-specification, where an off-the-shelf component does only what it claims to do, however, it claims more behaviors than it actually has and that one wishes for, some of which may render it useless. Given such an under-specified module, we propose a method to automatically synthesize some safety properties from it that would tame its "bad" behaviors. The advantage of restricting to safety properties is that they are monitorable.The safety properties are derived using an automata-theoretic approach. We show that, when restricting to ω-regular languages, there is no maximal safety property. For this case we construct a sequence of increasingly larger safety properties. We also show how to construct an infinite-state automata that can capture any safety property that is contained in the original specifications.

[1]  Hardi Hungar,et al.  Behavior-based model construction , 2002, International Journal on Software Tools for Technology Transfer.

[2]  Kim G. Larsen,et al.  Ideal Specification Formalism + Expressivity + Compositionality + Decidability + Testability + , 1990, CONCUR.

[3]  Pierre Wolper,et al.  Reasoning About Infinite Computations , 1994, Inf. Comput..

[4]  A. Prasad Sistla,et al.  On characterization of safety and liveness properties in temporal logic , 1985, ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing.

[5]  Sape Mullender,et al.  Distributed systems , 1989 .

[6]  Pierre Wolper,et al.  Reasoning about infinite computation paths , 1983, 24th Annual Symposium on Foundations of Computer Science (sfcs 1983).

[7]  A. Prasad Sistla,et al.  Deciding Branching Time Logic: A Triple Exponential Decision Procedure for CTL* , 1983, Logic of Programs.

[8]  Bowen Alpern,et al.  Defining Liveness , 1984, Inf. Process. Lett..

[9]  Martín Abadi,et al.  The Existence of Refinement Mappings , 1988, LICS.

[10]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[11]  Tiziana Margaria,et al.  Knowledge-based relevance filtering for efficient system-level test-based model generation , 2005, Innovations in Systems and Software Engineering.

[12]  Amir Pnueli,et al.  Monitoring Interfaces for Faults , 2006, Electron. Notes Theor. Comput. Sci..

[13]  A. Prasad Sistla,et al.  Proving Correctness with Respect to Nondeterministic Safety Specifications , 1991, Information Processing Letters.

[14]  Kim G. Larsen,et al.  The Expressive Power of Implicit Specifications , 1991, Theor. Comput. Sci..