Modeling with Mocking

Writing formal specifications often requires users to abstract from the original problem. Especially when verification techniques such as model checking are used. Without applying abstraction the search space the model checker need to traverse tends to grow quickly beyond the scope of what can be checked within reasonable time.The downside of this need to omit details is that it increases the distance to the implementation. Ideally, the created specifications could be used to generate software from (either manually or automatically). But having an incomplete description of the desired system is not enough for this purpose.In this work we introduce the Rebel2 specification language. Rebel2 lets the user write full system specifications in the form of state machines with data without the need to apply abstraction while still preserving the ability to verify non-trivial properties. This is done by allowing the user to forget and mock specifications when running the model checker. The original specifications are untouched by these techniques.We compare the expressiveness of Rebel2 and the effectiveness of mock and forget by implementing two case studies: one from the automotive domain and one from the banking domain. We find that Rebel2 is expressive enough to implement both case studies in a concise manner. Next to that, when performing checks in isolation, mocking can speed up model checking significantly.

[1]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[2]  Corina S. Pasareanu,et al.  Learning Assumptions for Compositional Verification , 2003, TACAS.

[3]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[4]  Egon Börger,et al.  High Level System Design and Analysis Using Abstract State Machines , 1998, FM-Trends.

[5]  Michael Leuschel,et al.  Modelling and Validating an Automotive System in Classical B and Event-B , 2020, ABZ.

[6]  Nazareno Aguirre,et al.  DynAlloy analyzer: a tool for the specification and analysis of alloy models with dynamic behaviour , 2017, ESEC/SIGSOFT FSE.

[7]  Alcino Cunha,et al.  Validating Multiple Variants of an Automotive Light System with Electrum , 2020, ABZ.

[8]  Frank Houdek,et al.  Adaptive Exterior Light and Speed Control System , 2020, ABZ.

[9]  Tijs van der Storm,et al.  AlleAlle: bounded relational model finding with unbounded data , 2019, Onward!.

[10]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[11]  Daniel Jackson,et al.  Lightweight Formal Methods , 2001, FME.

[12]  Thomas A. Henzinger,et al.  Handbook of Model Checking , 2018, Springer International Publishing.

[13]  Steve Freeman,et al.  Endo-testing: unit testing with mock objects , 2001 .

[14]  Joël Ouaknine,et al.  State/Event-Based Software Model Checking , 2004, IFM.

[15]  Stephan Merz,et al.  Model Checking , 2000 .

[16]  Tijs van der Storm,et al.  Solving the bank with Rebel: on the design of the Rebel specification language and its application inside a bank , 2016, ITSLE@SPLASH.

[17]  David Chemouil,et al.  Lightweight specification and analysis of dynamic systems with rich configurations , 2016, SIGSOFT FSE.

[18]  Tijs van der Storm,et al.  RASCAL: A Domain Specific Language for Source Code Analysis and Manipulation , 2009, 2009 Ninth IEEE International Working Conference on Source Code Analysis and Manipulation.

[19]  Paolo Arcaini,et al.  Modelling an Automotive Software-Intensive System with Adaptive Features Using ASMETA , 2020, ABZ.

[20]  Per Runeson,et al.  A survey of unit testing practices , 2006, IEEE Software.

[21]  Daniel Jackson,et al.  Alloy: a lightweight object modelling notation , 2002, TSEM.

[22]  Emina Torlak,et al.  Kodkod: A Relational Model Finder , 2007, TACAS.

[23]  F. E.,et al.  A Relational Model of Data Large Shared Data Banks , 2000 .

[24]  Jean-Raymond Abrial,et al.  Refinement, Decomposition, and Instantiation of Discrete Models: Application to Event-B , 2007, Fundam. Informaticae.

[25]  Mauricio Finavaro Aniche,et al.  To Mock or Not to Mock? An Empirical Study on Mocking Practices , 2017, 2017 IEEE/ACM 14th International Conference on Mining Software Repositories (MSR).

[26]  Jan Friso Groote,et al.  Modeling and Analysis of Communicating Systems , 2014 .

[27]  Stéphane Bressan,et al.  Introduction to Database Systems , 2005 .

[28]  Gregory D. Dennis A relational framework for bounded program verification , 2009 .

[29]  M.R. Frias,et al.  DynAlloy: upgrading alloy with actions , 2005, Proceedings. 27th International Conference on Software Engineering, 2005. ICSE 2005..

[30]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[31]  Alcino Cunha Bounded Model Checking of Temporal Formulas with Alloy , 2014, ABZ.

[32]  Jurriaan Hage,et al.  [Research Paper] Fine-Grained Model Slicing for Rebel , 2018, 2018 IEEE 18th International Working Conference on Source Code Analysis and Manipulation (SCAM).

[33]  C. J. Date An Introduction to Database Systems, 6th Edition , 1995 .

[34]  Marc Frappier,et al.  An Event-B Model of an Automotive Adaptive Exterior Light System , 2020, ABZ.