Conformance Checking for Models of Asynchronous Message Passing Software

We propose a notion of conformance between a specification S and an implementation model I extracted from a message-passing program. In our framework, S and I are CCS processes, which soundly abstract the externallyv isible communication behavior of a message-passing program. We use the extracted models to check that programs do not get stuck, waiting to receive or trying to send messages in vain.We show that our definition of stuckness and conformance capture important correctness conditions of message-passing software. Our definition of conformance was motivated byt he need for modular reasoning over models, leading to the requirement that conformance preserve substi-tutabilitywith respect to stuck-freeness: If I conforms to S, and P is any environment such that P | S is stuck-free, then it follows that P | I is stuck-free. We present a simple algorithm for checking if I conforms to S, when I and S obeycert ain restrictions.

[1]  C. A. R. Hoare,et al.  Communicating sequential processes , 1978, CACM.

[2]  Pierre Wolper,et al.  An Automata-Theoretic Approach to Automatic Program Verification (Preliminary Report) , 1986, LICS.

[3]  Klaus Havelund,et al.  Model checking programs , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[4]  James R. Larus,et al.  Behavioral Types for Structured Asynchronous Programming , 2001 .

[5]  Matthew B. Dwyer,et al.  Tool-supported program abstraction for finite-state verification , 2001, Proceedings of the 23rd International Conference on Software Engineering. ICSE 2001.

[6]  Bengt Jonsson,et al.  Refining Interfaces of Communicating Systems , 1991, TAPSOFT, Vol.2.

[7]  Thomas A. Henzinger,et al.  Interface Theories for Component-Based Design , 2001, EMSOFT.

[8]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[9]  Robin Milner,et al.  Communication and concurrency , 1989, PHI Series in computer science.

[10]  Davide Sangiorgi,et al.  Communicating and Mobile Systems: the π-calculus, , 2000 .

[11]  Robin Milner,et al.  A Compositional Protocol Verification Using Relativized Bisimulation , 1992, Inf. Comput..

[12]  Samson Abramsky,et al.  TAPSOFT'91: Proceedings of the International Joint Conference on Theory and Practice of Software Development, Brighton, UK, April 8-12, 1991, Volume 2: Advances in Distributed Computing (ADC) and Colloquium on Combining Paradigms for Software Developmemnt (CCPSD) , 1991 .

[13]  Gerard J. Holzmann,et al.  Logic Verification of ANSI-C Code with SPIN , 2000, SPIN.

[14]  Rance Cleaveland,et al.  The concurrency workbench: a semantics-based tool for the verification of concurrent systems , 1993, TOPL.

[15]  Thomas A. Henzinger,et al.  Alternating Refinement Relations , 1998, CONCUR.

[16]  David L. Dill,et al.  Trace theory for automatic hierarchical verification of speed-independent circuits , 1989, ACM distinguished dissertations.

[17]  Andrew William Roscoe,et al.  The Theory and Practice of Concurrency , 1997 .

[18]  Fred B. Schneider,et al.  Enforceable security policies , 2000, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[19]  Sagar Chaki,et al.  Types as models: model checking message-passing programs , 2002, POPL '02.

[20]  Robin Milner,et al.  Communicating and mobile systems - the Pi-calculus , 1999 .