Compositional verification of component-based real-time systems and applications. (Vérification compositionnelle des systèmes temps-réel à base de composants et applications)

ion-Based Techniques In [BPG08], the Assume-guarantee-Abstraction Refinement method is proposed for the automation of this compositional reasoning paradigm and applied for Rule 2.1. It is mainly inspired by the CEGAR approach and iteratively finds assumptions that represent the abstraction of the behavior of component B0 which concerns its interaction with component B. Therefore, in each iteration, the assumption A satisfies the first premise of the rule and is verified for the second premise. The generated counterexamples are analyzed and those which are spurious serve to strengthen iteratively the overapproximation made by the abstraction. 2.1.2 Assume-guarantee Reasoning for Timed Systems The above-mentioned research works are focused on the untimed systems. The proposals to handle real-time systems are more limited. In [GJL04, GJP06, GJL10], the authors extended the learning techniques which were first proposed by Angluin for finite automata to the setting of real-time systems. In the field of timed automata, one major obstacle for learning assumptions is that the set of clocks is not known in advance. Regarding this difficulty, the authors restricted their methods for event-recording-automata (ERA) [AFH99] where the last occurrence of each action is registered. The three developed algorithms focus on ERA with canonical shapes and which can be perceived as finite automata over a symbolic alphabet. Another method for learning timed systems was proposed in [VDWW06]. It deals with timed automata containing one clock reset at every transition. There, the generalization to automata with multiple clocks is difficult. In [LAL+14], another method for learning the non circular rule of assume-guarantee method is proposed for the verification of timed systems, focusing also on ERA. It consists in a twosteps flow: first, an untimed assumption is generated in order to ensure the events sequence is correct, then these assumptions are refined so that timing constraints are satisfied. 2.2. Contract-Based Reasoning and Interface Theories 19 In [FHK04], an assume-guarantee reasoning approach is proposed for hybrid I/O-automata [LSV03] where a novel rule is proposed on the basis of simulation relations. One advantage of this approach is that circularity is countered by a state-based non blocking condition that can be checked during the computation of the simulation relations.

[1]  永田 守男,et al.  Verifying Properties of Parallel Programs : An Axiomatic Approach , 1976 .

[2]  Sophie Quinton,et al.  Contract-Based Verification of Hierarchical Systems of Components , 2008, 2008 Sixth IEEE International Conference on Software Engineering and Formal Methods.

[3]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[4]  Kim G. Larsen,et al.  Lower and Upper Bounds in Zone Based Abstractions of Timed Automata , 2004, TACAS.

[5]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[6]  G. Frehse,et al.  Assume-guarantee reasoning for hybrid I/O-automata by over-approximation of continuous interaction , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[7]  Bertrand Meyer,et al.  Applying 'design by contract' , 1992, Computer.

[8]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[9]  Bengt Jonsson,et al.  Learning of event-recording automata , 2010, Theor. Comput. Sci..

[10]  Joseph Sifakis,et al.  D-Finder: A Tool for Compositional Deadlock Detection and Verification , 2009, CAV.

[11]  Joseph Sifakis,et al.  Rigorous implementation of real-time systems – from theory to application , 2013, Mathematical Structures in Computer Science.

[12]  Edmund M. Clarke,et al.  Partial order reduction for verification of timed systems , 1999 .

[13]  Jirí Srba,et al.  Comparing the Expressiveness of Timed Automata and Timed Extensions of Petri Nets , 2008, FORMATS.

[14]  Doron A. Peled Combining Partial Order Reductions with On-the-fly Model-Checking , 1994, CAV.

[15]  Bengt Jonsson,et al.  Inference of Event-Recording Automata Using Timed Decision Trees , 2006, CONCUR.

[16]  Jun Sun,et al.  Learning Assumptions for CompositionalVerification of Timed Systems , 2014, IEEE Transactions on Software Engineering.

[17]  Thanh-Hung Nguyen,et al.  Constructive Verification for Component-based Systems , 2010 .

[18]  Gerd Behrmann,et al.  Adding Symmetry Reduction to Uppaal , 2003, FORMATS.

[19]  Brian Randell,et al.  Software Engineering Techniques: Report of a conference sponsored by the NATO Science Committee, Rome, Italy, 27th-31st October 1969 , 1970 .

[20]  Nathalie Bertrand,et al.  A Compositional Approach on Modal Specifications for Timed Systems , 2009, ICFEM.

[21]  Stephan Merz,et al.  Model Checking - Timed UML State Machines and Collaborations , 2002, FTRTFT.

[22]  Krzysztof R. Apt,et al.  Limits for Automatic Verification of Finite-State Concurrent Systems , 1986, Inf. Process. Lett..

[23]  Silvio Ghilardi,et al.  Towards SMT Model Checking of Array-Based Systems , 2008, IJCAR.

[24]  Toshimasa Watanabe,et al.  Time Complexity Analysis of the Minimal Siphon Extraction Problem of Petri Nets (Special Section on Concurrent Systems Technology) , 1999 .

[25]  Parosh Aziz Abdulla,et al.  On the Existence of Network Invariants for Verifying Parameterized Systems , 1999, Correct System Design.

[26]  Sumit Kumar Jha,et al.  Refining Abstractions of Hybrid Systems Using Counterexample Fragments , 2005, HSCC.

[27]  Joseph Sifakis,et al.  An Algebraic Framework for Urgency , 2000, Inf. Comput..

[28]  Gilles Audemard,et al.  Bounded Model Checking for Timed Systems , 2002, FORTE.

[29]  Iulian Ober,et al.  Validating timed UML models by simulation and verification , 2006, International Journal on Software Tools for Technology Transfer.

[30]  Eugene W. Stark,et al.  A Proof Technique for Rely/Guarantee Properties , 1985, FSTTCS.

[31]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[32]  Nicolas Halbwachs,et al.  Automatic verification of parameterized networks of processes , 2001, Theor. Comput. Sci..

[33]  Rajeev Alur,et al.  Automatic symbolic compositional verification by learning assumptions , 2008, Formal Methods Syst. Des..

[34]  Lacramioara Astefanoaei,et al.  Compositional Verification for Timed Systems Based on Automatic Invariant Generation , 2015, Log. Methods Comput. Sci..

[35]  Johannes Reich,et al.  Processes, Roles and Their Interactions , 2012, IWIGP.

[36]  Kim G. Larsen,et al.  CMC: A Tool for Compositional Model-Checking of Real-Time Systems , 1998, FORTE.

[37]  Farn Wang,et al.  Efficient Data Structure for Fully Symbolic Verification of Real-Time Software Systems , 2000, TACAS.

[38]  Serge Haddad,et al.  Comparison of the Expressiveness of Timed Automata and Time Petri Nets , 2005, FORMATS.

[39]  Antti Valmari,et al.  Stubborn sets for reduced state space generation , 1991, Applications and Theory of Petri Nets.

[40]  Joseph Sifakis,et al.  Compositional Verification for Component-Based Systems and Application , 2008, ATVA.

[41]  Kenneth L. McMillan,et al.  A Compositional Rule for Hardware Design Refinement , 1997, CAV.

[42]  André Platzer,et al.  SAT-based Abstraction Refinement for Real-time Systems , 2007, FACS.

[43]  Pierre Wolper,et al.  Verifying Properties of Large Sets of Processes with Network Invariants , 1990, Automatic Verification Methods for Finite State Systems.

[44]  C. Ramchandani,et al.  Analysis of asynchronous concurrent systems by timed petri nets , 1974 .

[45]  Doron A. Peled,et al.  All from One, One for All: on Model Checking Using Representatives , 1993, CAV.

[46]  Marcus Nilsson,et al.  Regular Model Checking , 2000, CAV.

[47]  Dana Angluin,et al.  Learning Regular Sets from Queries and Counterexamples , 1987, Inf. Comput..

[48]  Ursula Goltz,et al.  Timed Sequence Diagrams and Tool-Based Analysis - A Case Study , 1999, UML.

[49]  Chih-Hong Cheng,et al.  Timed Orchestration for Component-based Systems , 2015, ArXiv.

[50]  Lothar Thiele,et al.  Real-time interfaces for composing real-time systems , 2006, EMSOFT '06.

[51]  Lacramioara Astefanoaei,et al.  Compositional Invariant Generation for Timed Systems , 2014, TACAS.

[52]  Todd Millstein,et al.  Automatic predicate abstraction of C programs , 2001, PLDI '01.

[53]  Thomas A. Henzinger,et al.  Parametric real-time reasoning , 1993, STOC.

[54]  Howard Wong-Toi,et al.  Symbolic approximations for verifying real-time systems , 1995 .

[55]  Ronald L. Rivest,et al.  Inference of finite automata using homing sequences , 1989, STOC '89.

[56]  Conrado Daws,et al.  Reducing the number of clock variables of timed automata , 1996, RTSS.

[57]  Parosh Aziz Abdulla,et al.  Regular Model Checking Made Simple and Efficient , 2002, CONCUR.

[58]  Amir Pnueli,et al.  The temporal logic of programs , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[59]  Nancy A. Lynch,et al.  Hybrid I/O automata , 2003, Inf. Comput..

[60]  Amir Pnueli,et al.  Automatic Deductive Verification with Invisible Invariants , 2001, TACAS.

[61]  Taylor T. Johnson,et al.  A Small Model Theorem for Rectangular Hybrid Automata Networks , 2012, FMOODS/FORTE.

[62]  Amir Pnueli,et al.  In Transition From Global to Modular Temporal Reasoning about Programs , 1989, Logics and Models of Concurrent Systems.

[63]  Howard Barringer,et al.  Component Verification with Automatically Generated Assumptions , 2005, Automated Software Engineering.

[64]  Étienne André,et al.  Synthesis of Timing Parameters Satisfying Safety Properties , 2011, RP.

[65]  Howard Barringer,et al.  Proof Rules for Automated Compositional Verification through Learning , 2003 .

[66]  Kim Guldstrand Larsen,et al.  Minimal DBM Substraction , 2004 .

[67]  Mihalis Yannakakis,et al.  Minimum and maximum delay problems in real-time systems , 1991, Formal Methods Syst. Des..

[68]  Didier Lime,et al.  Integer Parameter Synthesis for Timed Automata , 2013, TACAS.

[69]  Patricia Bouyer,et al.  Forward Analysis of Updatable Timed Automata , 2004, Formal Methods Syst. Des..

[70]  Marius Bozga,et al.  RTD-Finder: A Tool for Compositional Verification of Real-Time Component-Based Systems , 2016, TACAS.

[71]  Roberto Passerone,et al.  A Generic Model of Contracts for Embedded Systems , 2007, ArXiv.

[72]  Martin Leucker,et al.  Network Invariants for Real-Time Systems , 2003, INFINITY.

[73]  Corina S. Pasareanu,et al.  Automated Assume-Guarantee Reasoning by Abstraction Refinement , 2008, CAV.

[74]  Parosh Aziz Abdulla,et al.  Model checking of systems with many identical timed processes , 2003, Theor. Comput. Sci..

[75]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[76]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[77]  Martín Abadi,et al.  Conjoining specifications , 1995, TOPL.

[78]  Mahesh Viswanathan,et al.  Hybrid automata-based CEGAR for rectangular hybrid systems , 2015, Formal Methods Syst. Des..

[79]  Parosh Aziz Abdulla,et al.  Closed, Open, and Robust Timed Networks , 2005, INFINITY.

[80]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[81]  Corina S. Pasareanu,et al.  Learning Assumptions for Compositional Verification , 2003, TACAS.

[82]  Cees Witteveen,et al.  Identifying an automaton model for timed data , 2006 .

[83]  Roberto Passerone,et al.  A contract-based formalism for the specification of heterogeneous systems , 2008, 2008 Forum on Specification, Verification and Design Languages.

[84]  Cliff B. Jones,et al.  Tentative steps toward a development method for interfering programs , 1983, TOPL.

[85]  Bernard Berthomieu,et al.  An Enumerative Approach for Analyzing Time Petri Nets , 1983, IFIP Congress.

[86]  Stavros Tripakis,et al.  Kronos: A Model-Checking Tool for Real-Time Systems , 1998, CAV.

[87]  Martijn Hendriks,et al.  Enhancing Uppaal by Exploiting Symmetry , 2002 .

[88]  Axel Legay,et al.  Efficient deadlock detection for concurrent systems , 2011, Ninth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMPCODE2011).

[89]  Stavros Tripakis,et al.  Model Checking of Real-Time Reachability Properties Using Abstractions , 1998, TACAS.

[90]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[91]  Patrice Godefroid Using Partial Orders to Improve Automatic Verification Methods , 1990, CAV.

[92]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[93]  Silvio Ghilardi,et al.  MCMT in the Land of Parametrized Timed Automata , 2010, VERIFY@IJCAR.

[94]  Farn Wang,et al.  Symmetric Symbolic Safety-Analysis of Concurrent Software with Pointer Data Structures , 2002, FORTE.

[95]  L. Kaiser,et al.  Equivalence of timed state machines and safe TPN , 2002, Sixth International Workshop on Discrete Event Systems, 2002. Proceedings..

[96]  Aloysius K. Mok,et al.  Modechart: A Specification Language for Real-Time Systems , 1994, IEEE Trans. Software Eng..

[97]  Dragan Bosnacki,et al.  A Heuristic for Symmetry Reductions with Scalarsets , 2001, FME.

[98]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[99]  Rajeev Alur,et al.  Modeling and Verification of a Dual Chamber Implantable Pacemaker , 2012, TACAS.

[100]  Wang Yi,et al.  Formal design and analysis of a gear controller , 1998, International Journal on Software Tools for Technology Transfer.

[101]  Kim G. Larsen,et al.  Automatic Abstraction Refinement for Timed Automata , 2007, FORMATS.

[102]  Kim G. Larsen,et al.  Moving from Specifications to Contracts in Component-Based Design , 2012, FASE.

[103]  K. Mani Chandy,et al.  Proofs of Networks of Processes , 1981, IEEE Transactions on Software Engineering.

[104]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[105]  Axel Legay,et al.  Incremental Generation of Linear Invariants for Component-Based Systems , 2013, 2013 13th International Conference on Application of Concurrency to System Design.

[106]  Ahlem Triki,et al.  Distributed Implementations of Timed Component-based Systems , 2015 .

[107]  Howard Barringer,et al.  Learning to divide and conquer: applying the L* algorithm to automate assume-guarantee reasoning , 2008, Formal Methods Syst. Des..

[108]  Wang Yi,et al.  Clock Difference Diagrams , 1998, Nord. J. Comput..

[109]  Kim G. Larsen,et al.  Static Guard Analysis in Timed Automata Verification , 2003, TACAS.

[110]  Thomas A. Henzinger,et al.  Event-Clock Automata: A Determinizable Class of Timed Automata , 1999, Theor. Comput. Sci..

[111]  Rajeev Alur,et al.  Symbolic Compositional Verification by Learning Assumptions , 2005, CAV.

[112]  John Håkansson,et al.  Component-Based Design and Analysis of Embedded Systems with UPPAAL PORT , 2008, ATVA.

[113]  Klaus Havelund,et al.  Model checking programs , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[114]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[115]  David L. Dill,et al.  Better verification through symmetry , 1996, Formal Methods Syst. Des..

[116]  Stavros Tripakis,et al.  Analysis of Timed Systems Using Time-Abstracting Bisimulations , 2001, Formal Methods Syst. Des..

[117]  L. D. Moura,et al.  The YICES SMT Solver , 2006 .

[118]  Wang Yi,et al.  Partial Order Reductions for Timed Systems , 1998, CONCUR.

[119]  Gerard J. Holzmann,et al.  An improvement in formal verification , 1994, FORTE.

[120]  Lacramioara Astefanoaei,et al.  Compositional Verification of Parameterised Timed Systems , 2015, NFM.

[121]  Patrice Godefroid,et al.  Partial-Order Methods for the Verification of Concurrent Systems , 1996, Lecture Notes in Computer Science.

[122]  Wang Yi,et al.  Timed Automata: Semantics, Algorithms and Tools , 2003, Lectures on Concurrency and Petri Nets.

[123]  Thomas A. Henzinger,et al.  Reactive Modules , 1999, Formal Methods Syst. Des..

[124]  Sofia Cassel,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 2012 .

[125]  Rajeev Motwani,et al.  Introduction to automata theory, languages, and computation - international edition, 2nd Edition , 2003 .

[126]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[127]  F. Vaandrager,et al.  Linear Parametric Model Checking of Timed Automata , 2001 .

[128]  Marcus Nilsson,et al.  Transitive Closures of Regular Relations for Verifying Infinite-State Systems , 2000, TACAS.

[129]  Thomas A. Henzinger,et al.  Interface Theories for Component-Based Design , 2001, EMSOFT.

[130]  Ron Koymans,et al.  Specifying real-time properties with metric temporal logic , 1990, Real-Time Systems.

[131]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[132]  George S. Avrunin,et al.  Breaking up is hard to do: An evaluation of automated assume-guarantee reasoning , 2008, TSEM.

[133]  Ranjit Jhala,et al.  A Practical and Complete Approach to Predicate Refinement , 2006, TACAS.

[134]  Thomas A. Henzinger,et al.  Timed Interfaces , 2002, EMSOFT.

[135]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[136]  K. Mani Chandy,et al.  Parallel program design - a foundation , 1988 .

[137]  Kim G. Larsen,et al.  Interface Input/Output Automata , 2006, FM.

[138]  Bengt Jonsson,et al.  Learning of event-recording automata , 2010, Theor. Comput. Sci..