Towards a Compositional SPIN

This paper discusses our initial experience with introducing automated assume-guarantee verification based on learning in the SPIN tool. We believe that compositional verification techniques such as assume-guarantee reasoning could complement the state-reduction techniques that SPIN already supports, thus increasing the size of systems that SPIN can handle. We present a “light-weight” approach to evaluating the benefits of learning-based assume-guarantee reasoning in the context of SPIN: we turn our previous implementation of learning into a main program that externally invokes SPIN to provide the model checking-related answers. Despite its performance overheads (which mandate a future implementation within SPIN itself), this approach provides accurate information about the savings in memory. We have experimented with several versions of learning-based assume guarantee reasoning, including a novel heuristic introduced here for generating component assumptions when their environment is unavailable. We illustrate the benefits of learning-based assume-guarantee reasoning in SPIN through the example of a resource arbiter for a spacecraft.

[1]  Corina S. Pasareanu,et al.  Learning-Based Assume-Guarantee Verification (Tool Paper) , 2005, SPIN.

[2]  Laurent Mounier,et al.  Compositional State Space Generation from Lotos Programs , 1997, TACAS.

[3]  Rajeev Alur,et al.  Symbolic Compositional Verification by Learning Assumptions , 2005, CAV.

[4]  Klaus Havelund,et al.  Model Checking Programs , 2004, Automated Software Engineering.

[5]  Howard Barringer,et al.  Assumption generation for software component verification , 2002, Proceedings 17th IEEE International Conference on Automated Software Engineering,.

[6]  Mieke Massink,et al.  Theoretical and Practical Aspects of SPIN Model Checking , 1999, Lecture Notes in Computer Science.

[7]  Krzysztof R. Apt,et al.  Logics and Models of Concurrent Systems , 1989, NATO ASI Series.

[8]  Alex Groce,et al.  Adaptive Model Checking , 2002, Log. J. IGPL.

[9]  Gerard J. Holzmann,et al.  The SPIN Model Checker - primer and reference manual , 2003 .

[10]  Thomas A. Henzinger,et al.  MOCHA: Modularity in Model Checking , 1998, CAV.

[11]  Gerard J. Holzmann,et al.  Model-Driven Software Verification , 2004, SPIN.

[12]  Andreas Podelski,et al.  ACSAR: Software Model Checking with Transfinite Refinement , 2007, SPIN.

[13]  Amir Pnueli,et al.  On the learnability of infinitary regular sets , 1991, COLT '91.

[14]  Thomas A. Henzinger,et al.  Race checking by context inference , 2004, PLDI '04.

[15]  Hardi Hungar,et al.  Domain-Specific Optimization in Automata Learning , 2003, CAV.

[16]  Edmund M. Clarke,et al.  Compositional model checking , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[17]  Matthew B. Dwyer,et al.  Bandera: extracting finite-state models from Java source code , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[18]  Sagar Chaki,et al.  Automated Assume-Guarantee Reasoning for Simulation Conformance , 2005, CAV.

[19]  Corina S. Pasareanu,et al.  Assume-guarantee verification of source code with design-level assumptions , 2004, Proceedings. 26th International Conference on Software Engineering.

[20]  Shing-Chi Cheung,et al.  Context constraints for compositional reachability analysis , 1996, TSEM.

[21]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[22]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[23]  Stephen N. Freund,et al.  Thread-Modular Verification for Shared-Memory Programs , 2002, ESOP.

[24]  Amir Pnueli,et al.  In Transition From Global to Modular Temporal Reasoning about Programs , 1989, Logics and Models of Concurrent Systems.

[25]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[26]  Thomas W. Reps,et al.  Abstraction Refinement via Inductive Learning , 2005, CAV.

[27]  Corina S. Pasareanu,et al.  Learning Assumptions for Compositional Verification , 2003, TACAS.

[28]  Orna Grumberg,et al.  Model checking and modular verification , 1991, TOPL.

[29]  A. Pnueli,et al.  On the learnability of infinitary regular sets , 1991, COLT 1991.

[30]  William F. Gilreath,et al.  Concurrency State Models and Java Programs , 2000, Parallel Distributed Comput. Pract..

[31]  Pavol Cerný,et al.  Synthesis of interface specifications for Java classes , 2005, POPL '05.

[32]  Michael Huth,et al.  Assume-Guarantee Model Checking of Software: A Comparative Case Study , 1999, SPIN.

[33]  Cliff B. Jones,et al.  Specification and Design of (Parallel) Programs , 1983, IFIP Congress.

[34]  Mahesh Viswanathan,et al.  Using Language Inference to Verify Omega-Regular Properties , 2005, TACAS.

[35]  Jeff Magee,et al.  Concurrency - state models and Java programs , 2006 .

[36]  Howard Barringer,et al.  Proof Rules for Automated Compositional Verification through Learning , 2003 .