Finding Faults Quickly in Formal Models using Random Search

As software grows more complex, automatic verification tools become increasingly important. Unfortunately many systems are large enough that complete verification requires a lot of time and memory, if it is possible at all. In our preliminary studies, random search, although not a complete technique, was able to find most faults significantly faster and with less memory than would be required for full verification. Here we present an experiment in which random search was used to find faults in fault-seeded models of a large commercial flight guidance system. To assess the performance of random search we compared it to a full verification done by the model checker NuSMV. The random search results were surprisingly complete, finding nearly 90% of the faults reported by NuSMV—and these results were generated faster and using less memory. We suggest that random search be used in conjunction with verification tools, perhaps as a fast debugging tool during model development, or even as an alternative model checking strategy on models for which the time and memory requirements would make full verification impossible.

[1]  Stephan Merz,et al.  Model Checking , 2000 .

[2]  Hector J. Levesque,et al.  A New Method for Solving Hard Satisfiability Problems , 1992, AAAI.

[3]  Mats Per Erik Heimdahl,et al.  Specification-based prototyping for embedded systems , 1999, ESEC/FSE-7.

[4]  Edmund M. Clarke,et al.  Compositional model checking , 1989, [1989] Proceedings. Fourth Annual Symposium on Logic in Computer Science.

[5]  Armin Biere,et al.  Symbolic Model Checking without BDDs , 1999, TACAS.

[6]  Stefan Leue,et al.  Protocol verification with heuristic search , 2001 .

[7]  Fausto Giunchiglia,et al.  NUSMV: a new symbolic model checker , 2000, International Journal on Software Tools for Technology Transfer.

[8]  Edmund M. Clarke,et al.  Verification Tools for Finite-State Concurrent Systems , 1993, REX School/Symposium.

[9]  Constance L. Heitmeyer,et al.  Automated consistency checking of requirements specifications , 1996, TSEM.

[10]  Bojan Cukic,et al.  Saturation effects in testing of formal models , 2002, 13th International Symposium on Software Reliability Engineering, 2002. Proceedings..

[11]  Peter C. Cheeseman,et al.  Where the Really Hard Problems Are , 1991, IJCAI.

[12]  Bojan Cukic,et al.  An alternative to model checking: verification by random search of AND-OR graphs representing finite-state models , 2002, 7th IEEE International Symposium on High Assurance Systems Engineering, 2002. Proceedings..

[13]  Michael W. Whalen,et al.  A formal semantics for RSML- e , 2000 .

[14]  Myla Archer,et al.  Using Abstraction and Model Checking to Detect Safety Violations in Requirements Specifications , 1998, IEEE Trans. Software Eng..

[15]  Bart Selman,et al.  Pushing the Envelope: Planning, Propositional Logic and Stochastic Search , 1996, AAAI/IAAI, Vol. 2.

[16]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[17]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[18]  Tim Menzies,et al.  When can we test less? , 2003, Proceedings. 5th International Workshop on Enterprise Networking and Computing in Healthcare Industry (IEEE Cat. No.03EX717).

[19]  Matthew B. Dwyer,et al.  Bandera: extracting finite-state models from Java source code , 2000, Proceedings of the 2000 International Conference on Software Engineering. ICSE 2000 the New Millennium.

[20]  Axel van Lamsweerde,et al.  Inferring Declarative Requirements Specifications from Operational Scenarios , 1998, IEEE Trans. Software Eng..

[21]  Somesh Jha,et al.  Exploiting Symmetry In Temporal Logic Model Checking , 1993, CAV.

[22]  Tim Menzies,et al.  On the advantages of approximate vs. complete verification: bigger models, faster, less memory, usually accurate , 2003, 28th Annual NASA Goddard Software Engineering Workshop, 2003. Proceedings..

[23]  Nancy G. Leveson,et al.  Requirements Specification for Process-Control Systems , 1994, IEEE Trans. Software Eng..

[24]  Mats Per Erik Heimdahl,et al.  Model checking RSML/sup -e/ requirements , 2002, 7th IEEE International Symposium on High Assurance Systems Engineering, 2002. Proceedings..

[25]  Gerard J. Holzmann,et al.  Automated Protocol Validation in Argos: Assertion Proving and Scatter Searching , 1987, IEEE Transactions on Software Engineering.