A Formal Object-Oriented Analysis for Software Reliability: Design for Verification

This paper presents the OOA design step in a methodology which integrates automata-based model checking into a commercially supported OO software development process.We define and illustrate a set of design rules for OOA models with executable semantics, which lead to automata models with tractable state spaces. The design rules yield OOA models with functionally structured designs similar to those of hardware systems. These structures support model-checking through techniques known to be feasible for hardware. The formal OOA methodology, including the design rules, was applied to the design of NASA robot control software. Serious logical design errors that had eluded prior testing, were discovered in the course of model-checking.

[1]  Johan Lilius,et al.  vUML: a tool for verifying UML models , 1999, 14th IEEE International Conference on Automated Software Engineering.

[2]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[3]  Gerard J. Holzmann,et al.  Automating software feature verification , 2000, Bell Labs Technical Journal.

[4]  Grady Booch,et al.  Object-oriented analysis and design with applications (2nd ed.) , 1993 .

[5]  David Notkin,et al.  Model checking large software specifications , 1996, SIGSOFT '96.

[6]  Dragan Bosnacki,et al.  Model Checking SDL with Spin , 2000, TACAS.

[7]  Tim Moors,et al.  Protocol organs: modularity should reflect function, not timing , 1998, 1998 IEEE Open Architectures and Network Programming.

[8]  Doron A. Peled,et al.  A Combined Testing and Verification Approach for Software Reliability , 2001, FME.

[9]  MSc PhD Kevin Lano BSc Formal Object-Oriented Development , 1995, Formal Approaches to Computing and Information Technology FACIT.

[10]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[11]  Diego Latella,et al.  An automatic SPIN validation of a safety critical railway control system , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.

[12]  Anna Philippou,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2018, Lecture Notes in Computer Science.

[13]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[14]  Heinrich Hußmann,et al.  Formal Foundations for Pragmatic Software Engineering Methods , 1994, GI Jahrestagung.

[15]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .

[16]  Kenneth L. McMillan,et al.  Symbolic model checking , 1992 .

[17]  Barbara Liskov,et al.  Data Abstraction and Hierarchy , 1987 .

[18]  Gerard J. Holzmann,et al.  A practical method for verifying event-driven software , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[19]  Grady Booch,et al.  Object-Oriented Analysis and Design with Applications , 1990 .

[20]  Stephen J. Mellor,et al.  Object lifecycles: modeling the world in states , 1992 .

[21]  Kim G. Larsen,et al.  Verification of Large State/Event Systems Using Compositionality and Dependency Analysis , 1998, Formal Methods Syst. Des..

[22]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[23]  Doron A. Peled,et al.  Path Exploration Tool , 1999, TACAS.

[24]  Joseph Sifakis,et al.  IF: An intermediate representation for SDL and its applications , 1999, SDL Forum.

[25]  H. B. M. Jonkers,et al.  An Introduction to COLD-K , 1987, Algebraic Methods.

[26]  James C. Corbett,et al.  Bandera: extracting finite-state models from Java source code , 2000, ICSE.

[27]  Ivar Jacobson,et al.  The unified modeling language reference manual , 2010 .

[28]  Fei Xie,et al.  Integrating Model Checking into Object-oriented Software Development Processes , 2000 .

[29]  Delbert Tesar,et al.  A reusable operational software architecture for advanced robotics , 1996 .

[30]  Alexander Knapp,et al.  A formal approach to object-oriented software engineering , 2001, Softwaretechnik-Trends.

[31]  Klaus Havelund,et al.  Model checking JAVA programs using JAVA PathFinder , 2000, International Journal on Software Tools for Technology Transfer.