Counterexample-Guided Inductive Repair of Reactive Contracts

Soha Hussein, Sanjai Rayadurgam, Stephen McCamant, Vaibhav Sharma, M. Heimdahl
{"title":"Counterexample-Guided Inductive Repair of Reactive Contracts","authors":"Soha Hussein, Sanjai Rayadurgam, Stephen McCamant, Vaibhav Sharma, M. Heimdahl","doi":"10.1145/3524482.3527650","DOIUrl":null,"url":null,"abstract":"Executable implementations are ultimately the only dependable representations of a software component’s behavior. Incorporating such a component in a rigorous model-based development of reactive systems poses challenges since a formal contract over its behaviors will have to be crafted for system verification. Simply hypothesizing a contract based on informal descriptions of the component is problematic: if it is too weak, we may fail in verifying valid system-level contracts; if it is too strong or simply erroneous, the system may fail in operation. Thus, establishing a valid and strong enough contract is crucially important.In this paper, we propose to repair the invalid hypothesized contract by replacing one or more of its sub-expressions with newly composed expressions, such that the new contract holds over the implementation. To this effect, we present a novel, sound, semantically minimal, and under reasonable assumptions terminating, and complete counterexample-guided general-purpose algorithm for repairing contracts. We implemented and evaluated our technique on more than 4,000 mutants with various complexities generated from 29 valid contracts for 4 non-trivial Java reactive components. Results show a successful repair rate of 81.51%, with 20.72% of the repairs matching the manually written contracts and 60.79% of the repairs describing non-trivial valid contracts.","PeriodicalId":119264,"journal":{"name":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE/ACM 10th International Conference on Formal Methods in Software Engineering (FormaliSE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3524482.3527650","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1

Abstract

Executable implementations are ultimately the only dependable representations of a software component’s behavior. Incorporating such a component in a rigorous model-based development of reactive systems poses challenges since a formal contract over its behaviors will have to be crafted for system verification. Simply hypothesizing a contract based on informal descriptions of the component is problematic: if it is too weak, we may fail in verifying valid system-level contracts; if it is too strong or simply erroneous, the system may fail in operation. Thus, establishing a valid and strong enough contract is crucially important.In this paper, we propose to repair the invalid hypothesized contract by replacing one or more of its sub-expressions with newly composed expressions, such that the new contract holds over the implementation. To this effect, we present a novel, sound, semantically minimal, and under reasonable assumptions terminating, and complete counterexample-guided general-purpose algorithm for repairing contracts. We implemented and evaluated our technique on more than 4,000 mutants with various complexities generated from 29 valid contracts for 4 non-trivial Java reactive components. Results show a successful repair rate of 81.51%, with 20.72% of the repairs matching the manually written contracts and 60.79% of the repairs describing non-trivial valid contracts.
反例引导的感应修复无功契约
可执行实现最终是软件组件行为的唯一可靠表示。将这样的组件合并到严格的基于模型的反应性系统开发中会带来挑战,因为必须为系统验证精心制定关于其行为的正式契约。简单地基于对组件的非正式描述假设一个契约是有问题的:如果它太弱,我们可能无法验证有效的系统级契约;如果它太强或错误,系统可能会在运行中失败。因此,建立一个有效且足够强大的合同是至关重要的。在本文中,我们建议通过用新组成的表达式替换其一个或多个子表达式来修复无效的假设合同,从而使新合同保持执行。为此,我们提出了一种新颖的、健全的、语义最小的、在合理假设下终止的、完整的反例指导的修复契约的通用算法。我们在超过4000个变体上实现并评估了我们的技术,这些变体的复杂性是由4个重要的Java反应性组件的29个有效契约生成的。结果表明,修复成功率为81.51%,其中20.72%的修复与手工书写的合同相匹配,60.79%的修复描述了非琐碎的有效合同。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信