Verification of liveness properties using compositional reachability analysis

ESEC '97/FSE-5 Pub Date : 1997-11-01 DOI:10.1145/267895.267913

S. Cheung, D. Giannakopoulou, J. Kramer

{"title":"Verification of liveness properties using compositional reachability analysis","authors":"S. Cheung, D. Giannakopoulou, J. Kramer","doi":"10.1145/267895.267913","DOIUrl":null,"url":null,"abstract":"The software architecture of a distributed program can be represented by a hierarchical composition of subsystems, with interacting processes at the leaves of the hierarchy. Compositional reachability analysis (CRA) is a promising state reduction technique which can be automated and used to derive in stages the overall behaviour of a distributed program based on its architecture. Conventional CRA however has a limitation. The properties available for analysis after composition and reduction are constrained by the set of actions that remain globally observable. The liveness properties which involve internal actions of subsystems may therefore not be analysed. In this paper, we extend compositional reachability analysis to check liveness properties which may involve actions that are not globally observable. In particular, our approach permits the hiding of actions independently of the liveness properties that are to be verified in the final graph. In addition, it supports the simultaneous checking of multiple properties (both liveness and safety), and identifies those properties that are violated. The effectiveness of the extended technique is illustrated using a case study of a Reliable Multicast Transport Protocol (RMTP) with over 96,000 states and 660,000 transitions.","PeriodicalId":297962,"journal":{"name":"ESEC '97/FSE-5","volume":"43 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"54","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ESEC '97/FSE-5","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/267895.267913","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 54

Abstract

The software architecture of a distributed program can be represented by a hierarchical composition of subsystems, with interacting processes at the leaves of the hierarchy. Compositional reachability analysis (CRA) is a promising state reduction technique which can be automated and used to derive in stages the overall behaviour of a distributed program based on its architecture. Conventional CRA however has a limitation. The properties available for analysis after composition and reduction are constrained by the set of actions that remain globally observable. The liveness properties which involve internal actions of subsystems may therefore not be analysed. In this paper, we extend compositional reachability analysis to check liveness properties which may involve actions that are not globally observable. In particular, our approach permits the hiding of actions independently of the liveness properties that are to be verified in the final graph. In addition, it supports the simultaneous checking of multiple properties (both liveness and safety), and identifies those properties that are violated. The effectiveness of the extended technique is illustrated using a case study of a Reliable Multicast Transport Protocol (RMTP) with over 96,000 states and 660,000 transitions.

查看原文本刊更多论文

使用成分可达性分析验证活性属性

分布式程序的软件体系结构可以用子系统的层次组合来表示，在层次结构的叶子处有交互过程。组合可达性分析(CRA)是一种很有前途的状态还原技术，它可以自动化并用于根据分布式程序的体系结构分阶段导出其整体行为。然而，传统的CRA有其局限性。合成和还原后可用于分析的属性受到全局可观察到的一组动作的限制。因此，涉及子系统内部活动的活动特性可能不被分析。在本文中，我们扩展了组合可达性分析，以检查可能涉及非全局可观察的动作的活动属性。特别是，我们的方法允许隐藏独立于要在最终图中验证的活动属性的动作。此外，它支持同时检查多个属性(活动性和安全性)，并识别那些被违反的属性。通过一个具有超过96,000个状态和660,000个转换的可靠组播传输协议(RMTP)的案例研究说明了扩展技术的有效性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ESEC '97/FSE-5

自引率

0.00%

发文量