Presentation is loading. Please wait.

Presentation is loading. Please wait.

Re-Thinking Product Line Verification as a Constraints Problem Kathi Fisler (WPI) Shriram Krishnamurthi (Brown) Brown undergraduate collaborators: Harry.

Published byCody Hudson Modified over 9 years ago

Similar presentations

Presentation on theme: "Re-Thinking Product Line Verification as a Constraints Problem Kathi Fisler (WPI) Shriram Krishnamurthi (Brown) Brown undergraduate collaborators: Harry."— Presentation transcript:

1 Re-Thinking Product Line Verification as a Constraints Problem Kathi Fisler (WPI) Shriram Krishnamurthi (Brown) Brown undergraduate collaborators: Harry Li (PhD UT Austin  Facebook) Colin Blundell (PhD student UPenn  IBM Research) Michael Greenberg (PhD student UPenn) Thanks to Don Batory, Bob Hall, Gregor Kiczales

2 TOSEM06: Foundations of Incremental Aspect Model-Checking. Shriram Krishnamurthi and Kathi Fisler. FSE04: Verifying Aspect Advice Modularly. Shriram Krishnamurthi, Kathi Fisler, and Michael Greenberg. ASE04: Parameterized Interfaces for Open System Verification of Product Lines. Colin Blundell, Kathi Fisler, Shriram Krishnamurthi, and Pascal Van Hentenryck. JournASE03: Modular Verification of Open Features Through Three-Valued Model Checking. Harry Li, Shriram Krishnamurthi and Kathi Fisler. FSE02: Verifying Cross-Cutting Features as Open Systems. Harry Li, Shriram Krishnamurthi and Kathi Fisler ASE02: Interfaces for Modular Feature Verification. Harry Li, Shriram Krishnamurthi and Kathi Fisler. SPIN02: The Influence of Software Module Systems on Modular Verification. Harry Li, Kathi Fisler, and Shriram Krishnamurthi FSE01: Modular Verification of Collaboration-Based Software Designs. Kathi Fisler and Shriram Krishnamurthi. Aspects Interfaces Features extend multiple parties Data

3 Composition: Insert transitions into/out of the feature Model of Features Program Feature Interfaces: [Structural] where to connect; [Behavioral] assumption formula at exit, guarantee formula at entry guarantee assumption

4 Verification Assumptions Interested in functional verification – “if a message is decrypted, then it is not mailed until it is delivered or re-encrypted” OPEN: Not all features/order known up front Composition may add data variables, add control paths, route around control paths Scalability through modular verification

5 decrypt encrypt forward clear text message “Reject” If a message is decrypted, then it is not mailed until it is delivered or re-encrypted

6 Let’s try Model Checking MC: system x property  true or counter-eg

7 forward-incoming forward don’t forward maildeliver [interface state] AG (decrypted → A[ (encrypted V deliver) R ¬mail ]) FORWARD Property: If a message is decrypted, then it is not mailed until it is delivered or re-encrypted Model checking succeeds

8 forward-incoming forward don’t forward maildeliver [interface state] AG (decrypted → A[ (encrypted V deliver) R ¬mail ]) FORWARD Property: If a message is decrypted, then it is not mailed until it is delivered or re-encrypted Model checking succeeds should fail!

9 Problems with Classical Model Checking Closed system assumption – might succeed trivially, b/c data not visible – might fail inaccurately, b/c future path not known – assumes fixed definition of terms (Jo’s talk) Data values ascribed by states, not flows Binary result doesn’t distinguish between false and don’t know suggests 3-valued verification

10 A Better Solution We decompose verification: – Per module – Per product  constraint generation  constraint solving Shift in perspective: per module, from verification to constraint generation In latest work, constraints are parameterized CTL formulas detect feature interactions

11 Lessons Learned Modular feature verification must handle cross- modular data flows Some classes of feature-interaction errors can be detected modularly and algorithmically Generate property-specific, parameterized interfaces per module “verification” isn’t the right goal

Download ppt "Re-Thinking Product Line Verification as a Constraints Problem Kathi Fisler (WPI) Shriram Krishnamurthi (Brown) Brown undergraduate collaborators: Harry."

Similar presentations

Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.

Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.
This research is funded in part the U. S. National Science Foundation grant CCR-0113181. DEET for Component-Based Software Murali Sitaraman, Durga P. Gandi.

This research is funded in part the U. S. National Science Foundation grant CCR DEET for Component-Based Software Murali Sitaraman, Durga P. Gandi.
A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.

A Program Transformation For Faster Goal-Directed Search Akash Lal, Shaz Qadeer Microsoft Research.
An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.

An Introduction to the Model Verifier verds Wenhui Zhang September 15 th, 2010.
Data-Flow Analysis Framework Domain – What kind of solution is the analysis looking for? Ex. Variables have not yet been defined – Algorithm assigns a.

Data-Flow Analysis Framework Domain – What kind of solution is the analysis looking for? Ex. Variables have not yet been defined – Algorithm assigns a.
Temporal-Logic Constraints in Feature-Oriented Verification Kathi Fisler (WPI) joint work with Shriram Krishnamurthi (Brown) Colin Blundell (Brown; now.

Temporal-Logic Constraints in Feature-Oriented Verification Kathi Fisler (WPI) joint work with Shriram Krishnamurthi (Brown) Colin Blundell (Brown; now.
Ch. 7 Process Synchronization (1/2) 2015-04-17. 7.I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.

Ch. 7 Process Synchronization (1/2) I Background F Producer - Consumer process :  Compiler, Assembler, Loader, · · · · · · F Bounded buffer.
ComS 512 Project John Altidor Michelle Ruse Jonathan Schroeder.

ComS 512 Project John Altidor Michelle Ruse Jonathan Schroeder.
1 Verifying Aspect Advice Modularly By:Shiram Krishnamurthi Kathi Fisler Michael Greenberg Presented by:Iddit Shalem.

1 Verifying Aspect Advice Modularly By:Shiram Krishnamurthi Kathi Fisler Michael Greenberg Presented by:Iddit Shalem.
Margrave: XACML Verification and Change-Impact Analysis Kathi Fisler, WPI Shriram Krishnamurthi, Brown Leo Meyerovich, Brown Michael Carl Tschantz, Brown.

Margrave: XACML Verification and Change-Impact Analysis Kathi Fisler, WPI Shriram Krishnamurthi, Brown Leo Meyerovich, Brown Michael Carl Tschantz, Brown.
Putting the User in Usable Verification Kathi Fisler, WPI Joint work with Shriram Krishnamurthi.

Putting the User in Usable Verification Kathi Fisler, WPI Joint work with Shriram Krishnamurthi.
Rigorous Software Development CSCI-GA 3033-011 Instructor: Thomas Wies Spring 2012 Lecture 13.

Rigorous Software Development CSCI-GA Instructor: Thomas Wies Spring 2012 Lecture 13.
Aspect-Oriented Software Development (AOSD) Tutorial #10 Interference among Aspects.

Aspect-Oriented Software Development (AOSD) Tutorial #10 Interference among Aspects.
Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking.

Digitaalsüsteemide verifitseerimise kursus1 Formal verification: Property checking Property checking.
(Quickly) Testing the Tester via Path Coverage Alex Groce Oregon State University (formerly NASA/JPL Laboratory for Reliable Software)

(Quickly) Testing the Tester via Path Coverage Alex Groce Oregon State University (formerly NASA/JPL Laboratory for Reliable Software)
Proof Points Key ideas when proving mathematical ideas.

Proof Points Key ideas when proving mathematical ideas.
Aspect-Oriented Software Development (AOSD) Tutorial #10 Interference among Aspects.

Aspect-Oriented Software Development (AOSD) Tutorial #10 Interference among Aspects.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CHAPTER 10 Recursion. 2 Recursive Thinking Recursion is a programming technique in which a method can call itself to solve a problem A recursive definition.

CHAPTER 10 Recursion. 2 Recursive Thinking Recursion is a programming technique in which a method can call itself to solve a problem A recursive definition.
Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.

Flavio Lerda 1 LTL Model Checking Flavio Lerda. 2 LTL Model Checking LTL –Subset of CTL* of the form: A f where f is a path formula LTL model checking.

Similar presentations

Ads by Google