A Rewriting Logic Approach to Stochastic and Spatial Constraint System Specification and Verification

This paper addresses the issue of specifying, simulating, and verifying reactive systems in rewriting logic. It presents an executable semantics for probabilistic, timed, and spatial concurrent constraint programming ---here called stochastic and spatial concurrent constraint systems (SSCC)--- in the rewriting logic semantic framework. The approach is based on an enhanced and generalized model of concurrent constraint programming (CCP) where computational hierarchical spaces can be assigned to belong to agents. The executable semantics faithfully represents and operationally captures the highly concurrent nature, uncertain behavior, and spatial and epistemic characteristics of reactive systems with flow of information. In SSCC, timing attributes ---represented by stochastic duration--- can be associated to processes, and exclusive and independent probabilistic choice is also supported. SMT solving technology, available from the Maude system, is used to realize the underlying constraint system of SSCC with quantifier-free formulas over integers and reals. This results in a fully executable real-time symbolic specification that can be used for quantitative analysis in the form of statistical model checking. The main features and capabilities of SSCC are illustrated with examples throughout the paper. This contribution is part of a larger research effort aimed at making available formal analysis techniques and tools, mathematically founded on the CCP approach, to the research community.Comment: arXiv admin note: text overlap with arXiv:1805.0743

A program analysis framework for tccp based on abstract interpretation

[EN] The timed concurrent constraint language (tccp) is a timed extension of the concurrent constraint paradigm. tccp was defined to model reactive systems, where infinite behaviors arise naturally. In previous works, a semantic framework and abstract diagnosis method for the language have been defined. On the basis of that semantic framework, this paper proposes an abstract semantics that, together with a widening operator, is suitable for the definition of different analyses for tccp programs. The abstract semantics is correct and can be represented as a finite graph where each node represents a hypothetical (abstract) computational step of the program. The widening operator allows us to guarantee the convergence of the abstract fixpoint computation.This author has been supported by the Andalusian Excellence Project P11-TIC-7659. This work has been partially supported by the EU (FEDER) and the Spanish MINECO under grants TIN 2015-69175-C4-1-R and TIN 2013-45732-C4-1-P and by Generalitat Valenciana PROMETEOII/2015/013Comini, M.; Gallardo, M.; Titolo, L.; Villanueva, A. (2017). A program analysis framework for tccp based on abstract interpretation. Formal Aspects of Computing. 29(3):531-557. https://doi.org/10.1007/s00165-016-0409-8S531557293Alpuente M, Gallardo MM, Pimentel E, Villanueva A (2006) A semantic framework for the abstract model checking of tccp programs. Theor Comput Scie 346(1): 58–95Bagnara R, Hill PM., Ricci E, Zaffanella E (2005) Precise widening operators for convex polyhedra. Sci Comput Program 58(1–2):28–56Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on principles of programming languages, Los Angeles, California, January 17–19. ACM Press, New York, pp 238–252Clarke EM, Grumberg O, Jha S, Lu Y, Veith H (2000) Counterexample-guided abstraction refinement. In: CAV, Lecture Notes in Computer Science, vol 1855. Springer, pp 154–169Comini M, Gallardo MM, Titolo L, Villanueva A (2015) Abstract Analysis of Universal Properties for tccp. In: Falaschi M (ed) Logic-based Program Synthesis and Transformation, 25th International Symposium, LOPSTR 2015. Revised Selected Papers, Lecture Notes in Computer Science, vol 9527. Springer, pp 163–178Comini M, Titolo L, Villanueva A (2011) Abstract diagnosis for timed concurrent constraint programs. Theory Pract Logic Programm 11(4-5):487–502Comini M, Titolo L, Villanueva A (2013) A condensed goal-independent bottom-up fixpoint modeling the behavior of tccp. Technical report, DSIC, Universitat Politècnica de València. http://riunet.upv.es/handle/10251/34328de Boer FS, Gabbrielli M, Meo MC (2000) A timed concurrent constraint language. Inf Comput 161(1): 45–83Falaschi M, Gabbrielli M, Marriott K, Palamidessi C (1993) Compositional analysis for concurrent constraint programming. In: Proceedings of the eighth annual IEEE symposium on logic in computer science, Los Alamitos, CA, USA, IEEE Computer Society Press, pp 210–221Falaschi M, Olarte C, Palamidessi C (2015) Abstract interpretation of temporal concurrent constraint programs. Theory and Pract Logic Program (TPLP) 15(3): 312–357Falaschi M, Villanueva A (2006) Automatic verification of timed concurrent constraint programs. Theory Pract Logic Program 6(3): 265–300Gallardo MM, Merino P, Pimentel E (2002) Refinement of LTL formulas for abstract model checking. In: Static analysis, 9th international symposium, SAS 2002, Madrid, Spain, September 17–20, 2002, Proceedings, pp 395–410Saraswat VA (1993) Concurrent constraint programming. The MIT Press, CambridgeSaraswat VA, Rinard M, Panangaden P (1991) The semantic foundations of concurrent constraint programming. In: Proceedings of the 18th ACM SIGPLAN-SIGACT symposium on principles of programming languages. ACM, New York, pp 333–352Zaffanella E, Giacobazzi R, Levi G (1997) Abstracting synchronization in concurrent constraint programming. J Funct Logic Program (6

A Graph-Based Semantics Workbench for Concurrent Asynchronous Programs

A number of novel programming languages and libraries have been proposed that offer simpler-to-use models of concurrency than threads. It is challenging, however, to devise execution models that successfully realise their abstractions without forfeiting performance or introducing unintended behaviours. This is exemplified by SCOOP---a concurrent object-oriented message-passing language---which has seen multiple semantics proposed and implemented over its evolution. We propose a "semantics workbench" with fully and semi-automatic tools for SCOOP, that can be used to analyse and compare programs with respect to different execution models. We demonstrate its use in checking the consistency of semantics by applying it to a set of representative programs, and highlighting a deadlock-related discrepancy between the principal execution models of the language. Our workbench is based on a modular and parameterisable graph transformation semantics implemented in the GROOVE tool. We discuss how graph transformations are leveraged to atomically model intricate language abstractions, and how the visual yet algebraic nature of the model can be used to ascertain soundness.Comment: Accepted for publication in the proceedings of FASE 2016 (to appear

Rewriting Logic Semantics of a Plan Execution Language

The Plan Execution Interchange Language (PLEXIL) is a synchronous language developed by NASA to support autonomous spacecraft operations. In this paper, we propose a rewriting logic semantics of PLEXIL in Maude, a high-performance logical engine. The rewriting logic semantics is by itself a formal interpreter of the language and can be used as a semantic benchmark for the implementation of PLEXIL executives. The implementation in Maude has the additional benefit of making available to PLEXIL designers and developers all the formal analysis and verification tools provided by Maude. The formalization of the PLEXIL semantics in rewriting logic poses an interesting challenge due to the synchronous nature of the language and the prioritized rules defining its semantics. To overcome this difficulty, we propose a general procedure for simulating synchronous set relations in rewriting logic that is sound and, for deterministic relations, complete. We also report on two issues at the design level of the original PLEXIL semantics that were identified with the help of the executable specification in Maude

Towards Practical Graph-Based Verification for an Object-Oriented Concurrency Model

To harness the power of multi-core and distributed platforms, and to make the development of concurrent software more accessible to software engineers, different object-oriented concurrency models such as SCOOP have been proposed. Despite the practical importance of analysing SCOOP programs, there are currently no general verification approaches that operate directly on program code without additional annotations. One reason for this is the multitude of partially conflicting semantic formalisations for SCOOP (either in theory or by-implementation). Here, we propose a simple graph transformation system (GTS) based run-time semantics for SCOOP that grasps the most common features of all known semantics of the language. This run-time model is implemented in the state-of-the-art GTS tool GROOVE, which allows us to simulate, analyse, and verify a subset of SCOOP programs with respect to deadlocks and other behavioural properties. Besides proposing the first approach to verify SCOOP programs by automatic translation to GTS, we also highlight our experiences of applying GTS (and especially GROOVE) for specifying semantics in the form of a run-time model, which should be transferable to GTS models for other concurrent languages and libraries.Comment: In Proceedings GaM 2015, arXiv:1504.0244

Handling Data-Based Concurrency in Context-Aware Service Protocols

Dependency analysis is a technique to identify and determine data dependencies between service protocols. Protocols evolving concurrently in the service composition need to impose an order in their execution if there exist data dependencies. In this work, we describe a model to formalise context-aware service protocols. We also present a composition language to handle dynamically the concurrent execution of protocols. This language addresses data dependency issues among several protocols concurrently executed on the same user device, using mechanisms based on data semantic matching. Our approach aims at assisting the user in establishing priorities between these dependencies, avoiding the occurrence of deadlock situations. Nevertheless, this process is error-prone, since it requires human intervention. Therefore, we also propose verification techniques to automatically detect possible inconsistencies specified by the user while building the data dependency set. Our approach is supported by a prototype tool we have implemented.Comment: In Proceedings FOCLASA 2010, arXiv:1007.499