An automatic abstraction technique for verifying featured, parameterised systems

A general technique combining model checking and abstraction is presented that allows property based analysis systems consisting of an <i>arbitrary</i> number of featured components. We show how parameterised systems can be specified in a <i>guarded command</i> form with constraints placed on the variables which occur in guards. We prove that the results that hold for a small number of components can be shown to scale up. We then show how featured systems can be specified in a similar way, by relaxing the constraints on the guards. The main result is a generalisation theorem for featured systems which we apply to two well known examples

An automatic abstraction technique for verifying featured, parameterised systems

A general technique combining model checking and abstraction is presented that allows property based analysis of systems consisting of an arbitrary number of featured components. We show how parameterised systems can be specified in a guarded command form with constraints placed on variables which occur in guards. We prove that results that hold for a small number of components can be shown to scale up. We then show how featured systems can be specified in a similar way, by relaxing constraints on guards. The main result is a generalisation theorem for featured systems which we apply to two well known examples

A template-based approach for the generation of abstractable and reducible models of featured networks

We investigate the relationship between symmetry reduction and inductive reasoning when applied to model checking networks of featured components. Popular reduction techniques for combatting state space explosion in model checking, like abstraction and symmetry reduction, can only be applied effectively when the natural symmetry of a system is not destroyed during specification. We introduce a property which ensures this is preserved, open symmetry. We describe a template-based approach for the construction of open symmetric Promela specifications of featured systems. For certain systems (safely featured parameterised systems) our generated specifications are suitable for conversion to abstract specifications representing any size of network. This enables feature interaction analysis to be carried out, via model checking and induction, for systems of any number of featured components. In addition, we show how, for any balanced network of components, by using a graphical representation of the features and the process communication structure, a group of permutations of the underlying state space of the generated specification can be determined easily. Due to the open symmetry of our Promela specifications, this group of permutations can be used directly for symmetry reduced model checking. The main contributions of this paper are an automatic method for developing open symmetric specifications which can be used for generic feature interaction analysis, and the novel application of symmetry detection and reduction in the context of model checking featured networks. We apply our techniques to a well known example of a featured network – an email system

Model checking learning agent systems using Promela with embedded C code and abstraction

As autonomous systems become more prevalent, methods for their verification will become more widely used. Model checking is a formal verification technique that can help ensure the safety of autonomous systems, but in most cases it cannot be applied by novices, or in its straight \off-the-shelf" form. In order to be more widely applicable it is crucial that more sophisticated techniques are used, and are presented in a way that is reproducible by engineers and verifiers alike. In this paper we demonstrate in detail two techniques that are used to increase the power of model checking using the model checker SPIN. The first of these is the use of embedded C code within Promela specifications, in order to accurately re ect robot movement. The second is to use abstraction together with a simulation relation to allow us to verify multiple environments simultaneously. We apply these techniques to a fairly simple system in which a robot moves about a fixed circular environment and learns to avoid obstacles. The learning algorithm is inspired by the way that insects learn to avoid obstacles in response to pain signals received from their antennae. Crucially, we prove that our abstraction is sound for our example system { a step that is often omitted but is vital if formal verification is to be widely accepted as a useful and meaningful approach