Library-based scalable refinement checking for contract-based design

Given a global specification contract and a system described by a composition of contracts, system verification reduces to checking that the composite contract refines the specification contract, i.e. that any implementation of the composite contract implements the specification contract and is able to operate in any environment admitted by it. Contracts are captured using high-level declarative languages, for example, linear temporal logic (LTL). In this case, refinement checking reduces to an LTL satisfiability checking problem, which can be very expensive to solve for large composite contracts. This paper proposes a scalable refinement checking approach that relies on a library of contracts and local refinement assertions. We propose an algorithm that, given such a library, breaks down the refinement checking problem into multiple successive refinement checks, each of smaller scale. We illustrate the benefits of the approach on an industrial case study of an aircraft electric power system, with up to two orders of magnitude improvement in terms of execution time. © 2014 EDAA

Assume, Guarantee or Repair

We present Assume-Guarantee-Repair (AGR) – a novel framework which not only verifies that a program satisfies a set of properties, but also repairs the program in case the verification fails. We consider communicating programs – these are simple C-like programs, extended with synchronous communication actions over communication channels. Our method, which consists of a learning-based approach to assume-guarantee reasoning, performs verification and repair simultaneously. In every iteration, AGR either makes another step towards proving that the (current) system satisfies the specification, or alters the system in a way that brings it closer to satisfying the specification. We manage handling infinite-state systems by using a finite abstract representation, and reduce the semantic problems in hand – satisfying complex specifications that also contain first-order constraints – to syntactic ones, namely membership and equivalence queries for regular languages. We implemented our algorithm and evaluated it on various examples. Our experiments present compact proofs of correctness and quick repairs

Modular Coordination of Multiple Autonomic Managers

International audienceComplex computing systems are increasingly self-adaptive, with an autonomic computing approach for their administration. Real systems require the co-existence of multiple autonomic management loops, each complex to design. However their uncoordinated co-existence leads to performance degradation and possibly to inconsistency. There is a need for methodological supports facilitating the coordination of multiple autonomic managers. In this paper we propose a method focusing on the discrete control of the interactions of managers. We follow a component-based approach and explore modular discrete control, allowing to break down the combinatorial complexity inherent to the state-space exploration technique. This improves scalability of the approach and allows constructing a hierarchical control. It also allows re-using complex managers in different contexts without modifying their control specifications. We build a component-based coordination of managers, with introspection, adaptivity and reconfiguration. We validate our method on a multiple-loop multi-tier system

Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021

The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

Model checking and compositional reasoning for multi-agent systems

Multi-agent systems are distributed systems containing interacting autonomous agents designed to achieve shared and private goals. For safety-critical systems where we wish to replace a human role with an autonomous entity, we need to make assurances about the correctness of the autonomous delegate. Specialised techniques have been proposed recently for the verification of agents against mentalistic logics. Problematically, these approaches treat the system in a monolithic way. When verifying a property against a single agent, the approaches examine all behaviours of every component in the system. This is both inefficient and can lead to intractability: the so-called state-space explosion problem. In this thesis, we consider techniques to support the verification of agents in isolation. We avoid the state-space explosion problem by verifying an individual agent in the context of a specification of the rest of the system, rather than the system itself. We show that it is possible to verify an agent against its desired properties without needing to consider the behaviours of the remaining components. We first introduce a novel approach for verifying a system as a whole against specifications expressed in a logic of time and knowledge. The technique, based on automata over trees, supports an efficient procedure to verify systems in an automata-theoretic way using language containment. We show how the automata-theoretic approach can be used as an underpinning for assume-guarantee reasoning for multi-agent systems. We use a temporal logic of actions to specify the expected behaviour of the other components in the system. When performing modular verification, this specification is used to exclude behaviours that are inconsistent with the concrete system. We implement both approaches within the open-source model checker MCMAS and show that, for the relevant properties, the assume-guarantee approach can significantly increase the tractability of individual agent verification.Open Acces