Test generation from P systems using model checking

This paper presents some testing approaches based on model checking and using different testing criteria. First, test sets are built from different Kripke structure representations. Second, various rule coverage criteria for transitional, non-deterministic, cell-like P systems, are considered in order to generate adequate test sets. Rule based coverage criteria (simple rule coverage, context-dependent rule coverage and variants) are defined and, for each criterion, a set of LTL (Linear Temporal Logic) formulas is provided. A codification of a P system as a Kripke structure and the sets of LTL properties are used in test generation: for each criterion, test cases are obtained from the counterexamples of the associated LTL formulas, which are automatically generated from the Kripke structure codification of the P system. The method is illustrated with an implementation using a specific model checker, NuSMV. (C) 2010 Elsevier Inc. All rights reserved

State space c-reductions for concurrent systems in rewriting logic

We present c-reductions, a state space reduction technique. The rough idea is to exploit some equivalence relation on states (possibly capturing system regularities) that preserves behavioral properties, and explore the induced quotient system. This is done by means of a canonizer function, which maps each state into a (non necessarily unique) canonical representative of its equivalence class. The approach exploits the expressiveness of rewriting logic and its realization in Maude to enjoy several advantages over similar approaches: exibility and simplicity in the definition of the reductions (supporting not only traditional symmetry reductions, but also name reuse and name abstraction); reasoning support for checking and proving correctness of the reductions; and automatization of the reduction infrastructure via Maude's meta-programming features. The approach has been validated over a set of representative case studies, exhibiting comparable results with respect to other tools

A rewriting logic approach to the formal specification and verification of web applications

[EN] This paper develops a Rewriting Logic framework for the automatic specification and verification of Web applications that considers the critical aspects of concurrent Web interactions, browser navigation features (e.g., forward/back-ward navigation, page refresh, and new window/tab opening), and Web script evaluation. By encompassing the main features of the most popular Web scripting languages (e.g., PHP, ASP, and Java Servlets), our scripting language is powerful enough to model the dynamics of complex Web applications, where the interactions among Web servers and Web browsers are formalized through a landmark communicating protocol that abstracts HTTP. We provide a detailed characterization of browser actions via rewrite rules and show how our models can be naturally model-checked by using the Linear Temporal Logic of Rewriting (LTLR), which is a Linear Temporal Logic that is specifically designed for model-checking rewrite theories. The framework has been completely implemented in Maude, and we report on some successful experiments that we conducted using the Maude LTLR model-checker.This work has been partially supported by the EU (FEDER) and the Spanish MEC project ref. TIN2010-21062-C02-02, and by Generalitat Valenciana ref. PROMETE02011/052. This work was carried out during the tenure by Demis Ballis of an ERCIM "Alain Bensoussan" Postdoctoral Fellowship. The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement no 246016. Daniel Romero was partially supported by FPI-MEC grant BES-2008-004860.Alpuente Frasnedo, M.; Ballis, D.; Romero, DO. (2014). A rewriting logic approach to the formal specification and verification of web applications. Science of Computer Programming. 81:79-107. https://doi.org/10.1016/j.scico.2013.07.014S791078

"More Deterministic" vs. "Smaller" Buechi Automata for Efficient LTL Model Checking

The standard technique for LTL model checking (M\models\neg\vi) consists on translating the negation of the LTL specification, \vi, into a B\"uchi automaton A_\vi, and then on checking if the product M \times A_\vi has an empty language. The efforts to maximize the efficiency of this process have so far concentrated on developing translation algorithms producing B\"uchi automata which are ``{\em as small as possible}'', under the implicit conjecture that this fact should make the final product smaller. In this paper we build on a different conjecture and present an alternative approach in which we generate instead B\"uchi automata which are ``{\em as deterministic as possible}'', in the sense that we try to reduce as much as we are able to the presence of non-deterministic decision states in A_\vi. We motivate our choice and present some empirical tests to support this approach

Verificación de aplicaciones web dinámicas con Web-TLR

Web-TLR is a software tool designed for model-checking Web applications that is based on rewriting logic. Web applications are expressed as rewrite theories that can be formally verified by using the Maude built-in LTLR model-checker. Whenever a property is refuted, it produces a counterexample trace that underlies the failing model checking computation. However, the analysis (or even the simple inspection) of large counterexamples may prove to be unfeasible due to the size and complexity of the traces under examination. This work aims to improve the understandability of the counterexamples generated by Web-TLR by developing an integrated framework for debugging Web applications that integrates a trace-slicing technique for rewriting logic theories that is particularly tailored to Web-TLR. The verification environment is also provided with a user-friendly, graphical Web interface that shields the user from unnecessary information. Trace slicing is a widely used technique for execution trace analysis that is effectively used in program debugging, analysis and comprehension. Our trace slicing technique allows us to systematically trace back rewrite sequences modulo equational axioms (such as associativity and commutativity) by means of an algorithm that dynamically simpli es the traces by detecting control and data dependencies, and dropping useless data that do not infuence the final result. Our methodology is particularly suitable for analyzing complex, textually-large system computations such as those delivered as counter-example traces by Maude model-checkers. The slicing facility implemented in Web-TLR allows the user to select the pieces of information that she is interested into by means of a suitable pattern-matching language supported by wildcards. The selected information is then traced back through inverse rewrite sequences. The slicing process drastically simpli es the computation trace by dropping useless data that do not influence the nal result. By using this facility, the Web engineer can focus on the relevant fragments of the failing application, which greatly reduces the manual debugging e ort and also decreases the number of iterative verfications.Espert Real, J. (2011). Verificación de aplicaciones web dinámicas con Web-TLR. http://hdl.handle.net/10251/11219.Archivo delegad

Towards Practical Graph-Based Verification for an Object-Oriented Concurrency Model

To harness the power of multi-core and distributed platforms, and to make the development of concurrent software more accessible to software engineers, different object-oriented concurrency models such as SCOOP have been proposed. Despite the practical importance of analysing SCOOP programs, there are currently no general verification approaches that operate directly on program code without additional annotations. One reason for this is the multitude of partially conflicting semantic formalisations for SCOOP (either in theory or by-implementation). Here, we propose a simple graph transformation system (GTS) based run-time semantics for SCOOP that grasps the most common features of all known semantics of the language. This run-time model is implemented in the state-of-the-art GTS tool GROOVE, which allows us to simulate, analyse, and verify a subset of SCOOP programs with respect to deadlocks and other behavioural properties. Besides proposing the first approach to verify SCOOP programs by automatic translation to GTS, we also highlight our experiences of applying GTS (and especially GROOVE) for specifying semantics in the form of a run-time model, which should be transferable to GTS models for other concurrent languages and libraries.Comment: In Proceedings GaM 2015, arXiv:1504.0244