Tightening the contract refinements of a system architecture

Contract-based design is an emerging paradigm for correct-by-construction hierarchical systems: components are associated with assumptions and guarantees expressed as formal properties; the architecture is analyzed by verifying that each contract of composite components is correctly refined by the contracts of its subcomponents. The approach is very efficient, because the overall correctness proof is decomposed into proofs local to each component. However, the process for the contract specification and refinement is quite expensive because the requirements are formalized into formal properties, where part of the complexity is delegated to the designer, who has the burden of specifying the contracts. Typical problems include understanding which contracts are necessary, and how they can be simplified without breaking the correctness of the refinement and other refinements in case some subcontracts are shared. In this paper, we tackle these problems by proposing a technique to understand and simplify the contract refinements of a system architecture during the development process for the contract specification and refinement. The technique, called tightening, is based on parameter synthesis. The idea is to generate a set of parametric proof obligations, where each parameter evaluation corresponds to a variant of the original(s) contract refinement(s), and to search for tighter variants of the contracts that still ensure the correctness of the refinement(s). We cast this approach in the OCRA framework, where contracts are expressed with LTL formulas, and we evaluate its performance and effectiveness on a number of benchmarks.Fil: Cimatti, Alessandro. Fondazione Bruno Kessler; ItaliaFil: Demasi, Ramiro Adrian. Fondazione Bruno Kessler; Italia. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física. Sección Ciencias de la Computación; ArgentinaFil: Tonetta, Stefano. Fondazione Bruno Kessler; Itali

Quantifying Masking Fault-Tolerance via Fair Stochastic Games

We introduce a formal notion of masking fault-tolerance between probabilistic transition systems using stochastic games. These games are inspired in bisimulation games, but they also take into account the possible faulty behavior of systems. When no faults are present, these games boil down to probabilistic bisimulation games. Since these games could be infinite, we propose a symbolic way of representing them so that they can be solved in polynomial time. In particular, we use this notion of masking to quantify the level of masking fault-tolerance exhibited by almost-sure failing systems, i.e., those systems that eventually fail with probability 1. The level of masking fault-tolerance of almost-sure failing systems can be calculated by solving a collection of functional equations. We produce this metric in a setting in which one of the player behaves in a strong fair way (mimicking the idea of fair environments).Comment: In Proceedings EXPRESS/SOS2023, arXiv:2309.05788. arXiv admin note: substantial text overlap with arXiv:2207.0204

MaskD : a tool for measuring masking fault-tolerance

Fil: Putruele, Luciano. Universidad Nacional de Rı́o Cuarto. Facultad de Ciencias Exactas, Físico-Químicas y Naturales. Departamento de Computación; Argentina.Fil: Putruele, Luciano. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: Demasi, Ramiro Adrián. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía, Física y Computación; Argentina.Fil: Demasi, Ramiro Adrián. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: Castro, Pablo Francisco. Universidad Nacional de Rı́o Cuarto. Facultad de Ciencias Exactas, Físico-Químicas y Naturales. Departamento de Computación; Argentina.Fil: Castro, Pablo Francisco. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: D'Argenio, Pedro Ruben. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía, Física y Computación; Argentina.Fil: D'Argenio, Pedro Ruben. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: D'Argenio, Pedro Ruben. Saarland University. Saarland Informatics Campus; Germany.We present MaskD, an automated tool designed to measure the level of fault-tolerance provided by software components. The tool focuses on measuring masking fault-tolerance, that is, the kind of fault-tolerance that allows systems to mask faults in such a way that they cannot be observed by the users. The tool takes as input a nominal model (which serves as a specification) and its fault-tolerant implementation, described by means of a guarded-command language, and automatically computes the masking distance between them. This value can be understood as the level of fault-tolerance provided by the implementation. The tool is based on a sound and complete framework we have introduced in previous work. We present the ideas behind the tool by means of a simple example and report experiments realized on more complex case studies.This work was supported by ANPCyT PICT-2017-3894 (RAFTSys), ANPCyT PICT 2019-03134, SeCyT-UNC 33620180100354CB (ARES), and EU Grant agreement ID: 101008233 (MISSION).publishedVersionFil: Putruele, Luciano. Universidad Nacional de Rı́o Cuarto. Facultad de Ciencias Exactas, Físico-Químicas y Naturales. Departamento de Computación; Argentina.Fil: Putruele, Luciano. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: Demasi, Ramiro Adrián. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía, Física y Computación; Argentina.Fil: Demasi, Ramiro Adrián. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: Castro, Pablo Francisco. Universidad Nacional de Rı́o Cuarto. Facultad de Ciencias Exactas, Físico-Químicas y Naturales. Departamento de Computación; Argentina.Fil: Castro, Pablo Francisco. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: D'Argenio, Pedro Ruben. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía, Física y Computación; Argentina.Fil: D'Argenio, Pedro Ruben. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentina.Fil: D'Argenio, Pedro Ruben. Saarland University. Saarland Informatics Campus; Germany

Darwin: una herramienta para verificar diseños arquitecturales

En este trabajo presentamos una herramienta que permite a los ingenieros de software realizar ciertas verificaciones sobre diseños arquitecturales. Esta herramienta, llamada Darwin, utiliza como lenguaje de modelado la notación BON, en cuanto las verificaciones son realizadas por medio del lenguaje lógico Alloy. Adicionalmente presentamos algunas de las funcionalidades que agregaremos a la herramienta en un futuro próximo.Eje: Ingeniería en SoftwareRed de Universidades con Carreras en Informática (RedUNCI

Verificando diseños BON mediante Alloy

En este artículo presentamos una técnica para traducir diseños estructurales expresados en el lenguaje BON, al lenguaje formal Alloy. En donde, la principal ventaja de la traducción es que puede realizarse automáticamente mediante herramientas de software. Adicionalmente, esta metodología puede ser usada para validar propiedades sobre los diseños utilizando el Alloy Analyzer. Para finalizar, mostramos la aplicación a un caso de estudio de Darwin Tool, una herramienta que implementa parte de esta traducción.II Workshop de Ingeniería de Software y Bases de Datos (WISBD)Red de Universidades con Carreras en Informática (RedUNCI

Verifying BON models with alloy

In this paper we describe a methodology to translate BON (architectural) designs to Alloy specifications. The main virtue of this process is that it can be implemented by means of software tools. The utilization of this methodology during the software development allows designers to validate different kinds of properties over their BON models. Allowing, in this way, the finding of critical bugs in earlier steps of system construction. Finally, we present a software which implements this translation from BON to Alloy.Facultad de Informátic

Darwin: una herramienta para verificar diseños arquitecturales

En este trabajo presentamos una herramienta que permite a los ingenieros de software realizar ciertas verificaciones sobre diseños arquitecturales. Esta herramienta, llamada Darwin, utiliza como lenguaje de modelado la notación BON, en cuanto las verificaciones son realizadas por medio del lenguaje lógico Alloy. Adicionalmente presentamos algunas de las funcionalidades que agregaremos a la herramienta en un futuro próximo.Eje: Ingeniería en SoftwareRed de Universidades con Carreras en Informática (RedUNCI

Darwin: una herramienta para verificar diseños arquitecturales

En este trabajo presentamos una herramienta que permite a los ingenieros de software realizar ciertas verificaciones sobre diseños arquitecturales. Esta herramienta, llamada Darwin, utiliza como lenguaje de modelado la notación BON, en cuanto las verificaciones son realizadas por medio del lenguaje lógico Alloy. Adicionalmente presentamos algunas de las funcionalidades que agregaremos a la herramienta en un futuro próximo.Eje: Ingeniería en SoftwareRed de Universidades con Carreras en Informática (RedUNCI

A Stochastic Game Approach to Masking Fault-Tolerance: Bisimulation and Quantification

We introduce a formal notion of masking fault-tolerance between probabilistic transition systems based on a variant of probabilistic bisimulation (named masking simulation). We also provide the corresponding probabilistic game characterization. Even though these games could be infinite, we propose a symbolic way of representing them, such that it can be decided in polynomial time if there is a masking simulation between two probabilistic transition systems. We use this notion of masking to quantify the level of masking fault-tolerance exhibited by almost-sure failing systems, i.e., those systems that eventually fail with probability 1. The level of masking fault-tolerance of almost-sure failing systems can be calculated by solving a collection of functional equations. We produce this metric in a setting in which the minimizing player behaves in a strong fair way (mimicking the idea of fair environments), and limit our study to memoryless strategies due to the infinite nature of the game. We implemented these ideas in a prototype tool, and performed an experimental evaluation