Live and Let Die: LSC-Based Verification of UML-Models

Abstract: We present a strategy for automatic formal verification of Live Sequence Chart (LSC) specifications against UML models in the semantics of [7] employing the symmetry-based technique of Query Reduction [18, 34, 44] and the abstraction technique Data-type Reduction [34]. Altogether this allows for automatic formal verification without providing finite bounds on the numbers of objects created during a run of the system. Our presentation is grounded on a specific formal interpretation of LSCs for the UML domain in… Show more

“…Assuming finite bounds on the length of queues, we can directly apply state-of-the-art techniques for the abstraction of infinite-state systems into finite-state model-checking problems, if infiniteness stems from unbounded creation and destruction of processes [9]. Section 3.2 uses the car platooning running example to describe the verification strategy.…”

“…For this paper we sidestep the last issue by assuming a finite bound n on the length of all queues and focus on the first issues. They can be treated with a combination of Query-and DataType Reduction [9] because DCS lie in the class of systems where the processes are instances of finitely many templates or classes.…”

“…In this setting we apply a particular abstract interpretation called Data-Type Reduction [14] (DTR) to the DCS protocol yielding a finite over-approximation of the original DCS protocol (following [9]). Given a finite set of process identities whose configurations shall be represented exactly, DTR maps all other identities to a special identity ⊥.…”

“…Determining the current followers means accessing flws(⊥) which in turn non-deterministically yields any possible set of process identities that may comprise the exactly represented ones as well as ⊥. For more details we refer to [9].…”

Specification and Verification of Dynamic Communication Systems

“…Assuming finite bounds on the length of queues, we can directly apply state-of-the-art techniques for the abstraction of infinite-state systems into finite-state model-checking problems, if infiniteness stems from unbounded creation and destruction of processes [9]. Section 3.2 uses the car platooning running example to describe the verification strategy.…”

“…For this paper we sidestep the last issue by assuming a finite bound n on the length of all queues and focus on the first issues. They can be treated with a combination of Query-and DataType Reduction [9] because DCS lie in the class of systems where the processes are instances of finitely many templates or classes.…”

“…In this setting we apply a particular abstract interpretation called Data-Type Reduction [14] (DTR) to the DCS protocol yielding a finite over-approximation of the original DCS protocol (following [9]). Given a finite set of process identities whose configurations shall be represented exactly, DTR maps all other identities to a special identity ⊥.…”

“…Determining the current followers means accessing flws(⊥) which in turn non-deterministically yields any possible set of process identities that may comprise the exactly represented ones as well as ⊥. For more details we refer to [9].…”

Specification and Verification of Dynamic Communication Systems

“…[12] uses a variant of spotlight abstraction for the verification of parameterised communication models, but they leave out abstraction refinement as future work. [13] proposes a general strategy for spotlight abstraction refinement by inferring and integrating so-called non-interference lemmata. This idea is realised in [14] resp.…”

Counterexample Guided Spotlight Abstraction Refinement

Formal Verification of LSCs in the Development Process