Proof Composition for Deductive Verification of Software Product Lines
21 Mar 2011-pp 270-277
TL;DR: This work introduces a classification of existing software product line verification approaches, proposes proof composition as a novel approach and presents a case study to evaluate proof composition and demonstrates that it reduces the effort for verification.
Abstract: Software product line engineering aims at the efficient development of program variants that share a common set of features and that differ in other features. Product lines can be efficiently developed using feature-oriented programming. Given a feature selection and the code artifacts for each feature, program variants can be generated automatically. The quality of the program variants can be rigorously ensured by formal verification. However, verification of all program variants can be expensive and include redundant verification tasks. We introduce a classification of existing software product line verification approaches and propose proof composition as a novel approach. Proof composition generates correctness proofs of each program variant based on partial proofs of each feature. We present a case study to evaluate proof composition and demonstrate that it reduces the effort for verification.
Citations
More filters
31 Aug 2011
TL;DR: It is shown that Event-B decomposition techniques can be exploited for problem-space feature decomposition and solution-space architectural composition and revealed further requirements for feature modelling tool support.
Abstract: Context: Event-B is a leading state-based language for formal modelling and verification of systems supported by an extensible Rodin toolkit. Its existing composition techniques provide a starting point for the investigation of capability for reuse via feature-based modelling. We contribute early methodology for formal development of software product lines (SPLs). An SPL is a set of related products built from a shared set of resources with a common base and having variabilities. Feature modelling has been widely used as a technique for building SPLs. Objective: Our objective is to explore existing capability and future potential for Event-B, in the formal modelling, verification and reuse of domain assets, ultimately targeting verifiable SPL development. We will also suggest further requirements for tools and techniques in Event-B/Rodin for formal product line modelling. Method: By modelling two-case studies in Event-B using different modelling styles, we explore current capability for feature modelling in EventB. We show that Event-B decomposition techniques can be exploited for problem-space feature decomposition and solution-space architectural composition. We have also developed a feature-modelling tool for Event-B to experiment with our example case-studies. Results: The case-study experiments show that the existing Event-B techniques can be used for feature-based modelling and revealed further requirements for feature modelling tool support. A guideline for feature-based modelling with Event-B/Rodin has been proposed based on the case-study experiments that could be used to achieve the benefits of reusing formal models. Conclusions: By providing a prototype tool and guidelines for feature
2 citations
Cites methods from "Proof Composition for Deductive Ver..."
...We would like to see if the proof composition approach of [57] can be applied to Event-B using the case-studies presented....
[...]
...Verification of a PL variant through proof composition [57] has been suggested where the proofs for the composite model (PL variant) are generated by composing proofs of selected features....
[...]
11 Apr 2015
TL;DR: GFML as mentioned in this paper is a language that allows the user to automatically produce correct-by-construction product variants from the related feature modules, which contain three kinds of artifacts: specification, code and correctness proof.
Abstract: Software Product Line Engineering (SPLE) is a software engineering paradigm that focuses on reuse and variability Although feature-oriented programming (FOP) can implement software product line efficiently, we still need a method to generate and prove correctness of all product variants more ef- ficiently and automatically In this context, we propose to manipulate feature modules which contain three kinds of artifacts: specification, code and correctness proof We depict a methodology and a platform that help the user to automatically produce correct-by-construction product variants from the related feature modules As a first step of this project, we begin by proposing a language, GFML, allowing the developer to write such feature modules This language is designed so that the artifacts can be easily reused and composed GFML files contain the different artifacts mentioned above The idea is to compile them into FoCaLiZe, a language for specification, implementation and formal proof with some object-oriented flavor In this paper, we define and illustrate this language We also introduce a way to compose the feature modules on some examples
1 citations
01 Dec 2013
TL;DR: This thesis proposes that proofs establishing semantic properties of a system can be decomposed and reused to prove properties for novel feature combinations to build programming languages with fully mechanized meta-theory.
Abstract: One common and effective approach to reuse is to decompose a system into modules representing features. New variants can then be built by combing these features in different ways. This thesis proposes that proofs establishing semantic properties of a system can be similarly decomposed and reused to prove properties for novel feature combinations. Features can cut across the standard modularity boundaries, presenting a fundamental challenge to modular reasoning. The proposed contributions are threefold: 1. Showing how the mechanized syntax, semantics and meta-theory proofs of a programming language can be effectively modularized into features that can be composed in different ways to build programming languages with fully mechanized meta-theory. 2. Demonstrating how modularization of semantic properties alongside definitions enables efficient reasoning about an entire family of programs built from a common set of features. 3. Investigating how that these techniques can aid in the semantically correct composition of interpreters for different languages.
1 citations
Cites background from "Proof Composition for Deductive Ver..."
...[29] introduced monad transformers to compose multiple monads and build...
[...]
...Both Boite [7] and Mulhern [29] consider how to extend existing inductive definitions and reuse related proofs in the Coq proof assistant....
[...]
TL;DR: In this article , a design methodology for -based LPLs is presented, which is comprised of an engineering process that defines the order in which decisions are made, an integrated development environment for LPL designers and some best practices in the design of well-structured language decomposition when using , supported by a variety of LPL metrics that can be used to detect errors in design decisions.
Abstract: Abstract Programming languages are complex systems that are usually implemented as monolithic interpreters and compilers. In recent years, researchers and practitioners gained interest in product line engineering to improve the reusability of language assets and the management of variability-rich systems, introducing the notions of language workbenches and language product lines (LPLs). Nonetheless, language development remains a complex activity and design or implementation flaws can easily waste the efforts of decomposing a language specification into language features. Poorly designed language decompositions result in high inter-dependent components, reducing the variability space of the LPL system and its maintainability. One should detect and fix the design flaws posthaste to prevent these risks while minimizing the development overhead. Therefore, various aspects of the quality of a language decomposition should be quantitatively measurable through adequate metrics. The evaluation, analysis and feedback of these measures should be a primary part of the engineering process of a LPL. In this paper, we present an exploratory study trying to capture these aspects by introducing a design methodology for LPLs; we define the properties of a good language decomposition and adapt a set of metrics from the literature to the framework of language workbenches. Moreover, we leverage the LPL engineering environment to perform an empirical evaluation of 26 -based LPLs based on this design methodology. Our contributions form the foundations of a design methodology for -based LPLs. This methodology is comprised of four different elements: i) an engineering process that defines the order in which decisions are made, ii) an integrated development environment for LPL designers and iii) some best practices in the design of well-structured language decomposition when using , supported by iv) a variety of LPL metrics that can be used to detect errors in design decisions.
1 citations
19 Jul 2017
TL;DR: The result is a framework for formal SPL analysis via guided refinement and divide-and-conquer, through sound orchestration of multiple tools.
Abstract: We generalize the principle of counter example-guided data abstraction refinement (CEGAR) to guided refinement of Software Product Lines (SPL) and of analysis tools. We also add a problem decomposition step. The result is a framework for formal SPL analysis via guided refinement and divide-and-conquer, through sound orchestration of multiple tools.
1 citations
Cites background from "Proof Composition for Deductive Ver..."
...Proof composition [44] relies on creating partial correctness proofs for certain features that are then combined into proofs for a desired product....
[...]
References
More filters
01 Nov 1990
TL;DR: This report will establish methods for performing a domain analysis and describe the products of the domain analysis process to illustrate the application of domain analysis to a representative class of software systems.
Abstract: : Successful Software reuse requires the systematic discovery and exploitation of commonality across related software systems. By examining related software systems and the underlying theory of the class of systems they represent, domain analysis can provide a generic description of the requirements of that class of systems and a set of approaches for their implementation. This report will establish methods for performing a domain analysis and describe the products of the domain analysis process. To illustrate the application of domain analysis to a representative class of software systems, this report will provide a domain analysis of window management system software.
4,420 citations
"Proof Composition for Deductive Ver..." refers background in this paper
...A feature model [2] documents all features and the constraints between them, e....
[...]
...The program variants of an SPL are distinguished in terms of features [2]....
[...]
Book•
03 Aug 2005
TL;DR: In this book, Pohl and his co-authors present a framework for software product line engineering which they have developed based on their academic as well as industrial experience gained in projects over the last eight years.
Abstract: Software product line engineering has proven to be the methodology for developing a diversity of software products and software intensive systems at lower costs, in shorter time, and with higher quality. In this book, Pohl and his co-authors present a framework for software product line engineering which they have developed based on their academic as well as industrial experience gained in projects over the last eight years. They do not only detail the technical aspect of the development, but also an integrated view of the business, organisation and process aspects are given. In addition, they explicitly point out the key differences of software product line engineering compared to traditional single software system development, as the need for two distinct development processes for domain and application engineering respectively, or the need to define and manage variability.
2,654 citations
"Proof Composition for Deductive Ver..." refers background in this paper
...A software product line (SPL) is a set of softwareintensive systems that share code [1]....
[...]
TL;DR: Methodological guidelines for object-oriented software construction that improve the reliability of the resulting software systems are presented and the theory of contract design and the role of assertions in that theory are discussed.
Abstract: Methodological guidelines for object-oriented software construction that improve the reliability of the resulting software systems are presented. It is shown that the object-oriented techniques rely on the theory of design by contract, which underlies the design of the Eiffel analysis, design, and programming language and of the supporting libraries, from which a number of examples are drawn. The theory of contract design and the role of assertions in that theory are discussed. >
2,201 citations
"Proof Composition for Deductive Ver..." refers background or methods in this paper
...Critical requirements of programs can be specified using design by contract [8]....
[...]
...We show how the example SPL is implemented using feature-oriented programming and define how program properties are specified using design by contract [8]....
[...]
TL;DR: This paper provides a comprehensive literature review on the automated analysis of feature models 20 years after of their invention and presents a conceptual framework to understand the different proposals as well as categorise future contributions.
1,161 citations
"Proof Composition for Deductive Ver..." refers background in this paper
...Feature model analysis [18] aims at finding inconsistencies in feature models, e....
[...]