Stefania Gnesi

An action-based framework for verifying logical and behavioural properties of concurrent systems

Abstract A system is described which supports proving both behavioural and logical properties of concurrent systems, these are specified by means of a process algebra and its associated logic. The logic is an action based version of the branching time logic CTL, which we call ACTL. It is interpreted over transition labelled structured while CTL is interpreted over state labelled ones. The core of the system are two existing tools, AUTO and EMC. The first builds the labelled transition system corresponding to a term of a process algebra and permits proof of equivalence and simplification of terms, while the second checks the validity of CTL logical formulae. The integration is realized by means of two translation functions from the action based branching time logic ACTL to CTL and from transition-labelled to state-labelled structures. The correctness of the integration is guaranteed by the proof that the two translation functions when coupled preserve satisfiability of logical formulae.

Web Service Composition Approaches: From Industrial Standards to Formal Methods

Composition of Web services is much studied to support business-to-business and enterprise application integration in e-commerce. Current Web service composition approaches range from practical languages aspiring to become standards (like BPEL, WS-CDL, OWL-S and WSMO) to theoretical models (like automata, Petri nets and process algebras). In this paper we compare these approaches w.r.t. a selected set of characteristics (like trust, security and performance) and we advocate the use of formal models, and their tool support, to increase ones confidence in web service compositions. This paper can assist web service composition designers and developers to deliver lasting solutions, in concordance with the technologys critical needs.

PLUTO: A Test Methodology for Product Families

The testing stage for a product belonging to a family is a crucial and expensive part of development. Yet the derivation of test cases for product families has so far received little attention. We focus here on test planning, that is the most critical part of testing. We outline a simple methodology we are developing for this purpose, called PLUTO, relying on the early requirements specification expressed as Use Cases. We also overview the related literature.

AGILE: Software Architecture for Mobility.

Architecture-based approaches have been promoted as a means of controlling the complexity of system construction and evolution, in particular for providing systems with the agility required to operate in turbulent environments and to adapt very quickly to changes in the enterprise world. Recent technological advances in communication and distribution have made mobility an additional factor of complexity, one for which current architectural concepts and techniques can be hardly used. The AGILE project is developing an architectural approach in which mobility aspects can be modelled explicitly and mapped on the distribution and communication topology made available at physical levels. The whole approach is developed over a uniform mathematical framework based on graph-oriented techniques that support sound methodological principles, formal analysis, and refinement. This paper describes the AGILE project and some of the results gained during the first project year.

An abstract, on the fly framework for the verification of service-oriented systems

In this chapter we present (some of) the design principles which have inspired the development of the CMC/UMC verification framework. The first of these is the need of an abstraction mechanism which allows to observe a model in terms of an abstract L2TS, therefore hiding all the unnecessary underlying details of the concrete computational model, while revealing only the details which might be important to understand the system behavior. The second of these is the need a Service-Oriented Logic (SocL) which is an event and state based, branching-time, efficiently verifiable, parametric temporal logic, for the formal encoding of service-oriented properties. The third principle is the usefulness of an on-the-fly, bounded model-checking approach for an efficient, interactive analysis of service-oriented systems which starts from the early stages of the incremental system design.

From EU Projects to a Family of Model Checkers

We describe the development of the KandISTI family of model checkers from its origins nearly two decades ago until its very recent latest addition. Most progress was made, however, during two integrated European projects, AGILE and SENSORIA, in which our FM&&T lab participated under the scientific coordination of Martin Wirsing. Moreover, the very name of the family of model checkers is partly due to Martin Wirsing’s passion for art and science.

Verifying hardware components within JACK

JACK (the acronym for Just Another Concurrency Kit) is a workbench integrating a set of verification tools for concurrent system specifications, supported by a graphical interface offering facilities to use these tools separately or in combination. The environment offers several functionalities to support the design, analysis and verification of systems specified using process algebras. In this paper we use JACK to formally specify the hardware components of a buffer system. Then we verify, by using the checking capabilities of JACK, the correctness of the specification with respect to some safety requirements, expressed in the action based temporal logic ACTL.

A Model Checking Algorithm for π-Calculus Agents

This paper presents π-logic, an action-based logic for π-calculus. A model checker is built for this logic, following an automata-based approach. This is made possible by a result which allows finite state Labelled Transition Systems to be associated with a wide class of π-calculus agents by preserving a notion of bisimulation equivalence. The model checker was thus built reusing an efficient model checker for the action based logic Actl, after a sound translation from π-logic into Actl has been defined.

Model-Based Evaluation of Energy Saving Systems

Nowadays, there is a great attention towards cautious usage of energy sources to be employed in disparate application domains, including critical infrastructures, to save both in financial terms and in environmental impact. This chapter focuses on stochastic model-based as a support to the analysis of energy saving systems, in combination with other non functional properties, such as reliability, safety and availability. We discuss general guidelines to build a model-based framework to analyse critical cyber-physical systems, where effective energy consumption is required, while assuring imposed levels of resilience. Also, an overview of the most commonly employed methodologies and tools for model-based analysis is provided, and extensive literature is indicated as pointers to relevant research activities performed on this attractive topic over the last decades. Finally, in order to corroborate the proposed framework, a case study in the railway domain is proposed. By adopting the Stochastic Activity Networks formalism, the framework is instantiated to analyse effective trade-offs between energy consumption and satisfaction of other dependability related requirements.

An Exercise in Protocol Verification

The word “verification” is used by various people in many different contexts, and with many different meanings. In the area of parallel and concurrent programming, it refers to activities as different as proof of equivalence between two programs, reachability analysis, the checking of logical properties of a program, or even assertion that a program passes a given test set, or generation of random traces by means of simulation. The verification activities we shall consider here are those directly associated with the analysis of a finite model of the behaviour of a system, namely the building and analysis of such a model, proof of equivalence, and model checking.