Formal Aspects of Computing

, Volume 31, Issue 5, pp 541–610 | Cite as

Interactive verification of architectural design patterns in FACTum

  • Diego MarmsolerEmail author
  • Habtom Kashay Gidey
Original Article


Architectural design patterns (ADPs) are architectural solutions to common architectural design problems. They are an important concept in software architectures used for the design and analysis of architectures. An ADP usually constrains the design of an architecture and, in turn, guarantees some desired properties for architectures implementing it. Sometimes, however, the constraints imposed by an ADP do not lead to the claimed guarantee. Thus, applying such patterns for the design of architectures might result in architectures which do not fulfill their intended requirements. To address this problem, we propose an approach for the verification of ADPs, based on interactive theorem proving. To this end, we introduce a model for dynamic architectures and a language for the specification of ADPs over this model. Moreover, we propose a framework for the interactive verification of such specifications based on Isabelle/HOL. In addition we describe an algorithm to map a specifi cation to a corresponding Isabelle/HOL theory over our framework. To evaluate the approach, we implement it in Eclipse/EMF and use it for the verification of four ADPs: variants of the Singleton, the Publisher-Subscriber, the Blackboard pattern, and a pattern for Blockchain architectures. With our approach we complement traditional approaches for the verification of architectures, which are usually based on automatic verification techniques such as model checking.


Architecture design patterns Interactive theorem proving Architecture verification FACTum Algebraic specification Isabelle 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.



We would like to thank Manfred Broy and the anonymous reviewers of FASE 2018 and Formal Aspects of Computing for their comments and helpful suggestions on earlier versions of this paper. Moreover, we would like to thank Dominik Ascher and Sebastian Wilzbach for their valuable support on Eclipse/EMF. The work was partially funded by the German Federal Ministry of Education and Research (BMBF) under grant number “01Is16043A” and the German Federal Ministry of Economics and Technology (BMWi) under grant number “0325811A”.


  1. ADG98.
    Allen, R., Douence, R., Garlan, D.: Specifying and analyzing dynamic software architectures. In: Egidio, A. (ed.) Fundamental approaches to software engineering. Lecture notes in computer science, vol. 1382, pp. 21–37. Springer, Berlin (1998)Google Scholar
  2. All97.
    Allen, R.J.: A formal approach to software architecture. Technical report, DTIC Document (1997)Google Scholar
  3. AM02a.
    Aguirre N, Maibaum T (2002) Reasoning about reconfigurable object-based systems in a temporal logic setting. In: Proceedings of IDPTGoogle Scholar
  4. AM02b.
    Aguirre N, Maibaum T (2002) A temporal logic approach to the specification of reconfigurable component-based systems. In: Automated software engineering. IEEE, pp 271–274Google Scholar
  5. Arb04.
    Arbab, F.: Reo: a channel-based coordination model for component composition. Math Struct Comput Sci 14(03), 329–366 (2004)MathSciNetCrossRefGoogle Scholar
  6. Bal04.
    Ballarin, C.: Locales and locale expressions in isabelle/isar. Lect Notes Comput Sci 3085, 34–50 (2004)CrossRefGoogle Scholar
  7. BC13.
    Bertot, Y., Castéran, P.: Interactive theorem proving and program development: Coq'Art: the calculus of inductive constructions. Springer, Berlin (2013)zbMATHGoogle Scholar
  8. BCK07.
    Bass, L., Clements, P., Kazman, R.: Software architecture in practice. Addison-Wesley, Boston (2007)Google Scholar
  9. Ber96.
    Bergner K (1996) Spezifikation großer Objektgeflechte mit Komponentendiagrammen. Ph.D. thesis, Technische Universität MünchenGoogle Scholar
  10. Bet16.
    Bettini, L.: Implementing domain-specific languages with Xtext and Xtend. Packt Publishing Ltd, Birmingham (2016)Google Scholar
  11. BFGea93.
    Broy M, Facchi C, Grosu R et al (1993) The requirement and design specification language spectrum – an informal introduction. Technical report, Technische Universität MünchenGoogle Scholar
  12. BHL+14]
    Blanchette JC, Hölzl J, Lochbihler A, Panny L, Popescu A, Traytel D (2014) Truly modular (co) datatypes for isabelle/hol. In: International conference on interactive theorem proving. Springer, pp 93–110Google Scholar
  13. BK86.
    Bergstra, J.A., Klop, J.W.: Algebra of communicating processes. CWI Monograph Ser 3, 89–138 (1986)MathSciNetzbMATHGoogle Scholar
  14. BMR+96.
    Buschmann, F., Meunier, R., Rohnert, H., Sommerlad, P., Stal, M.: Pattern-oriented software architecture: a system of patterns. Wiley, West Sussex (1996)Google Scholar
  15. Bro96.
    Broy, M.: Algebraic specification of reactive systems. Algebraic methodology and software technology, pp. 487–503. Springer, Berlin (1996)CrossRefGoogle Scholar
  16. Bro10.
    Broy, M.: A logical basis for component-oriented software and systems engineering. Comput J 53(10), 1758–1782 (2010)CrossRefGoogle Scholar
  17. Bro14.
    Broy M (2014) A model of dynamic systems. In: Saddek B, Yassine L, Axel L (eds) From programs to systems. The systems perspective in computing, volume 8415 of Lecture notes in computer science, pp 39–53. Springer, BerlinGoogle Scholar
  18. BS01.
    Broy, M., Stolen, K.: Specification and development of interactive systems: focus on streams, interfaces, and refinement. Springer, Berlin (2001)CrossRefGoogle Scholar
  19. BSAR06.
    Baier, C., Sirjani, M., Arbab, F., Rutten, J.: Modeling component connectors in reo by constraint automata. Sci Comput Program 61(2), 75–113 (2006)MathSciNetCrossRefGoogle Scholar
  20. CAPM10.
    Castro PF, Aguirre NM, Pombo CGL, Maibaum TSE (2010) Towards managing dynamic reconfiguration of software systems in a categorical setting. In: Lecture notes in computer science. Springer, pp 306–321Google Scholar
  21. CCGR00.
    Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M.: Nusmv: a new symbolic model checker. Int J Softw Tools Technol Trans 2(4), 410–425 (2000)CrossRefGoogle Scholar
  22. CCS12.
    Canal C, Cámara J, Salaün G (2012) Structural reconfiguration of systems under behavioral adaptation. Sci Comput Program 78(1):46–64. Special Section: Formal Aspects of Component Software (FACS'09)Google Scholar
  23. Cha89.
    Chandy, K.M.: Parallel program design. Springer, Berlin (1989)CrossRefGoogle Scholar
  24. DVdHT01.
    Dashofy EM, Van der Hoek A, Taylor RN (2001) A highly-extensible, xml-based architecture description language. In: Working IEEE/IFIP conference on software architecture, 2001. Proceedings, pp 103–112. IEEEGoogle Scholar
  25. FLV06.
    Feiler PH, Lewis BA, Vestal S (2006) The sae architecture analysis & design language (aadl) a standard for engineering performance critical systems. In: Computer aided control system design, control applications, intelligent control. IEEE, pp 1206–1211Google Scholar
  26. FM97.
    Fiadeiro, J.L., Maibaum, T.: Categorical semantics of parallel program design. Sci Comput Program 28(2–3), 111–138 (1997)CrossRefGoogle Scholar
  27. FS97.
    Fensel D, Schnogge A (November 1997) Using kiv to specify and verify architectures of knowledge-based systems. In: Automated software engineering, pp 71–80Google Scholar
  28. Gar03.
    Garlan D (2003) Formal modeling and analysis of software architecture: components, connectors, and events. In: Formal methods for software architectures, pp 1–24. SpringerGoogle Scholar
  29. GH05.
    Gibbons, J., Hutton, G.: Proof methods for corecursive programs. Fundam Inf 66, 353–366 (2005)MathSciNetzbMATHGoogle Scholar
  30. GHJV94.
    Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design patterns: elements of reusable object-oriented software. Addison-Wesley, New York (1994)zbMATHGoogle Scholar
  31. GJS17]
    Göthel T, Jähnig N, Seif S (2017) Refinement-based modelling and verification of design patterns for self-adaptive systems. In: International conference on formal engineering methods. Springer, pp 157–173Google Scholar
  32. GM18.
    Gidey HK, Marmsoler D (2018) FACTum studio. Accessed 19 July 2019
  33. GME17.
    Gidey HK, Marmsoler D, Eckhardt J (April 2017) Grounded architectures: using grounded theory for the design of software architectures. In: 2017 IEEE international conference on software architecture workshops (ICSAW), pp 141–148Google Scholar
  34. GMW00.
    Garlan, D., Monroe, R.T., Wile, D.: ACME: architectural description of component-based systems. Found Component Based Syst 68, 47–68 (2000)Google Scholar
  35. GR91.
    Gorlick MM, Razouk RR (1991) Using weaves for software construction and analysis. In: Les B, David RB, Koji T (eds) Proceedings of the 13th international conference on software engineering, Austin, TX, USA, 13-17 May 1991. IEEE Computer Society, pp 23–34Google Scholar
  36. GRABR14.
    Gibson-Robinson T, Armstrong P, Boulgakov A, Roscoe AW (2014) Fdr3—a modern refinement checker for csp. In: International conference on tools and algorithms for the construction and analysis of systems. Springer, pp 187–201Google Scholar
  37. HF10.
    Hölzl F, Feilkas M (2010) Autofocus 3: a scientific tool prototype for model-based development of component-based, reactive, distributed systems. In: Proceedings of the 2007 international Dagstuhl conference on model-based engineering of embedded real-time systems, MBEERTS'07, Berlin, Heidelberg. Springer, pp 317–322Google Scholar
  38. Hoa78.
    Hoare, C.A.R.: Communicating sequential processes. Commun ACM 21(8), 666–677 (1978)CrossRefGoogle Scholar
  39. Jac02.
    Jackson, D.: Alloy: a lightweight object modelling notation. ACM Trans Softw Eng Methodol (TOSEM) 11(2), 256–290 (2002)CrossRefGoogle Scholar
  40. JR97.
    Jacobs, B., Rutten, J.: A tutorial on (co)algebras and (co)induction. EATCS Bull 62, 62–222 (1997)zbMATHGoogle Scholar
  41. KG06.
    Kim JS, Garlan D (2006) Analyzing architectural styles with alloy. In: Proceedings of the ISSTA 2006 workshop on Role of software architecture for testing and analysis. ACM, pp 70–80Google Scholar
  42. KKB+99.
    Klein MH, Kazman R, Bass L, Carriere J, Barbacci M, Lipson H (1999) Attribute-based architecture styles. In: Software architecture. Springer, pp 225–243Google Scholar
  43. KMLA11.
    Krause C, Maraikar Z, Lazovik A, Arbab F (2011) Modeling dynamic reconfigurations in reo using high-level replacement systems. Sci Comput Program 76(1):23–36. Selected papers from the 6th international workshop on the foundations of coordination languages and software architecturesGoogle Scholar
  44. KRDO17.
    Kiayias A, Russell A, David B, Oliynykov R (2017) Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Annual international cryptology conference. Springer, pp 357–388Google Scholar
  45. LKA+95.
    Luckham, D.C., Kenney, J.J., Augustin, L.M., Vera, J., Bryan, D., Mann, W.: Specification and analysis of system architecture using rapide. IEEE Trans Softw Eng 21(4), 336–354 (1995)CrossRefGoogle Scholar
  46. LMP10.
    Laroussinie F, Meyer A, Petonnet E (2010) Counting LTL. In: 2010 17th international symposium on temporal representation and reasoning. IEEEGoogle Scholar
  47. Loc10.
    Lochbihler A (2010) Coinduction. The archive of formal proofs. 19 July 2019
  48. LS13.
    Li, Y., Sun, M.: Modeling and analysis of component connectors in coq. In: Fiadeiro, J.L., Liu, Z., Xue, J. (eds.) Formal aspects of component software–10th international symposium, FACS 2013, Nanchang, China, 27–29 Oct 2013, Revised selected papers. Lecture notes in computer science, vol. 8348, pp. 273–290. Springer (2013)Google Scholar
  49. Mar10.
    Marmsoler D (2010) Applying the scientific method in the definition and analysis of a new architectural style. Master's thesis, Free University of Bolzano-BozenGoogle Scholar
  50. Mar17a.
    Marmsoler D (2017) Dynamic architectures. Archive of formal proofs. Formal proof development. Accessed 19 July 2019
  51. Mar17b.
    Marmsoler, D.: Towards a calculus for dynamic architectures. In: Van Hung, D., Kapur, D. (eds.) Theoretical aspects of computing–ICTAC 2017–14th international colloquium, Hanoi, Vietnam, 23–27 Oct 2017, Proceedings. Lecture notes in computer science, vol. 10580, pp. 79–99. Springer (2017)Google Scholar
  52. Mar18a.
    Marmsoler D (2018) A framework for interactive verification of architectural design patterns in isabelle/hol. In: The 20th international conference on formal engineering methods, ICFEM 2018, ProceedingsGoogle Scholar
  53. Mar18b.
    Marmsoler D (2018) A theory of architectural design patterns. Archive of formal proofs. Formal proof development
  54. MCL04.
    Mak JKH, Choy CST, Lun DPK (2004) Precise modeling of design patterns in uml. In: Software engineering. IEEE, pp 252–261Google Scholar
  55. MD17.
    Marmsoler D, Degenhardt S (2017) Verifying patterns of dynamic architectures using model checking. In: Proceedings international workshop on formal engineering approaches to software components and architectures, FESCA@ETAPS 2017, Uppsala, Sweden, 22nd April 2017, pp 16–30Google Scholar
  56. MG16a.
    Marmsoler, D., Gleirscher, M.: On activation, connection, and behavior in dynamic architectures. Sci Ann Comput Sci 26(2), 187–248 (2016)MathSciNetzbMATHGoogle Scholar
  57. MG16b.
    Marmsoler D, Gleirscher M (2016) Specifying properties of dynamic architectures using configuration traces. In: International colloquium on theoretical aspects of computing. Springer, pp 235–254Google Scholar
  58. MG18.
    Marmsoler D, Gidey HK (2018) FACTum Studio: a tool for the axiomatic specification and verification of architectural design patterns. In: Formal aspects of component software—FACS 2018—15th international conference, ProceedingsGoogle Scholar
  59. Mil99.
    Milner, R.: Communicating and mobile systems: the \(\pi \)-calculus. Cambridge University Press, Cambridge (1999)Google Scholar
  60. MK96.
    Magee J, Kramer J (1996) Dynamic structure in software architectures. In: Garlan D (ed) SIGSOFT'96, Proceedings of the fourth ACM SIGSOFT symposium on foundations of software engineering, San Francisco, California, USA, 16–18 Oct 1996. ACM, pp 3–14Google Scholar
  61. MP92.
    Manna, Z., Pnueli, A.: The temporal logic of reactive and concurrent systems. Springer, New York (1992)CrossRefGoogle Scholar
  62. Nak08.
    Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash systemGoogle Scholar
  63. NPW02.
    Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL: a proof assistant for higher-order logic, vol. 2283. Springer, Berlin (2002)CrossRefGoogle Scholar
  64. Oqu04.
    Oquendo, F.: \(\pi \)-adl: an architecture description language based on the higher-order typed \(\pi \)-calculus for specifying dynamic and mobile software architectures. ACM SIGSOFT Softw Eng Notes 29(3), 1–14 (2004)Google Scholar
  65. Rau01.
    Rausch A (2001) Componentware. Dissertation, Technische Universität München, MünchenGoogle Scholar
  66. Rei95.
    Reif W (1995) The kiv-approach to software verification. In: KORSO: methods, languages, and tools for the construction of correct software, pp 339–368Google Scholar
  67. RJB04.
    Rumbaugh, J., Jacobson, I., Booch, G.: The unified modeling language reference manual. Pearson Higher Education, New York (2004)Google Scholar
  68. SBR12.
    Sanchez, A., Barbosa, L.S., Riesco, D.: Bigraphical modelling of architectural patterns. In: Arbab, F., Ölveczky, P.C. (eds.) Formal aspects of component software, Berlin, Heidelberg, pp. 313–330. Springer, Berlin (2012)CrossRefGoogle Scholar
  69. SG96.
    Shaw, M., Garlan, D.: Software architecture: perspectives on an emerging discipline, vol. 1. Prentice Hall, Englewood Cliffs (1996)zbMATHGoogle Scholar
  70. SH04.
    Soundarajan N, Hallstrom JO (2004) Responsibilities and rewards: specifying design patterns. In: Software engineering. IEEE, pp 666–675Google Scholar
  71. SMB15.
    Sanchez, A., Madeira, A., Barbosa, L.S.: On the verification of architectural reconfigurations. Comput Lang Syst Struct 44, 218–237 (2015)zbMATHGoogle Scholar
  72. Spi07.
    Spichkova M (2007) Specification and seamless verification of embedded real-time systems: FOCUS on Isabelle. Ph.D. thesis, Technical University Munich, GermanyGoogle Scholar
  73. TMD09.
    Taylor, R.N., Medvidovic, N., Dashofy, E.M.: Software architecture: foundations, theory, and practice. Wiley, Hoboken (2009)Google Scholar
  74. TO17.
    TypeFox and Obeo (2017) Xtext/sirius—integration the main use-cases.
  75. OLKM00.
    van Ommering, R.C., van der Linden, F., Kramer, J., Magee, J.: The koala component model for consumer electronics software. IEEE Comput 33(3), 78–85 (2000)CrossRefGoogle Scholar
  76. W+04.
    Wenzel M et al (2004) The isabelle/isar reference manualGoogle Scholar
  77. Wen07.
    Wenzel, M.: Isabelle/isar–a generic framework for human-readable proof documents. From Insight to Proof-Festschrift in Honour of Andrzej Trybulec 10(23), 277–298 (2007)Google Scholar
  78. WF02.
    Wermelinger M, Fiadeiro JL (2002) A graph transformation approach to software architecture reconfiguration. Sci Comput Program 44(2):133 – 155. Special Issue on Applications of Graph Transformations (GRATRA 2000)Google Scholar
  79. Wir90.
    Wirsing, M.: Algebraic specification. In: van Leeuwen, J. (ed.) Handbook of theoretical computer science, vol. B, pp. 675–788. MIT Press, Cambridge (1990)Google Scholar
  80. WLF01.
    Wermelinger M, Lopes A, Fiadeiro JL (2001) A graph based architectural (re)configuration language. In: Software engineering notes, vol 26. ACM, pp 21–32Google Scholar
  81. WSWS08.
    Wong S, Sun J, Warren I, Sun J (2008) A scalable approach to multi-style architectural modeling and verification. In: Engineering of complex computer systems. IEEE, pp 25–34Google Scholar
  82. ZA05.
    Zdun U, Avgeriou P (2005) Modeling architectural patterns using architectural primitives. In: Johnson RE, Gabriel RP (eds) Proceedings of the 20th annual ACM SIGPLAN conference on object-oriented programming, systems, languages, and applications, OOPSLA 2005, 16–20 Oct 2005, San Diego, CA, USA, pp 133–146. ACMGoogle Scholar
  83. ZLS+12.
    Zhang J, Liu Y, Sun J, Dong JS, Sun J (2012) Model checking software architecture design. In: High-assurance systems engineering. IEEE, pp 193–200Google Scholar

Copyright information

© British Computer Society 2019

Authors and Affiliations

  1. 1.Technische Universität MünchenInstitut für Informatik – Lehrstuhl IV (I4)Garching bei MünchenGermany

Personalised recommendations