Development of a verified Erlang program for resource locking
- 44 Downloads
In this paper, we describe a tool to verify Erlang programs and show, by means of an industrial case study, how this tool is used. The tool includes a number of components, including a translation component, a state space generation component and a model checking component.
To verify properties of the code, the tool first translates the Erlang code into a process algebraic specification. The outcome of the translation is made more efficient by taking advantage of the fact that software written in Erlang builds upon software design patterns such as client–server behaviours. A labelled transition system is constructed from the specification by use of the μCRL toolset. The resulting labelled transition system is model checked against a set of properties formulated in the μ-calculus using the Caesar/Aldébaran toolset.
As a case study we focus on a simplified resource manager modelled on a real implementation in the control software of the AXD 301 ATM switch. Some of the key properties we verified for the program are mutual exclusion and non-starvation. Since the toolset supports only the regular alternation-free μ-calculus, some ingenuity is needed for checking the liveness property “non-starvation”. The case study has been refined step by step to provide more functionality, with each step motivated by a corresponding formal verification using model checking .
KeywordsFormal methods Software verification Model checking Functional programming Erlang
Unable to display preview. Download preview PDF.
- 1.Armstrong JL, Virding SR, Williams MC, Wikström C (1996) Concurrent programming in Erlang, 2nd edn. Prentice-Hall, Upper Saddle River, NJ Google Scholar
- 2.Arts T, Benac Earle C (2001) Development of a verified distributed resource locker. In: Proceedings of FMICS, Paris, July 2001 Google Scholar
- 3.Arts T, Benac Earle C, Derrick J (2002) Verifying Erlang code: a resource locker case-study. In: Proceedings of the Formal Methods Europe symposium (FME02), Copenhagen, July 2002 Google Scholar
- 4.Arts T, Dam M, Fredlund LÅ, Gurov D (1998) System description: verification of distributed Erlang programs. In: Proceedings of CADE’98, Lindau, July 1998. Lecture notes in artificial intelligence, vol 1421, Springer, Berlin Heidelberg New York, pp 38–42 Google Scholar
- 5.Arts T, Noll T (2000) Verifying generic Erlang client-server implementations. In: Proceedings of IFL2000, Aachen, Germany, September 2000. Lecture notes in computer science, vol 2011, Springer, Berlin Heidelberg New York, pp 37–53 Google Scholar
- 6.Arts T, Sánchez Penas JJ (2002) Global schedular properties derived from local restrictions. In: Proceedings of the ACM SIGPLAN Erlang workshop, Pittsburgh, October 2002 Google Scholar
- 7.Blau S, Rooth J (1998) AXD 301 – a new generation ATM switching system. Ericsson Rev 1:10–17 Google Scholar
- 8.Bollig B, Leucker M, Weber M (2001) Local parallel model checking for the alternation free μ–Calculus. In: Proceedings of the 9th international SPIN workshop on model checking software, Grenoble, France, April 2002. Lecture notes in computer science, vol 2318, Springer, Berlin Heidelberg New York, pp 128–147 Google Scholar
- 9.Clarke EM, Grumberg O, Peled D (1999) Model checking. MIT Press, Cambridge, MA Google Scholar
- 10.Corbett J, Dwyer M, Hatcliff L (2000) Bandera: a source-level interface for model checking Java programs. In: Proceedings of the teaching and research demos at ICSE’00, Limerick, Ireland, 4–11 June 2000 Google Scholar
- 11.CWI (1999) A language and tool set to study communicating processes with data. Available at: http://www.cwi.nl/∼mcrl Google Scholar
- 12.Emerson EA, Lei CL (1986) Efficient model checking in fragments of the propositional Mu-Calculus, In: Proceedings of the 1st LICS, Cambridge, MA, June 1986, pp 267–278 Google Scholar
- 13.Open Source Erlang (1999) http://www.erlang.org Google Scholar
- 14.Fredlund L-Å et al (2003) A tool for verifying software written in Erlang, Int J Software Tools Technol Trans (in press) (http://link.springer.de/) Google Scholar
- 15.Fernandez JC, Garavel H, Kerbrat A, Mateescu R, Mounier L, Sighireau M (1996) Cadp (Caesar/Aldébaran development package): a protocol validation and verification toolbox. In: Proceedings of CAV, New Brunswick, NJ, July 1996. Lecture notes in computer science, vol 1102, Springer, Berlin Heidelberg New York, pp 437–440 Google Scholar
- 16.Groote JF (1997) The syntax and semantics of timed μCRL. Technical report SEN-R9709, CWI, June 1997. Available at: http://www.cwi.nl Google Scholar
- 18.Holzmann G (1991) The design and validation of computer protocols. Prentice-Hall, Upper Saddle River, NJ Google Scholar
- 19.Huch F (1999) Verification of Erlang programs using abstract interpretation and model checking. In: Proceedings of ICFP’99, Paris, September 1999 Google Scholar
- 21.Milner R (1980) A calculus of communicating systems. Springer, Berlin Heidelberg New York Google Scholar
- 22.Van de Pol JC (2001) A prover for the μCRL toolset with applications, version 0.1. Technical report SEN-R0106, CWI, Amsterdam. Available at: http://www.cwi.nl Google Scholar
- 23.Wells D (1999) Extreme programming: a gentle introduction. Available at: http://www. extremeprogramming.org Google Scholar
- 24.Wouters AG (2001) Manual for the μCRL tool set, version 2.8.2. Technical report SEN-R0130, CWI, AmsterdamGoogle Scholar