Advertisement

Exploring very large state spaces using genetic algorithms

  • Patrice GodefroidEmail author
  • Sarfraz Khurshid
Special section on tools and algorithms for the construction and analysis of systems

Abstract

We present a novel framework for exploring very large state spaces of concurrent reactive systems. Our framework exploits application-independent heuristics using genetic algorithms to guide a state-space search toward error states. We have implemented this framework in conjunction with VeriSoft, a tool for exploring the state spaces of software applications composed of several concurrent processes executing arbitrary code. We present experimental results obtained with several examples of programs, including a C implementation of a public-key authentication protocol. We discuss heuristics and properties of state spaces that help a genetic search detect deadlocks and assertion violations. For finding errors in very large state spaces, our experiments show that a genetic search using simple heuristics can significantly outperform random and systematic searches.

Keywords

Model checking Verification State-space exploration Heuristics Genetic algorithms  

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Beyer H-G, Schwefel H-P (2002) Evolution strategies – a comprehensive introduction. Nat Comput 1(1)Google Scholar
  2. 2.
    Boigelot B, Godefroid P (1996) Model checking in practice: an analysis of the ACCESS.bus protocol using SPIN. In: Proceedings of Formal Methods Europe’96, Oxford, March 1996. Lecture notes in computer science, vol 1051. Springer, Berlin Heidelberg New York, pp 465–478Google Scholar
  3. 3.
    Bueno SPM, Jino M (2000) Identification of potentially infeasible program paths by monitoring the search for test data. In: Proceedings of the 15th IEEE international conference on automated software engineering (ASE), Grenoble, France, September 2000Google Scholar
  4. 4.
    Clarke EM, Grumberg O, Hiraishi H, Jha S, Long DE, McMillan KL, Ness LA (1993) Verification of the Futurebus+ cache coherence protocol. In: Proceedings of the 11th international symposium on computer hardware description languages and their apllications. North-Holland, AmsterdamGoogle Scholar
  5. 5.
    Clarke EM, Grumberg O, Peled DA (1999) Model checking. MIT Press, Cambridge, MAGoogle Scholar
  6. 6.
    Edelkamp S, Lafuente AL, Leue S (2001) Directed explicit model checking with hsf-spin. In: Proceedings of the 2001 SPIN workshop, May 2001. Lecture notes in computer science, vol 2057. Springer, Berlin Heidelberg New York, pp 57–79Google Scholar
  7. 7.
    Eiben AE, Hinterding R, Michalewicz Z (1999) Parameter control in evolutionary algorithms. IEEE Trans Evolut Comput 3(2):124–141CrossRefGoogle Scholar
  8. 8.
    Eiben AE, van Hemert JI, Marchiori E, Steenbeek AG (1998) Solving binary constraint satisfaction problems using evolutionary algorithms with an adaptive fitness function. In: Proceedings of the 5th conference on parallel problem solving from nature, pp 196–205Google Scholar
  9. 9.
    Godefroid P (1996) Partial-order methods for the verification of concurrent systems – an approach to the state-explosion problem. Lecture notes in computer science, vol 1032. Springer, Berlin Heidelberg New YorkGoogle Scholar
  10. 10.
    Godefroid P (1997) Model checking for programming languages using VeriSoft. In: Proceedings of the 24th annual ACM symposium on the principles of programming languages (POPL), Paris, January 1997, pp 174–186Google Scholar
  11. 11.
    Godefroid P, Hanmer R, Jagadeesan L (1998) Model checking without a model: an analysis of the heart-beat monitor of a telephone switch using VeriSoft. In: Proceedings of ACM SIGSOFT ISSTA’98 (international symposium on software testing and analysis), Clearwater Beach, FL, March 1998, pp 124–133Google Scholar
  12. 12.
    Goldberg DE (1989) Genetic algorithms in search, optimization, and machine learning. Addison-Wesley, Reading, MAGoogle Scholar
  13. 13.
    Groce A, Visser W (2002) Model checking Java programs using structural heuristics. In: Proceedings of the international symposium on software testing and analysis (ISSTA), Rome, July 2002, pp 12–21Google Scholar
  14. 14.
    Holland J (1975) Adaptation in natural and artificial systems. University of Michigan Press, Ann Arbor, MIGoogle Scholar
  15. 15.
    Jones BF, Sthamer HH, Eyres DE (1996) Automatic structural testing using genetic algorithms. Softw Eng J 11(5):299–306CrossRefGoogle Scholar
  16. 16.
    Khurshid S (2001) Testing an intentional naming system using genetic algorithms. In: Proceedings of the 7th international conference on tools and algorithms for construction and analysis of systems (TACAS), Genoa, Italy, April 2001, pp 358-372Google Scholar
  17. 17.
    Lowe G (1995) An attack on the Needham–Schroeder public-key authentication protocol. Inf Process Lett 56(3)::131–133Google Scholar
  18. 18.
    Needham R, Schroeder M (1978) Using encryption for authentication in large networks of computers. Commun ACM 21(12):993–999CrossRefGoogle Scholar
  19. 19.
    Pargas RP, Harrold MJ, Peck R (1999) Test-data generation using genetic algorithms. J Softw Test Verif Reliabil 9(4):263–282CrossRefGoogle Scholar
  20. 20.
    Rechenberg I (1973) Evolutionsstrategie: Optimierung technischer Systeme nach Prinzipien der biologischen Evolution. Frommann-Holzbog, StuttgartGoogle Scholar
  21. 21.
    Ross P, Corne D (1994) Applications of genetic algorithms. AISB Q Evolut Comput 89:23–30Google Scholar
  22. 22.
    Rudin H (1992) Protocol development success stories: Part I. In: Proceedings of the 12th IFIP WG 6.1 international symposium on protocol specification, testing, and verification, Lake Buena Vista, FL, June 1992. North-Holland, AmsterdamGoogle Scholar
  23. 23.
    Schoofs L, Naudts B (2000) Solving CSP instances beyond the phase transition using evolutionary algorithms. In: Proceedings of the 6th conference on parallel problem solving from nature. Springer, Berlin Heidelberg New York, pp 549-558Google Scholar
  24. 24.
    Schraudolph NN, Belew RK (1992) Dynamic parameter encoding for genetic algorithms. Mach Learn 9(1):9–21Google Scholar
  25. 25.
    Schultz AC, Grefenstette JJ, De Jong KA (1997) Learning to break things: adaptive testing of intelligent controllers. In: Baeck T, Fogel DB, Michalewicz Z (eds) Handbook of evolutionary computation, Institute of Physics, Bristol, UKGoogle Scholar
  26. 26.
    Sthamer H, Wegener J, Baresel A (2002) Using evolutionary testing to improve efficiency and quality in software testing. In: Proceedings of the 2nd Asia-Pacific conference on software testing analysis and review, Melbourne, AustraliaGoogle Scholar
  27. 27.
    Van Hemert J (2002) Comparing classical methods for solving binary constraint satisfaction problems with state of the art evolutionary computation. In: Applications of evolutionary computing, pp 81–90Google Scholar
  28. 28.
    Wegener J, Grochtmann M (1998) Verifying timing constraints of real-time systems by means of evolutionary testing. Real Time Sys 15(3):275–298CrossRefGoogle Scholar
  29. 29.
    Yang CH (1998) Prioritized model checking. PhD thesis, Stanford University, Stanford, CAGoogle Scholar

Copyright information

© Springer-Verlag 2004

Authors and Affiliations

  1. 1.Lucent TechnologiesBell LaboratoriesLisleUSA
  2. 2.Laboratory for Computer ScienceMassachusetts Institute of TechnologyCambridgeUSA

Personalised recommendations