Software & Systems Modeling

, Volume 7, Issue 2, pp 237–252 | Cite as

Assert and negate revisited: Modal semantics for UML sequence diagrams

  • David HarelEmail author
  • Shahar Maoz
Regular Paper


Live Sequence Charts (LSC) extend Message Sequence Charts (MSC), mainly by distinguishing possible from necessary behavior. They thus enable the specification of rich multi-modal scenario-based properties, such as mandatory, possible and forbidden scenarios. The sequence diagrams of UML 2.0 enrich those of previous versions of UML by two new operators, assert and negate, for specifying required and forbidden behaviors, which appear to have been inspired by LSC. The UML 2.0 semantics of sequence diagrams, however, being based on pairs of valid and invalid sets of traces, is inadequate, and prevents the new operators from being used effectively.

We propose an extension of, and a different semantics for this UML language—Modal Sequence Diagrams (MSD)—based on the universal/existential modal semantics of LSC. In particular, in MSD assert and negate are really modalities, not operators. We define MSD as a UML 2.0 profile, thus paving the way to apply formal verification, synthesis, and scenario-based execution techniques from LSC to the mainstream UML standard.


UML Interactions Sequence diagrams Live sequence charts Standardization Formal semantics 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bontemps, Y., Heymans, P.: Turning high-level sequence charts into automata. In: Proceedings of the 1st international workshop on scenarios and state machines (SCESM’02), at the 24th international conference on software engineering (ICSE’02) (2002)Google Scholar
  2. 2.
    Booch G., Rumbaugh J. and Jacobson I. (2005). The unified modeling language user guide. Addison Wesley, Reading Google Scholar
  3. 3.
    Bunker A., Gopalakrishnan G. and Slind K. (2005). Live sequence charts applied to hardware requirements specification and verification: a VCI bus interface model. Software Tools Technol. Trans. 7(4): 341–350 CrossRefGoogle Scholar
  4. 4.
    Cavarra A. and Filipe J.K. (2005). Combining sequence diagrams and OCL for liveness. Electr. Notes Theor. Comput. Sci. 115: 19–38 CrossRefGoogle Scholar
  5. 5.
    Cengarle, M., Knapp, A.: UML 2.0 Interactions: semantics and refinement. In: Jürjens, J., Fernández, E.B., France, R., Rumpe, B. (eds.) 3rd International workshop on critical systems development with UML (CSDUML’04), pp. 85–99 (2004)Google Scholar
  6. 6.
    Combes, P., Harel, D., Kugler, H.: Modeling and verification of a telecommunication application using live sequence charts and the play-engine tool, LNCS, vol. 3707, pp. 414–428 (2005)Google Scholar
  7. 7.
    Damm, W., Harel, D.: LSCs: breathing life into message sequence charts. J. Formal Methods Syst. Des. 19(1), 45–80 (2001). Preliminary version in: Ciancarini, P., Fantechi, A., Gorrieri, R. (eds.) Proceedings of the 3rd IFIP international conference on formal methods for open object-based distributed systems (FMOODS’99), pp. 293–312, Kluwer Academic Publishers, Dordrecht (1999)Google Scholar
  8. 8.
    Damm W. and Westphal B. (2005). Live and let die: LSC-based verification of UML-models. Sci. Comput. Program. 55(1–3): 117–159 zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    Fecher, H., Schönborn, J., Kyas, M., de Roever, W.P.: 29 New unclarities in the semantics of UML 2.0 state machines. In: Lau, K.K., Banach, R. (eds.) Proceedings of the 7th international conference on formal engineering methods (ICFEM’05), LNCS, vol. 3785, pp. 52–65 (2005)Google Scholar
  10. 10.
    Gastin, P., Oddoux, D.: Fast LTL to Büchi automata translation. In: Berry, G., Comon, H., Finkel, A. (eds.) Proceedings 13th International Conference on computer aided verification (CAV’01), LNCS, vol. 2102, pp. 53–65. Springer, Heidelberg (2001)Google Scholar
  11. 11.
    Grosu, R., Smolka, S.A.: Safety-liveness semantics for UML 2.0 sequence diagrams. In: 5th international conference on application of concurrency to system design (ACSD’05), pp. 6–14. IEEE Computer Society (2005)Google Scholar
  12. 12.
    Harel, D., Kleinbrot, A., Maoz, S.: S2A: A compiler for multi-modal UML sequence diagrams. In: Proceedings of the 10th international conference on fundamental approaches to software engineering (FASE’07), LNCS, vol. 4422, pp. 121–124, Springer, Heidelberg (2007)Google Scholar
  13. 13.
    Harel D. and Kugler H. (2002). Synthesizing state-based object systems from LSC specifications. Int. J. Foundations Comput. Sci. 13(1): 5–51 zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Harel, D., Kugler, H., Pnueli, A.: Synthesis revisited: generating statechart models from scenario-based requirements. LNCS, vol. 3393, pp. 309–324 (2005)Google Scholar
  15. 15.
    Harel, D., Maoz, S.: Assert and negate revisited: modal semantics for UML sequence diagrams. In: Proceedings of the 5th international workshop on scenarios and state machines (SCESM’06), at the 28th international conference on software engineering (ICSE’06), pp. 13–20, ACM Press, New York (2006)Google Scholar
  16. 16.
    Harel, D., Marelly R.: Come, let’s play: scenario-based programming using LSCs and the play-engine. Springer, Heidelberg (2003)Google Scholar
  17. 17.
    Haugen, Ø., Husa, K.E., Runde, R.K., Stølen, K.: STAIRS towards formal design with sequence diagrams. Software Syst. Model. (SoSyM) 4(4), 355–367 (2005)Google Scholar
  18. 18.
    ITU: International telecommunication union recommendation z.120: Message sequence charts. Tech. rep. (1996)Google Scholar
  19. 19.
    Klose, J., Toben T., Westphal, B., Wittke, H.: Check it out: on the efficient formal verification of live sequence charts. In: Ball, T., Jones, R.B. (eds.) Proceedings 18th international conference on computer aided verification (CAV’06), LNCS, vol. 4144, pp. 219–233, Springer, Heidelberg (2006)Google Scholar
  20. 20.
    Klose, J., Wittke, H.: An automata based interpretation of live sequence chart. In: Margaria, T., Yi, W. (eds.) Proceedings 7th international conference on tools and algorithms for the construction and analysis of systems (TACAS’01), LNCS, vol. 2031. Springer, Heidelberg (2001)Google Scholar
  21. 21.
    Knapp, A., Wuttke, J.: Model checking of UML 2.0 interactions. In: Houmb, S.H., Georg, G., France, R., Petriu, D.C., Jürjens, J. (eds.) Proceedings of the international workshop on critical systems development using modeling languages (CSDUML’06), pp. 52–67 (2006)Google Scholar
  22. 22.
    Kugler, H., Harel, D., Pnueli, A., Lu, Y., Bontemps, Y.: Temporal logic for scenario-based specifications. In: Proceedings of the 11th international conference on tools and algorithms for the construction and analysis of systems (TACAS’05), LNCS, vol. 3440, pp. 445–460. Springer, Heidelberg (2005)Google Scholar
  23. 23.
    Kupferman O. and Vardi M. (2001). Weak alternating automata are not that weak. ACM Trans. Comput. Log. 2(3): 408–429 CrossRefMathSciNetGoogle Scholar
  24. 24.
    Kupferman O., Vardi M. and Wolper P. (2000). An automata-theoretic approach to branching-time model checking. J. ACM 47(2): 312–360 CrossRefMathSciNetGoogle Scholar
  25. 25.
    Lettrari, M., Klose, J.: Scenario-based monitoring and testing of real-time UML models. In: Gogolla, M., Kobryn, C. (eds.) UML, LNCS, vol. 2185, pp. 317–328. Springer, Heidelberg (2001)Google Scholar
  26. 26.
    Maoz, S., Harel, D.: From multi-modal scenarios to code: compiling LSCs into AspectJ. In: Proceedings of the 14th ACM SIGSOFT international symposium on foundations of software engineering (SIGSOFT’06/FSE-14), pp. 219–230. ACM Press, New York (2006)Google Scholar
  27. 27.
    Marelly, R., Harel, D., Kugler, H.: Multiple instances and symbolic variables in executable sequence charts. In: Proceedings of the international conference on object-oriented programming, languages, and applications (OOPSLA’02)Google Scholar
  28. 28.
    Miyano S. and Hayashi T. (1984). Alternating finite automata on ω-Words. Theor. Comp. Sci. 32: 321–330 zbMATHCrossRefMathSciNetGoogle Scholar
  29. 29.
    Muller D.E., Saoudi A. and Schupp P.E. (1992). Alternating automata, the weak monadic theory of trees and its complexity. Theor. Comput. Sci. 97(2): 233–244 zbMATHCrossRefMathSciNetGoogle Scholar
  30. 30.
    Runde R.K., Haugen Ø. and Stølen K. (2005). Refining UML interactions with underspecification and nondeterminism. Nordic J. Comput 12(2): 157–188 zbMATHMathSciNetGoogle Scholar
  31. 31.
    Schinz, I., Toben, T., Mrugalla, C., Westphal, B.: The rhapsody UML verification environment. In: Cuellar, J.R., Liu, Z. (eds.) Proceedings of the 2nd international conference on software engineering and formal methods (SEFM’04), Beijing, China, pp. 174–183. IEEE (2004)Google Scholar
  32. 32.
    Störrle, H.: Assert, negate and refinement in UML-2.0 interactions. In: Jürjens, J., Fernández, E.B., France, R., Rumpe, B. (eds.) Proceedings of the 3rd international workshop on critical systems development with the UML (CSDUML’04), pp. 79–94 (2004)Google Scholar
  33. 33.
    Störrle, H.: Trace semantics of UML 2.0 interactions. Tech. rep., University of Munich (2004)Google Scholar
  34. 34.
    UML: Unified modeling language superstructure specification, v2.0, formal/05-07-04. OMG specification, OMG (August 2005)Google Scholar
  35. 35.
    UML: unified modeling language testing profile, v1.0. OMG specification, OMG (July 2005)Google Scholar
  36. 36.
    Westphal, B.: LSC verification for UML models with unbounded creation and destruction. In: Cook, B., Stoller, S., Visser, W. (eds.) Proceedins workshop on software model checking (SoftMC’05), ENTCS, vol. 144, pp. 133–145. Elsevier, Dordrecht (2005)Google Scholar

Copyright information

© Springer-Verlag 2007

Authors and Affiliations

  1. 1.The Weizmann Institute of ScienceRehovotIsrael

Personalised recommendations