Software & Systems Modeling

, Volume 15, Issue 2, pp 427–451 | Cite as

Component-based verification using incremental design and invariants

  • Saddek Bensalem
  • Marius Bozga
  • Axel Legay
  • Thanh-Hung Nguyen
  • Joseph Sifakis
  • Rongjie Yan
Regular Paper


We propose invariant-based techniques for the efficient verification of safety and deadlock-freedom properties of component-based systems. Components and their interactions are described in the BIP language. Global invariants of composite components are obtained by combining local invariants of their constituent components with interaction invariants that take interactions into account. We study new techniques for computing interaction invariants. Some of these techniques are incremental, i.e., interaction invariants of a composite hierarchically structured component are computed by reusing invariants of its constituents. We formalize incremental construction of components in the BIP language as the process of building progressively complex components by adding interactions (synchronization constraints) to atomic components. We provide sufficient conditions ensuring preservation of invariants when new interactions are added. When these conditions are not satisfied, we propose methods for generating new invariants in an incremental manner by reusing existing invariants from the constituents in the incremental construction. The reuse of existing invariants reduces considerably the overall verification effort. The techniques have been implemented in the D-Finder toolset. Among the experiments conducted, we have been capable of verifying safety properties and deadlock-freedom of sub-systems of the functional level of the DALA autonomous robot. This work goes far beyond the capacity of existing monolithic verification tools.


Verification method Invariant Component-based systems Incremental design Verification tools Deadlock-freedom BIP 


  1. 1.
    Abdellatif, T., Combaz, J., Sifakis J.: Model-based implementation of real-time applications. In: EMSOFT, pp. 229–238, Scottsdale, AZ, USA (2010)Google Scholar
  2. 2.
    Alfaro, L.D., Henzinger, T.A.: Interface theories for component-based design. In: EMSOFT, pp. 148–165. Springer (2001)Google Scholar
  3. 3.
    Alur, R., Henzinger, T.A.: Reactive modules. Form. Methods Syst. Des. 15(1), 7–48 (1999)MathSciNetCrossRefGoogle Scholar
  4. 4.
    Balarin, F., Lavagno, L., Passerone, C., Sangiovanni-Vincentelli, A., Sgroi, M., Watanabe Y.: Modeling and designing heterogeneous systems. In: Concurrency and Hardware Design, pp. 228–273 (2002)Google Scholar
  5. 5.
    Ball, T., Cook, B., Levin, V., Rajamani, S.K.: SLAM and static driver verifier: Technology transfer of formal methods inside Microsoft. In: IFM, pp. 1–20. Springer (2004)Google Scholar
  6. 6.
    Ball, T., Rajamani, S.K.: The SLAM toolkit. In: CAV, pp. 260–264 (2001)Google Scholar
  7. 7.
    Ball, T., Rajamani S.K.: The SLAM project: debugging system software via static analysis. In: POPL, pp. 1–3 (2002)Google Scholar
  8. 8.
    Basu, A., Bensalem, S., Bozga, M., Bourgos, P., Maheshwari, M., Sifakis, J.: Component assemblies in the context of manycore. In: FMCO, pp. 314–333 (2011)Google Scholar
  9. 9.
    Basu, A., Bensalem, S., Bozga, M., Caillaud, B., Delahaye, B., Legay, A.: Statistical abstraction and model-checking of large heterogeneous systems. In: FMOODS/FORTE, vol. 6117, LNCS, pp. 32–46. Springer (2010)Google Scholar
  10. 10.
    Basu, A., Bensalem, S., Bozga, M., Combaz, J., Jaber, M., Nguyen, T.-H., Sifakis, J.: Rigorous component-based system design using the bip framework. IEEE Softw. 28(3), 41–48 (2011)CrossRefGoogle Scholar
  11. 11.
    Basu, A., Bensalem, S., Bozga, M., Delahaye, B., Legay, A., Sifakis, E.: Verification of an afdx infrastructure using simulations and probabilities. In: RV, pp. 330–344. Springer (2010)Google Scholar
  12. 12.
    Basu, A., Bozga, M., Sifakis, J.: Modeling heterogeneous real-time components in BIP. In: SEFM, pp. 3–12. IEEE Computer Society (2006)Google Scholar
  13. 13.
    Basu, A., Mounier, L., Poulhis, M., Pulou, J., Sifakis, J.: Using BIP for modeling and verification of networked systems—a case study on tinyos-based networks. In: NCA, pp. 257–260 (2007)Google Scholar
  14. 14.
    Bensalem, S., Bozga, M., Delahaye, B., Jegourel, C., Legay, A., Nouri, A.: Statistical model checking qos properties of systems with SBIP. In: ISOLA, pp. 327–341 (2012)Google Scholar
  15. 15.
    Bensalem, S., Bozga, M., Legay, A., Nguyen, T.-H., Sifakis, J., Yan, R.: Incremental component-based construction and verification using invariants. In: FMCAD, pp. 257–265 (2010)Google Scholar
  16. 16.
    Bensalem, S., Bozga, M., Nguyen, T.-H., Sifakis, J.: Compositional verification for component-based systems and application. In: ATVA, pp. 64–79. Springer (2008)Google Scholar
  17. 17.
    Bensalem, S., Bozga, M., Nguyen, T.-H., Sifakis J.: D-Finder: A tool for compositional deadlock detection and verification. In: CAV, pp. 614–619. Springer (2009)Google Scholar
  18. 18.
    Bensalem, S., Bozga, M., Nguyen, T.-H., Sifakis, J.: Compositional verification for component-based systems and application. IET Softw. 4, 179–235 (2010)CrossRefzbMATHGoogle Scholar
  19. 19.
    Bensalem, S., de Silva, L., Gallien, M., Ingrand, F., Yan, R.: “Rock solid” software: a verifiable and correct by construction controller for rover and spacecraft functional layers. In: ISAIRAS, pp. 859–866 (2010)Google Scholar
  20. 20.
    Bensalem, S., de Silva, L., Griesmayer, A., Ingrand, F., Legay, A., Yan, R.: A formal approach for incremental construction with an application to autonomous robotic systems. In: SC, vol. 6708, pp. 116–132. Springer (2011)Google Scholar
  21. 21.
    Bensalem, S., Gallien, M., Ingrand, F., Kahloul, I., Nguyen, T.-H.: Toward a more dependable software architecture for autonomous robots. IEEE Robot. Autom. Mag. 16(1), 1–11 (2009)CrossRefGoogle Scholar
  22. 22.
    Bensalem, S., Griesmayer, A., Legay, A., Nguyen, T.-H., Peled, D.: Efficient deadlock detection for concurrent systems. In: MEMOCODE, pp. 119–129 (2011)Google Scholar
  23. 23.
    Bensalem, S., Legay, A., Nguyen, T.-H., Sifakis, J., Yan, R.: Incremental invariant generation for compositional design. In: TASE, pp. 157–167 (2010)Google Scholar
  24. 24.
    Beyer, D., Henzinger, T.A., Jhala, R., Majumdar, R.: The software model checker BLAST: applications to software engineering. STTT 9(5–6), 505–525 (2007)CrossRefGoogle Scholar
  25. 25.
  26. 26.
    Bliudze, S., Sifakis, J.: The algeba of connectors—structuring interaction in BIP. IEEE Trans. Comput. 57, 1315–1330 (October 2008)Google Scholar
  27. 27.
  28. 28.
    Bozga, M., Jaber, M., Maris, N., Sifakis, J.: Modeling dynamic architectures using Dy-BIP. In: SC, pp. 1–16. Springer, Berlin (2012)Google Scholar
  29. 29.
    Bozga, M., Sfyrla, V., Sifakis, J.: Modeling synchronous Systems in BIP. In: EMSOFT, pp. 77–86. ACM, October (2009)Google Scholar
  30. 30.
    Chandy, K.M.: Parallel Program Design: A Foundation. Addison-Wesley Longman, Boston (1988)zbMATHGoogle Scholar
  31. 31.
    Chaudron, M.R.V., Eskenazi, E.M., Fioukov, A.V., Hammer D.K.: A framework for formal component-based software architecting. In: SAVCBS, pp. 73–80 (2001)Google Scholar
  32. 32.
    Cheng, A., Esparza, J., Palsberg, J.: Complexity results for 1-safe nets. In: FSTTCS, pp. 326–337. Springer, London, UK (1993)Google Scholar
  33. 33.
    Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M.: NuSMV: a new symbolic model checker. Int. J. Softw. Tools Technol. Transf. 2, 410–425 (2000)CrossRefzbMATHGoogle Scholar
  34. 34.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. The MIT Press, Cambridge (1999)Google Scholar
  35. 35.
    Cobleigh, J.M., Avrunin, G.S., Clarke, L.A.: Breaking up is hard to do: an evaluation of automated assume-guarantee reasoning. ACM Trans. Softw. Eng. Methodol. 17(2), 1–52 (2008)CrossRefGoogle Scholar
  36. 36.
    Cobleigh, J.M., Giannakopoulou, D., Pasareanu, C.S.: Learning assumptions for compositional verification. In: TACAS, pp. 331–346 (2003)Google Scholar
  37. 37.
  38. 38.
    Conway, C.L., Namjoshi, K.S., Dams, D., Edwards, S.A.: Incremental algorithms for inter-procedural analysis of safety properties. In: CAV, pp. 449–461. Springer (2005)Google Scholar
  39. 39.
    Cook, B., Podelski, A., Rybalchenko, A.: Terminator: beyond safety. In: CAV, pp. 415–418 (2006)Google Scholar
  40. 40.
    David, A., Larsen, K.G., Legay, A., Nyman, U., Wasowski, A.: Timed i/o automata: A complete specification theory for real-time systems. In: HSCC, pp. 91–100. ACM, New York, NY, USA (2010)Google Scholar
  41. 41.
    David, A., Larsen, K.G., Legay, A., Nyman, U., Wasowski, A.: Timed I/O automata: a complete specification theory for real-time systems. In: HSCC, pp. 91–100 (2010)Google Scholar
  42. 42.
    de Alfaro, L., da Silva, L.D., Faella, M., Legay, A., Roy, P., Sorea, M.: Sociable interfaces. In: FroCos, pp. 81–105 (2005)Google Scholar
  43. 43.
    de Roever, W.-P., de Boer, F., Hannemann, U., Hooman, J., Lakhnech, Y., Poel, M., Zwiers, J.: Concurrency Verification: Introduction to Compositional and Noncompositional Methods. Cambridge University Press, Cambridge (2000)zbMATHGoogle Scholar
  44. 44.
    Dutertre, B., de Moura, L.: A fast linear-arithmetic solver for DPLL(T). In: CAV, pp. 81–94. Springer (2006)Google Scholar
  45. 45.
    Farzan, A., Chen, Y.-F., Clarke, E. M., Tsay, Y.-K. , Wang, B.-Y.: Extending automated compositional verification to the full class of omega-regular languages. In: TACAS, pp. 2–17. Springer (2008)Google Scholar
  46. 46.
    Flanagan, C., Qadeer, S.: Thread-modular model checking. In: SPIN, pp. 213–224. Springer (2003)Google Scholar
  47. 47.
    Fleury, S., Herrb, M., Chatila, R.: GenoM: a tool for the specification and the implementation of operating modules in a distributed robot architecture. In: IROS, pp. 842–848 (1997)Google Scholar
  48. 48.
    Fritzson, P., Engelson, V.: Modelica a unified object-oriented language for system modeling and simulation. In: ECOOP, pp. 67–90 (1998)Google Scholar
  49. 49.
    Giannakopoulou, D., Păsăreanu, C. S., Barringer, H.: Assumption generation for software component verification. In: ASE, pp. 3–12. IEEE Computer Society (2002)Google Scholar
  50. 50.
    Gößler, G., Sifakis,. J.: Priority systems. In: FMCO, pp. 314–329 (2003)Google Scholar
  51. 51.
    Gupta, A., Popeea, C., Rybalchenko, A.: Predicate abstraction and refinement for verifying multi-threaded programs. In POPL, pages 331–344. ACM, 2011Google Scholar
  52. 52.
    Heimbold, D., Luckham, D.: Debugging Ada tasking programs. IEEE Softw. 2(2), 47–57 (1985)CrossRefGoogle Scholar
  53. 53.
    Henzinger, T.A., Hottelier, T., Kovács, L., Rybalchenko, A.: Aligators for arrays. In: LPAR, TACAS, pp. 348–356 (2010)Google Scholar
  54. 54.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL, pp. 58–70. ACM (2002)Google Scholar
  55. 55.
    Henzinger, T.A., Qadeer, S., Rajamani, S. K.: You assume, we guarantee: methodology and case studies. In: CAV, pp. 440–451. Springer (1998)Google Scholar
  56. 56.
    Hermenegildo, M., Puebla, G., Marriott, K., Stuckey, P.J.: Incremental analysis of constraint logic programs. ACM Trans. Program. Lang. Syst. 22(2), 187–223 (Mar. 2000)Google Scholar
  57. 57.
    Jones, C.B.: Specification and design of (parallel) programs. In: IFIP Congress, pp. 321–332 (1983)Google Scholar
  58. 58.
    Khendek, F., Bochmann, G.V.: Incremental construction approach for distributed system specifications. In: Proceedings of the International Symposium on Formal Description, Techniques, pp. 26–29 (1993)Google Scholar
  59. 59.
    Larsen, K.G.: Modal specifications. In: Automatic Verification Methods for Finite State Systems, pp. 232–246 (1989)Google Scholar
  60. 60.
    Lau, K.-K., Ng, K.-Y., Rana,T., Tran, C.M.: Incremental construction of component-based systems. In: CBSE, pp. 41–50. ACM, New York, NY, USA (2012)Google Scholar
  61. 61.
    Lynch, N.A., Tuttle, M.R.: An introduction to input/output automata. CWI Q. 2, 219–246 (1989)MathSciNetzbMATHGoogle Scholar
  62. 62.
    Manna, Z., Pnueli, A.: Temporal Verification of Reactive Systems: Safety. Springer, New York (1995)CrossRefzbMATHGoogle Scholar
  63. 63.
    Moura, L.D., Bjørner, N.: Z3: an efficient SMT solver. In: TACAS, pp. 337–340. Springer (2008)Google Scholar
  64. 64.
    Nguyen, T.-H.: Constructive Verification of Component-Based Systems. PhD Thesis, Institut National Polytechnique de Grenoble (2010)Google Scholar
  65. 65.
    Patil, S.S.: Limitations and Capabilities of Dijkstra’s Semaphore Primitives for Coordination among Processes. Cambridge, MA: MIT, Project MAC, Computation Structures Group Memo 57, Feb (1971)Google Scholar
  66. 66.
    Pnueli, A.: In transition from global to modular temporal reasoning about programs. Log. Models Concurr. Syst. F13, 123–144 (1985)MathSciNetCrossRefzbMATHGoogle Scholar
  67. 67.
    Popeea, C., Rybalchenko, A.: Compositional termination proofs for multi-threaded programs. In: TACAS, pp. 237–251 (2012)Google Scholar
  68. 68.
    Queille, J.-P., Sifakis, J.: Specification and verification of concurrent systems in CESAR. In: ICALP, pp. 337–351. Springer (1982)Google Scholar
  69. 69.
    Somenzi, F.: CUDD: CU decision diagram packageGoogle Scholar
  70. 70.
    Team, O.: The Omega, library (1996)Google Scholar
  71. 71.
    Thiele, L., Bacivarov, I., Haid, W., Huang, K.: Mapping Applications to Tiled Multiprocessor Embedded Systems. In: ACSD, pp. 29–40. IEEE Computer Society (2007)Google Scholar
  72. 72.
    Tripakis, S., Stergiou, C., Shaver, C., Lee, E.A.: A modular formal semantics for ptolemy. Math. Struct. Comput. Sci. 23, 834–881 (2013)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Saddek Bensalem
    • 1
  • Marius Bozga
    • 1
  • Axel Legay
    • 2
  • Thanh-Hung Nguyen
    • 3
  • Joseph Sifakis
    • 1
  • Rongjie Yan
    • 4
  1. 1.UJF-Grenoble 1/CNRS, VERIMAG UMR 5104GrenobleFrance
  2. 2.INRIA/IRISARennesFrance
  3. 3.Department of Software EngineeringHanoi University of Science and TechnologyHanoiVietnam
  4. 4.State Key Laboratory of Computer ScienceBeijingChina

Personalised recommendations