Software & Systems Modeling

, Volume 18, Issue 3, pp 1577–1611 | Cite as

Basic problems in multi-view modeling

  • Jan Reineke
  • Christos Stergiou
  • Stavros TripakisEmail author
Theme Section Paper


Modeling all aspects of a complex system within a single model is a difficult, if not impossible, task. Multi-view modeling is a methodology where different aspects of the system are captured by different models, or views. A key question then is consistency: if different views of a system have some degree of overlap, how can we guarantee that they are consistent, i.e., that they do not contradict each other? In this paper we formulate this and other basic problems in multi-view modeling within an abstract formal framework. We then instantiate this framework onto several discrete system settings: languages and automata over finite and infinite words, and symbolic transition systems; and study how checking view consistency and other problems can be solved in these settings.


Formal methods System modeling Views Verification Synthesis Consistency Automata Symbolic transition systems Projection Inverse projection 



We thank Kartik Nagar for pointing out an error in the proof of Theorem 4.7 in an earlier version of this paper and for suggesting how to fix the problem. We also thank Maria Pittou for discovering a bug in an earlier version of this paper and for pointing us to several related papers. Finally, we thank the anonymous reviewers for their feedback and suggestions, which in particular led to the addition of Sect. 1.2.


  1. 1.
    Alur, R., Dill, D.: A theory of timed automata. Theor. Comput. Sci. 126, 183–235 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Amaral, V., Hardebolle, C., Karsai, G., Lengyel, L., Levendovszky, T.: Recent advances in multi-paradigm modeling. In: MODELS, pp. 220–224. Springer, Berlin (2010)Google Scholar
  3. 3.
    Amaral, V., Hardebolle, C., Vangheluwe, H., Lengyel, L., Bunus, P.: Recent advances in multi-paradigm modeling. Electron. Commun. EASST. 50, 10 (2011)Google Scholar
  4. 4.
    Benveniste, A., Caillaud, B., Ferrari, A., Mangeruca, L., Passerone, R., Sofronis, C.: Multiple viewpoint contract-based specification and design. In: FMCO, pp. 200–225. Springer, Berlin (2008)Google Scholar
  5. 5.
    Bhave, A., Krogh, B.H., Garlan, D., Schmerl, B.: View consistency in architectures for cyber-physical systems. In: ICCPS 2011, pp. 151–160 (2011)Google Scholar
  6. 6.
    Blanc, X., Mounier, I., Mougenot, A., Mens, T.: Detecting model inconsistency through operation-based model construction. In: ICSE, pp. 511–520 (2008)Google Scholar
  7. 7.
    Broman, D., Lee, E.A., Tripakis, S., Törngren, M.: Viewpoints, formalisms, languages, and tools for cyber-physical systems. In: MPM (2012)Google Scholar
  8. 8.
    Broy, M.: Multi-view modeling of software systems. In: Formal Methods at the Crossroads, Volume 2757 of LNCS, pp. 207–225. Springer, Berlin (2003)Google Scholar
  9. 9.
    Broy, M.: A theory of system interaction: components, interfaces, and services. In: Goldin, Dina, Smolka, Scott A, Wegner, Peter (eds.) Interactive Computation, pp. 41–96. Springer, Berlin (2006)CrossRefGoogle Scholar
  10. 10.
    Broy, M.: Software and system modeling: structured multi-view modeling, specification, design and implementation. In: Hinchey, M., Coyle, L. (eds.) Conquering Complexity, pp. 309–372 (2012)Google Scholar
  11. 11.
    Cousot, P., Cousot, R.: Systematic design of program analysis frameworks. In: POPL, pp. 269–282. ACM, New York (1979)Google Scholar
  12. 12.
    Diethers, K., Huhn, M.: Vooduu: verification of object-oriented designs using UPPAAL. In: Jensen, K., Podelski, A. (eds.) TACAS, Volume 2988 of LNCS, pp. 139–143. Springer, Berlin (2004)Google Scholar
  13. 13.
    Dijkman, R.M.: Consistency in Multi-Viewpoint Architectural Design. Ph.D. thesis, University of Twente (2006)Google Scholar
  14. 14.
    Doyen, L., Henzinger, T., Jobstmann, B., Petrov, T.: Interface theories with component reuse. In: EMSOFT, pp. 79–88 (2008)Google Scholar
  15. 15.
    Easterbrook, S., Chechik, M.: A framework for multi-valued reasoning over inconsistent viewpoints. In: Proceedings of the 23rd International Conference on Software Engineering, ICSE ’01, pp. 411–420, IEEE Computer Society, Washington, DC (2001)Google Scholar
  16. 16.
    Egyed, A., Letier, E., Finkelstein, A.: Generating and evaluating choices for fixing inconsistencies in UML design models. In: 23rd IEEE/ACM International Conference on Automated Software Engineering (ASE), pp. 99–108 (2008)Google Scholar
  17. 17.
    Finkelstein, A., Gabbay, D., Hunter, A., Kramer, J., Nuseibeh, B.: Inconsistency handling in multiperspective specifications. IEEE TSE 20(8), 569–578 (1994)Google Scholar
  18. 18.
    Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman, New York (1979)zbMATHGoogle Scholar
  19. 19.
    Getir, S., Grunske, L., Bernasko, C. K., Käfer, V., Sanwald, T., Tichy, M.: CoWolf—a generic framework for multi-view co-evolution and evaluation of models. In: 8th International Conference on Theory and Practice of Model Transformations, ICMT, pp. 34–40 (2015)Google Scholar
  20. 20.
    Granger, P.: Improving the results of static analyses of programs by local decreasing iterations. In: Shyamasundar, R. (eds.) Foundations of software technology and theoretical computer science. FSTTCS 1992. Lecture notes in computer science, vol. 652, pp 68–79. Springer, Berlin, Heidelberg (1992)Google Scholar
  21. 21.
    Grundy, J., Hosking, J., Mugridge, W.B.: Inconsistency management for multiple-view software development environments. IEEE Trans. Softw. Eng. 24(11), 960–981 (1998)CrossRefGoogle Scholar
  22. 22.
    Henzinger, T.A., Nickovic, D.: Independent implementability of viewpoints. In: Monterey Workshop, Volume 7539 of LNCS, pp. 380–395. Springer, Berlin (2012)Google Scholar
  23. 23.
    Herzig, S.J.I., Qamar, A., Paredis, C.J.J.: An approach to identifying inconsistencies in model-based systems engineering. Proc. Comput. Sci. 28, 354–362 (2014)CrossRefGoogle Scholar
  24. 24.
    Holzmann, G.: The Spin Model Checker. Addison-Wesley, Reading (2003)Google Scholar
  25. 25.
    ISO/IEC/IEEE 42010:2011. Systems and software engineering—Architecture description, the latest edition of the original IEEE Std 1471:2000, Recommended Practice for Architectural Description of Software-intensive Systems. IEEE and ISO (2011)Google Scholar
  26. 26.
    Jackson, D.: Structuring Z Specifications with Views. Technical Report CMU-CS-94-126. CMU (1994)Google Scholar
  27. 27.
    Jackson, E.K., Levendovszky, T., Balasubramanian, D.: Automatically reasoning about metamodeling. Softw. Syst. Model. 14(1), 271–285 (2015)CrossRefGoogle Scholar
  28. 28.
    Jackson, E.K., Sztipanovits, J.: Formalizing the structural semantics of domain-specific modeling languages. Softw. Syst. Model. 8(4), 451–478 (2009)CrossRefGoogle Scholar
  29. 29.
    Jackson, M., Zave, P.: Distributed feature composition: a virtual architecture for telecommunications services. IEEE Trans. Softw. Eng. 24(10), 831–847 (1998)CrossRefGoogle Scholar
  30. 30.
    Kao, J.-Y., Rampersad, N., Shallit, J.: On NFAs where all states are final, initial, or both. Theor. Comput. Sci. 410(4749), 5010–5021 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Lucas, F.J., Molina, F., Toval, A.: A systematic review of UML model consistency management. Inf. Softw. Technol. 51(12), 1631–1645 (2009)CrossRefGoogle Scholar
  32. 32.
    Maoz, S., Ringert, J.O., Rumpe, B.: Semantically configurable consistency analysis for class and object diagrams. In: Whittle, J., Clark, T., Kühne, T. (eds.) Model driven engineering languages and systems. MODELS 2011. Lecture notes in computer science, vol. 6981, pp. 153–167. Springer, Berlin, Heidelberg (2011)Google Scholar
  33. 33.
    Maoz, S., Ringert, J.O., Rumpe, B.: Verifying component and connector models against crosscutting structural views. In: ICSE, pp. 95–105. ACM, New York (2014)Google Scholar
  34. 34.
    Nejati, S., Sabetzadeh, M., Chechik, M., Easterbrook, S., Zave, P.: Matching and merging of statecharts specifications. In: 29th International Conference on Software Engineering (ICSE’07), pp. 54–64, May 2007Google Scholar
  35. 35.
    Persson, M., Törngren, M., Qamar, A., Westman, J., Biehl, M., Tripakis, S., Vangheluwe, H., Denil, J.: A characterization of integrated multi-view modeling for embedded systems. In: Proceedings of the 13th ACM & IEEE International Conference on Embedded Software (EMSOFT’13) (2013)Google Scholar
  36. 36.
    Pittou, M., Tripakis, S.: Checking multi-view consistency of discrete systems with respect to periodic sampling abstractions. In: The 13th International Conference Formal Aspects of Component Software (FACS 2016) (2016)Google Scholar
  37. 37.
    Pittou, M., Tripakis, S.: Multi-view consistency for infinitary regular languages. In: International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation—SAMOS XVI (2016)Google Scholar
  38. 38.
    Rajhans, A., Krogh, B.H.: Heterogeneous verification of cyber-physical systems using behavior relations. In: HSCC ’12, pp. 35–44. ACM, New York (2012)Google Scholar
  39. 39.
    Rajhans, A., Krogh, B.H.: Compositional heterogeneous abstraction. In: HSCC ’13, pp. 253–262. ACM, New York (2013)Google Scholar
  40. 40.
    Rasch, H., Wehrheim, H.: Checking consistency in UML diagrams: classes and state machines. In: Proceedings of 6th IFIP WG 6.1 International Conference Formal Methods for Open Object-Based Distributed Systems, FMOODS 2003, Paris, France, November 19–21, 2003, pp. 229–243 (2003)Google Scholar
  41. 41.
    Reineke, J., Tripakis, S.: Basic problems in multi-view modeling. In: Tools and Algorithms for the Construction and Analysis of Systems—TACAS 2014 (2014)Google Scholar
  42. 42.
    Sabetzadeh, M., Nejati, S., Easterbrook, S., Chechik, M.: A relationship-driven framework for model merging. In: Proceedings of the International Workshop on Modeling in Software Engineering, MISE ’07, p. 2. IEEE Computer Society, Washington, DC (2007)Google Scholar
  43. 43.
    Sistla, A.P., Vardi, M.Y., Wolper, P., Wolper, P.: The complementation problem for Büchi automata with applications to temporal logic. Theor. Comput. Sci. 49, 217–237 (1987)CrossRefzbMATHGoogle Scholar
  44. 44.
    Spanoudakis, G., Finkelstein, A.: Reconciling requirements: a method for managing interference, inconsistency and conflict. Ann. Softw. Eng. Spec. Issue Softw. Requir. Eng. 3, 433–457 (1996)Google Scholar
  45. 45.
    Tripakis, S.: Compositionality in the science of system design. Proc. IEEE 104(5), 960–972 (2016)CrossRefGoogle Scholar
  46. 46.
    Tripakis, S., Lickly, B., Henzinger, T.A., Lee, E.A.: A theory of synchronous relational interfaces. ACM Trans. Progr. Lang. Syst. (TOPLAS) 33(4), 14:1–14:41 (2011)Google Scholar
  47. 47.
    von Hanxleden, R., Lee, E.A., Motika, C., Fuhrmann, H.: Multi-view modeling and pragmatics in 2020. In: 17th International Monterey Workshop, LNCS (2012)Google Scholar
  48. 48.
    Zave, P.: Feature interactions and formal specifications in telecommunications. Computer 26(8), 20–28 (1993)CrossRefGoogle Scholar
  49. 49.
    Zave, P., Jackson, M.: Conjunction as composition. ACM Trans. Softw. Eng. Methodol. 2(4), 379–411 (1993)CrossRefGoogle Scholar
  50. 50.
    Zhao, X., Long, Q., Qiu, Z.: Model checking dynamic UML consistency. In: Liu, Z., He, J. (eds.) Formal Methods and Software Engineering, Volume 4260 of LNCS, pp. 440–459. Springer, Berlin (2006)Google Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2017

Authors and Affiliations

  • Jan Reineke
    • 1
  • Christos Stergiou
    • 2
    • 4
  • Stavros Tripakis
    • 3
    • 4
    Email author
  1. 1.Saarland UniversitySaarbrückenGermany
  2. 2.University of PennsylvaniaPhiladelphiaUSA
  3. 3.Aalto UniversityEspooFinland
  4. 4.University of CaliforniaBerkeleyUSA

Personalised recommendations