Dynamic Component Substitutability Analysis

  • Natasha Sharygina
  • Sagar Chaki
  • Edmund Clarke
  • Nishant Sinha
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3582)


This paper presents an automated and compositional procedure to solve the substitutability problem in the context of evolving software systems. Our solution contributes two techniques for checking correctness of software upgrades: 1) a technique based on simultaneous use of over and under approximations obtained via existential and universal abstractions; 2) a dynamic assume-guarantee reasoning algorithm – previously generated component assumptions are reused and altered on-the-fly to prove or disprove the global safety properties on the updated system. When upgrades are found to be non-substitutable our solution generates constructive feedback to developers showing how to improve the components. The substitutability approach has been implemented and validated in the ComFoRT model checking tool set and we report encouraging results on an industrial benchmark.


Software Model Checking Verification of Evolving Software Learning Regular Sets Assume/Guarantee Reasoning 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alur, R., Cerny, P., Gupta, G., Madhusudan, P., Nam, W., Srivastava, A.: Synthesis of interface specifications for Java classes. In: Symp. on Principles of Programming Languages, POPL (2005)Google Scholar
  2. 2.
    Angluin, D.: Learning regular sets from queries and counterexamples. Information and Computation 75(2), 87–106 (1987)MATHCrossRefMathSciNetGoogle Scholar
  3. 3.
    Chaki, S., Clarke, E., Giannakopoulou, D., Pasareanu, C.S.: Abstraction and assume-guarantee reasoning for automated software verification. Technical Report 05.02, Research Institute for Advanced Computer Science, RIACS (2004)Google Scholar
  4. 4.
    Chaki, S., Clarke, E., Groce, A., Ouaknine, J., Strichman, O., Yorav, K.: Efficient verification of sequential and concurrent C programs. Formal Methods in System Design 25(2–3) (2004)Google Scholar
  5. 5.
    Chaki, S., Clarke, E., Ouaknine, J., Sharygina, N., Sinha, N.: State/event-based software model checking. In: Boiten, E.A., Derrick, J., Smith, G.P. (eds.) IFM 2004. LNCS, vol. 2999, pp. 128–147. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Chaki, S., Ivers, J., Sharygina, N., Wallnau, K.: The ComFoRT reasoning framework. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 164–169. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Chaki, S., Sharygina, N., Sinha, N.: Verification of evolving software. In: 3rd Workshop on Spec. and Ver. of Component-based Systems, ESEC/FSE (2004)Google Scholar
  8. 8.
    Chakrabarti, A., de Alfaro, L., Henzinger, T.A., Jurdzinski, M., Mang, F.Y.C.: Interface compatibility checking for software modules. In: Brinksma, E., Larsen, K.G. (eds.) CAV 2002. LNCS, vol. 2404, pp. 428–441. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Clarke, E., Grumberg, O., Peled, D.: Model Checking. MIT Press, Cambridge (1999)Google Scholar
  10. 10.
    Cobleigh, J.M., Giannakopoulou, D., Pasareanu, C.S.: Learning assumptions for compositional verification. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 331–346. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  11. 11.
    Alfaro, L.d., Henzinger, T.A.: Interface automata. In: Proceedings of the Ninth Annual Symposium on Foundations of Software Engineering. ACM Press, New York (2001)Google Scholar
  12. 12.
    Giannakopoulou, D., Pasareanu, C.S., Barringer, H.: Assumption generation for software component verification. In: Proceedings of the ASE (2002)Google Scholar
  13. 13.
    Graf, S., Saïdi, H.: Construction of abstract state graphs with PVS. In: Grumberg, O. (ed.) CAV 1997. LNCS, vol. 1254. Springer, Heidelberg (1997)Google Scholar
  14. 14.
    Groce, A., Peled, D., Yannakakis, M.: Adaptive model checking. In: Tools and Algorithms for Construction and Analysis of Systems, pp. 357–370. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    MAGIC, http://www.cs.cmu.edu/  chaki/magic
  16. 16.
    McCamant, S., Ernst, M.D.: Early identification of incompatibilities in multi-component upgrades. In: Odersky, M. (ed.) ECOOP 2004. LNCS, vol. 3086, pp. 440–464. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Pnueli, A.: In transition from global to modular temporal reasoning about programs. In: Logics and Models of Concurrent Systems, pp. 123–144. Springer, New York (1985)Google Scholar
  18. 18.
    Rivest, R.L., Schapire, R.E.: Inference of finite automata using homing sequences. Information and Computation 103(2), 299–347 (1993)MATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Englewood Cliffs (1997)Google Scholar
  20. 20.

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Natasha Sharygina
    • 1
  • Sagar Chaki
    • 1
  • Edmund Clarke
    • 1
  • Nishant Sinha
    • 1
  1. 1.Carnegie Mellon University 

Personalised recommendations