Taming Interface Specifications
Software is often being assembled using third-party components where the developers have little knowledge of, and even less control over, the internals of the components comprising the overall system. One obstacle to composing agents is that current formal methods are mainly concerned with “closed” systems that are built from the ground up. Such systems are fully under the control of the user. Hence, problems arising from ill-specified components can be resolved by a close inspection of the systems. When composing systems using “off-the-shelf” components, this is often no longer the case.
The paper addresses the problem of under-specification, where an off-the-shelf component does only what it claims to do, however, it claims more behaviors than it actually has and that one wishes for, some of which may render it useless. Given such an under-specified module, we propose a method to automatically synthesize some safety properties from it that would tame its “bad” behaviors. The advantage of restricting to safety properties is that they are monitorable.
The safety properties are derived using an automata-theoretic approach. We show that, when restricting to ω-regular languages, there is no maximal safety property. For this case we construct a sequence of increasingly larger safety properties. We also show how to construct an infinite-state automata that can capture any safety property that is contained in the original specifications.
KeywordsTemporal Logic Computable Function Regular Language Safety Property Winning Strategy
Unable to display preview. Download preview PDF.
- 1.Abadi, M., Lamport, L.: The existence of state mappings. In: Proceedings of the ACM Symposium on Logic in Computer Science (1988)Google Scholar
- 3.Emerson, E.A., Sistla, A.P.: Triple exponential decision procedure for the logic ctl*. In: Workshop on the Logics of Program, Carnegie-Mellon University (1983)Google Scholar
- 5.Jonsson, B.: Compositional verification of distributed systems. In: Proceedings of the 6th ACM Symposium on Principles of Distributed Computing (1987)Google Scholar
- 6.Lamport, L.: Logical foundation, distributed systems- methods and tools for specification. In: Alford, M.W., Hommel, G., Schneider, F.B., Ansart, J.P., Lamport, L., Mullery, G.P., Liskov, B. (eds.) Distributed Systems. LNCS, vol. 190, Springer, Heidelberg (1985)Google Scholar
- 7.Larsen, K.: Ideal specification formalisms = expressivity + compositionality + decidability + testability +. In: Baeten, J.C.M., Klop, J.W. (eds.) CONCUR 1990. LNCS, vol. 458, Springer, Heidelberg (1990)Google Scholar
- 8.Larsen, K.: The expressive power of implicit specifications. In: Leach Albert, J., Monien, B., Rodríguez-Artalejo, M. (eds.) ICALP 1991. LNCS, vol. 510. Springer, Heidelberg (1991)Google Scholar
- 9.Margaria, T., Raffelt, H., Steffen, B.: Knowledge-based relevance filtering for efficient system-level test-based model generation. Innovations in Systems and Software Engineering, a NASA Journal, Springer Verlag (to appear)Google Scholar
- 10.Pnueli, A., Zaks, A., Zuck, L.D.: Monitoring interfaces for faults. In: Proceedings of the 5th Workshop on Runtime Verification (RV 2005) (2005) (to appear in a special issue of ENTCS) Google Scholar
- 11.Sistla, A.P.: On characterization of safety and liveness properties in temporal logic. In: Proceedings of the ACM Symposium on Principle of Distributed Computing (1985) Google Scholar
- 13.Vardi, M., Wolper, P., Sistla, A.P.: Reasoning about infinite computations. In: Proceedings of IEEE Symposium on Foundations of Computer Science (1983)Google Scholar