Parallel Bounded Verification of Alloy Models by TranScoping

  • Nicolás Rosner
  • Carlos Gustavo López Pombo
  • Nazareno Aguirre
  • Ali Jaoua
  • Ali Mili
  • Marcelo F. Frias
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8164)


Bounded verification is a technique associated with the Alloy specification language that allows one to analyze Alloy software models by looking for counterexamples of intended properties, under the assumption that data type domains are restricted in size by a provided bound (called the scope of the analysis). The absence of errors in the analyzed models is relative to the provided scope, so achieving verifiability in larger scopes is necessary in order to provide higher confidence in model correctness. Unfortunately, analysis time usually grows exponentially as the scope is increased. A technique that helps in scaling up bounded verification is parallelization. However, the performance of parallel bounded verification greatly depends on the particular strategy used for partitioning the original analysis problem, which in the context of Alloy is a boolean satisfiability problem. In this article we present a novel technique called tranScoping, which aims at improving the scalability of bounded exhaustive analysis by using information mined at smaller scopes to guide decision making at larger ones. In its application to parallel analysis, tranScoping compares different ways to split an Alloy-borne SAT problem at small scopes, and extrapolates this information to select an adequate partitioning criterion for larger scopes. As our experiments show, tranScoping allows us to find suitable criteria that extend the tractability barrier, and in particular leads to successful analysis of models on scopes that have been elusive for years.


Alloy Analyzer Parallel analysis Bounded verification Parallel SAT-solving 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abrial, J.-R.: The B-Book: Assigning Programs to Meanings. Cambridge University Press (1996)Google Scholar
  2. 2.
    Anastasakis, K., Bordbar, B., Georg, G., Ray, I.: On challenges of model trans- formation from UML to Alloy. Software and Systems Modeling 9(1), 69–86 (2010)CrossRefGoogle Scholar
  3. 3.
    Chalin, P., Kiniry, J.R., Leavens, G.T., Poll, E.: Beyond Assertions: Advanced Specification and Verification with JML and ESC/Java2. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2005. LNCS, vol. 4111, pp. 342–363. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Chrabakh, W., Wolski, R.: GrADSAT: A Parallel SAT Solver for the Grid. In: UCSB Computer Science Technical Report Number 2003-05Google Scholar
  5. 5.
    Eén, N., Sörensson, N.: An Extensible SAT-solver. In: Giunchiglia, E., Tacchella, A. (eds.) SAT 2003. LNCS, vol. 2919, pp. 502–518. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    MPI2: A Message Passing Interface Standard. Message Passing Interface Forum, High Performance Computing Applications 12, 1–2, 1–299 (1998)Google Scholar
  7. 7.
    Dalcin, L., Paz, R., Storti, M., D’Elia, J.: MPI for Python: Performance improvements and MPI-2 extensions. J. Parallel Distrib. Comput. 68(5), 655–662Google Scholar
  8. 8.
  9. 9.
    Davies, J., Woodcock, J.: Using Z: Specification, Refinement and Proof. International Series in Computer Science. Prentice Hall (1996)Google Scholar
  10. 10.
    Dennis, G., Chang, F., Jackson, D.: Modular Verification of Code with SAT. In: ISSTA 2006, pp. 109–120 (2006)Google Scholar
  11. 11.
    Galeotti, J.P., Rosner, N., Pombo, C.L., Frias, M.F.: Analysis of invariants for efficient bounded verification. In: ISSTA 2010, pp. 25–36 (2010)Google Scholar
  12. 12.
    Gil, L., Flores, P., Silveira, L.M.: PMSat: a parallel version of MiniSAT. Journal on Satisfiability, Boolean Modeling and Computation 6, 71–98 (2008)MathSciNetGoogle Scholar
  13. 13.
    Jackson, D., Schechter, I., Shlyakhter, I.: Alcoa: the alloy constraint analyzer. In: Proceedings of ICSE 2000, Limerick, Ireland (2000)Google Scholar
  14. 14.
    Jackson, D.: Software Abstractions. MIT Press (2006)Google Scholar
  15. 15.
    Maoz, S., Ringert, J.O., Rumpe, B.: CD2Alloy: Class Diagrams Analysis Using Alloy Revisited. In: Whittle, J., Clark, T., Kühne, T. (eds.) MODELS 2011. LNCS, vol. 6981, pp. 592–607. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  16. 16.
    Malik, P., Groves, L., Lenihan, C.: Translating Z to Alloy. In: Frappier, M., Glässer, U., Khurshid, S., Laleau, R., Reeves, S. (eds.) ABZ 2010. LNCS, vol. 5977, pp. 377–390. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Matos, P.J., Marques-Silva, J.: Model Checking Event-B by Encoding into Alloy. In: Börger, E., Butler, M., Bowen, J.P., Boca, P. (eds.) ABZ 2008. LNCS, vol. 5238, pp. 346–346. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Ohmura, K., Ueda, K.: c-sat: A Parallel SAT Solver for Clusters. In: Kullmann, O. (ed.) SAT 2009. LNCS, vol. 5584, pp. 524–537. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  19. 19.
    Ramananandro, T.: Mondex, an electronic purse: specification and refinement checks with the Alloy model-finding method. Formal Aspects of Computing 20(1), 21–39 (2008)CrossRefGoogle Scholar
  20. 20.
    Shao, D., Gopinath, D., Khurshid, S., Perry, D.: Optimizing Incremental Scope-Bounded Checking with Data-Flow Analysis. In: ISSRE 2010, pp. 408–417 (2010)Google Scholar
  21. 21.
    Shao, D., Khurshid, S., Perry, D.: An Incremental Approach to Scope-Bounded Checking Using a Lightweight Formal Method. In: Cavalcanti, A., Dams, D.R. (eds.) FM 2009. LNCS, vol. 5850, pp. 757–772. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  22. 22.
    Sperberg-McQueen, C.M.: Alloy version of XPath 1.0 data model,
  23. 23.
    World Wide Web Consortium (W3C), XML Path Language (XPath) Version 1.0, W3C Recommendation (November 16, 1999)Google Scholar
  24. 24.
    Zave, P.: Compositional binding in network domains. In: Misra, J., Nipkow, T., Sekerinski, E. (eds.) FM 2006. LNCS, vol. 4085, pp. 332–347. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  25. 25.
    Zhang, H., Bonacina, M.P., Hsiang, J.: PSATO: a distributed propositional prover and its application to quasigroup problems. J. Symb. Comput. 21, 4–6 (1996)CrossRefMathSciNetGoogle Scholar
  26. 26.

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Nicolás Rosner
    • 1
  • Carlos Gustavo López Pombo
    • 1
    • 2
  • Nazareno Aguirre
    • 3
    • 2
  • Ali Jaoua
    • 4
  • Ali Mili
    • 5
  • Marcelo F. Frias
    • 6
    • 2
  1. 1.Department of Computer Science, FCEyNUniversidad de Buenos AiresArgentina
  2. 2.Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET)Argentina
  3. 3.Department of Computer Science, FCEFQyNUniversidad Nacional de Río CuartoArgentina
  4. 4.Qatar UniversityQatar
  5. 5.New Jersey Institute of TechnologyUSA
  6. 6.Department of Software EngineeringInstituto Tecnológico de Buenos Aires (ITBA)Argentina

Personalised recommendations