Overall Objectives
Research Program
Application Domains
Software and Platforms
New Results
Bilateral Contracts and Grants with Industry
Partnerships and Cooperations
XML PDF e-pub
PDF e-Pub

Section: New Results

Component-Based Architectures for On-the-Fly Verification

Compositional Model Checking

Participants : Frédéric Lang, Radu Mateescu.

We have continued our work on partial model checking following the approach proposed in  [26] . Given a temporal logic formula ϕ to be evaluated on a set S of concurrent processes, partial model checking consists in transforming ϕ into another equivalent formula ϕ' to be evaluated on a subset of S. Formula ϕ' is constructed incrementally by choosing one process P in S and incorporating into ϕ the behavioral information corresponding to P — an operation called quotienting. Simplifications must be applied at each step, so as to maintain formulas at a tractable size.

In 2013, we extended the approach to handle fairness operators of alternation depth two, and we conducted new experiments. This resulted in a new version of the PMC prototype tool (see §  5.4 ) supporting all features of the input language of EXP.OPEN 2.1. An article has been published in an international journal [5] .

On-the-Fly Test Generation

Participants : Radu Mateescu, Wendelin Serwe.

In the context of the collaboration with STMicroelectronics (see §  6.5.1 and §  7.1 ), we studied techniques for testing if an implementation is conform to a formal model written in LNT. Our approach is inspired by the theory of conformance testing  [68] , as implemented for instance in TGV  [53] and JTorX  [30] .

We developed two prototype tools. The first tool implements a dedicated OPEN/CAESAR-compliant compiler for the particular asymmetric synchronous product of the model and the test purpose, and uses slightly extended generic components for graph manipulation (τ-compression, τ-confluence reduction, determinization) and resolution of Boolean equation systems. The second tool generates the complete test graph, which can be used to extract concrete test cases or to drive the test of the implementation. The principal advantage of our approach compared to existing tools is the use of LNT for test purposes, facilitating the manipulation of data values.

In 2013, we continued the development of these tools, with a focus on reducing execution time. We also implemented a prototype tool to extract from a complete test graph one or all test cases of minimal depth. We experimented with these tools on two case-studies, namely the ACE coherence protocol (see §  6.5.1 ) and the EnergyBus (see §  6.5.5 ).

Equivalence Checking

Participant : Frédéric Lang.

Equivalence relations can be used for verification in two complementary ways: for the minimization of an LTS and the comparison of two LTSs.

In 2013, we worked along the following lines:

Other Software Developments

The OPEN/CAESAR environment was enhanced with a new generic library (named CAESAR_CACHE_1) for manipulating hierarchical caches, with 15 built-in replacement strategies and the possibility to define new ones.

We also maintained the CADP toolbox, taking into account the feedback received from numerous users in the world. In addition to fixing 41 bugs, we evolved CADP to support the latest versions of Windows, Cygwin, Mac OS X, and their corresponding C compilers. The documentation for installing CADP has been updated and shortened. Finally, support for Sparc, Itanium, and PowerPC processors was dropped at the end of 2013 based on the observation that these architectures are almost no longer used among the CADP user community.