Overall Objectives
Application Domains
New Software and Platforms
Bilateral Contracts and Grants with Industry
Partnerships and Cooperations
Bibliography
 PDF e-Pub

## Section: New Results

### Component-Based Architectures for On-the-Fly Verification

#### Compositional Verification

Participants : Hubert Garavel, Frédéric Lang.

The CADP toolbox contains various tools dedicated to compositional verification, among which EXP.OPEN, BCG_MIN, BCG_CMP, and SVL play a central role. EXP.OPEN explores on the fly the graph corresponding to a network of communicating automata (represented as a set of BCG files). BCG_MIN and BCG_CMP respectively minimize and compare behavior graphs modulo strong or branching bisimulation and their stochastic extensions. SVL (Script Verification Language) is both a high-level language for expressing complex verification scenarios and a compiler dedicated to this language.

In 2017, two bugs have been solved in SVL and one bug has been solved in EXP.OPEN. Several improvements have been brought to both tools. In particular:

• EXP.OPEN now has two new options “-prob ” and “-rate ” for handling probabilistic and stochastic transitions, respectively; without these options, probabilistic and stochastic transitions are considered as ordinary transitions (this enables EXP.OPEN to be used for implementing alternative semantics, such as Interactive Probabilistic Chains  [27] where probabilistic transitions are synchronized using a global clock). Consequently, the former “-ratebranching ” option has been replaced by “-rate -branching ”.

Also, error messages about synchronization vectors have been made more precise and EXP.OPEN performs tighter checks about labels containing only blanks and unexpected synchronization of probabilistic or stochastic transitions. Two bugs have been fixed in EXP.OPEN and style files have been added to bring support for the EXP format by mainstream text editors.

• A new option “-v ” has been added to set SVL variables from the command line (similar to “awk” or “make”). Debugging SVL scripts has been made easier: the “-debug ” option of SVL now stops the execution as soon as a shell command (e.g., a CADP tool or a Unix command) terminates with a non-zero exit status, so that problems are detected as soon as they occur.

Also, SVL now performs tighter semantic checks, making sure that all partial-order reduction options passed to EXP.OPEN (namely, options explicitly set by the user and options automatically computed by SVL from the context of the EXP composition expression) are not contradictory.

#### On-the-Fly Test Generation

The CADP toolbox provides support for conformance test case generation by means of the TGV tool. Given a formal specification of a system and a test purpose described as an input-output LTS (IOLTS), TGV automatically generates test cases, which assess using black box testing techniques the conformance of a system under test w.r.t. the formal specification. A test purpose describes the goal states to be reached by the test and enables one to indicate parts of the specification that should be ignored during the testing process. TGV does not generate test cases completely on the fly (i.e., online), because it first generates the complete test graph (CTG) and then traverses it backwards to produce controllable test cases.

In 2017, we carried out the following activities:

• We developed the prototype tool TESTOR to extract test cases completely on the fly. Compared to TGV, the new tool TESTOR presents several advantages: (i) it has a more modular architecture, based on generic graph transformation components taken from the OPEN/CAESAR libraries ($\tau$-compression, $\tau$-confluence, $\tau$-closure, determinization, resolution of Boolean equation systems); (ii) it is capable of extracting a test case completely on the fly, by exploiting the diagnostic generation features of the Boolean equation system resolution algorithms; (iii) it enables a more flexible expression of test purposes, taking advantage of the multiway rendezvous, a primitive to express communication and synchronization among a set of distributed processes [15]. We evaluated TESTOR on three published case studies and more than $10\phantom{\rule{0.166667em}{0ex}}000$ examples taken from the non-regression test suites of CADP. A paper describing this work was accepted for publication in an international conference.

• We also revised TGV, which is now by default much less verbose and only displays the most important information, but the former behaviour can still be retained using option “-verbose ”. A new option “-monitor ” allows to follow in real time how the test case generation progresses. Many warning and error messages have been enhanced, various bugs (especially buffer overflows) have been fixed, and memory allocation results are now strictly controlled.

#### Other Component Developments

Participants : Lian Apostol, Soren Enevoldsen, Hubert Garavel, Frédéric Lang, Radu Mateescu, Wendelin Serwe.

The CAESAR_STANDARD library was enriched with the new CAESAR_TYPE_FORMAT type and its associated primitives, and with two new functions CAESAR_SET_SIGNALS() and CAESAR_RESET_SIGNALS() for handling POSIX signals (including SIGSEGV, i.e., segmentation violation). The CAESAR_GRAPH interface, which remained stable for two decades, has been modified: its two functions CAESAR_FORMAT_STATE() and CAESAR_FORMAT_LABEL() became more powerful, while its two functions CAESAR_MAX_FORMAT_STATE() and CAESAR_MAX_FORMAT_LABEL() have been removed from the interface. The same changes apply as well to all the other similar functions of the OPEN/CAESAR libraries. All the OPEN/CAESAR compilers, application tools, and demo examples have been modified to reflect these changes.