On Certificate Generation and Checking for Deadlock-freedom of BIP Models
نویسندگان
چکیده
The BIP framework provides a methodology supported by a tool chain for developing software for embedded systems. The design of a BIP system follows the decomposition in behavior, interaction and priority. The first step comprises the division of desired behavior of a system into components. In a second step interactions and their priorities are added between the components. Finally, machine code is generated from the BIP model. While adding interactions it is possible to overconstrain a system resulting in potential deadlocks. The tool chain crucially depends on an automatic tool, D-Finder, which checks for deadlock-freedom. This paper reports on guaranteeing the correctness of the verdict of D-Finder. We address the problem of formally proving deadlock-freedom of an embedded system in a way that is comprehensible for third party users and other tools. We achieve this goal by automatically generating certificates for each BIP model declared safe by D-Finder. These certificates comprise a proof of deadlock-freedom of the BIP model which can be checked by an independent checker. We use the Coq theorem prover as certificate checker. Thus, bringing the high level of confidence of a formal proof to the deadlock analysis results. With the help of certificates one gets a deadlockfreedom guarantee of BIP models without having to trust or even take a look at the deadlock checking tool. Part of the proofs encapsulated in certificates are invariants of considered BIP models. Their checking is an important subtask to guarantee deadlock-freedom of the given BIP model.
منابع مشابه
Towards Certifying Deadlock-freedom of BIP Models
Verification and validation techniques have become popular in software and hardware development. They increase the confidence and potentially provide rich feedback on errors. However, with increasing complexity verification and validation techniques are more likely to contain errors themselves. In this paper we address the problem of guaranteeing the correctness of validation work with respect ...
متن کاملA Hybrid Meta-heuristic Approach to Cope with State Space Explosion in Model Checking Technique for Deadlock Freeness
Model checking is an automatic technique for software verification through which all reachable states are generated from an initial state to finding errors and desirable patterns. In the model checking approach, the behavior and structure of system should be modeled. Graph transformation system is a graphical formal modeling language to specify and model the system. However, modeling of large s...
متن کاملAn Abstract Framework for Deadlock Prevention in BIP
We present a sound but incomplete criterion for checking deadlock freedom of finite state systems expressed in BIP: a componentbased framework for the construction of complex distributed systems. Since deciding deadlock-freedom for finite-state concurrent systems is PSPACE-complete, our criterion gives up completeness in return for tractability of evaluation. Our criterion can be evaluated by m...
متن کاملIncremental Component-based Construction and Deadlock Checking
We study a methodology for checking incrementally deadlock-freedom of component-based systems. A system is obtained as the composition of atomic components by using interactions. Each interaction expresses strong synchronization (rendezvous) between actions of the components. We improve the heuristic verification method applied by the D-Finder tool to BIP components. The method consists in comp...
متن کاملCompositional Analysis of Mobile IP with Symbolic Transition Graphs
The paper presents a compositional framework for modeling network protocols with symbolic transition graphs. The main advantages of the framework are that it can address dynamic network topologies without requiring additional facilities; and it can work out system models that preserve deadlock freedom, namely the deadlock freedom of a system model depends only on the deadlock freedom of its eac...
متن کامل