Section: New Results

Component-Based Architectures for On-the-Fly Verification

Compositional Verification

Participants : Hubert Garavel, Frédéric Lang.

The CADP toolbox contains various tools dedicated to compositional verification, among which EXP.OPEN, BCG_MIN, BCG_CMP, and SVL play a central role. EXP.OPEN explores on the fly the graph corresponding to a network of communicating automata (represented as a set of BCG files). BCG_MIN and BCG_CMP respectively minimize and compare behavior graphs modulo strong or branching bisimulation and their stochastic extensions. SVL (Script Verification Language) is both a high-level language for expressing complex verification scenarios and a compiler dedicated to this language.

In 2018, we improved these tools along the following lines:

  • SVL now invokes EVALUATOR 3, EVALUATOR 4, and XTL with their new “-source” option, so that error and warning messages regarding temporal logic formulas now display line numbers in the SVL file itself, rather than in the temporary files generated to contain the temporal logic formulas, making it easier for users to modify incorrect MCL and XTL formulas contained in SVL files.

  • SVL has been modified so that both EVALUATOR 3 and EVALUATOR 4 can now be used to compute “deadlock” and “livelock” statements.

  • SVL does not require anymore that every “property” statement contains at least one verification statement, namely “comparison”, “verify”, “deadlock”, “livelock”, or a shell-line command with an “expected” clause.

  • In addition to a bug fix, the EXP.OPEN tool was enhanced with a new option “-depend”, displaying both the list of EXP files included (directly or transitively) in the input EXP file, and the list of automata, hide, rename, and cut files used (directly or transitively) in the input EXP file.

A paper containing both a tutorial and a survey on compositional verification was published in an international conference [14].

On-the-Fly Test Generation

Participants : Lina Marsso, Radu Mateescu, Wendelin Serwe.

The CADP toolbox provides support for conformance test case generation by means of the TGV tool. Given a formal specification of a system and a test purpose described as an input-output LTS (IOLTS), TGV automatically generates test cases, which assess using black box testing techniques the conformance of a system under test w.r.t. the formal specification. A test purpose describes the goal states to be reached by the test and enables one to indicate parts of the specification that should be ignored during the testing process. TGV does not generate test cases completely on the fly (i.e., online), because it first generates the complete test graph (CTG) and then traverses it backwards to produce controllable test cases.

To address these limitations, we developed the prototype tool TESTOR (http://convecs.inria.fr/software/testor) to extract test cases completely on the fly. TESTOR presents several advantages w.r.t. TGV: (i) it has a more modular architecture, based on generic graph transformation components taken from the OPEN/CAESAR libraries (τ-compression, τ-confluence, τ-closure, determinization, resolution of Boolean equation systems); (ii) it is capable of extracting a test case completely on the fly, by exploiting the diagnostic generation features of the Boolean equation system resolution algorithms; (iii) it enables a more flexible expression of test purposes, taking advantage of the multiway rendezvous, a primitive to express communication and synchronization among a set of distributed processes.

In 2018, we improved TESTOR and TGV as follows:

  • TESTOR has been ported to the Windows operating system.

  • TESTOR can now be directly connected (by means of Unix pipes) to a system under test (SUT), executing the test case, rather than generating an abstract test-case that has to be connected to the SUT.

  • We revised the architecture of TESTOR, so that the interface for the user is more similar to the one of TGV. This enables a user to easily switch between both tools.

  • Taking advantage of the similar interfaces, we merged the non-regression test bases of TESTOR and TGV.

  • We also fixed a bug and added a new option “-self” to TGV, reducing the number of warning messages.

These activities led to a new version 3.0 of TESTOR and two publications in international conferences [24], [18].

Other Component Developments

Participants : Pierre Bouvier, Hubert Garavel, Frédéric Lang, Radu Mateescu, Wendelin Serwe.

In 2018, several components of CADP have been improved as follows:

  • The CADP toolbox now contains a new tool named SCRUTATOR for pruning Labeled Transition Systems on the fly.

  • The OPEN/CAESAR environment was enriched with a new SOLVE_2 library for solving linear equation systems on the fly.

  • Two manual pages (“bes” and “seq”) have been added, which provide standalone definitions of CADP's BES format for Boolean Equation Systems and SEQ format for execution traces. The OPEN/CAESAR manual pages have been enhanced to give full prototypes for function parameters.

  • The CADP toolbox has been ported to Solaris 11 and to SunOS 5.11 OpenIndiana “Hipster”. CADP has also been ported to macOS 10.14 “Mojave” and a 64-bit version of CADP is now available for macOS.

  • We also designed new C functions for handling path names in order to replace the traditional POSIX primitives basename(), dirname(), and realpath(), which suffer from limitations and ambiguities.