Skip to main content
SpringerLink
Log in

On requirement verification for evolving Statecharts specifications

  • RE 2013
  • Published:
Requirements Engineering Aims and scope Submit manuscript

Abstract

Software development processes have been evolving from rigid, pre-specified, and sequential to incremental, and iterative. This evolution has been dictated by the need to accommodate evolving user requirements and reduce the delay between design decision and feedback from users. Formal verification techniques, however, have largely ignored this evolution and even when they made enormous improvements and found significant uses in practice, like in the case of model checking, they remained confined into the niches of safety-critical systems. Model checking verifies if a system’s model \(\mathcal{M}\) satisfies a set of requirements, formalized as a set of logic properties \(\Phi\). Current model-checking approaches, however, implicitly rely on the assumption that both the complete model \(\mathcal{M}\) and the whole set of properties \(\Phi\) are fully specified when verification takes place. Very often, however, \(\mathcal{M}\) is subject to change because its development is iterative and its definition evolves through stages of incompleteness, where alternative design decisions are explored, typically to evaluate some quality trade-offs. Evolving systems specifications of this kind ask for novel verification approaches that tolerate incompleteness and support incremental analysis of alternative designs for certain functionalities. This is exactly the focus of this paper, which develops an incremental model-checking approach for evolving Statecharts. Statecharts have been chosen both because they are increasingly used in practice natively support model refinements.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22

Similar content being viewed by others

Notes

  1. Notice that the action language we define here can only manipulate a set of (globally visible) boolean variables.

  2. A next operator applied to a formula is satisfied if the formula holds in the next state.

  3. Note that in the example, the initial and the final states are not created since they are not present in the original Statechart.

  4. The legend in Fig. 6 applies also to all subsequent figures of this section.

  5. We plan to extend the verification algorithm to automatically remove/not generate these constraints.

  6. The tool is available at http://home.deib.polimi.it/menghi/Tools/Agave.html. Note that, at the moment, the two optimizations are only partially supported (e.g., not all the CTL operators are implemented in the area version).

  7. Note that the verification time does not include the time that is necessary to generate the ILTS and the textscIPLTS

Reference

  1. Ali R, Dalpiaz F, Giorgini P, Souza V (2011) Requirements evolution: from assumptions to reality. In: Halpin T, Nurcan S, Krogstie J, Soffer P, Proper E, Schmidt R, Bider I (eds) Enterprise, business-process and information systems modeling, lecture notes in business information processing, vol 81. Springer, Berlin, Heidelberg, pp 372–382. doi:10.1007/978-3-642-21759-3_27

  2. Alur R, Brayton RK, Henzinger TA, Qadeer S, Rajamani SK (2001) Partial-order reduction in symbolic state-space exploration. Form Methods Syst Des 18(2):97–116. doi:10.1023/A:1008767206905

    Google Scholar 

  3. Alur R, Yannakakis M (2001) Model checking of hierarchical state machines. ACM Trans Program Lang Syst (TOPLAS) 23(3):273–303

    Article  Google Scholar 

  4. Baier C, Katoen JP (2008) Principles of model checking (representation and mind series). The MIT Press, Cambridge, MA

  5. Bianculli D, Giannakopoulou D, Păsăreanu CS (2011) Interface decomposition for service compositions. In: Proceedings of the 33rd international conference on software engineering (ICSE), pp 501–510

  6. Clarke E, Heinle W (2000) Modular translation of Statecharts to smv. In: Technical report CMU-CS-00-XXX Carnegie Mellon University, School of Computer Science

  7. Cockburn A, Highsmith J (2001) Agile software development, the people factor. Computer 34(11):131–133. doi:10.1109/2.963450

    Article  Google Scholar 

  8. Dong W, Wang J, Qi X, Qi ZC (2001) Model checking UML Statecharts. In: Proceedings of the 8th Asia-Pacific software engineering conference (APSEC), pp 363–370

  9. Famelis M, Salay R, Chechik M (2012) Partial models: towards modeling and reasoning with uncertainty. In: Proceedings of the 34th international conference on software engineering (ICSE), pp 573–583

  10. Flanagan C, Freund SN, Qadeer S (2002) Thread-modular verification for shared-memory programs. In: Proceedings of the 2002 European symposium on programming, pp 262–277. Springer

  11. Flanagan C, Qadeer S (2003) Assume-guarantee model checking. Technical report, Microsft Research

  12. Flanagan C, Qadeer S (2003) Thread-modular model checking. Springer, Berlin, pp 213–224

  13. Ghezzi C, Menghi C, Molzam Sharifloo A, Spoletini P (2013) On requirements verification for model refinments. In: Requirements engineering conference (RE), 2013 21th IEEE international

  14. Gnesi S, Latella D, Massink M (1999) Model checking UML statechart diagrams using jack. In: Proceedings of the 4th IEEE international symposium on high-assurance systems engineering, pp 46–55

  15. Graham D (1992) Incremental development and delivery for large software systems. In: IEE colloquium on software prototyping and evolutionary development, pp 2/1–2/9

  16. Harel D (1987) Statecharts: a visual formalism for complex systems. Sci Comput Program 8(3):231–274. doi:10.1016/0167-6423(87)90035-9. http://www.sciencedirect.com/science/article/pii/0167642387900359

    Google Scholar 

  17. Harel D, Naamad A (1996) The statemate semantics of Statecharts. ACM Trans Softw Eng Method (TOSEM) 5(4):293–333. doi:10.1145/235321.235322

    Google Scholar 

  18. Henzinger T, Qadeer S, Rajamani S (1998) You assume, we guarantee: methodology and case studies. In: Proceedings of the international conference on computer aided verification, vol 1427. Springer, Berlin, Heidelberg, pp 440–451

  19. Highsmith J, Cockburn A (2001) Agile software development: the business of innovation. Computer 34(9):120–127. doi:10.1109/2.947100

    Article  Google Scholar 

  20. Jones CB (1983) Tentative steps toward a development method for interfering programs. ACM Trans Program Lang Syst 5(4):596–619. doi:10.1145/69575.69577

    Google Scholar 

  21. Latella D, Majzik I, Massink M (1999) Towards a formal operational semantics of UML statechart diagrams. In: Proceedings of the 3rd international conference on formal methods for open object-based distributed systems (FMOODS), p 465

  22. Leue S, Lafuente AL (2006) Partial-order reduction for general state exploring algorithms. In: Model checking software. LNCS, pp 271–287. Springer

  23. Maraninchi F (1992) Operational and compositional semantics of synchronous automaton compositions. In: Proceedings of the international conference on concurrency theory, pp 550–564. Springer

  24. Meyer B (1992) Applying ’design by contract’. Computer 25(10):40–51. doi:10.1109/2.161279

    Article  Google Scholar 

  25. Oreizy P, Gorlick MM, Taylor RN, Heimbigner D, Johnson G, Medvidovic N, Quilici A, Rosenblum DS, Wolf AL (1999) An architecture-based approach to self-adaptive software. IEEE Intell Syst 14(3):54–62. doi:10.1109/5254.769885

    Google Scholar 

  26. Prashanth C, Shet KC (2009) Efficient algorithms for verification of UML statechart models. J Softw 4(3):175–182

    Article  Google Scholar 

  27. Păsăreanu CS, Dwyer MB, Huth M (1999) Assume-guarantee model checking of software: a comparative case study. In: Proceedings of the 5th and 6th international SPIN workshops on theoretical and practical aspects of SPIN model checking, pp 168–183

  28. Salay R, Chechik M, Horkoff J (2012) Managing requirements uncertainty with partial models. In: Proceedings of the 20th IEEE international requirements engineering conference (RE), pp 1 –10

  29. Salay R, Famelis M, Chechik M (2012) Language independent refinement using partial modeling. In: Proceedings of the 15th international conference on fundamental approaches to software engineering (FASE), pp 224–239. Springer, Berlin, Heidelberg

  30. Sampath P, Arora S, Ramesh S (2012) Evolving specifications formally. In: Proceedings of the 20th IEEE international requirements engineering conference (RE), pp 5–14

  31. Shaker P, Atlee J, Wang S (2012) A feature-oriented requirements modelling language. In: Proceedings of the 20th international requirements engineering conference (RE), pp 151–160

  32. Sharifloo AM, Spoletini P (2012) Lover: light-weight formal verification of adaptive systems at run time. In: Proceedings of the 9th international symposium on formal aspects of component software, pp 170–187

  33. Uchitel S, Brunet G, Chechik M (2009) Synthesis of partial behavior models from properties and scenarios. IEEE Trans Softw Eng 35(3):384–406

    Article  Google Scholar 

  34. Uchitel S, Chechik M (2004) Merging partial behavioural models. In: Proceedings of the 12th ACM SIGSOFT 12th international symposium on foundations of software engineering, SIGSOFT ’04/FSE-12, pp 43–52. doi:10.1145/1029894.1029904

  35. Wang J, Dong W, Qi ZC (2002) Slicing hierarchical automata for model checking UML Statecharts. In: Proceedings of the 4th international conference on formal engineering methods: formal methods and software engineering (ICFEM), pp 435–446. Springer. http://dl.acm.org/citation.cfm?id=646272.685783

  36. Zhao Q, Krogh BH (2006) Formal verification of Statecharts using finite-state model checkers. IEEE Trans Control Syst Technol 14(5):943–950

    Article  Google Scholar 

Download references

Acknowledgments

We thank the reviewers for their constructive and useful comments. This paper is partially funded by the European Commission, Program IDEAS-ERC, Project 227977-SMScom.

Author information

Authors and Affiliations

  1. DeepSE Research Group, Dipartimento di Elettronica e Informazione, Politecnico di Milano, Milan, Italy

    Carlo Ghezzi, Claudio Menghi & Amir Molzam Sharifloo

  2. DiSTA, Università dell’Insubria, Varese, Italy

    Paola Spoletini

Authors
  1. Carlo Ghezzi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Claudio Menghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Amir Molzam Sharifloo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Paola Spoletini
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Claudio Menghi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ghezzi, C., Menghi, C., Molzam Sharifloo, A. et al. On requirement verification for evolving Statecharts specifications. Requirements Eng 19, 231–255 (2014). https://doi.org/10.1007/s00766-013-0198-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00766-013-0198-z

Keywords

Search

Navigation