Temporal logic specification mining of programs

Highlights

• A PPTL specification mining approach is proposed.

• A tool PPTLMiner is developed.

• An open and user-editable pattern library is built.

Abstract

This paper proposes a dynamic approach of specification mining for Propositional Projection Temporal Logic (PPTL). To this end, a pattern library is built to collect some common temporal relation among events. Further, several algorithms of specification mining for PPTL are designed. With our approach, PPTL specifications are mined from a trace set of a target program by using patterns in the library. In addition, a specification mining tool PPTLMiner supporting this approach is developed. In practice, given a trace set and user selected patterns, PPTLMiner can capture PPTL specifications of target programs.

Introduction

A software system specification is a formal description of the system requirements. Formal languages are often employed to write specifications so as to prevent the ambiguity written in natural languages. The common used formal languages include Temporal Logic (TL) and Finite State Automata (FSA). Software system specification can be used to test and verify the correctness and reliability of software systems [13], [24], [26]. However, due to various kinds of reasons, a great number of software systems lack formal specifications. In particular, for most of legacy software systems, formal specifications are missed. This makes the maintenance of software systems difficult. To fight this problem, various kinds of specification mining approaches are proposed [3], [9], [10], [11], [12], [14], [15], [16], [18], [21], [22], [23], [25].

Walkinshaw et al. [22] present a semi-automated approach to inferring FSAs from dynamic execution traces that builds on the QSM algorithm [7]. This algorithm infers a finite state automaton by successively merging states. Lo et al. propose Deep Specification Miner (DSM) approach that performs deep learning for mining FSA-based specifications [11]. FSA specifications are intuitive and easily to be used for verifying and testing programs. However, most of FSA specification mining approaches suffer from accuracy and correctness for representing properties of programs. Yang et al. [25] present an interesting work on mining two-event temporal logic rules (i.e., of the form $G(a\to XF(b))$, where G, X and F are LTL operators, which are statistically significant with respect to a user-defined “satisfaction rate”. Wasylkowski et al. [23] mine temporal rules as Computational Tree Logic (CTL) properties by leveraging a model checking algorithm and using concept analysis. Lemieux et al. [12] propose an approach to mine LTL properties of arbitrary length and complexity. Similar to the above research work, most of specification mining approaches employ LTL and CTL as the property description languages. Due to the limitation of the expressiveness of LTL and CTL, some temporal properties such as periodic repetition properties cannot be characterized.

Since the expressiveness of Propositional Projection Temporal Logic (PPTL) is full regular [20], in this paper, we propose a dynamic approach to mining PPTL properties based on a pattern library. PPTL contains two primitive temporal operators: next (◯) and projection (prj). Apart from some common temporal properties that can be formalized in LTL and CTL, PPTL is able to describe two other kinds of properties: interval sensitive properties and periodic repetition properties. With the proposed approach, we abstract API/method calls as events. A trace is a sequence of API/method calls occurred during program execution. Daikon [1] is used to generate raw traces first, then a tool DtraceFilter we developed is employed to further refine the traces. Patterns are used to characterize common temporal relations among events. Two categories of patterns, Occurrence and Order, are used. These patterns are predefined in a pattern library. The proposed mining algorithms require two inputs: an instantiated pattern formula P and a refined execution trace τ. To obtain an instantiated pattern formula, we need to specify a pattern formula which can be either a user-defined one or a predefined one in the library. The pattern is instantiated by substituting atomic propositions with concrete events. After pattern instantiation, several mining algorithms based on PPTL normal form [5], [6] are employed to recursively check whether τ satisfies P.

The contribution of the paper is three-fold. First, we propose a PPTL temporal rule specification mining approach so that full regular properties can be mined. Second, we develop a tool PPTLMiner which supports the proposed mining approach. Third, we build a pattern library to cover all common patterns accumulated from literatures and abstracted from the existing software systems. The library is open and user-editable.

This paper is organized as follows. In the next section, PPTL is briefly introduced. In section 3, the trace generation and the construction of the pattern library are presented. In section 4, the overall framework of PPTLMiner and key algorithms are elaborated. In section 5, an example is given to show how PPTLMiner works. In section 6, related work is discussed. Finally, conclusions are drawn in section 7.