Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

IncQuery Labs
IncQuery LabsIncQuery Labs
Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
Motivating Example and Scope 5 Battery control Data transfer
Property to check 6 Should never transmit when the battery is below 40%
Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40
1 of 20

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

Download to read offline
Engineering

Authors: Bence Graics, Ákos Hajdu, Zoltán Micskei, Vince Molnár, István Ráth, Luigi Andolfato, Ivan Gomes, and Robert Karban Read the research here: https://dl.acm.org/doi/10.1145/3417990.3421407

IncQuery Labs
IncQuery LabsIncQuery Labs

Recommended

Software bug prediction by
Software bug prediction Software bug prediction
Software bug prediction Muthukumaran Kasinathan
5.9K views17 slides
ERA - Clustering and Recommending Collections of Code Relevant to Task by
ERA - Clustering and Recommending Collections of Code Relevant to TaskERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskICSM 2011
145 views10 slides
Software Architecture - Quiz Questions by
Software Architecture - Quiz QuestionsSoftware Architecture - Quiz Questions
Software Architecture - Quiz QuestionsCodeOps Technologies LLP
7.1K views21 slides
The Use of Development History in Software Refactoring Using a Multi-Objectiv... by
The Use of Development History in Software Refactoring Using a Multi-Objectiv...The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...Ali Ouni
367 views28 slides
Qtp (basics to advanced) by
Qtp (basics to advanced)Qtp (basics to advanced)
Qtp (basics to advanced)G.C Reddy
2.1K views9 slides
Mapping and visualization of source code a survey by
Mapping and visualization of source code a surveyMapping and visualization of source code a survey
Mapping and visualization of source code a surveyNakul Sharma
107 views18 slides

More Related Content

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

Towards the Next Generation of Reactive Model Transformations on Low-Code Pla... by
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...IncQuery Labs
101 views16 slides
IncQuery Labs Models 2020 MIP Talk by
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs
148 views29 slides
Incremental Queries and Transformations for Engineering Critical Systems by
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsÁkos Horváth
723 views30 slides
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications by
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsGábor Szárnyas
684 views29 slides
PhD Proposal talk by
PhD Proposal talkPhD Proposal talk
PhD Proposal talkRay Buse
1.2K views61 slides
Model-based Detection of Runtime Inconsistencies by
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesDaniel Lehner
55 views24 slides

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods(20)

Towards the Next Generation of Reactive Model Transformations on Low-Code Pla... by IncQuery Labs
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
IncQuery Labs101 views
IncQuery Labs Models 2020 MIP Talk by IncQuery Labs
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs148 views
Incremental Queries and Transformations for Engineering Critical Systems by Ákos Horváth
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
Ákos Horváth723 views
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications by Gábor Szárnyas
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Gábor Szárnyas684 views
PhD Proposal talk by Ray Buse
PhD Proposal talkPhD Proposal talk
PhD Proposal talk
Ray Buse1.2K views
Model-based Detection of Runtime Inconsistencies by Daniel Lehner
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime Inconsistencies
Daniel Lehner55 views
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin... by Daniel Varro
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
Daniel Varro505 views
GPCE16: Automatic Non-functional Testing of Code Generators Families by Mohamed BOUSSAA
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators Families
Mohamed BOUSSAA859 views
Web Macros by cscaffid
Web MacrosWeb Macros
Web Macros
cscaffid417 views
SICOMORO by miso_uam
SICOMOROSICOMORO
SICOMORO
miso_uam433 views
Prasad_CTP by Prasad Bhat
Prasad_CTPPrasad_CTP
Prasad_CTP
Prasad Bhat517 views
Tool-Driven Technology Transfer in Software Engineering by Heiko Koziolek
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software Engineering
Heiko Koziolek178 views
Focap by Adrian FLOREA
FocapFocap
Focap
Adrian FLOREA805 views
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St... by Luca Berardinelli
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Luca Berardinelli24 views
SERENE 2014 School: Daniel varro serene2014_school by Henry Muccini
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_school
Henry Muccini688 views
SERENE 2014 School: Incremental Model Queries over the Cloud by SERENEWorkshop
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENEWorkshop725 views
Modernizing Testing as Apps Re-Architect by DevOps.com
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-Architect
DevOps.com238 views
Paper summary by Adam Feldscher
Paper summaryPaper summary
Paper summary
Adam Feldscher61 views
Towards Design-space Exploration of Component Chains in Vehicle Software by Alessio Bucaioni
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle Software
Alessio Bucaioni124 views
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production... by Robert Grossman
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
Robert Grossman2.3K views

More from IncQuery Labs

IncQuery_presentation_Incose_EMEA_WSEC.pptx by
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery Labs
27 views37 slides
IncQuery-Integrate22-20220607.pdf by
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery Labs
13 views27 slides
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310 by
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Labs
104 views33 slides
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man... by
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...IncQuery Labs
172 views25 slides
IncQuery Suite demo for INCOSE 2022IW by
IncQuery Suite demo for INCOSE 2022IWIncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IWIncQuery Labs
198 views20 slides
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ... by
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...IncQuery Labs
193 views16 slides

More from IncQuery Labs(12)

IncQuery_presentation_Incose_EMEA_WSEC.pptx by IncQuery Labs
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery Labs27 views
IncQuery-Integrate22-20220607.pdf by IncQuery Labs
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdf
IncQuery Labs13 views
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310 by IncQuery Labs
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Labs104 views
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man... by IncQuery Labs
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
IncQuery Labs172 views
IncQuery Suite demo for INCOSE 2022IW by IncQuery Labs
IncQuery Suite demo for INCOSE 2022IWIncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IW
IncQuery Labs198 views
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ... by IncQuery Labs
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
IncQuery Labs193 views
Towards Continuous Consistency Checking of DevOps Artefacts by IncQuery Labs
Towards Continuous Consistency Checking of DevOps ArtefactsTowards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps Artefacts
IncQuery Labs208 views
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man... by IncQuery Labs
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
IncQuery Labs151 views
The Genesis of Holistic Systems Design by IncQuery Labs
The Genesis of Holistic Systems DesignThe Genesis of Holistic Systems Design
The Genesis of Holistic Systems Design
IncQuery Labs195 views
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs by IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery LabsIncquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
IncQuery Labs97 views
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee... by IncQuery Labs
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
IncQuery Labs359 views
Lessons learned from building Eclipse-based add-ons for commercial modeling t... by IncQuery Labs
Lessons learned from building Eclipse-based add-ons for commercial modeling t...Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
IncQuery Labs271 views

Recently uploaded

Digital Watermarking Of Audio Signals.pptx by
Digital Watermarking Of Audio Signals.pptxDigital Watermarking Of Audio Signals.pptx
Digital Watermarking Of Audio Signals.pptxAyushJaiswal781174
8 views25 slides
SWM L1-L14_drhasan (Part 1).pdf by
SWM L1-L14_drhasan (Part 1).pdfSWM L1-L14_drhasan (Part 1).pdf
SWM L1-L14_drhasan (Part 1).pdfMahmudHasan747870
48 views150 slides
802.11 Computer Networks by
802.11 Computer Networks802.11 Computer Networks
802.11 Computer NetworksTusharChoudhary72015
9 views33 slides
SWM L15-L28_drhasan (Part 2).pdf by
SWM L15-L28_drhasan (Part 2).pdfSWM L15-L28_drhasan (Part 2).pdf
SWM L15-L28_drhasan (Part 2).pdfMahmudHasan747870
28 views93 slides
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th... by
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...ahmedmesaiaoun
12 views84 slides
SEMI CONDUCTORS by
SEMI CONDUCTORSSEMI CONDUCTORS
SEMI CONDUCTORSpavaniaalla2005
20 views8 slides

Recently uploaded(20)

Digital Watermarking Of Audio Signals.pptx by AyushJaiswal781174
Digital Watermarking Of Audio Signals.pptxDigital Watermarking Of Audio Signals.pptx
Digital Watermarking Of Audio Signals.pptx
AyushJaiswal7811748 views
SWM L1-L14_drhasan (Part 1).pdf by MahmudHasan747870
SWM L1-L14_drhasan (Part 1).pdfSWM L1-L14_drhasan (Part 1).pdf
SWM L1-L14_drhasan (Part 1).pdf
MahmudHasan74787048 views
802.11 Computer Networks by TusharChoudhary72015
802.11 Computer Networks802.11 Computer Networks
802.11 Computer Networks
TusharChoudhary720159 views
SWM L15-L28_drhasan (Part 2).pdf by MahmudHasan747870
SWM L15-L28_drhasan (Part 2).pdfSWM L15-L28_drhasan (Part 2).pdf
SWM L15-L28_drhasan (Part 2).pdf
MahmudHasan74787028 views
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th... by ahmedmesaiaoun
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...
Performance of Back-to-Back Mechanically Stabilized Earth Walls Supporting th...
ahmedmesaiaoun12 views
SEMI CONDUCTORS by pavaniaalla2005
SEMI CONDUCTORSSEMI CONDUCTORS
SEMI CONDUCTORS
pavaniaalla200520 views
Deutsch Crimping by Iwiss Tools Co.,Ltd
Deutsch CrimpingDeutsch Crimping
Deutsch Crimping
Iwiss Tools Co.,Ltd21 views
Wire Rope by Iwiss Tools Co.,Ltd
Wire RopeWire Rope
Wire Rope
Iwiss Tools Co.,Ltd9 views
LFA-NPG-Paper.pdf by harinsrikanth
LFA-NPG-Paper.pdfLFA-NPG-Paper.pdf
LFA-NPG-Paper.pdf
harinsrikanth40 views
Informed search algorithms.pptx by Dr.Shweta
Informed search algorithms.pptxInformed search algorithms.pptx
Informed search algorithms.pptx
Dr.Shweta13 views
SNMPx by Amatullahbutt
SNMPxSNMPx
SNMPx
Amatullahbutt14 views
Stone Masonry and Brick Masonry.pdf by Mohammed Abdullah Laskar
Stone Masonry and Brick Masonry.pdfStone Masonry and Brick Masonry.pdf
Stone Masonry and Brick Masonry.pdf
Mohammed Abdullah Laskar20 views
An approach of ontology and knowledge base for railway maintenance by IJECEIAES
An approach of ontology and knowledge base for railway maintenanceAn approach of ontology and knowledge base for railway maintenance
An approach of ontology and knowledge base for railway maintenance
IJECEIAES12 views
Dynamics of Hard-Magnetic Soft Materials by Shivendra Nandan
Dynamics of Hard-Magnetic Soft MaterialsDynamics of Hard-Magnetic Soft Materials
Dynamics of Hard-Magnetic Soft Materials
Shivendra Nandan13 views
Saikat Chakraborty Java Oracle Certificate.pdf by SaikatChakraborty787148
Saikat Chakraborty Java Oracle Certificate.pdfSaikat Chakraborty Java Oracle Certificate.pdf
Saikat Chakraborty Java Oracle Certificate.pdf
SaikatChakraborty78714814 views
Plumbing by Iwiss Tools Co.,Ltd
PlumbingPlumbing
Plumbing
Iwiss Tools Co.,Ltd15 views
fakenews_DBDA_Mar23.pptx by deepmitra8
fakenews_DBDA_Mar23.pptxfakenews_DBDA_Mar23.pptx
fakenews_DBDA_Mar23.pptx
deepmitra812 views
Electrical Crimping by Iwiss Tools Co.,Ltd
Electrical CrimpingElectrical Crimping
Electrical Crimping
Iwiss Tools Co.,Ltd21 views
MK__Cert.pdf by Hassan Khan
MK__Cert.pdfMK__Cert.pdf
MK__Cert.pdf
Hassan Khan8 views
MSA Website Slideshow (16).pdf by msaucla
MSA Website Slideshow (16).pdfMSA Website Slideshow (16).pdf
MSA Website Slideshow (16).pdf
msaucla46 views

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

  • 1. Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
  • 2. Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
  • 3. Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
  • 4. Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
  • 5. Motivating Example and Scope 5 Battery control Data transfer
  • 6. Property to check 6 Should never transmit when the battery is below 40%
  • 7. Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
  • 8. Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
  • 9. Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
  • 10. MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
  • 11. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
  • 12. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
  • 13. MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
  • 14. Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
  • 15. Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
  • 16. References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
  • 17. References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
  • 18. Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
  • 19. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
  • 20. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40