Application of design for verification with concurrency controllers to air traffic control software

Authors:
Aysu Betin-Can;Tevfik Bultan;Mikael Lindvall;Benjamin Lux;Stefan Topp
Affiliations:
University of California, Santa Barbara, CA;University of California, Santa Barbara, CA;Fraunhofer Center for Experimental Software Engineering, College Park, MD;Fraunhofer Center for Experimental Software Engineering, College Park, MD;Fraunhofer Center for Experimental Software Engineering, College Park, MD
Venue:
Proceedings of the 20th IEEE/ACM international Conference on Automated software engineering
Year:
2005

Citing 17
Cited 9

Automatically closing open reactive programs

PLDI '98 Proceedings of the ACM SIGPLAN 1998 conference on Programming language design and implementation
Automatically validating temporal safety properties of interfaces

SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
Transformations for model checking distributed Java programs

SPIN '01 Proceedings of the 8th international SPIN workshop on Model checking of software
Tool-supported program abstraction for finite-state verification

ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Concurrent Programming in Java. Second Edition: Design Principles and Patterns

Concurrent Programming in Java. Second Edition: Design Principles and Patterns
Specification, verification, and synthesis of concurrency control components

ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis
Model Checking Programs

Automated Software Engineering
A Formal Object-Oriented Analysis for Software Reliability: Design for Verification

FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Interface Compatibility Checking for Software Modules

CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Modular verification of software components in C

Proceedings of the 25th International Conference on Software Engineering
The program dependence graph in a software development environment

SDE 1 Proceedings of the first ACM SIGSOFT/SIGPLAN software engineering symposium on Practical software development environments
Action Language Verifier

Proceedings of the 16th IEEE international conference on Automated software engineering
Program analysis alleviates java synchronization

Program analysis alleviates java synchronization
Analyzing Interaction Orderings with Model Checking

Proceedings of the 19th IEEE international conference on Automated software engineering
Verifiable Concurrent Programming Using Concurrency Controllers

Proceedings of the 19th IEEE international conference on Automated software engineering
Design for verification for asynchronously communicating Web services

WWW '05 Proceedings of the 14th international conference on World Wide Web
Thread-modular model checking

SPIN'03 Proceedings of the 10th international conference on Model checking software

Application of automated environment generation to commercial software

Proceedings of the 2006 international symposium on Software testing and analysis
A Contract-based Approach to Specifying and Verifying Safety Critical Systems

Electronic Notes in Theoretical Computer Science (ENTCS)
Interface grammars for modular software model checking

Proceedings of the 2007 international symposium on Software testing and analysis
Experimenting with software testbeds for evaluating new technologies

Empirical Software Engineering
Eliminating synchronization faults in air traffic control software via design for verification with concurrency controllers

Automated Software Engineering
Behavioural model fusion: an overview of challenges

Proceedings of the 2008 international workshop on Models in software engineering
Scalable Software Model Checking Using Design for Verification

Verified Software: Theories, Tools, Experiments
Towards compositional synthesis of evolving systems

Proceedings of the 16th ACM SIGSOFT International Symposium on Foundations of software engineering
Formal testing for separation assurance

Annals of Mathematics and Artificial Intelligence

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present an experimental study which demonstrates that model checking techniques can be effective in finding synchronization errors in safety critical software when they are combined with a design for verification approach. We apply the concurrency controller design pattern to the implementation of the synchronization operations in Java programs. This pattern enables a modular verification strategy by decoupling the behaviors of the concurrency controllers from the behaviors of the threads that use them using interfaces specified as finite state machines. The behavior of a concurrency controller can be verified with respect to arbitrary numbers of threads using infinite state model checking techniques, and the threads which use the controller classes can be checked for interface violations using finite state model checking techniques. We present techniques for thread isolation which enables us to analyze each thread in the program separately during interface verification. We conducted an experimental study investigating the effectiveness of the presented design for verification approach on safety critical air traffic control software. In this study, we first reengineered the Tactical Separation Assisted Flight Environment (TSAFE) software using the concurrency controller design pattern. Then, using fault seeding, we created 40 faulty versions of TSAFE and used both infinite and finite state verification techniques for finding the seeded faults. The experimental study demonstrated the effectiveness of the presented modular verification approach and resulted in a classification of faults that can be found using the presented approach.