Skip to main content
SpringerLink
Log in

On using data abstractions for model checking refinements

  • Original Article
  • Published:
Acta Informatica Aims and scope Submit manuscript

Abstract

In this paper we investigate how standard model checkers can be applied to checking refinement relationships between Z specifications. The major obstacle to such a use are the (potentially) infinite data domains in specifications. Consequently, we examine the application of data abstraction techniques for reducing the infinite to a finite state space. Since data abstractions do, however, decrease the amount of information in a specification, refinement can—in general—not be proven on the abstractions anymore, it can only be disproved. The model checker can thus be used to generate counter examples to a refinement relationship. Here, we show how abstract specifications can be systematically constructed (from a given data abstraction) and how a standard model checker (FDR) can be applied to find counter examples in case when refinement is absent. We especially discuss the applicability of the construction method: it constructs abstract specifications which are either upward or downward simulations of the original specifications, and depending on the operations in the specification and the data abstraction chosen, such a construction might succeed or fail. The construction abstracts both the input/output as well as the state.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Boiten, E.A., Derrick, J.: IO-refinement in Z. In: Evans, A., Duke, D.J., Clark, T. (eds.) 3rd BCS-FACS Northern Formal Methods Workshop. Springer, Heidelberg (1998). http://www.ewic. org.uk/

  2. Bolton, C.: On the refinement of state-based and event-based models. PhD Thesis, University of Oxford (2002)

  3. Bolton, C.: Using the alloy analyzer to verify data refinement in Z. In: Refine 2005. Electronic Notes in Theoretical Computer Science (2005)

  4. Bolton, C., Davies, J.: Refinement in object-Z and CSP. In: Butler, M., Petre, L., Sere, K. (eds.) Integrated Formal Methods (IFM 2002). Lecture Notes in Computer Science, vol. 2335, pp. 225–244. Springer, Heidelberg (2002)

  5. Bolton, C., Davies, J.: A singleton failures semantics for communicating sequential processes. Form. Asp. Comput. (2006, to appear)

  6. Bolton C. and Lowe G. (2005). A hierarchy of failures-based models: Theory and application. Theor. Comput. Sci. 330(3): 407–438

    Article  MATH  MathSciNet  Google Scholar 

  7. Clarke, E.M., Grumberg, O., Long, D.E.: Model checking and abstraction. In: 19th ACM POPL (1992)

  8. Clarke E.M., Grumberg O., Jha S., Lu Y. and Veith H. (2003). Counterexample-guided abstraction refinement for symbolic model checking. JACM 50(5): 752–794

    Article  MathSciNet  Google Scholar 

  9. Cousot, P.: Abstract interpretation. ACM Comput. Surv. 28(2) (1996)

  10. Cousot, P., Cousot, R.: Abstract interpretation: A unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: 4th ACM POPL (1977)

  11. Dams, D., Grumberg, O., Gerth, R.: Abstract interpretation of reactive systems: abstractions preserving ∀ CTL *, ∃ CTL * and CTL *. In: Olderog, E.-R. (ed.) Programming Concepts, Methods and Calculi, vol. A-56, pp. 573–592. Elsevier, Amsterdam (1994)

  12. Derrick J. and Boiten E.A. (1999). Calculating upward and downward simulations of state-based specifications. Inf. Softw. Technol. 41: 917–923

    Article  Google Scholar 

  13. Derrick, J., Boiten, E.A.: Refinement in Z and object-Z. Springer, Heidelberg (2001)

  14. Derrick J. and Boiten E.A. (2003). Relational concurrent refinement. Formal Aspects of Computing 15(1): 182–214

    Article  MATH  Google Scholar 

  15. de Roever, W.-P., Engelhardt, K.: Data refinement: model-oriented proof methods and their comparison. CUP (1998)

  16. Farias, A., Mota, A., Sampaio, A.: Efficient CSPZ data abstraction. In: Integrated Formal Methods (IFM 2004). LNCS, vol. 2966, pp. 108–127 (2004)

  17. Fischer, C., Wehrheim, H.: Model-checking CSP-OZ specifications with FDR. In: Araki, K., Galloway, A., Taguchi, K. (eds.) Proceedings of the 1st International Conference on Integrated Formal Methods (IFM), pp. 315–334. Springer, Heidelberg (1999)

  18. Formal Systems (Europe) Ltd. Failures-divergence refinement: FDR2 user manual (1997)

  19. He, J.: Process refinement. In: McDermid, J. (ed.) The Theory and Practice of Refinement. Butterworths (1989)

  20. Hoare, C.A.R.: Communicating Sequential Processes. Prentice Hall, Englewood Cliffs (1985)

  21. Josephs M.B. (1988). A state-based approach to communicating processes.. Distrib. Comput. 3: 9–18

    Article  MATH  Google Scholar 

  22. Kassel, G., Smith, G.: Model checking object-Z classes: some experiments with FDR. In: Asia-Pacific Software Engineering Conference (APSEC 2001). IEEE Computer Society Press (2001)

  23. Lazic, R.: A semantic study of data independence with applications to model checking. PhD Thesis, Oxford University Computing Laboratory (1999)

  24. Lazic, R., Roscoe, A.W.: Data independence with generalised predicate symbols. In: Parallel and Distributed Processing Techniques and Applications (PDPTA), pp. 319–325. CSREA Press (1999)

  25. Leuschel, M, Butler, M.J.: Automatic refinement checking for B. In: Kung-Kiu Lau, Richard Banach (eds.) ICFEM. Lecture Notes in Computer Science, vol. 3785, pp. 345–359. Springer, Heidelberg (2005)

  26. Loiseaux C., Graf S., Sifakis J., Bouajjani A. and Bensalem S. (1995). Property preserving abstractions for the verification of concurrent systems. Form. Methods Syst. Des. 6: 1–35

    Google Scholar 

  27. Mota A. and Sampaio A. (2001). Model-checking CSP-Z: strategy, tool support and industrial application. Sci. Comput. Program. 40: 59–96

    Article  MATH  Google Scholar 

  28. Mota, A., Borba, P., Sampaio, A.: Mechanical abstraction of CSP-Z processes. In: Eriksson, L.-H., Lindsay, P. (eds.) Formal Methods Europe (FME’2002). LNCS, vol. 2391, pp. 163–183. Springer, Heidelberg (2002)

  29. Roscoe, A.W.: The theory and practice of concurrency (1998)

  30. Saaltink, M.: The Z/EVES system. In: ZUM ’97. LNCS, vol. 1212, pp. 72–88. Springer, Heidelberg (1997)

  31. Scattergood, J.B.: The semantics and implementation of machine-readable CSP. PhD Thesis, University of Oxford (1998)

  32. Schneider, S.: Non-blocking data refinement and traces-divergences semantics. Technical report, University of Surrey (2005)

  33. Smith G. and Derrick J. (2001). Specification, refinement and verification of concurrent systems—an integration of Object-Z and CSP. Form. Methods Syst. Des. 18: 249–284

    Article  MATH  Google Scholar 

  34. Smith, G., Derrick, J.: Model checking downward simulations. In: REFINE 2005, Electronic notes in theoretical computer science, vol. 137, pp. 205–224 (2005)

  35. Smith G. and Derrick J. (2006). Verifying data refinements using a model checker. Form. Asp. Comput. 18(3): 264–287

    Article  MATH  Google Scholar 

  36. Smith, G., Wildman, L.: Model checking Z specifications using SAL. In: International conference of B and Z users (ZB 2005). Lecture Notes in Computer Science, vol. 3455, pp. 85–103. Springer, Heidelberg (2005)

  37. Spivey, J.M.: The Z notation: a reference manual, 2nd edn. Int. Ser. Comput. Sci. Prentice Hall, Englewood Cliffs (1992)

  38. Stepney, S., Cooper, D., Woodcock, J.C.P.: More powerful data refinement in Z. In: Bowen, J.P., Fett, A., Hinchey, M.G. (eds.) ZUM’98: The Z Formal Specification Notation. Lecture Notes in Computer Science, vol. 1493, pp. 284–307. Springer, Heidelberg (1998)

  39. Wehrheim, H.: Data abstraction techniques in the validation of CSP-OZ specifications. Form. Asp. Comput. 12 (2000)

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Sheffield, Sheffield, S1 4DP, UK

    John Derrick

  2. Universität Paderborn, Institut für Informatik, 33098, Paderborn, Germany

    Heike Wehrheim

Authors
  1. John Derrick
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Heike Wehrheim
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Heike Wehrheim.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Derrick, J., Wehrheim, H. On using data abstractions for model checking refinements. Acta Informatica 44, 41–71 (2007). https://doi.org/10.1007/s00236-007-0042-3

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00236-007-0042-3

Keywords

Search

Navigation