Abstract
We present Assume-Guarantee-Repair (AGR) – a novel framework which not only verifies that a program satisfies a set of properties, but also repairs the program in case the verification fails. We consider communicating programs – these are simple C-like programs, extended with synchronous communication actions over communication channels. Our method, which consists of a learning-based approach to assume-guarantee reasoning, performs verification and repair simultaneously: in every iteration, AGR either makes another step towards proving that the (current) system satisfies the specification, or alters the system in a way that brings it closer to satisfying the specification. We manage handling infinite-state systems by using a finite abstract representation, and reduce the semantic problems in hand – satisfying complex specifications that also contain first-order constraints – to syntactic ones, namely membership and equivalence queries for regular languages. We implemented our algorithm and evaluated it on various examples. Our experiments present compact proofs of correctness and quick repairs.
Highlights
The Assume-Guarantee (AG) style compositional verification [22,26] suggests a solution to this problem
The simplest AG rule checks if a system composed of components M1 and M2 satisfies a property P by checking that M1 under assumption A satisfies P and that any system containing M2 as a component satisfies A
AGR operates in a verify-repair loop, where each iteration runs a learning-based process to determine whether the system satisfies P, and if not, eliminates bad behaviors from M2 while enriching the set of constraints derived from these bad behaviors, which often leads to a quicker convergence
Summary
Verification of large-scale systems is a main challenge in the field of formal verification. Our setting is more complicated, since the traces in the components – both the programs and the specification – contain constraints, which are to be checked semantically and not syntactically. As we have described above, do we construct a learning-based method for the AG-rule for communicating programs, but we repair the programs in case the verification fails. AGR operates in a verify-repair loop, where each iteration runs a learning-based process to determine whether the (current) system satisfies P , and if not, eliminates bad behaviors from M2 while enriching the set of constraints derived from these bad behaviors, which often leads to a quicker convergence. Other learning-based approaches for automating assumption generation have been described in [7,17,8] All these works address non-circular rules and are limited to finite state systems.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
