Abstract
We propose a new Statistical Model Checking (SMC) method to discover bugs in variability-intensive systems (VIS). The state-space of such systems is exponential in the number of variants, which makes the verification problem harder than for classical systems. To reduce verification time, we sample executions from a featured transition system – a model that represents jointly the state spaces of all variants. The combination of this compact representation and the inherent efficiency of SMC allows us to find bugs much faster (up to 16 times according to our experiments) than other methods. As any simulation-based approach, however, the risk of Type-1 error exists. We provide a lower bound and an upper bound for the number of simulations to perform to achieve the desired level of confidence. Our empirical study involving 59 properties over three case studies reveals that our method manages to discover all variants violating 41 of the properties. This indicates that SMC can act as a low-cost-high-reward method for verifying VIS.
Highlights
We consider the problem of bug detection in Variability Intensive Systems (VIS)
The behaviour of the system is often represented as a transition system (S, ∆, AP, L) where S is a set of states, ∆ ⊆ S × S is the transition relation, AP is a set of atomic propositions3 and L : S → 2AP labels any state with the atomic propositions that the system satisfies when in such a state
We focus on featured transition systems [11] as those can link an execution to the variants able to execute it more directly than the alternative formalisms
Summary
We consider the problem of bug detection in Variability Intensive Systems (VIS). This category of systems encompasses any system that can be derived into multiple variants (differing, e.g., in provided functionalities), including software product lines [12] and configurable systems [32]. Vardi and Wolper have presented an automata-based approach for checking that a system – modelled as a transition system ts – satisfies an LTL formula φ [37]. Their approach consists of, first, transforming φ into a Buchi automaton B¬φ whose language is exactly the set of executions that violate φ, that is, those that visit infinitely often a so-called accepting state. Such execution σ takes the form of a lasso, i.e. σ = q0 . We name accepting any such lasso whose cycle contains an accepting state
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
