Tightening a Contract Refinement
نویسندگان
چکیده
Contract-based design is an emerging paradigm for correctby-construction hierarchical systems: components are associated with assumptions and guarantees expressed as formal properties; the architecture is analyzed by verifying that each contract of composite components is correctly refined by the contracts of its subcomponents. The approach is very efficient, because the overall correctness proof is decomposed into proofs local to each component. However, part of the complexity is delegated to the designer, who has the burden of specifying the contracts. Typical problems include understanding which contracts are necessary, and how they can be simplified without breaking the correctness of the refinement. In this paper, we tackle these problems by proposing a new technique to understand and simplify a contract refinement. The technique, called tightening, is based on parameter synthesis. The idea is to generate a set of parametric proof obligations, where each parameter evaluation corresponds to a variant of the original contract refinement, and to search for tighter variants of the contracts that still ensure the correctness of the refinement. We cast this approach in the OCRA framework, where contracts are expressed with LTL formulas, and we evaluate its performance and effectiveness on a number of benchmarks.
منابع مشابه
Contract-Based Design: a Temporal Logics Approach∗
1. EXTENDED ABSTRACT Contract-based design, first conceived for software specification [7] and now also applied to embedded systems (cfr. e.g., [2, 1]), structures the component properties into contracts. A contract specifies the properties assumed to be satisfied by the component environment (assumptions), and the properties guaranteed by the component in response (guarantees). There are sever...
متن کاملStatic Contract Checking via First-Order Logic
We enrich the static semantics of Haskell in order to give stronger static guarantees about the input/output behavior of programs. Our approach has two parts: a contract system for Haskell, and a novel strategy for statically checking that a term satisfies a contract. The contract system includes refinement types, which refine Haskell types by arbitrary Boolean-valued Haskell expressions, and a...
متن کاملA Refinement Checking Technique for Contract-Based Architecture Designs
During the development of software intensive systems, typically several models of this system are designed. These various models represent the system structured by different concerns, e. g. abstraction. While these approaches help to cope with complexity, the need of relating the models to one another arises. A major task is to keep model specifications consistent and traceable through special ...
متن کاملMoving from Specifications to Contracts in Component-Based Design
We study the relation between specifications of component behaviors and contracts providing means to specify assumptions on environments as well as component guarantees. We show how a contract framework can be built in a generic way on top of any specification theory which supports composition and specification refinement. Our contract framework lifts refinement to the level of contracts and pr...
متن کاملGenerator-based Design Flows for Reconfigurable Computing: A Tutorial on Tool Integration using FLAME
High-performance design flows for FPGAs often rely on module generators to implement fast sub-circuits. However, the very flexibility of current generator systems makes their automatic use by synthesis and floorplanning steps difficult. We present a common model to express generator capabilities and design characteristics to client tools. Examples show how an active query/reply scheme supports ...
متن کامل