Systematic incremental validation of reactive systems via sound scenario generalization

摘要

Validating the specification of a reactive system, such as a telephone switching system, traffic controller, or automated network service, is difficult, primarily because it is extremely hard even tostate a set of complete and correct requirements, let alone toprove that a specification satisfies them. In the ISAT project[10], end-user requirements are stated as concrete behavior scenarios, and a multi-functional apprentice system aids the human developer in acquiring and maintaining a specification consistent with the scenarios. ISAT's Validation Assistant (isat-va) embodies a novel, systematic, and incremental approach to validation based on the novel technique ofsound scenario generalization, which automatically states and proves validation lemmas. This technique enablesisat-va to organize the validity proof around a novel knowledge structure, thelibrary of generalized fragments, and provides automated progress tracking and semi-automated help in increasing proof coverage. The approach combines the advantages of software testing and automated theorem proving of formal requirements, avoiding most of their shortcomings, while providing unique advantages of its own.