When Do We (Not) Need Complex Assume-Guarantee Rules?

Assume-guarantee (AG) reasoning is a compositional verification method where a verification task involving many processes is broken into multiple verification tasks involving fewer and/or simpler processes. Unfortunately, AG verification rules, and especially circular rules are often complex and hen...

Full description

Saved in:
Bibliographic Details
Published in2015 15th International Conference on Application of Concurrency to System Design pp. 30 - 39
Main Authors Siirtola, Antti Tapani, Tripakis, Stavros, Heljanko, Keijo
Format Conference Proceeding Journal Article
LanguageEnglish
Published IEEE 01.06.2015
Subjects
alternating simulation
Automata
circular assume-guarantee reasoning
Cognition
compositional reasoning
Concurrency
Concurrent computing
Conferences
Context
Explosions
Formalism
Information technology
interface automata
labelled transition systems
Reasoning
Rule based
Simulation
System analysis and design
Systems design
Tasks
weak simulation
Online AccessGet full text

Cover

More Information
Summary:Assume-guarantee (AG) reasoning is a compositional verification method where a verification task involving many processes is broken into multiple verification tasks involving fewer and/or simpler processes. Unfortunately, AG verification rules, and especially circular rules are often complex and hence hard to reason about. This raises the question whether complex rules are really necessary, especially in view of formalisms that already enable compositional reasoning via simple rules based on precongruence. This paper investigates this question for two formalisms: (1) labelled transition systems (LTS) with parallel composition and weak simulation, and (2) interface automata (IA) with composition and alternating simulation > <;O I . In (1), not all AG rules are sound and the precongruence rule cannot replace all sound ones, but we can provide a generic and sound AG rule that complements the precongruence rule. We show that in (2) all AG rules are sound and can be replaced by a simple rule where all premisses are of the form P i > <;O I Q t . Moreover, we show that proofs in the LTS AG rule can be converted into proofs in the simple IA rule. This suggests that circular reasoning is a built-in feature of the IA formalism, and provided system components can be modelled as IA, complex assume-guarantee rules are not needed.
Bibliography:ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Conference-1
ObjectType-Feature-3
content type line 23
SourceType-Conference Papers & Proceedings-2
ISSN:2374-8567
1550-4808
DOI:10.1109/ACSD.2015.19