Extracting environmental constraints to make reactive system specifications realizable

作     者：Hagihara, Shigeki Shimakawa, Masaya Yonezaki, Naoki Kitamura, Yusuke Sekido, Satoshi 

作者机构：Department of Computer Science Graduate School of Information Science and Engineering Institute of Technology Japan System Engineering Dept. Sony Business Solutions Corporation Value Creation Division Japan Department of Communications and Integrated Systems Graduate School of Science and Engineering Tokyo Institute of Technology Japan 

出 版 物：《Computer Software》 (Comput. Softw.)

年 卷 期：2011年第28卷第3期

页      面：132-146页

核心收录：

主　　题：Specifications 

摘      要：Many fatal accidents of safety critical reactive systems have occurred in unexpected situations which had not been considered during design and test phases of the systems. To prevent these accidents, reactive systems should be designed to respond appropriately to any requests of any timing from their environments. Verifying this property in specification phase reduces the development costs of safety critical reactive systems. This property of a specification is well known as realizability. If a specification was found not to be realizable, we have to determine the flaws in the unrealizable specification. Unrealizability of a specification arises from arbitrary requirements given by system designers. From a different point of view, it can be thought that the unrealizable specification implicitly imposes a precondition on the behavior of environment, which a system can not control. If it is possible to obtain the precondition in intuitively comprehensive forms, this makes it easy for system designers to understand the cause of flaws in specifications. In this paper, we propose methods for deriving constraints on the behavior of environments, which is implicitly imposed by unrealizable specifications. Instead of realizability, we use strong satisfiability which is a necessary condition for realizability, due to the fact that many practical unrealizable specifications are also strongly unsatisfiable, and strong satisfiability have the advantage of lower complexity for analysis against realizability. These methods derive constraints in propositional linear temporal logic from Büchi automata representing specifications. The expressions of derived constraints are limited to simple and intuitively comprehensive forms where only two temporal operators appear successively. We give proofs for three correctness properties of our methods, i.e. the termination property, the soundness property, and the weakest constraints derivability. We also discuss complexity of our methods. Fi