Model Checking of CTL-Extended OCL Specifications

  • Robert Bill
  • Sebastian Gabmeyer
  • Petra Kaufmann
  • Martina Seidl
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8706)


In software modeling, the Object Constraint Language (OCL) is an important language to specify properties that a model has to satisfy. The design of OCL reflects the structure of MOF-based modeling languages like UML and its tight integration results in an intuitive usability. But OCL allows to express properties only in the context of a single instance model and not with respect to a sequence of instance models that capture the execution of the system.

In this paper, we show how OCL can be extended with CTL-based temporal operators to express properties over the lifetime of an instance model. We formally introduce syntax and semantics of our OCL extension cOCL. The properties specified with our OCL extension can be verified with our explicit state space model checking framework, called MocOCL. In a case study, we illustrate the expressiveness and usability of our approach and evaluate the performance of our implementation.


State Space Model Check Object Constraint Language Graph Transformation Test Person 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arendt, T., Biermann, E., Jurack, S., Krause, C., Taentzer, G.: Henshin: Advanced Concepts and Tools for In-Place EMF Model Transformations. In: Petriu, D.C., Rouquette, N., Haugen, Ø. (eds.) MODELS 2010, Part I. LNCS, vol. 6394, pp. 121–135. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Baier, C., Katoen, J.P.: Principles of model checking. MIT Press (2008)Google Scholar
  3. 3.
    Bill, R., Gabmeyer, S., Kaufmann, P., Seidl, M.: OCL meets CTL: Towards CTL-Extended OCL Model Checking. In: Kleine Büning, H. (ed.) CSL 1995. LNCS, vol. 1092, pp. 13–22. Springer, Heidelberg (1996)Google Scholar
  4. 4.
    Bill, R., Gabmeyer, S., Kaufmann, P., Seidl, M.: Model Checking of CTL-Extended OCL Specifications. Tech. Rep. BIG-TR-2014-2, E188 - Institut für Softwaretechnik und Interaktive Systeme; Technische Universität Wien (2014)Google Scholar
  5. 5.
    Bradfield, J.C., Küster Filipe, J., Stevens, P.: Enriching OCL Using Observational Mu-Calculus. In: Kutsche, R.-D., Weber, H. (eds.) FASE 2002. LNCS, vol. 2306, pp. 203–217. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Clarke, E.M., Emerson, E.A.: Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic. In: Kozen, D. (ed.) Logic of Programs 1981. LNCS, vol. 131, pp. 52–71. Springer, Heidelberg (1982)CrossRefGoogle Scholar
  7. 7.
    Clarke, E.M., Grumberg, O., Peled, D.: Model checking. MIT Press (1999)Google Scholar
  8. 8.
    Distefano, D., Katoen, J.-P., Rensink, A.: On a Temporal Logic for Object-Based Systems. In: Formal Methods for Open Object-Based Distributed Systems IV. IFIP AICT, vol. 49, pp. 305–325. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  9. 9.
    D’Silva, V., Kroening, D., Weissenbacher, G.: A Survey of Automated Techniques for Formal Software Verification. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 27(7), 1165–1178 (2008)CrossRefGoogle Scholar
  10. 10.
    Dwyer, M.B., Avrunin, G.S., Corbett, J.C.: Patterns in Property Specifications for Finite-State Verification. In: Proceedings of the 21st International Conference on Software Engineering, pp. 411–420. ACM (1999)Google Scholar
  11. 11.
    Ehrig, H., Ehrig, K., Prange, U., Taentzer, G.: Fundamentals of Algebraic Graph Transformation. Springer (2006)Google Scholar
  12. 12.
    Flake, S., Müller, W.: Formal semantics of static and temporal state-oriented OCL constraints. Software and System Modeling 2(3), 164–186 (2003)CrossRefGoogle Scholar
  13. 13.
    Gabmeyer, S., Kaufmann, P., Seidl, M.: A feature-based classification of formal verification techniques for software models. Tech. Rep. BIG-TR-2014-1, Institut für Softwaretechnik und Interaktive Systeme; Technische Universität Wien (2014)Google Scholar
  14. 14.
    Jhala, R., Majumdar, R.: Software model checking. ACM Comput. Surv. 41(4) (2009)Google Scholar
  15. 15.
    Jussila, T., Dubrovin, J., Junttila, T., Latvala, T.L., Porres, I.: Model Checking Dynamic and Hierarchical UML State Machines. In: Models in Software Engineering. LNCS, vol. 4364, p. 15. Springer (2006)Google Scholar
  16. 16.
    Kanso, B., Taha, S.: Temporal Constraint Support for OCL. In: Czarnecki, K., Hedin, G. (eds.) SLE 2012. LNCS, vol. 7745, pp. 83–103. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  17. 17.
    Kastenberg, H., Rensink, A.: Model Checking Dynamic States in GROOVE. In: Valmari, A. (ed.) SPIN 2006. LNCS, vol. 3925, pp. 299–305. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Kern, C., Greenstreet, M.R.: Formal Verification in Hardware Design: A Survey. ACM Transactions on Design Automation of Electronic Systems (TODAES) 4(2), 123–193 (1999)CrossRefGoogle Scholar
  19. 19.
    Knapp, A., Wuttke, J.: Model Checking of UML 2.0 Interactions. In: Kühne, T. (ed.) MoDELS 2006. LNCS, vol. 4364, pp. 42–51. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Lail, M.A., Abdunabi, R., France, R., Ray, I.: An Approach to Analyzing Temporal Properties in UML Class Models. In: Proceedings of the 10th International Workshop on Model Driven Engineering, Verification and Validation (MoDeVVa 2013). CEUR Workshop Proceedings, vol. 1069, pp. 77–86. (2013)Google Scholar
  21. 21.
    Moffett, Y., Dingel, J., Beaulieu, A.: Verifying Protocol Conformance Using Software Model Checking for the Model-Driven Development of Embedded Systems. IEEE Software Engineering 39(9), 1307–13256 (2013)CrossRefGoogle Scholar
  22. 22.
    Mullins, J., Oarga, R.: Model Checking of Extended OCL Constraints on UML Models in SOCLe. In: Bonsangue, M.M., Johnsen, E.B. (eds.) FMOODS 2007. LNCS, vol. 4468, pp. 59–75. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  23. 23.
    Rensink, A., Zambon, E.: Neighbourhood Abstraction in GROOVE. ECEASST 32, 44–56Google Scholar
  24. 24.
    Richters, M., Gogolla, M.: OCL: Syntax, Semantics, and Tools. In: Clark, A., Warmer, J. (eds.) Object Modeling with the OCL. LNCS, vol. 2263, pp. 42–68. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  25. 25.
    Selic, B.: What will it take? A view on adoption of model-based methods in practice. Software and Systems Modeling 11, 513–526 (2012)CrossRefGoogle Scholar
  26. 26.
    Soden, M., Eichler, H.: Temporal Extensions of OCL Revisited. In: Paige, R.F., Hartman, A., Rensink, A. (eds.) ECMDA-FA 2009. LNCS, vol. 5562, pp. 190–205. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Soden, M., Eichler, H.: Towards a model execution framework for Eclipse. In: Proceedings of the 1st Workshop on Behaviour Modelling in Model-Driven Architecture, Enschede, the Netherlands, pp. 1–4. ACM Press, New York (2009)Google Scholar
  28. 28.
    Soeken, M., Wille, R., Kuhlmann, M., Gogolla, M., Drechsler, R.: Verifying UML/OCL models using Boolean satisfiability. In: Design, Automation and Test in Europe, pp. 1341–1344. IEEE (2010)Google Scholar
  29. 29.
    Ziemann, P., Gogolla, M.: OCL Extended with Temporal Logic. In: Broy, M., Zamulin, A.V. (eds.) PSI 2003. LNCS, vol. 2890, pp. 351–357. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  30. 30.
    Zurowska, K., Dingel, J.: Model Checking of UML-RT Models Using Lazy Composition. In: Moreira, A., Schätz, B., Gray, J., Vallecillo, A., Clarke, P. (eds.) MODELS 2013. LNCS, vol. 8107, pp. 304–319. Springer, Heidelberg (2013)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Robert Bill
    • 1
  • Sebastian Gabmeyer
    • 1
  • Petra Kaufmann
    • 1
  • Martina Seidl
    • 2
  1. 1.Business Informatics GroupTU WienAustria
  2. 2.Institute for Formal Models and VerificationJKU LinzAustria

Personalised recommendations