XBel framework -- Reasoning with Inconsistency

Project members:

Marsha Chechik, Steve Easterbrook, Benet Devereux, Arie Gurfinkel

Description:

During requirements elicitation, different stakeholders often hold different (and incompatible) views of how the proposed system should behave, resulting in inconsistencies between their descriptions. Consensus may not be needed for every detail, but it can be hard to determine whether a particular disagreement affects the critical properties of the system. Existing viewpoints-based frameworks support detection and resolution of inconsistencies, but do not support reasoning about the properties of inconsistent models. We have developed the XBel framework for dealing with such inconsistent models.

The XBel framework has been designed for merging and reasoning about multiple, inconsistent state machine models. XBel permits the analyst to choose how to combine information from the multiple viewpoints, where each viewpoint has an underlying multi-valued logic. The different values of our logics typically represent different levels of agreement. We have developed a multi-valued model checker, XChek, that allows us to check the merged model against temporal properties expressed in CTL. XChek determines a truth value for each property, effectively ascertaining the level of agreement for the property. The resulting framework can be used as an exploration tool to support requirements negotiation, by determining what properties are preserved for various combinations of inconsistent viewpoints.

Most relevant publications

A Framework for Multi-Valued Reasoning over Inconsistent Viewpoints This paper gives a general overview of the approach. (2001)
Publications on the model-checker are here.

Tools:

The framework is supported by multi-valued symbolic model-checker XChek. To obtain a copy, send an email to xchek@cs.utoronto.ca.

Future work:

1. Interfacing our model-checker with commercial model-building tools such as UML.

The idea of this project is to enable reasoning with inconsistencies and negotiation for UML models. The project involves building a converter between UML statecharts (and potentially other types of diagrams) and the input language of our model-checker, and interpretation of counter-examples in the original UML models.
Further, we may be interested in other front-ends for domain-specific reasoning.

2. Merges.

Information from different stakeholds can be merged in a variety of ways. We have identified a number of them in our work.
This project entails implementation of the different merge operations (synchronous and asynchronous composition, partial/total systems, etc.) on models expressed in the language of our model-checker. A more complex task is integrating merges with the "more usable" language of the model- checker defined in Project 1. Another more complex task is using the different merges in the domain-specific framework to help negotiation.

3. Case studies.

We have produced a number of simple case studies to assess effectiveness of our framework. We are now ready to work on realistic case studies together with our industrial partners. In particular, we are looking for people interested in conducting case
studies in

telecomm industry - here, we plan to apply our framework to the feature interaction problem
e-commerce industry - here, we are hoping to aid in negotiation between different stakeholds of the system regarding interactions of the user with the system.

Use of the framework for negotiation and conflict resolution

We are hoping that this work, together with work on model exploration, will allow us to use the framework for negotiation and conflict resolution. Yet, there is no methodology for that yet.

Last updated: Aug. 24, 2003