A Formal Approach to Software Product Families Alexander M. Gruler TECHNISCHE UNIVERSITAT¨ MUNCHEN¨ INSTITUT FUR¨ INFORMATIK A Formal Approach to Software Product Families Alexander M. Gruler Vollst¨andiger Abdruck der von der Fakult¨at f¨ur Informatik der Technischen Universit¨at M¨unchen zur Erlangung des akademischen Grades eines Doktors der Naturwissenschaften (Dr. rer. nat.) genehmigten Dissertation. Vorsitzender: Univ.-Prof. Dr. Burkhard Rost Pr¨ufer der Dissertation: 1. Univ.-Prof. Dr. Dr. h.c. Manfred Broy 2. Univ.-Prof. Christian Lengauer, Ph.D. Universit¨at Passau Die Dissertation wurde am 17.05.2010 bei der Technischen Universit¨at M¨unchen eingereicht und durch die Fakult¨at f¨ur Informatik am 16.10.2010 angenommen. Abstract Software-intensive systems pervade our daily lives. Regarding the product range of organizations which develop software-intensive systems, many organizations do not produce unrelated systems, but rather produce families of similar systems that share certain commonalities. Prominent examples of such families of software-intensive systems can be found in a multitude of different application domains, comprising embedded as well as business information systems. For example the model variants of the same model series of a car manufacturer, e.g. the variants of the 7-series BMW, or the various variants of an operating system, e.g. the various editions of the operating system Microsoft Windows 7, constitute such families. In order to increase the efficiency in the development of such system families a reuse strategy seems sensible. The integrated development of a family of software-intensive systems by explicitly making use of their commonalities in a strategic and planned way is the subject of software product line engineering. Despite its obvious motivation, the way of constructing a family of systems by taking advantage of commonalities is not sufficiently explored—in particular with respect to its theoretical foundation. How can reuse based on commonalities between system variants take place in a systematic way? What are the fundamental concepts behind commonalities and differences of related systems? How can commonalities between family members be determined? How can the relation between family members be modeled, and how are commonalities integrated into the construction of the individual family members? What are the fundamental concepts that constitute a software product family, and when can we speak of a software product family at all? i In this thesis we address these and similar questions from the point of view of an un- derlying modeling theory, and introduce a theoretical framework for the construction of, and the reasoning about software product families and their products. On the one hand we do this for a very specific kind of software product families, where a product family represents the integrated, implementation-platform inde- pendent, operational behavior of a set of software-intensive systems. We provide a process algebraic framework for the development of such product families, which allows to benefit from behavioral commonalities for the development of individual family members. The framework comprises (i) the process algebra PF-CCS for the specification of the behavior of a set of software-intensive, reactive systems in an integrated and systematically planned way as a product family, (ii) a multi-valued, modal logic (a multi-valued version of the µ-calculus), which is tailored to the specifi- cation and verification of behavioral properties which arise when considering a large variety of similar systems, and (iii) a restructuring concept that constitutes the the- oretical basis to determine behavioral commonalities in the operational behavior of family members. On the other hand we consider software product family concepts in general, and in particular the general construction concept behind any software product family, abstracting from the concrete kind, realization and implementation of the software product family, and the kind of products which the family comprises. We formalize the conceptual construction idea behind any software product family by elaborating an axiomatization of software product family concepts. The axiomatization repre- sents a theoretical basis to manipulate and to reason about software product families in general. In addition, it characterizes the class of software product families. Note that this thesis does not present a practical approach in the sense that the introduced concepts and methods can directly be applied overnight for the practi- cal development of large software-intensive systems. Essential aspects of bringing a software product line to life, such as the definition of a suitable methodological ap- plication of the introduced concepts, or the detailed embedding into a development process, are not covered in this thesis. Our approach serves as a theoretical under- pinning for the construction of and the reasoning about software product families, which may guide the creation of practical frameworks. ii Acknowledgements This thesis would not have been possible without the encouragement, the support, and the understanding of many people. To all of them I am deeply grateful. First and foremost I want to thank my doctoral advisor Prof. Manfred Broy. The conditions and the unique research environment that he has managed to create at the Chair of Software & Systems Engineering at the TUM have made the time in his group an outstanding experience with excellent work and research opportunities, and I consider myself privileged to have been a part of it. I am very grateful for the freedom and the time he has granted me to find and pursue the topic of this thesis, and for his patience with me during that time. I also want to thank Prof. Christian Lengauer, who agreeged to act as second supervisor, and who provided very constructive and helpful suggestions to improve this thesis. During the course of creating this thesis I had to undergo some situations that gnawed at my motivation. The encouragement that I received in these situations, especially from my colleagues Martin Leucker and Makarius Wenzel, was most wel- come, and I want to thank you for that. Undoubtedly I owe Martin Leucker a dept of gratitude. In his position as an expe- rienced researcher and post-doc in our group it was him who taught me the ABC of scientific work and who introduced me to many interesting research areas. I am very happy to call him both my teacher and my friend. Special thanks to our secretary Silke M¨uller, the heart of the entire group. It is certainly no exaggeration to say that whenever she happened to be out of office, everyone immediately wished her iii back. I also want to thank my colleague Judith Thyssen for being a wonderful office mate during the last years. I am very grateful to Stefan Berghofer, David Cruz, Peter H¨ofner, Martin Leucker, Christian Leuxner, Daniel Ratiu, Martin Sachenbacher, Daniel Thoma, and Makar- ius Wenzel for reading parts of my thesis and for providing me very valuable feedback. Finally, I want to thank my family, in particular my mother and my father. Ulti- mately, it was their care, their love, and their way of raising and educating me, that has set the course for what and where I can be today. Munich, May 2010 iv Contents 1. Introduction 1 1.1. SoftwareProductLineEngineering . 2 1.2. Challenges and Their Backgrounds . 6 1.2.1. Requirements for an Improved Engineering Approach . 11 1.3. Contributions............................... 12 1.4. RelatedWork............................... 17 1.5. ThesisOutline .............................. 18 2. Formalization of Characteristic Software Product Family Concepts 21 2.1. Software Product Families and Lines: An Informal View . ...... 23 2.2. Axiomatization of Software Product Family Concepts . ...... 30 2.2.1. Preliminaries: Algebraic Specification . 31 2.2.2. Operations for Constructing a Software Product Family . 32 2.2.2.1. Core Assets and Neutral Element . 33 2.2.2.2. Composition . 35 2.2.2.3. Variation Points and Variants . 35 2.2.2.4. Example: A Product Family of Stickmen Drawings 39 2.2.3. Axioms, Properties and Auxiliary Operations . 43 2.2.3.1. Axioms for Constructors . 43 2.2.3.2. Term Normal Form of Product Families . 46 2.2.3.3. Configuration: Derivation of Products . 60 2.2.3.4. Properties of the Variants Operator . 65 2.2.3.5. Sub-Families . 67 2.2.3.6. Products ........................ 70 2.2.3.7. Common Parts . 72 v 2.2.3.8. Optional and Mandatory Parts . 75 2.2.3.9. Evolution of Software Product Families . 81 2.2.3.10. A General Variants Operator for n Variants . 85 2.2.4. Complete Algebraic Specification of the Sort SPF α ..... 88 2.3. Modeling Dependencies in Software Product Families . ....... 92 2.4. Discussion................................. 97 2.4.1. On the Choice of an Algebraic Specification . 97 2.4.2. Structural Similarity to an AND/OR-Tree ........... 99 2.4.3. Combining the Axiomatization with a Type System . 100 2.5. RelatedWork............................... 101 3. PF-CCS: Product Family CCS 109 3.1. SyntaxofPF-CCS ............................ 111 3.1.1. Well-formed PF-CCS programs. 116 3.2. SemanticsofaPF-CCSProgram . 121 3.2.1. Flat Semantics . 121 3.2.2. Unfolded Semantics . 125 3.2.3. Configured-transitions Semantics . 139 3.3. DesignDecisionsforPF-CCS . 147 3.4. PracticabilityofPF-CCS . 150 3.4.1. Value-Passing PF-CCS . 150 3.4.2. Placing PF-CCS in the Development Process . 151 3.5. RelatedWork............................... 155 4. Verifying Properties of PF-CCS Software Product Families 159 4.1. The Multi-Valued Modal µ-calculus................... 162 4.1.1. Syntax of the Multi-Valued Modal µ-Calculus . 163 4.1.2. Semantics of the Multi-Valued Modal µ-Calculus . 164 4.1.3. Correctness of the Provided Semantics . 172 4.2. ModelChecking.............................. 177 4.3. Example: Verifying a Family of Windscreen Wipers . 180 4.3.1. Specification of the Product Family of Windscreen Wipers .