Learning-Based Compositional Model Checking of Behavioral UML Systems ⋆ Yael Meller 1 , Orna Grumberg 1 , and Karen Yorav 2 1 CS Department, Technion, Israel, 2 IBM Research, Haifa, Israel {ymeller,orna}@cs.technion.ac.il yorav@il.ibm.com Abstract. This work presents a novel approach for applying compositional model checking of behavioral UML models, based on learning. The Unified Modeling Language (UML) is a widely accepted modeling language for em- bedded and safety critical systems. As such the correct behavior of systems represented as UML models is crucial. Model checking is a successful auto- mated verification technique for checking whether a system satisfies a de- sired property. However, its applicability is often impeded by its high time and memory requirements. A successful approach to tackle this limitation is compositional model checking. Recently, great advancements have been made in this direction via automatic learning-based Assume-Guarantee rea- soning. In this work we propose a framework for automatic Assume-Guarantee reasoning for behavioral UML systems. We apply an off-the-shelf learn- ing algorithm for incrementally generating environment assumptions that guarantee satisfaction of the property. A unique feature of our approach is that the generated assumptions are UML state machines. Moreover, our Teacher works at the UML level: all queries from the learning algorithm are answered by generating and verifying behavioral UML systems. 1 Introduction This work presents a novel approach for learning-based compositional model checking of behavioral UML systems. Our work focuses on systems that rely on UML state machines, a standard graphical language for modeling the behavior of event-driven software components. The Unified Modeling Language (UML)[3] is becoming the dominant modeling language for specifying and constructing em- bedded and safety critical systems. As such, the correct behavior of systems rep- resented as UML models is crucial and model checking techniques applicable to such models are required. Model checking [7] is a successful automated verification technique for check- ing whether a given system satisfies a desired property. The system is usually described as a finite state model such as a state transition graph, where nodes represent the current state of the system and edges represent transitions of the system from one state to another. The specification is usually given as a temporal logic formula. The model checking algorithm traverses all of the system behaviors (i.e., paths in the state transition graph), and either concludes that all system ⋆ This is an extended version including full proofs of [22] Technion - Computer Science Department - Technical Report CS-2015-05 - 2015