Compositional verification of model-level refactorings based on graph transformations

With the success of model-driven development as well as component-based and service-oriented systems, models of software architecture are key artifacts in the development process. To adapt to changing requirements and improve internal software quality such models have to evolve while preserving aspects of their behaviour. These behaviour preserving developments are known as refactorings. The verification of behaviour preservation requires formal semantics, which can be defined by model transformation, e.g., using process algebras as semantic domain for architectural models. Denotational semantics of programming languages are by definition compositional. In order to enjoy a similar property in the case of model transformations, every component of the source model should be distinguishable in the target model and the mapping compatible with syntactic and semantic composition. To avoid the costly verification of refactoring steps on large systems and create refactoring patterns we present a general method based on compositional typed graph transformations. This method allows us to extract a (usually much smaller) rule from the transformation performed, verify this rule instead and use it as a refactoring pattern in other scenarios. The main result of the thesis shows that the verification of rules is indeed sufficient to guarantee the desired semantic relation between source and target models. A formal definition of compositionality for mappings from software models represented as typed graphs to semantic domains is proposed. In order to guarantee compositionality, a syntactic criterion has been established for the implementation of the mappings by typed graph transformations with negative application conditions. We apply the approach to the refactoring of architectural models based on UML component, structure, and activity diagrams with CSP as semantic domain.