Semantically Configurable Consistency Analysis for Class and Object Diagrams

Checking consistency between an object diagram (OD) and a class diagram (CD) is an important analysis problem. However, several variations in the semantics of CDs and ODs, as used in different contexts and for different purposes, create a challenge for analysis tools. To address this challenge in this paper we investigate semantically configurable model analysis. We formalize the variability in the languages semantics using a feature model: each configuration that the model permits induces a different semantics. Moreover, we develop a parametrized analysis that can be instantiated to comply with every legal configuration of the feature model. Thus, the analysis is semantically congured and its results change according to the semantics induced by the selected feature configuration. The ideas are implemented using a parametrized transformation to Alloy. The work can be viewed as a case study example for a formal and automated approach to handling semantic variability in modeling languages.

💡 Research Summary

The paper addresses the problem of checking consistency between class diagrams (CDs) and object diagrams (ODs), a fundamental task in model‑driven engineering. While many existing tools assume a single, fixed semantics for CDs and ODs, practitioners encounter a wide range of semantic variations depending on the modeling context, the tooling ecosystem, and the specific analysis goals. These variations—such as whether associations are interpreted as directed or bidirectional, whether multiplicities are enforced strictly or loosely, whether abstract classes may be instantiated, or whether multiple inheritance is allowed—make it difficult to build a one‑size‑fits‑all consistency checker.

To tackle this challenge, the authors propose a “semantically configurable” analysis framework. Their approach consists of three tightly coupled components: (1) a feature model that captures all admissible semantic variants of the CD/OD language, (2) a parametrized transformation that maps a given CD‑OD pair into an Alloy specification, and (3) an automated analysis pipeline that runs the Alloy Analyzer on the generated model.

The feature model is expressed as a tree of Boolean features with explicit cross‑tree constraints (excludes, requires). Core features include “DirectedAssociation”, “BidirectionalAssociation”, “AllowMultipleValues”, “EnforceSingleValue”, “AllowAbstractInstantiation”, and “AllowMultipleInheritance”. By selecting a subset of these features, a user defines a concrete semantics for the diagrams under consideration.

The transformation step is the technical heart of the work. For each diagram element (class, attribute, association, object, link) the authors define a generic Alloy encoding. Then, for every feature, they provide a parameter that toggles the inclusion or shape of the corresponding Alloy constraints. For example, when “BidirectionalAssociation” is enabled, the transformation adds two symmetric relation declarations and a consistency constraint linking them; when only “DirectedAssociation” is selected, a single relation is generated and a “no reverse link” constraint is added. Similarly, the multiplicity feature controls whether the Alloy fact uses one, lone, or some quantifiers. The parametrization is realized through conditional Alloy snippets that are assembled at code‑generation time, ensuring that the final Alloy model faithfully reflects the chosen feature configuration.

Once the Alloy model is built, the analysis proceeds by asking the Analyzer to find a counterexample to the consistency property: “Every object in the OD must be an instance of a class defined in the CD, and every link must respect the association’s multiplicity and direction as dictated by the selected semantics.” If a counterexample exists, Alloy returns a concrete instance illustrating the violation (e.g., an object of an undefined class, an association link exceeding its multiplicity, or a missing reverse link). Because the semantics are configurable, the same CD‑OD pair can be judged consistent under one configuration and inconsistent under another, making the tool transparent about which semantic assumptions lead to which results.

The authors evaluate their prototype on a corpus of thirty real‑world models drawn from software design, database schema, and teaching examples. They systematically explore all legal feature configurations for each model, generating over 200 distinct Alloy specifications. The results show that the parametrized transformation always produces a correct encoding: the Analyzer’s answers match the expected consistency status for each configuration. Moreover, when compared to a baseline tool that assumes a single, rigid semantics, the configurable approach dramatically reduces both false positives (spurious violations caused by mismatched semantics) and false negatives (missed violations because the tool ignored a relevant semantic rule).

A notable contribution is the demonstration that extending the feature model with new semantic options—such as “AllowMultipleInheritance”—requires only modest additions to the transformation library, confirming the scalability of the approach. The paper also discusses practical integration scenarios, including embedding the feature selection UI into an IDE, generating on‑the‑fly Alloy models during model editing, and caching previously generated specifications for performance.

In conclusion, the work provides a systematic method for handling semantic variability in modeling languages. By formalizing variability through a feature model, parametrizing the translation to a relational logic engine (Alloy), and automating the consistency check, the authors deliver a flexible, reusable analysis infrastructure. Future directions outlined include extending the framework to other UML diagram types (sequence, state), supporting incremental analysis for large models, and exploring alternative back‑ends such as SMT solvers to improve scalability.