1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ.

Slides:

Advertisements

Similar presentations

Model checking with Message Sequence Charts Doron Peled Collaborators: R. Alur, E. Gunter, G. Holzmann, A. Muscholl, Z. Su Department of Computer Science.

Advertisements

Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,

Modular Processings based on Unfoldings Eric Fabre & Agnes Madalinski DistribCom Team Irisa/Inria UFO workshop - June 26, 2007.

Lecture 24 MAS 714 Hartmut Klauck

Concurrent Operational Semantics of Safe Time Petri Nets Claude Jard European University of Brittany, ENS Cachan Bretagne, IRISA Campus de Ker-Lann,

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

A university for the world real R © 2009, Chapter 3 Advanced Synchronization Moe Wynn Wil van der Aalst Arthur ter Hofstede.

Distributed Markov Chains P S Thiagarajan School of Computing, National University of Singapore Joint work with Madhavan Mukund, Sumit K Jha and Ratul.

1 1 Regression Verification for Multi-Threaded Programs Sagar Chaki, SEI-Pittsburgh Arie Gurfinkel, SEI-Pittsburgh Ofer Strichman, Technion-Haifa Originally.

1 Decomposition of Message Sequence Charts Loïc Hélouët, Pierre Le Maigat SAM 2000.

Introduction to Graph “theory”

Snap-stabilizing Committee Coordination Borzoo Bonakdarpour Stephane Devismes Franck Petit IEEE International Parallel and Distributed Processing Symposium.

Deterministic Negotiations: Concurrency for Free Javier Esparza Technische Universität München Joint work with Jörg Desel and Philipp Hoffmann.

SYMBOLIC MODEL CHECKING: STATES AND BEYOND J.R. Burch E.M. Clarke K.L. McMillan D. L. Dill L. J. Hwang Presented by Rehana Begam.

Semantic Translation of Simulink/Stateflow Models to Hybrid Automata using Graph Transformations A. Agarwal, Gy. Simon, G. Karsai ISIS, Vanderbilt University.

Requirements on the Execution of Kahn Process Networks Marc Geilen and Twan Basten 11 April 2003 /e.

1 Introduction to Computability Theory Lecture12: Decidable Languages Prof. Amos Israeli.

Logic Based LSC Consistency Testing Presenter: Anup Niroula.

Model checking dynamic states in GROOVE Arend Rensink Formal Methods and Tools University of Twente.

1 Synchronization strategies for global computing models Ivan Lanese Computer Science Department University of Bologna.

Causality Interface  Declares the dependency that output events have on input events.  D is an ordered set associated with the min ( ) and plus ( ) operators.

Firewall Policy Queries Author: Alex X. Liu, Mohamed G. Gouda Publisher: IEEE Transaction on Parallel and Distributed Systems 2009 Presenter: Chen-Yu Chang.

Models of Computation for Embedded System Design Alvise Bonivento.

1 Ivan Lanese Computer Science Department University of Bologna Italy Concurrent and located synchronizations in π-calculus.

Presenter: PCLee Design Automation Conference, ASP-DAC '07. Asia and South Pacific.

Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

Maria-Cristina Marinescu Martin Rinard Laboratory for Computer Science Massachusetts Institute of Technology A Synthesis Algorithm for Modular Design of.

Behaviour-Preserving Model Transformation Arend Rensink, University of Twente IPA Spring Days, 18 April 2012.

An Information Theory based Modeling of DSMLs Zekai Demirezen 1, Barrett Bryant 1, Murat M. Tanik 2 1 Department of Computer and Information Sciences,

Course Outline DayContents Day 1 Introduction Motivation, definitions, properties of embedded systems, outline of the current course How to specify embedded.

Chapter 4 System Models A description of the various models that can be used to specify software systems.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Requirements Engineering Processes l Processes used to discover, analyse and.

AToM 3 : A Tool for Multi- Formalism and Meta-Modelling Juan de Lara (1,2) Hans Vangheluwe (2) (1) ETS Informática Universidad Autónoma de Madrid Madrid,

Assessing the Suitability of UML for Modeling Software Architectures Nenad Medvidovic Computer Science Department University of Southern California Los.

SOFTWARE DESIGN AND ARCHITECTURE LECTURE 21. Review ANALYSIS PHASE (OBJECT ORIENTED DESIGN) Functional Modeling – Use case Diagram Description.

Dart: A Meta-Level Object-Oriented Framework for Task-Specific Behavior Modeling by Domain Experts R. Razavi et al..OOPSLA Workshop DSML‘ Dart:

Synthesis for Concurrent Models Anca Muscholl LIAFA, Univ. Paris 7 Dagstuhl, June 2005 joint work with Blaise Genest (Warwick, UK)

Formalizing the Asynchronous Evolution of Architecture Patterns Workshop on Self-Organizing Software Architectures (SOAR’09) September 14 th 2009 – Cambrige.

Object Management Group (OMG) Specifies open standards for every aspect of distributed computing Multiplatform Model Driven Architecture (MDA)

Validated Model Transformation Tihamér Levendovszky Budapest University of Technology and Economics Department of Automation and Applied Informatics Applied.

Ivan Lanese Computer Science Department University of Bologna/INRIA Italy Amending Choreographies Joint work with Fabrizio Montesi and Gianluigi Zavattaro.

Compactly Representing Parallel Program Executions Ankit Goel Abhik Roychoudhury Tulika Mitra National University of Singapore.

Chapter 7 System models.

Ch. 2. Specification and Modeling 2.1 Requirements Describe requirements and approaches for specifying and modeling embedded systems. Specification for.

CS 415 – A.I. Slide Set 5. Chapter 3 Structures and Strategies for State Space Search – Predicate Calculus: provides a means of describing objects and.

Sommerville 2004,Mejia-Alvarez 2009Software Engineering, 7th edition. Chapter 8 Slide 1 System models.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 14 Slide 1 Object-oriented Design.

C. André, J. Boucaron, A. Coadou, J. DeAntoni,

Correct-by-construction asynchronous implementation of modular synchronous specifications Jacky Potop Benoît Caillaud Albert Benveniste IRISA, France.

Internal Talk, Oct Executable Specifications using Message Sequence Charts Abhik Roychoudhury School of Computing National University of Singapore.

A Logic of Partially Satisfied Constraints Nic Wilson Cork Constraint Computation Centre Computer Science, UCC.

- 1 -  P. Marwedel, Univ. Dortmund, Informatik 12, 05/06 Universität Dortmund Validation - Formal verification -

Lecture 5 1 CSP tools for verification of Sec Prot Overview of the lecture The Casper interface Refinement checking and FDR Model checking Theorem proving.

Course: COMS-E6125 Professor: Gail E. Kaiser Student: Shanghao Li (sl2967)

FDT Foil no 1 MSC Structuring MSCs Using Message Sequence Charts for real systems.

Products of MSC-Graphs Philippe Darondeau Blaise Genest Loïc Hélouët IRISA Laboratory / CNRS&INRIA Rennes, France.

Concepts and Realization of a Diagram Editor Generator Based on Hypergraph Transformation Author: Mark Minas Presenter: Song Gu.

Chapter 15 P, NP, and Cook’s Theorem. 2 Computability Theory n Establishes whether decision problems are (only) theoretically decidable, i.e., decides.

Andrey Karaulov, Alexander Strabykin Institute for System Programming Russian Academy of Sciences SYRCoSE: Spring Young Researchers Colloquium on Software.

Algorithms and Decision Procedures for Regular Languages Chapter 9.

Beyond Scenarios: Generating State Models from Use Cases An approach for the synthesis of State transition graphs from Use Cases Supporting Use Cases Based.

Covert channels detection in protocols using scenarios Loïc HélouëtINRIA Rennes SAM2004.

Rewriting Nested Graphs, through Term Graphs Roberto Bruni, Andrea Corradini, Fabio Gadducci Alberto Lluch Lafuente and Ugo Montanari Dipartimento di Informatica,

Chapter 5 Relations and Operations

Polynomial analysis algorithms for free-choice workflow nets

Why Study Automata? What the Course is About Administrivia

Coordination and conversation protocols in open multi-agent systems

Model Transformation with the Ptera Controller

Presentation transcript:

1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ. Rennes) Campus de Beaulieu, F RENNES, France.

2 Motivations n Formal methods and tools to improve the development process of (distributed) software n Need to instrument at early stages of the development n Interest of graphical scenario languages like Message Sequence Charts in the SDL framework or Sequence Diagrams of the popular Unified Modelling Language n Problems with their formal semantics n Problems with their declarative (high-level) nature : Normal forms ? State-finiteness ? Executability ?

3 Contributions n Partial-order semantics of the High-level Message Sequence Charts (HMSC is the ITU/Z.120 standard) n Effective notion of equivalence based on event- structures and graph-grammars n Normal form of HMSCs n Towards new efficient methods : to decide divergence, to simulate and to check properties

4 Outline n MSC et HMSC n Event structures n Partial order semantics of HMSC n Covering graphs of event structures n Graph grammars n Regularity of graph grammars n Equivalence n Applications n Conclusion and perspectives

5 Basic Message Sequence Charts (BMSC) n Instances, events and messages n Ordering of events : due to sequentiality of instances due to message causality Partial order M= ( E,<, ,A,I ) E : events < : causal ordering  : labelling of events  : E -> A x I A : action names I : instance names

6 High-level Message Sequence Charts (HMSC) n Hierarchical graph of MSCs n Sequence, choice and loop operators n Non-deterministic choice n Sequence is communication-closed but without synchronization

7 Sequencing Instance by instance, maximal events of the first HMSC are linked to the minimal events of the second HMSC

8 Choice : union of scenarios

9 Recursion (unfolding)

10 Specifications which are not implementable Non-local choices Divergence

11 Infinite family of partial orders n Paths of the HMSC graph form (generally) an infinite family of partial orders n This family can be uniquely represented by an event structure (communication closed assumption)

12 Event structures n Compact representation of partial order families. Used in concurrency theory ES = (E, <, #, , A, I ) E : events < : partial order (causality) # : conflict relation (symmetric, inherited by causality)  : labelling

13 Reduction to minimal conflicts

14 From HMSCs to event structures n Sequencing : as for partial orders; conflicts are inherited n Choice : creates new conflicts n Recursion : unfolding

15 HMSC partial order semantics n HMSC Semantics = the corresponding event structure n Strong notion of equivalence given by isomorphism of event structures n Isomorphism of (infinite) graphs can be computed using graph grammars [Caucal 92] such that : the graph is regular the graph is finitely branching n Based on the computation of normal forms of the grammars

16 Non regular specifications

17 Irregular graphs Cannot be represented by a graph grammar

18 Covering graphs with conflict inheritance edges

19 Transformation into a regular graph

20 Graph grammar n Hyperarc : s 1....s n n Hypergraph : Graph + hyperarcs n Rule : (Hyperarc, Hypergraph) n Graph grammar = G = (Axiom,Rules)

21 Graph rewriting

22 From HMSCs to graph grammars (ends)

23 From HMSCs to graph grammars (sequence)

24 From HMSCs to graph grammars (choice)

25 From HMSCs to graph grammars (recursion)

26 From HMSCs to graph grammars (conflict inheritance arcs) Context management

27 Example (HMSC)

28 Example (graph grammar)

29 Example (graph grammar)

30 Properties of covering graphs n Covering graphs with inheritance edges are regular (can be finitely described by graph grammars) n Branching of conflicts is finite n Branching of causality is generally infinite n But ignoring them preserves the isomorphism of the event structures (the infinite branching can be reconstructed from the simplified graph)

31 Decision of equivalence n Let us consider two HMSCs H1 and H2 ¬ Compute their graph grammars G1 and G2 Replace the inheritance edges that are not made from choice to choice by the corresponding conflicts (minimization of basic event structures) ® Compute grammars G’1 and G’2 by eliminating redundancies (to avoid global optimization) ¯ Compute FBG1 and FBG2 by eliminating infinite branchings within G’1 and G’2 ° Compute FNG1 and FNG2, the normal forms of FBG1 and FBG2 n If FBG1 and FBG2 have the same normal forms up to a renaming, then H1 and H2 are equivalent

32 Normal forms n Global transformation to ensure a certain distance between the hyperarcs n Polynomial A rule which is not normalized

33 Example of two equivalent HMSCs

34 Their covering graph

35 Decision of divergence An HMSC is not divergent iff the communication graph of each simple loop is symmetric Can be computed on the graph grammar by finite rewriting

36 Summary n Towards formal manipulations of scenario languages n Partial order semantics of the HMSC standard n Equivalence defined as a structure isomorphism n Use of graph grammars and of recent decision algorithms ftp://ftp.inria.fr/INRIA/publication/RR/RR-3499.ps.gz

37 Perspectives n Short term : Implementation Weaker notions of equivalence Animation (using normal forms) n Middle term : HMSCs with values Parallel composition Integration in the UML meta-model n Long term : Decision of properties Quantitative analysis using Max + techniques Generation of squeletons, protocol synthesis