Internal Talk, Oct 1 2002 Executable Specifications using Message Sequence Charts Abhik Roychoudhury School of Computing National University of Singapore.

Slides:



Advertisements
Similar presentations
© 2005 by Prentice Hall Appendix 3 Object-Oriented Analysis and Design Modern Systems Analysis and Design Fourth Edition Jeffrey A. Hoffer Joey F. George.
Advertisements

Model checking with Message Sequence Charts Doron Peled Collaborators: R. Alur, E. Gunter, G. Holzmann, A. Muscholl, Z. Su Department of Computer Science.
Design by Contract.
Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,
Global States.
UML State chart/machine diagram State machine diagram is a behavior diagram which shows discrete behavior of a part of designed system through finite state.
ES Seminar1 Communicating Transaction Processes P.S. Thiagarajan National University of Singapore Joint Work with: Abhik Roychoudhury; ……
Models of Concurrency Manna, Pnueli.
Lei Bu Message Sequence Chart. MSCs Message sequence chart (MSC) is a graphical and textual language for the description and specification of the interactions.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
Activity Diagrams. Recap Activity Diagrams – When to use? – Where? – Nodes – Edges – More to come …. 2.
ESE Einführung in Software Engineering 7. Modeling Behaviour Prof. O. Nierstrasz.
CS542 Topics in Distributed Systems Diganta Goswami.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
© 2006 ITT Educational Services Inc. SE350 System Analysis for Software Engineers: Unit 9 Slide 1 Appendix 3 Object-Oriented Analysis and Design.
Run Time Monitoring of Reactive System Models Mikhail Auguston Naval Postgraduate School Mark Trakhtenbrot Holon Academic Institute of.
1 Towards formal manipulations of scenarios represented by High-level Message Sequence Charts Loïc Hélouet Claude Jard Benoît Caillaud IRISA/PAMPA (INRIA/CNRS/Univ.
CPSC 668Set 14: Simulations1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
Object-Oriented Analysis and Design
Logic Based LSC Consistency Testing Presenter: Anup Niroula.
1 Complexity of Network Synchronization Raeda Naamnieh.
Ordering and Consistent Cuts Presented By Biswanath Panda.
Constraint Logic Programming Ryan Kinworthy. Overview Introduction Logic Programming LP as a constraint programming language Constraint Logic Programming.
CPSC 668Set 16: Distributed Shared Memory1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
System behaviors: state machine diagrams
THE OBJECT-ORIENTED DESIGN WORKFLOW Statechart Diagrams.
Lecture 12 Synchronization. EECE 411: Design of Distributed Software Applications Summary so far … A distributed system is: a collection of independent.
SE-565 Software System Requirements More UML Diagrams.
Software Design Processes and Management
State and Sequence Diagrams Modelling dynamic information So far we have seen: Use Case Diagrams – requirements capture, interface.
Lecture 4 Finite State Machine CS6133 Software Specification and Verification.
Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.
UML Collaboration Diagram. Recap System Sequence Diagrams (SSD) UML for SSD Examples.
Class, Sequence and UML Model.  Has actors and use cases.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 8: Modelling Interactions and Behaviour.
Modeling Process CSCE 668Set 14: Simulations 2 May be several algorithms (processes) runs on each processor to simulate the desired communication system.
Dynamic Analysis of Multithreaded Java Programs Dr. Abhik Roychoudhury National University of Singapore.
Compactly Representing Parallel Program Executions Ankit Goel Abhik Roychoudhury Tulika Mitra National University of Singapore.
Interaction Models (2): Sequence Diagrams Extracted from textbook: Object Oriented Modeling and Design with UML M. Blaha, J. Rumbaugh 1.
Ch. 2. Specification and Modeling 2.1 Requirements Describe requirements and approaches for specifying and modeling embedded systems. Specification for.
Interacting Process Classes Abhik Roychoudhury National University of Singapore Joint work with Ankit Goel and P.S. Thiagarajan.
Lecture 18: Object-Oriented Design – Interaction and State Diagrams Anita S. Malik Adapted from Schach (2004) Chapter 12.
Lamport’s Logical Clocks & Totally Ordered Multicasting.
1 Qualitative Reasoning of Distributed Object Design Nima Kaveh & Wolfgang Emmerich Software Systems Engineering Dept. Computer Science University College.
Course Instructor: Kashif Ihsan 1. Chapter # 3 2.
Interaction Diagrams Interaction Diagrams allow the designer to show how groups of objects collaborate in some behavior. –Interaction Diagrams will show.
By: David Harel & Eran Grey Presenter: Elizabeth Antony CISC 836.
Object Oriented Analysis & Design & UML (Unified Modeling Language)1 Part VI: Design Continuous Activity Diagams State Diagrams.
CS212: Object Oriented Analysis and Design Lecture 34: UML Activity and Collaboration diagram.
School of Computer Science, The University of Adelaide© The University of Adelaide, Control Data Flow Graphs An experiment using Design/CPN Sue Tyerman.
Chapter 3: Introducing the UML
UML for Behavior-Oriented Multi-Agent Simulations Christoph Oechslein, Franziska Klügl, Rainer Herrler, and Frank Puppe University Würzburg, Germany.
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 16: Distributed Shared Memory 1.
Logical Clocks. Topics r Logical clocks r Totally-Ordered Multicasting.
Model Checking Lecture 1. Model checking, narrowly interpreted: Decision procedures for checking if a given Kripke structure is a model for a given formula.
Ordering of Events in Distributed Systems UNIVERSITY of WISCONSIN-MADISON Computer Sciences Department CS 739 Distributed Systems Andrea C. Arpaci-Dusseau.
 Activity diagram is basically a flow chart to represent the flow from one activity to another activity.
1 Chapter 11 Global Properties (Distributed Termination)
Introduction to distributed systems description relation to practice variables and communication primitives instructions states, actions and programs synchrony.
Interaction Models (2): Activity Diagrams Extracted from textbook: Object Oriented Modeling and Design with UML M. Blaha, J. Rumbaugh.
Fundamentals of Fault-Tolerant Distributed Computing In Asynchronous Environments Paper by Felix C. Gartner Graeme Coakley COEN 317 November 23, 2003.
Distributed Systems Lecture 6 Global states and snapshots 1.
The Echo Algorithm The echo algorithm can be used to collect and disperse information in a distributed system It was originally designed for learning network.
Activity Diagram.
Business System Development
UML Diagrams: Sequence Diagrams Dynamic Analysis Model
Compilers Principles, Techniques, & Tools Taught by Jing Zhang
Abstraction.
Appendix 3 Object-Oriented Analysis and Design
Presentation transcript:

Internal Talk, Oct Executable Specifications using Message Sequence Charts Abhik Roychoudhury School of Computing National University of Singapore

Internal Talk, Oct MSCs – What Depict scenarios in system exection. Used to specify requirements in early stages of system design. A MSC depicts only a possible scenario of system behavior.

Internal Talk, Oct MSC - Visually req acknack addr val CPUmem CPU Mem MSC 1 MSC 2

Internal Talk, Oct Concurrency modeling Depicts concurrently executing processes (the vertical lines). Processes communicate via a explicit message passing (instead of shared variables). Realistic MSCs will also contain data attributes as part of the exchanged msg

Internal Talk, Oct Message Attributes req ack Addr(a) v := lookup(a) val(v) CPUMem

Internal Talk, Oct Internal Computations req ack Addr(a) v := lookup(a) val(v) CPUMem Internal Action

Internal Talk, Oct MSC – (Very) Basics Time flows from top to bottom in each process. Message exchange shown by horizontal lines. Each process in the MSC is assumed to contain message queues to store incoming messages. The message queues contribute to the global state of the system. If the data in messages come from a finite domain, then we identify a finite set of messages exchanged, called M.

Internal Talk, Oct MSC -formally P : set of processes M: set of messages A : set of internal actions E : set of events. Mapped to  P  P  M  P  A <, a partial order on events. We will consider the “Visual Order” for these purposes …

Internal Talk, Oct MSC order Intuitively, a “happens-before” relation between events. e < e’ if the MSC requires e to happen before e’ If e, e’ occur in the same process and e occurs above e’ then e < e’ If e, e’ are the send and receive of the same message then e < e’ These orderings constitute the visual order. Think of our partial order as the transitive closure of the visual order.

Internal Talk, Oct Combining MSCs Models a single scenario and states its possible execution in the system implementation. How could we use MSCs to model the behavior of a concurrent system ? One attempt is to describe the system behavior as a graph of MSCs. Each node of this graph is a MSC. We call such graphs as Message Sequence Graphs (MSG).

Internal Talk, Oct MSG - Visually req ack addr val nack M1 M2 M3

Internal Talk, Oct Choice and Concatenation Choice of scenarios at a certain point in system execution modeled by several outgoing branches M1  M2 and M1  M3 Concatenation of MSCs (by following the edges in the MSG) produces infinite execution traces. Client Server

Internal Talk, Oct More on concatenation Synchronous concatenation All processes synchronize at the end of each MSC (a node of the MSG) For any edge M1  M2 All events in M1 happen before all events in M2 Costly to implement since the natural control flow in a process is disrupted by the termination of a MSC (requiring handshake with other processes).

Internal Talk, Oct Synchronous concatenation s1 r1 s2 r2 s1 < r1 < s2 < r2

Internal Talk, Oct An alternative concentation Asynchronous concatenation If M1  M2 is an edge in the MSG, then concatenate M1 and M2 process by process If a process finishes its role in M1 ahead of others, it can start executing M2 Amenable to efficient distributed implementation.

Internal Talk, Oct Asynchronous concatenation s1 r1 s2 r2 s1 < r1 s2 < r2 s1 < s2 Is r1 < s2 ??

Internal Talk, Oct Unboundedness of queues p q Message queue of q can grow unboundedly. Model Checking will be applicable to only “Bounded MSGs”.

Internal Talk, Oct Hierarchical MSC (HMSC) Improves MSGs by incorporating hierarchy. A graph, each node of which is: a Message Sequence Chart, or a HMSC Clearly a MSG can appear as a node of HMSC. Different nodes in the graph can be labeled by the same HMSC The HMSC is like a subprogram which is invoked in various contexts.

Internal Talk, Oct HMSC example Th1CPU Th2 CPU-Mem MSG data Th1 CPU CPU-Mem MSG can be invoked in another context involving thread Th2.

Internal Talk, Oct MSG - Recap req ack addr val nack M1 M2 M3

Internal Talk, Oct Need for Universal Charts req ack addr val nack M1 M2 M3 Mem.busy  Mem.busy Mem CPU MemCPU Mem

Internal Talk, Oct A Universal chart CPU Mem nack 1. Mem.busy is the activation condition (AC) 2. If the AC holds, then this chart must be executed. 3. But the AC need not be true in every execution. Mem.busy

Internal Talk, Oct Semantics of universal charts A chart only constrains events and variables appearing in the chart. A system execution trace  = s 0  s 1  … satisfies a universal chart M iff  positions I s I l= AC(M)   I |= M, that is  I = s I s I+1 …. contains a linearization of the events in M Events not in M may appear in  I A system satisfies a universal chart M if all its execution traces satisfy M.

Internal Talk, Oct Pre-charts The trigger of a universal chart need simply be an activation condition. Can be an activation message: when it is received the chart is required to be activated. Can even be another full blown chart (a pre-chart). This chart can contain msg send/recv, conditions. Once the pre-chart is executed, the universal chart is required to follow.

Internal Talk, Oct Example of Pre-chart Mem.busy = true req CPU Mem nack Pre-chart Univ. chart Concatenation CPUMem

Internal Talk, Oct What kind of Concatenation ? Live Sequence Charts (LSC) [Damm and Harel] Synchronous concatenation The pre-chart/activation condition must be completely executed before the universal chart can initiate. Still allows for several active copies of pre(M).M e.g. pre(M) may be activated while M is still executing.

Internal Talk, Oct What kind of Concatenation ? Cyclic Transaction Processes (CTP) Universal charts triggered by activation conditions. Activation condition may involve variables of diff. processes. A process can initiate its role in the chart once the condition on its variables is evaluated to true. Other important differences with LSC formalism …

Internal Talk, Oct Distributed Activation Cond. pqr Reset(r.b) m1 m2 AC(M) = p.a  r.b r can start even when p has not started. …

Internal Talk, Oct Requirements or Exec. spec ? A universal chart denotes a safety property that the actual system must satisfy. Can be seen as a requirement with “must” flavor. Possible to enforce it on system executions by monitoring for the occurrence of its pre-chart. LSC spec. used for monitoring/testing/simulating an executable model early in the design cycle. How do we obtain a high-level executable specification directly based on MSCs ?

Internal Talk, Oct LSC-like executable specifications A collection of universal charts {M 1, …, M k } Each chart has activation condition AC( M i ) M i becomes active when AC(M i ) becomes true. Several charts may be active simultaneously. At any point in execution, no event occurs unless it is required to occur by the. Can use this executable model to check for inconsistencies in the LSC spec. itself !

Internal Talk, Oct Checking for inconsistencies m1 Pre-chart The two universal charts are inconsistent. a b b a

Internal Talk, Oct Control flow in LSC Intra-process control flow is completely implicit in an LSC based executable specification. Raises efficiency issues in implementation, since: Processes need to handshake at the end of a pre- chart. Need a global watchdog which always monitors for pre-charts of any Univ. chart being initiated. Can we make these decisions (initiation/termination of pre-charts) local to a process ?

Internal Talk, Oct Adding Per-process Control flow Describe the control flow in each process by giving the sequence of univ. charts it participates in Can start with a simple cyclic control flow (CTP) A process initiates a chart when its activation condition is true. A process leaves a chart when its role is finished. A transition in local control state s p  s p ’ in process p takes place by executing a universal chart.

Internal Talk, Oct Transaction scheme A transition s p  s p ’ in process p involves a non- trivial interaction of p with other processes q,r… Depending on the local variable values in p,q,r… the interaction may be different. Captured by a choice of universal charts G p  G q  Univ. Chart 1 G p ’  G q ’  Univ. Chart 2 This choice is not non-deterministic. Resolved at run- time by either of the guards being true.

Internal Talk, Oct References LSCs: Breathing Life into Message Sequence Charts Damm and Harel, Formal Methods in System Design, Vol. 19, pages 45-80, Model Checking of Message Sequence Charts Alur and Yannakakis, Proceedings of CONCUR, Communicating Transaction Processes, Roychoudhury and Thiagarajan, International Conf. on Applications of Concurrency in System Design (ACSD) 2003.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.