Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.

Published byBritton Morgan Modified over 9 years ago

Similar presentations

Presentation on theme: "An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003."— Presentation transcript:

1 An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003

2 2 Outline Motivation Event traces Problem Our approach Implementation Case study Conclusions and extensions

3 3 Motivation Analysis of distributed systems is complex and costly  Asynchrony  Lack of global timing  Absence of reference specification A practical solution is to instrument the system to generate traces of events that can be visualized and analyzed further This solution can be used to debug the system  During development  After deployment

4 4 Visualization Vs Analysis Tools  elaborate ad-hoc algorithms  more efficiency  more efforts  reuse an existing model checker  more expressiveness  less efforts Analysis Tools Monitoring Tool Trace distributed system of processes Event... Event Visualization Tools Visualization tools facilitate the manual inspection of collected traces Analysis tools automate the verification of properties in the traces

5 5 Trace Analysis Problem Given  A distributed system under test (SUT)  Some properties Verify whether the SUT satisfies the properties Solution  Monitor the SUT and collect an execution trace  Model the collected trace  Use an existing model checker to verify the properties

6 6 Trace Distributed processes generate local traces  Local events: state update, parameter change  Communication events: message exchange, RMI, RPC Local traces are sequential Communication  Asynchronous: send and receive events  Synchronous: rendezvous events Point-to-point communication  Each message has a send and a receive in the trace  Each rendezvous involves at least two parties

7 7 Event Traces Event ordering induced by local orders  i and point-to- point communication A trace is a partially ordered set E of all events Causality relation on events   If a  i b then a  b  for every message m, send(m)  receive(m)   is transitive: If a  b and b  c then a  c Event trace a tuple of local traces with an irreflexive causality relation on all events

8 8 Lattice of Ideals Offers an efficient way to check properties n1 = 3 pr1 pr2 n2 = 6 n1 = 4 n2 = 4 n1 = 5 n2 = 2 m1 m3 m2 time Encodes all the possible linearizations of E

9 9 Problem Given  An event trace of a distributed system  A set of properties How to build the lattice of ideals to verify the properties?  Monolithic approach  build the lattice explicitly  use a model checker  Modular approach  model the event trace as a system of communicating automata  build the composition of automata  prove it is isomorphic to the lattice

10 10 Our Approach We use finite automata to model  Local traces of processes  states are ideals  transitions are events  Message delays We build the composition of all automata We prove composition of automata  lattice of ideals Use the composition automaton to verify the properties  use an existing model checker  avoid full state space search  { send } {send, receive} send(m)receive(m)

11 11 Implementation We use SDL and ObjectGEODE (OG) We model the SUT as an SDL system  Local traces: designated processes  Local events: SDL TASK  Communication: signal exchange How to treat the message delay automata?  Individual processes  Individual queues  SDL “SAVE” Properties are specified in GOAL of OG

12 12 Workflow of the Approach Front-End tool to ObjectGEODE  System specification  Pattern specification Library of property patterns  Parameterized GOAL observers  State-based, event-based, mixed Monitoring Tool distributed system of processes Event... Event User ObjectGEODE Simulator Front End to ObjectGEODE User Interface Property Specification System Specification Trace GOAL Observer SDL Model Model results: 1. Property satisfied or not 2. Scenarios Pattern Library

13 13 Pattern Library Property patterns already exist  Repository of common properties  Mappings to main formalisms used in finite state verification LTL, CTL, INCA, QRE,… Library of GOAL observers Address finiteness of traces Encode common patterns  Class: order vs. occurrence  Name: response, universality,...  Scope: global, before, after,...  Parameterized GOAL specification parameters are predicates on states, events, or both

14 14 Pattern Template Name and Intent  Response  Cause-effect relationship Class Order Scope Global: the entire execution Example resource granted after request S responds to P in the execution

15 15 TRAYSIS Input: XML logfile Output: SDL model Features  Logfile conformance check  Synchronous/asynchronous  Statistics on the model processes, channels, variables, signals,...  Model customization scalability  Access to OG

16 16 Property Manager Supports property specification  Easy access to library  Customize observers

17 17 Case Study An implementation of the Sliding Window Protocol  Extension to the PROFIBUS protocol stack  Supports communication in distributed power control system Properties of interest  Maximum window size is respected  Total number of unacknowledged messages less than limit  Total number of messages in transit less than limit Execution traces are collected using protocol analyzers We used out tool set to automatically analyze the system We have analyzed large traces (15k –20k events)

18 18 Conclusions and Future Work Formal definition of event traces A framework to model mixed communication modes (GALS) Automata-based approach to analyze event traces A component based implementation of the approach A case study: the SWP Target more general logfiles Enhancement of the tool set

19 Merci beaucoup!

Download ppt "An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003."

Similar presentations

Synthesis of Protocol Converter Using Timed Petri-Nets Anh Dang Balaji Krishnamoorthy Manoj Iyer Presented by:

Synthesis of Protocol Converter Using Timed Petri-Nets Anh Dang Balaji Krishnamoorthy Manoj Iyer Presented by:
Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
MOdel-based GENeration of Tests for Embedded Systems #216679 FP7-ICT-2007-1-3.3 Embedded Systems Design WP3: Qualitative Fault Modelling András Pataricza,

MOdel-based GENeration of Tests for Embedded Systems # FP7-ICT Embedded Systems Design WP3: Qualitative Fault Modelling András Pataricza,
Model Checking for an Executable Subset of UML Fei Xie 1, Vladimir Levin 2, and James C. Browne 1 1 Dept. of Computer Sciences, UT at Austin 2 Bell Laboratories,

Model Checking for an Executable Subset of UML Fei Xie 1, Vladimir Levin 2, and James C. Browne 1 1 Dept. of Computer Sciences, UT at Austin 2 Bell Laboratories,
CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.

CS 267: Automated Verification Lecture 8: Automata Theoretic Model Checking Instructor: Tevfik Bultan.
The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.

The cardiac pacemaker – SystemJ versus Safety Critical Java Heejong Park, Avinash Malik, Muhammad Nadeem, and Zoran Salcic. University of Auckland, NZ.
Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str. 546 24 Thessaloniki Greece.

Formal Modelling of Reactive Agents as an aggregation of Simple Behaviours P.Kefalas Dept. of Computer Science 13 Tsimiski Str Thessaloniki Greece.
Eugene Syriani * † Hans Vangheluwe * ‡ Amr Al Mallah * † * ‡ Tuscaloosa, AL Montreal, Canada Antwerp, Belgium.

Eugene Syriani * † Hans Vangheluwe * ‡ Amr Al Mallah * † * ‡ Tuscaloosa, AL Montreal, Canada Antwerp, Belgium.
/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.

/ PSWLAB Efficient Decentralized Monitoring of Safety in Distributed System K Sen, A Vardhan, G Agha, G Rosu 20 th July 2007 Presented by.
Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl Sherif Abdelwahed

Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl Sherif Abdelwahed
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
CMPT 431 Dr. Alexandra Fedorova Lecture VIII: Time And Global Clocks.

CMPT 431 Dr. Alexandra Fedorova Lecture VIII: Time And Global Clocks.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.

Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
ECE 667 - Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.

ECE Synthesis & Verification1 ECE 667 Spring 2011 Synthesis and Verification of Digital Systems Verification Introduction.
Models of Computation for Embedded System Design Alvise Bonivento.

Models of Computation for Embedded System Design Alvise Bonivento.
TinyOS Software Engineering Sensor Networks for the Masses.

TinyOS Software Engineering Sensor Networks for the Masses.
/department of mathematics and computer science Visualization of Transition Systems Hannes Pretorius Visualization Group

/department of mathematics and computer science Visualization of Transition Systems Hannes Pretorius Visualization Group
Model-based Analysis of Distributed Real-time Embedded System Composition Gabor Madl Sherif Abdelwahed

Model-based Analysis of Distributed Real-time Embedded System Composition Gabor Madl Sherif Abdelwahed
Interface-based Design Donald Chai EE249. Outline Orthogonalization of concerns Formalisms Interface-based Design Example Cheetah Simulator Future Inroads.

Interface-based Design Donald Chai EE249. Outline Orthogonalization of concerns Formalisms Interface-based Design Example Cheetah Simulator Future Inroads.

Similar presentations

Ads by Google