Presentation is loading. Please wait.

Presentation is loading. Please wait.

Interface Automata 29-September-2011. Modeling Temporal Behavior of Component Component behaves with Environment Traditional (pessimistic) approach –

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Interface Automata 29-September-2011. Modeling Temporal Behavior of Component Component behaves with Environment Traditional (pessimistic) approach –"— Presentation transcript:

1 Interface Automata 29-September-2011

2 Modeling Temporal Behavior of Component Component behaves with Environment Traditional (pessimistic) approach – Environment is free to behave as it wants to – Two components are compatible if no environment leads them into an error state Optimistic approach of Interface Automata – Components designed with assumptions about environment – Two components are compatible if some environment can make both of them work together In context of this course – Write code ONCE and know that it works

3 Interface Automata Interaction specified by synchronizing input and output actions – Internal actions of concurrent automata are interleaved asynchronously Input actions – Model methods that can be called – Receiving ends of communication channels Output actions – Model method calls – Messages being transmitted – Exceptions Component designed under environmental assumptions – i.e., an object works if methods called in specific order

4 Sample Automata Internal state machine externally invisible Labels – msg? means message received – send! means action sent out – Dot/arrow on interface species in- or out-connection – Internal transitions are arrows between states based upon interface interactions Let’s discuss possible valid/invalid interactions

5 Sample Interface Automata User – Designed to be used only with message-transmission services that cannot fail

6 Comp  User Compose Comp with User – msg? and msg! collapsed to msg; – Error state 6 upon second failed nack? Composition – Note how a “new” automata is created from the composition with its own In/Out actions Handling errors – Why does 6  have no exiting arrows? – Declared “Illegal” state(s)

7 Interface Automata Definition in paper – Review page 113 Compatibility and Composition – All independent actions are asynchronous – All shared actions force automata to synchronize state transitions Two automata P and Q are composable if – They don’t share states – There is no duplication of Input or Output actions – That is, “shared” means pairing Input with Output

8 Component Product Review Definition (p114) Legal environments – Steers away from Illegal states – How to specify? Use an Interface Automata! Environment Automata E – E is composable with R and non-empty – Input of E is the output of R – Illegal(R, E) = 

9 Example Channel wraps error-prone send (ack/nack) with an error-free get_token / put_token to ensure delivery – Parse this from the graphics

10 Final Notation Automata Product Composition: Comp  User Restricted Composition: Comp || User Nice features of composition – Associative (P || Q) ||R == P || (R || Q) if either is defined – Some automata cannot be composed in this restrictive way

11 Refinement Consider relation between abstract and concrete version of a component QuickComp (next slide) – Provides try-twice msg service – Provides try-once once service Shouldn’t QuickComp be considered a refinement of Comp?

12 QuickComp Comp QuickComp means QC refines C

13 Contravariance Refined automata must allow for (possibly) more legal inputs and (possibly) fewer outputs – Weaken the pre-condition – Strengthen the post-condition Notion of alternating simulation – Q refines P if – all input steps of P can be simulated by Q – all output steps of Q can be simulated by P – works because internal state transitions are invisible to external viewers Captures a simple kind of subclassing – If Q refines P then implementation Q is able to provide more services than specification P – Q must be consistent with P on shared services

14 More definitions Transitive: Q refines P and R refines Q – If P Q and Q R then P R Reflexive: P refines P – P P Refinement and compatibility are related – Replace P with Q if (a) P and Q are connected to the environment by same input/output; and (b) P Q

15 Refinement is Compositional Is P||R S||T? – One need only check two smaller cases – Is P S? – Is R T? Compositional reasoning is the key to dealing with large scale systems

16 Refinement and Composition Given interface automata P, Q, and R where – Q and R are composable – Input Q  Output R  Input P  Output R If P and R are compatible and P Q – Q and R are compatible – P||R Q||R

17 Single-Threaded Interface Automata Many compositions can be restricted to single- threaded – Client makes request (and then blocks); during this time client cannot alter state – Server receives request and once it has responded, it becomes quiescent and won’t alter state See Figure 7

18 Single-Threaded vs. Multi-Threaded

Download ppt "Interface Automata 29-September-2011. Modeling Temporal Behavior of Component Component behaves with Environment Traditional (pessimistic) approach –"

Similar presentations

Formal Methods in Software Engineering

Formal Methods in Software Engineering
CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 14: Simulations 1.

CSCE 668 DISTRIBUTED ALGORITHMS AND SYSTEMS Fall 2011 Prof. Jennifer Welch CSCE 668 Set 14: Simulations 1.
Global States.

Global States.
COMMUNICATING SEQUENTIAL PROCESSES C. A. R. Hoare The Queen’s University Belfast, North Ireland.

COMMUNICATING SEQUENTIAL PROCESSES C. A. R. Hoare The Queen’s University Belfast, North Ireland.
Remote Procedure Call (RPC)

Remote Procedure Call (RPC)
Interface-based design Philippe Giabbanelli CMPT 894 – Spring 2008.

Interface-based design Philippe Giabbanelli CMPT 894 – Spring 2008.
Alternate Software Development Methodologies

Alternate Software Development Methodologies
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
® IBM Software Group © 2006 IBM Corporation Rational Software France Object-Oriented Analysis and Design with UML2 and Rational Software Modeler 04. Other.

® IBM Software Group © 2006 IBM Corporation Rational Software France Object-Oriented Analysis and Design with UML2 and Rational Software Modeler 04. Other.
Objectives Detailed Object-Oriented Requirements Definitions

Objectives Detailed Object-Oriented Requirements Definitions
CPSC 668Set 14: Simulations1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.

CPSC 668Set 14: Simulations1 CPSC 668 Distributed Algorithms and Systems Spring 2008 Prof. Jennifer Welch.
Www.ics.mq.edu.au/ppdp ITEC200 Week02 Program Correctness and Efficiency.

ITEC200 Week02 Program Correctness and Efficiency.
Introduction To System Analysis and Design

Introduction To System Analysis and Design
Interface-based Design of Embedded Systems Thomas A. Henzinger University of California, Berkeley.

Interface-based Design of Embedded Systems Thomas A. Henzinger University of California, Berkeley.
CS 582 / CMPE 481 Distributed Systems Fault Tolerance.

CS 582 / CMPE 481 Distributed Systems Fault Tolerance.
An Introduction to Input/Output Automata Qihua Wang.

An Introduction to Input/Output Automata Qihua Wang.
CPSC 668Set 16: Distributed Shared Memory1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.

CPSC 668Set 16: Distributed Shared Memory1 CPSC 668 Distributed Algorithms and Systems Fall 2006 Prof. Jennifer Welch.
Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.

Software Engineering, COMP201 Slide 1 Protocol Engineering Protocol Specification using CFSM model Lecture 30.
System-Level Types for Component-Based Design Paper by: Edward A. Lee and Yuhong Xiong Presentation by: Dan Patterson.

System-Level Types for Component-Based Design Paper by: Edward A. Lee and Yuhong Xiong Presentation by: Dan Patterson.
SE-565 Software System Requirements More UML Diagrams.

SE-565 Software System Requirements More UML Diagrams.

Similar presentations

Ads by Google