Presentation is loading. Please wait.

Presentation is loading. Please wait.

Alloy-based Lightweight Verification for Aspect-oriented Architecture Naoyasu Ubayashi(Kyushu Institute of Technology) Yuki Sato(Kyushu Institute of Technology)

Published byVivien Richardson Modified over 8 years ago

Similar presentations

Presentation on theme: "Alloy-based Lightweight Verification for Aspect-oriented Architecture Naoyasu Ubayashi(Kyushu Institute of Technology) Yuki Sato(Kyushu Institute of Technology)"— Presentation transcript:

1 Alloy-based Lightweight Verification for Aspect-oriented Architecture Naoyasu Ubayashi(Kyushu Institute of Technology) Yuki Sato(Kyushu Institute of Technology) Akihiro Sakai(Kyushu University) Tetsuo Tamai(University of Tokyo) August 20, 2007 SERA 2008 1

2 2 Aspect-oriented Programming AOP is a programming paradigm in which crosscutting concerns are modularized as aspects. Display updating after (FigureElement fe): (call(void set*(..)) && target(fe) { fe.display.update(fe); } advice pointcut AspectJ Problem A concern considered crosscutting in one situation might be primary in others. It is not desirable to fix a certain concern as either primary or crosscutting. It is not easy to understand the overall behavior of a woven program. Problem A concern considered crosscutting in one situation might be primary in others. It is not desirable to fix a certain concern as either primary or crosscutting. It is not easy to understand the overall behavior of a woven program.

3 3 Our previous work [ASE’07]  A new interface mechanism called Weaving-interface  A new AOP language called ccJava  Weaving-interface can be regarded as an ADL (Architecture Description Language) All concerns are described as class components. This ADL can describe how to compose (weave) these components. But, programming-level idea … DisplayPointLine

4 Today’s Talk: Verifiable AO MDD Not only programming-level but also design-level notion ADL for bridging the gaps between architectural design and implementation 4 Architectural Design Weaving-interface Java Designs and verifies an architecture represented by a set of weaving-interfaces (Alloy-based architecture verification) Implements verified weaving interfaces

5 5 Outline 1. Motivation 2. AO verifiable MDD 3. Architecture verification based on Alloy 4. Related work 5. Conclusion

6 1. Motivation 6

7 7 Example --- Figure editor interface Shape { public void moveBy(int dx, int dy); } class Point implements Shape { int x, y; public int getX() { return x; } public int getY() { return y; } public void setX(int x) { this.x = x; } public void setY(int y) { this.y = y; } public void moveBy(int dx, int dy) { x += dx; y += dy; } class Line implements Shape { Point p1, p2; public Point getP1() { return p1; } public Point getP2() { return p2; } public void setP1(Point p1) { this.p1 = p1; } public void setP2(Point p2){ this.p2 = p2; } public void moveBy(int dx, int dy) { p1.x += dx; p1.y += dy; p2.x += dx; p2.y += dy; } class Display { public static void update() { /* the detail is ommited */ } } Three concern components are woven together by component and connector architecture based on weaving- interface. Component

8 8 AO weaving based on component-connector architecture class Display class Point class Line class Logging wDisplaywPointwLine wLogging redraw + change Component Weaving-interface Connector class Pointimplements Shape { int x, y; public int getX() { return x; } public int getY() { return y; } public void setX(int x) { this.x = x; } public void setY(int y) { this.y = y; } public void moveBy(int dx, int dy) { x += dx; y += dy; } change redraw class Display { public static void update() { } }

9 9 ccJava – AOP language for supporting Weaving-interface public w_interface wPoint { pointcut change(): execution(void setX(int)) || execution(void setY(int)) || execution(void moveBy(int, int)); import before(), after() returning, around() : change(); } public w_interface wLine { pointcut change(): execution(void setP1(Point)) || execution(void setP2(Point)) || execution(void moveBy(int, int)); import before(), after() returning, around() : change(); } public w_interface wDisplay { pointcut redraw(): execution(void update()); import before(), after() returning : redraw(); export redraw(); } weave { class Pointimplements wPoint; class Lineimplements wLine; class Displayimplements wDisplay; connect (port1:wDisplay.redraw, port2:{wPoint || wLine}.change) { after() returning : port2 { port1.proceed(); } } Connector Port Definition Port Connection Coordination Code Weaving-interface Coordination Type Before After Around introduce Connector descriptions depend on only weaving-interfaces. Architecture can be represented by Weaving-interface + connector. Weaving-interface+Connector is a kind of ADL Weaving-interface+Connector is a kind of ADL

10 Problems  Although Weaving-interface enables a programmer to describe AO architecture, there is a gap between architecture design and implementation. 10 Verifiable AO MDD

11 2. Verifiable AO MDD 11

12 ccModeler & ccJava 12 Architectural Design Weaving-interface Java ccModeler ccJava Designs and verifies an architecture represented by a set of weaving- interfaces Implements verified weaving interfaces Architecture Design & verification Refinement

13 3. Architecture verification based on Alloy 13

14 Alloy  Alloy is a simple structural modeling language based on relational logic.  The Alloy analyzer, a tool for Alloy, can automatically generate instances of invariants, simulate the execution of operations, and check user-specified properties of a model. 14 Lightweight Formal Methods Although neither soundness nor completeness is guaranteed, it makes more sense to sacrifice the capability of finding proofs for the capability of reliably detecting errors. Lightweight Formal Methods Although neither soundness nor completeness is guaranteed, it makes more sense to sacrifice the capability of finding proofs for the capability of reliably detecting errors. We use Alloy as a design debugger !

15 Weaving-Interface meta model described in Alloy 15 abstract sig WeavingInterface { importType : set Advice, import : set Pointcut, export : set Pointcut } abstract sig Advice {} one sig Before, After, Around extends Advice {} abstract sig Pointcut {} abstract sig Implement { class : set Class, weavingInterface : set WeavingInterface } abstract sig Connect { port1 : set WeavingInterface, port2 : set WeavingInterface, connectionType : Advice } Concern Component (class) Concern Component (class) weaving I/F connector weaving I/F

16 Translation from weaving-interface into Alloy (1) Alloy public w_interface wPoint { pointcut change(): execution(voidsetX(int)) || execution(voidsetY(int)) || execution(voidmoveBy(int, int)); import before(), after() returning, around() : change(); } public w_interface wDisplay { pointcut redraw(): execution(void update()); import before(), after() returning : redraw(); export redraw(); } one sig noPct, setX, setY, moveBy extends Pointcut {} one sig WPoint extends WeavingInterface {} fact{ WPoint.importType= { Before } + { After } + { Around } WPoint.import= { setX } + { setY } + { moveBy } WPoint.export= { noPct } } one sig update extends Pointcut {} one sig WDisplay extends WeavingInterface {} fact{ WDisplay.importType = { Before } + { After } WDisplay.import = { update } WDisplay.export = { update } } Weaving-interfaceAlloy 16

17 Translation from weaving-interface into Alloy (2) weave { class Point implements wPoint; class Display implements wDisplay; Connect( port1:wDisplay.redraw, port2:{wPoint || wLine}.change) { after() returning : port2 { port1.proceed(); } } one sig Weave { implement : set Implement, connect : set Connect } fact { Weave.implement = { PointImplementsWPoint } + { DisplayImplementsWDisplay } Weave.connect = { WDisplayToWPoint } } one sig PointImplementsWPoint extends Implement {} one sig Point extends Class {} fact{ PointImplementsWPoint.class = { Point } PointImplementsWPoint.weavingInterface = { WPoint } } one sig DisplayImplementsWDisplay extends Implement {} one sig Display extends Class {} fact{ DisplayImplementsWDisplay.class = { Display } DisplayImplementsWDisplay.weavingInterface = { WDisplay } } one sig WDisplayToWPoint extends Connect {} fact{ WDisplayToWPoint.port1 = { WDisplay } WDisplayToWPoint.port2 = { WPoint } WDisplayToWPoint.connectionType = { After } } Weaving-interface Alloy 17

18 Architecture verification  Consistency of architecture design  Intention of Modeler 18

19 [Architecture verification 1] Consistency of architecture design 19 Checking the consistency between permitted advice-types declared in wPoint and real advice specified in a connect statement assert checkConnectionType { all t : WDisplayToWPoint.connectionType | t in WDisplayToWPoint.port2.importType } The Alloy analyzer generates counterexamples. WPoint.importType = { Before } + { After } + {Around } The Alloy analyzer terminates normally. WPoint.importType = { Before } + { Around }

20 Generated counterexample 20 after advice specified in a connect statement is not included in the available advice-types declared in wPoint.

21 [Architecture verification 2] Intention of modeler 21 assert checkImportedMethod { log in WDisplayToWPoint.port1.export } assert checkImportedMethod { update in WDisplayToWPoint.port1.export } OKError 21 class Display class Point class Line class Logging wDisplaywPointwLine wLogging redraw + change change redraw

22 Architecture verification & Refinement 22 Architectural Design Weaving-interface Java Designs and verifies an architecture represented by a set of weaving- interfaces Implements verified weaving interfaces Architecture verification Refinement

23 4. Related work 23

24 24 Related work (1)  AAIF: Aspect-aware interface [Kiczales 2005]  Open modules [Aldrich 2005]  Crosscutting programming interface (XPI) [Sullivan 2005] An interface is determined only once the complete system is known Point implements FigureElement void setX(int): DisplayUpdating - after returning DisplayUpdating.change(); Aspects can be woven to only exposed program points. Open modules support crosscutting within only one class. An interface for specifying rules for designing aspects and classes public aspect XPointChange { /* The purpose of … */ pointcut change(): execution(void Point.setX(int)) || … } Our Approach Software Architecture !! Our Approach Software Architecture !!

25 Related work (2)  ArchJava [Aldrich, 2002] an extension to Java that seamlessly unifies software architecture with implementation. 25 Our Approach Interface mechanism shared by both architectural design and implementation Our Approach Interface mechanism shared by both architectural design and implementation

26 5. Conclusion 26

27 27 Conclusion  Alloy-based lightweight approach for checking whether the weaving based on the component-and- connector architecture is correct.  By enforcing the architecture verified by Alloy to the class implementation, we can construct a reliable system.

Download ppt "Alloy-based Lightweight Verification for Aspect-oriented Architecture Naoyasu Ubayashi(Kyushu Institute of Technology) Yuki Sato(Kyushu Institute of Technology)"

Similar presentations

Mohamed ElBendary and John Boyland University of Wisconsin-Milwaukee.

Mohamed ElBendary and John Boyland University of Wisconsin-Milwaukee.
A Brief Introduction to Aspect-Oriented Programming Zhenxiao Yang.

A Brief Introduction to Aspect-Oriented Programming Zhenxiao Yang.
Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.

Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.
1 JAC : Aspect Oriented Programming in Java An article review by Yuval Nir and Limor Lahiani.

1 JAC : Aspect Oriented Programming in Java An article review by Yuval Nir and Limor Lahiani.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 32 Slide 1 Aspect-oriented Software Development.
1 An Aspect-Aware Outline Viewer Michihiro Horie and Shigeru Chiba Tokyo Institute of Technology, Japan.

1 An Aspect-Aware Outline Viewer Michihiro Horie and Shigeru Chiba Tokyo Institute of Technology, Japan.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
University of British Columbia Software Practices Lab Fluid AOP Join Point Models Terry Hon Gregor Kiczales.

University of British Columbia Software Practices Lab Fluid AOP Join Point Models Terry Hon Gregor Kiczales.
Java.sun.com/javaone/sf | 2004 JavaOne SM Conference | Session BUS-3192 1 JavaOne 2004 What is AOP? Gregor Kiczales AspectMentor.com and University of.

Java.sun.com/javaone/sf | 2004 JavaOne SM Conference | Session BUS JavaOne 2004 What is AOP? Gregor Kiczales AspectMentor.com and University of.
359C 10/1/05 Eric Wohlstadter Introductions –Name –Degree objective/Year –Research Area (or interests) Syllabus Aspect-Oriented Programming –AspectJ –AspectC.

359C 10/1/05 Eric Wohlstadter Introductions –Name –Degree objective/Year –Research Area (or interests) Syllabus Aspect-Oriented Programming –AspectJ –AspectC.
University of British Columbia Software Practices Lab 2005 CASCON A Fluid AOP Editor Terry Hon Gregor Kiczales.

University of British Columbia Software Practices Lab 2005 CASCON A Fluid AOP Editor Terry Hon Gregor Kiczales.
Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.

Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.
ASPECT ORIENTED SOFTWARE DEVELOPMENT Prepared By: Ebru Doğan.

ASPECT ORIENTED SOFTWARE DEVELOPMENT Prepared By: Ebru Doğan.
University of British Columbia Software Practices Lab CAS Seminar 06 Fluid AJ - A Simple Fluid AOP Tool Terry Hon Gregor Kiczales.

University of British Columbia Software Practices Lab CAS Seminar 06 Fluid AJ - A Simple Fluid AOP Tool Terry Hon Gregor Kiczales.
Aspect-Oriented Software Development (AOSD) Tutorial #2 AspectJ Basics.

Aspect-Oriented Software Development (AOSD) Tutorial #2 AspectJ Basics.
Software modularity group Gregor Kiczales Professor and NSERC/Xerox/Sierra Systems Software Design Chair University of British Columbia Principal Scientist.

Software modularity group Gregor Kiczales Professor and NSERC/Xerox/Sierra Systems Software Design Chair University of British Columbia Principal Scientist.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.

© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
Session 15 Modeling Traceability of Concerns in Architectural Views Mark Stobbe October 29, 2007 1.

Session 15 Modeling Traceability of Concerns in Architectural Views Mark Stobbe October 29,
Aspect-Oriented Programming with AspectJ™ AspectJ.org Xerox PARC Erik Hilsdale Gregor Kiczales with Bill Griswold, Jim Hugunin, Wes Isberg, Mik Kersten.

Aspect-Oriented Programming with AspectJ™ AspectJ.org Xerox PARC Erik Hilsdale Gregor Kiczales with Bill Griswold, Jim Hugunin, Wes Isberg, Mik Kersten.
Aspect-Oriented Software Development (AOSD) Tutorial #3 AspectJ - continued.

Aspect-Oriented Software Development (AOSD) Tutorial #3 AspectJ - continued.

Similar presentations

Ads by Google