Checking interaction consistency in marmot component refinements
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

Checking Interaction Consistency in MARMOT Component Refinements PowerPoint PPT Presentation


  • 52 Views
  • Uploaded on
  • Presentation posted in: General

Checking Interaction Consistency in MARMOT Component Refinements. Yunja Choi School of Electrical Engineering and Computer Science Kyungpook National University. Overview. MARMOT methodology Component and refinements Interaction consistency A general framework for consistency checking

Download Presentation

Checking Interaction Consistency in MARMOT Component Refinements

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Checking Interaction Consistency in MARMOT Component Refinements

Yunja Choi

School of Electrical Engineering and Computer Science

Kyungpook National University


Overview

  • MARMOT methodology

    • Component and refinements

  • Interaction consistency

  • A general framework for consistency checking

  • Case example

    • Model checking elevator system

  • Performance improvement through abstraction

  • Discussion


MARMOT Methodology

  • Branched from KobrA by Atkinson et. al

    • Designed for the development of embedded systems

  • High quality system through systematic, structured development

  • Components are the focus of entire development process

    • Tree-structured hierarchy of components

    • Flexibility and reuse of components


Statecharts

Specification

Operation

Schemata

Class Diagram

Sequence

Diagram

Class Diagram

Realization

Object

Diagram(Architecture)

MARMOT Component

Refined component

Refining component


Recursive Development

Identification

Specification

Realization

Kpt A

Component

Reuse

Kpt B

Kpt C

Kpt D

COTS Component


Example: elevator system


Specifying externally visible behavior


Quality Control

  • MAMOT supports systematic identification and refinements of a component

    • the principle of “separation of concerns”: specification vs. realization

    • Iterative decomposition and refinements

  • There can be many issues in consistency

    • Structural consistency

    • Behavioral consistency

  • Behavioral consistency between the realization of refined component and the specification of its refining components


Interaction Consistency

  • at ith refinement step, the realization of the refined component constrains the environment of the refining components

  • A system is consistent with its environment in its behavior if it either terminates normally or runs infinitely under the infinite sequence of stimuli generated from its environment

    • A system is inconsistent with its environment in its behavior if it terminates abnormally under the infinite sequence of stimuli generated from its environment


A component and its environment are specified as two processes P and E, where each of them is represented as a labeled transition system (Sp, Lp, Rp, Ip, Tp) and (Se, Le, Re, Ie, Te)

A restricted form of process composition of P and E is defined as P↑E = (Sp× Se, Lp∪ Le, Rp× Re, Ip× Ie, Tp× Te) where

Process model


Consistency Model


Formal definitions

  • Termination

    • Terminate(P(s))↑E : P terminates to a state s that belongs to the pre-defined set of terminal states T under the environment E

    • P(s) ∧ s ∈T,

    • If P is a compositional process, P = P1∥ P2∥.. ∥ Pn

      • Terminate(P(s)) ↑E if and only if ∀i, Terminate(Pi(si)) ↑Ei , where Ei = E ∥ P1∥ P2∥.. Pi-1 ∥ Pi+1 ∥ … ∥ Pn


Formal definitions

  • Progressiveness

    • Progress(P(s)) ↑E : eventually, there is a transition out of the state s under the environment E

  • Interaction Consistency

    • Consistent(P(s)) ↑E = Terminate(P(s))↑E ∨ Progress(P(s)) ↑E


Model checking consistency

  • Based on the exhaustive search of system state-space

  • Fully automated

    • SPIN: invalid-endstate checking

    • SMV: we can formulate the consistency property in temporal logic and use model checker to verify it

  • Provide counter-examples

  • Need translation to PROMELA or SMV input language

    • A number of translation approaches are available


model checking consistency- Framework -


Consistency Model in PROMELA


Performance issue


Abstraction techniques

  • Trigger-based abstraction

    • Abstract the environment so that it contains all the transitions generating a triggering event for the process P, and all the transitions from the initial state leading to the transition

  • Transition reduction

    • collapse several transitions into one if the intermediate transitions do not generate triggering actions for the process P

ti /ai

s0

s1

s2

si

Si+1

ti /ai

s0

si

Si+1


Performance Improvement


Discussion

  • Formal methods can be effective and useful when integrated into development process

    • Our work focuses on the seamless integration

  • There are a number of existing works on UML consistency, refinements, CBD methodology, and the use of model checking

    • However, they mostly focus on one of the issues separately.

    • Hardly any of the earlier works concerns on performance issue when using model checking

    • Environment constraints have been manually identified in the previous works

  • More investigation is needed on optimization and automation

    • Translation and abstraction


Thank you!


  • Login