Specdiff differencing ltss
This presentation is the property of its rightful owner.
Sponsored Links
1 / 24

SpecDiff: Differencing LTSs PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

SpecDiff: Differencing LTSs. Zhenchang Xing * , Jun Sun + , Yang Liu * and Jin Song Dong * * National University of Singapore + Singapore University of Technology and Design. Differencing LTSs? Why ?. Program Behaviors Change!. The Evolution of Specification.

Download Presentation

SpecDiff: Differencing LTSs

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

SpecDiff: Differencing LTSs

Zhenchang Xing*, Jun Sun+, Yang Liu* and Jin Song Dong*

*National University of Singapore

+Singapore University of Technology and Design

Differencing LTSs? Why?

Program Behaviors Change!

The Evolution of Specification

An Evolved Concurrent Stack Spec in CSP#

A later version


An earlier version

The Differences Lead to Program Fault?

The LTS of the later version

The LTS of the earlier version

The Application of Partial Order Reduction

A Dinning-Philosophers Spec in CSP#


“Reduced” States and Transitions?

Partial Order Reduction

(116 states/248 transitions)

NOTE: There is nothing wrong with Spec, and Spec remains unchanged!

No Partial Order Reduction

(118 states/300 transitions)

The Application of Process Counter Abstraction

A Readers-Writer Lock Spec in CSP#

Parameterized Readers-Writer Lock

Recurring Changes as Cutoff Number Increases?

Cutoff number = 2

Cutoff number = 4

Cutoff number = 3

NOTE: There is nothing wrong with Spec, and Spec remains unchanged!

Cutoff number = 1

Why Do We Want to Differencing LTSs?

  • Analyzing Changing Program Behaviors

    • Diagnosing faulty evolution

    • Evaluating impact of different behavior exploration methods

    • Revealing behavioral change patterns of parameterized systems

    • ……

Differencing LTSs? How?

An Overview of Our SpecDiff Approach

SpecDiff Architecture

Describing program behavior in CSP# specification language

Generating the LTSs of CSP# program(s) with PAT Simulator

Applying GenericDiff to compare two LTSs

Visualization and query-based analysis

Differencing LTSs By GenericDiff

  • Input: LTSs to be compared

    • LTS1 and LTS2

  • GenericDiff: A generic graph differencing technique

    • Parsing and quantifying the inputs LTSs

      • Typed Attributed Graphs (TAGs)

    • Capturing the graph structure and the matching candidates

      • PairUpGraph (i.e. a product of two TAGs)

    • Traversing the model graphs and computing the similarities

      • Random walk on PairUpGraph

    • Select an “optimal” matching

      • Bipartite graph matching

  • Output: Symmetric difference

    • One set of matched states and transitions

    • Two sets of unmatched states and transitions

Analyzing LTS Differences

  • Merging the two LTSs into a unified LTS

    • Creating the matched parts of two LTSs

    • Appending the unmatched states and transitions

  • Visually inspecting the unified LTS

    • Normal view of the whole unified LTS

    • Fragmented views of maximally-connected matched (or unmatched) subgraphs

  • Searching for change patterns

    • User-defined queries

Diagnosing Faulty Program Evolution

A fragment of the unified LTS of the evolved concurrent stack example (returned by the query searching for “matched states with unmatched same-label transitions”, for example, matched states 6/22 with unmatched push.0.1)

Black: matched states/transitions in both LTSs; Green: unmatched states/transitions in the earlier-version LTS; Red: unmatched states/transitions in the later-version LTS

The second process pops nothing (pop.1.0) after the first process has pushed an item (push.0.1) into the stack!

SpecDiff? Does it Work?

Tool Support & Usage

A short demo of SpecDiff in PAT!


Formal Tool Demonstration, ASE’10

Initial Evaluation

How to Scale it Up?

  • Differencing LTSs “smartly”

    • Syntactic differences to “guide” the differencing process of large LTSs

    • Interactive visualization techniques to “select” which part(s) of the LTSs to differentiate

  • Optimizing SpecDiff implementation

    • Direct comparison of the internal data structures of LTSs instead of the LTSs renderedin the GUI

  • Identifying “important” differences

    • Important differences (e.g. program fault) would be reflected in the differences of small LTSs

Why Not Use Counter Examples?

  • SpecDiff is complementary to counter-example analysis

    • Contextual information

    • Highlighted differences

  • SpecDiff is useful in other scenarios, such as

    • Nothing wrong with specification

    • Specification remains unchanged

Conclusions and Future Work

Tool Support & Usage

SpecDiff: Differencing LTSs

Effectiveness & Applicability

Scale it Up!

  • Login