Checking interaction consistency in marmot component refinements
Download
1 / 21

Checking Interaction Consistency in MARMOT Component Refinements - PowerPoint PPT Presentation


  • 88 Views
  • Uploaded on

Checking Interaction Consistency in MARMOT Component Refinements. Yunja Choi School of Electrical Engineering and Computer Science Kyungpook National University. Overview. MARMOT methodology Component and refinements Interaction consistency A general framework for consistency checking

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Checking Interaction Consistency in MARMOT Component Refinements' - kiayada-blanchard


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Checking interaction consistency in marmot component refinements

Checking Interaction Consistency in MARMOT Component Refinements

Yunja Choi

School of Electrical Engineering and Computer Science

Kyungpook National University


Overview
Overview Refinements

  • MARMOT methodology

    • Component and refinements

  • Interaction consistency

  • A general framework for consistency checking

  • Case example

    • Model checking elevator system

  • Performance improvement through abstraction

  • Discussion


Marmot methodology
MARMOT Methodology Refinements

  • Branched from KobrA by Atkinson et. al

    • Designed for the development of embedded systems

  • High quality system through systematic, structured development

  • Components are the focus of entire development process

    • Tree-structured hierarchy of components

    • Flexibility and reuse of components


Marmot component

Statecharts Refinements

Specification

Operation

Schemata

Class Diagram

Sequence

Diagram

Class Diagram

Realization

Object

Diagram(Architecture)

MARMOT Component

Refined component

Refining component


Recursive development
Recursive Development Refinements

Identification

Specification

Realization

Kpt A

Component

Reuse

Kpt B

Kpt C

Kpt D

COTS Component




Quality control
Quality Control Refinements

  • MAMOT supports systematic identification and refinements of a component

    • the principle of “separation of concerns”: specification vs. realization

    • Iterative decomposition and refinements

  • There can be many issues in consistency

    • Structural consistency

    • Behavioral consistency

  • Behavioral consistency between the realization of refined component and the specification of its refining components


Interaction consistency
Interaction Consistency Refinements

  • at ith refinement step, the realization of the refined component constrains the environment of the refining components

  • A system is consistent with its environment in its behavior if it either terminates normally or runs infinitely under the infinite sequence of stimuli generated from its environment

    • A system is inconsistent with its environment in its behavior if it terminates abnormally under the infinite sequence of stimuli generated from its environment


Process model

A component and its environment are specified as two processes P and E, where each of them is represented as a labeled transition system (Sp, Lp, Rp, Ip, Tp) and (Se, Le, Re, Ie, Te)

A restricted form of process composition of P and E is defined as P↑E = (Sp× Se, Lp∪ Le, Rp× Re, Ip× Ie, Tp× Te) where

Process model


Consistency model
Consistency Model processes P and E, where each of them is represented as a labeled transition system (S


Formal definitions
Formal definitions processes P and E, where each of them is represented as a labeled transition system (S

  • Termination

    • Terminate(P(s))↑E : P terminates to a state s that belongs to the pre-defined set of terminal states T under the environment E

    • P(s) ∧ s ∈T,

    • If P is a compositional process, P = P1∥ P2∥.. ∥ Pn

      • Terminate(P(s)) ↑E if and only if ∀i, Terminate(Pi(si)) ↑Ei , where Ei = E ∥ P1∥ P2∥.. Pi-1 ∥ Pi+1 ∥ … ∥ Pn


Formal definitions1
Formal definitions processes P and E, where each of them is represented as a labeled transition system (S

  • Progressiveness

    • Progress(P(s)) ↑E : eventually, there is a transition out of the state s under the environment E

  • Interaction Consistency

    • Consistent(P(s)) ↑E = Terminate(P(s))↑E ∨ Progress(P(s)) ↑E


Model checking consistency
Model checking consistency processes P and E, where each of them is represented as a labeled transition system (S

  • Based on the exhaustive search of system state-space

  • Fully automated

    • SPIN: invalid-endstate checking

    • SMV: we can formulate the consistency property in temporal logic and use model checker to verify it

  • Provide counter-examples

  • Need translation to PROMELA or SMV input language

    • A number of translation approaches are available


Model checking consistency framework
model checking consistency processes P and E, where each of them is represented as a labeled transition system (S- Framework -


Consistency model in promela
Consistency Model in PROMELA processes P and E, where each of them is represented as a labeled transition system (S


Performance issue
Performance issue processes P and E, where each of them is represented as a labeled transition system (S


Abstraction techniques
Abstraction techniques processes P and E, where each of them is represented as a labeled transition system (S

  • Trigger-based abstraction

    • Abstract the environment so that it contains all the transitions generating a triggering event for the process P, and all the transitions from the initial state leading to the transition

  • Transition reduction

    • collapse several transitions into one if the intermediate transitions do not generate triggering actions for the process P

ti /ai

s0

s1

s2

si

Si+1

ti /ai

s0

si

Si+1


Performance improvement
Performance Improvement processes P and E, where each of them is represented as a labeled transition system (S


Discussion
Discussion processes P and E, where each of them is represented as a labeled transition system (S

  • Formal methods can be effective and useful when integrated into development process

    • Our work focuses on the seamless integration

  • There are a number of existing works on UML consistency, refinements, CBD methodology, and the use of model checking

    • However, they mostly focus on one of the issues separately.

    • Hardly any of the earlier works concerns on performance issue when using model checking

    • Environment constraints have been manually identified in the previous works

  • More investigation is needed on optimization and automation

    • Translation and abstraction


Thank you! processes P and E, where each of them is represented as a labeled transition system (S


ad