dash modelling and analysis of declarative state based
play

DASH: Modelling and Analysis of Declarative State-Based Transition - PowerPoint PPT Presentation

Jan 23, 2023 •91 likes •307 views

DASH: Modelling and Analysis of Declarative State-Based Transition Systems Work in Progress (*) Jose Serna, Nancy A. Day , and Shahram Esmaeilsabzali With past contributions by Sabria Farheen Waterloo Formal Methods Lab David R. Cheriton School

  1. DASH: Modelling and Analysis of Declarative State-Based Transition Systems Work in Progress (*) Jose Serna, Nancy A. Day , and Shahram Esmaeilsabzali With past contributions by Sabria Farheen Waterloo Formal Methods Lab David R. Cheriton School of Computer Science University of Waterloo Future of Alloy Workshop Apr 2018 http://129.97.7.33:8080/dash/ (*) In International Workshop on Model-Driven Requirements Engineering (MoDRE) @ IEEE International Requirements Engineering (RE),Sep 2017 http://129.97.7.33:8080/dash/ 1

  2. Modelling Transition Systems of Reactive Systems ◮ Modelling the control-oriented aspects of a system can be done naturally in hierarchical and concurrent control states ( i.e., the Statecharts family of languages). ◮ Control states means a state with a name. ◮ Control-oriented modelling languages lack abstractions for modelling data. ◮ We need both! An integrated model that describes both control and data aspects of the system at an abstract level. ◮ Goal: a natural extension to Alloy to create these integrated models. http://129.97.7.33:8080/dash/ 2

  3. Modelling Transition Systems ◮ A transition system (TS) has: snapshots (variables with values) and transitions. http://129.97.7.33:8080/dash/ 3

  4. Modelling Transition Systems ◮ A transition system (TS) has: snapshots (variables with values) and transitions. ◮ Control states are a means of sequencing transitions by factoring/grouping snapshots that share the same set of possible future behaviours. ◮ Typically, the names of control states are user-observable elements of the model ( i.e., red, yellow, green of a traffic light) so are natural for modellers. http://129.97.7.33:8080/dash/ 4

  5. Modelling Transition Systems ◮ A transition system (TS) has: snapshots (variables with values) and transitions. ◮ Control states are a means of sequencing transitions by factoring/grouping snapshots that share the same set of possible future behaviours. ◮ Typically, the names of control states are user-observable elements of the model ( i.e., red, yellow, green of a traffic light) so are natural for modellers. ◮ Hierarchical states provide more model decomposition and a natural way to express priority. ◮ Concurrent states provide a separation of concerns for aspects of the model that can happen at the “same” time. http://129.97.7.33:8080/dash/ 5

  6. Modelling Transition Systems ◮ A transition system (TS) has: snapshots (variables with values) and transitions. ◮ Control states are a means of sequencing transitions by factoring/grouping snapshots that share the same set of possible future behaviours. ◮ Typically, the names of control states are user-observable elements of the model ( i.e., red, yellow, green of a traffic light) so are natural for modellers. ◮ Hierarchical states provide more model decomposition and a natural way to express priority. ◮ Concurrent states provide a separation of concerns for aspects of the model that can happen at the “same” time. ◮ Events are occurences of user actions; or internal actions to model cascading effects between concurrent regions. http://129.97.7.33:8080/dash/ 6

  7. Alloy 1 abstract sig ValvePos {} 2 one sig OpenPos , ClosedPos extends ValvePos {} 3 abstract sig Room {} 4 5 state HeatingSystem { control state snapshot variables 6 valve: Room -> ValvePos 7 desiredTemp : Room -> Int 8 ... create an event 9 event deactivate {} initial snapshot constraint 10 init { Alloy 11 all r: Room | r.valve = ClosedPos 12 } 13 conc state Furnace { ... } 14 conc state Controller { 15 default state Off { } 16 state On { control state transition 17 trans t3 { event 18 on heatSwitchOff 19 goto Off Alloy (w/ prime) 20 do r.valve ’ = ClosedPos send an event 21 send deactivate 22 } 23 ... HeatingSystem 24 } Controller Furnace 25 ... Off 26 } t3 On http://129.97.7.33:8080/dash/ 7 HeatingSystem Furnace Controller Off t3 On

  8. Syntax of Core Dash Everything in Alloy plus: 1 [conc|default] state <name > { ... } 2 3 trans <name > { 4 from <src_state > on/when = precondition 5 on <trigger_event > 6 when <alloy > 7 goto <dest_state > postcondition 8 do <alloy > 9 send <generated_event > 10 } 11 12 event <name > {} 13 14 condition <name > {} http://129.97.7.33:8080/dash/ 8

  9. Dash Features ◮ Transitions understood within context (source state, etc. ) ◮ Concise ◮ Permits factoring by state, event, and condition ◮ If no natural control states, trans are loops on enclosing state http://129.97.7.33:8080/dash/ 9

  10. Dash Features ◮ Transitions understood within context (source state, etc. ) ◮ Concise ◮ Permits factoring by state, event, and condition ◮ If no natural control states, trans are loops on enclosing state ◮ Global access to variables, but namespaces by state http://129.97.7.33:8080/dash/ 10

  11. Dash Features ◮ Transitions understood within context (source state, etc. ) ◮ Concise ◮ Permits factoring by state, event, and condition ◮ If no natural control states, trans are loops on enclosing state ◮ Global access to variables, but namespaces by state ◮ Transition comprehension (patterns) trans to_idle { from * on hang_up goto idle } http://129.97.7.33:8080/dash/ 11

  12. Dash Features ◮ Transitions understood within context (source state, etc. ) ◮ Concise ◮ Permits factoring by state, event, and condition ◮ If no natural control states, trans are loops on enclosing state ◮ Global access to variables, but namespaces by state ◮ Transition comprehension (patterns) trans to_idle { from * on hang_up goto idle } ◮ Add-ons: addon (do incErrorCounter ) to (from * goto Error) addon (do incErrorCounter ) to t19 http://129.97.7.33:8080/dash/ 12

  13. Dash Features ◮ Transitions understood within context (source state, etc. ) ◮ Concise ◮ Permits factoring by state, event, and condition ◮ If no natural control states, trans are loops on enclosing state ◮ Global access to variables, but namespaces by state ◮ Transition comprehension (patterns) trans to_idle { from * on hang_up goto idle } ◮ Add-ons: addon (do incErrorCounter ) to (from * goto Error) addon (do incErrorCounter ) to t19 ◮ Transition templates (reusuable) http://129.97.7.33:8080/dash/ 13

  14. Semantics of Dash ◮ A “big” step (model’s response to env) can be multiple transitions in different concurrent states. ◮ Philosophy for Semantic Decisions: Atomicity of transitions; internal sequencing of transitions in concurrent states should be rare. http://129.97.7.33:8080/dash/ 14

  15. Semantics of Dash ◮ A “big” step (model’s response to env) can be multiple transitions in different concurrent states. ◮ Philosophy for Semantic Decisions: Atomicity of transitions; internal sequencing of transitions in concurrent states should be rare. ◮ Using the framework of Esmaeilsabzali: ◮ Concurrency: only one concurrent state can take a transition in a big step (avoids race conditions and makes model’s behaviour more understandable). ◮ Big-step Maximality: only one transition per concurrent region in a big step (avoids potentially infinite big-steps). ◮ Event Lifeline: events last the entire big step. ◮ Variable Lifeline: variables change their values in small steps. ◮ Priority: Outer state over inner state. http://129.97.7.33:8080/dash/ 15

  16. Semantics: Frame Problem ◮ Mismatch: ◮ In control-oriented modelling languages, any unchanged variable keeps its value in the next state (like a program). ◮ In declarative modelling languages, a variable must be explicitly constrained. http://129.97.7.33:8080/dash/ 16

  17. Semantics: Frame Problem ◮ Mismatch: ◮ In control-oriented modelling languages, any unchanged variable keeps its value in the next state (like a program). ◮ In declarative modelling languages, a variable must be explicitly constrained. ◮ Our solution: ◮ If variable a is NOT designated environmental and is not mentioned in the action of the taken transition, it keeps its value from the previous snapshot. ◮ To override this semantics, action can be that variable a must be within its range of values (0 ≤ a ′ ≤ 100). http://129.97.7.33:8080/dash/ 17

  18. Tool Chain: xText ◮ Grammar for Dash (which includes Alloy) ◮ “Smart” editor automatically created ◮ Transformation rules to: 1. Transform to Core Dash (state hierarchy plus fully detailed transitions) 2. Transform Core Dash to Alloy ◮ Transition names are present in Alloy so it’s easier to relate a counterexample to the model. http://129.97.7.33:8080/dash/ 18

  19. Analyzing Transition Systems in Alloy BMC (Bounded Model Checking) Scoped TCMC (Transitive-Closure-based Model Checking for CTLFC) Significance axioms to ensure the TS is “big enough” Table: Deducing Complete Model Checking Results Scoped TCMC BMC using ordering Property Pass Fail Pass Fail Safety Ambiguous Real Bug Ambiguous Real Bug Finite w/o dead-loop Ambiguous Real Bug Real Pass Ambiguous Liveness w/ dead-loop Real Pass Ambiguous Infinite Liveness Ambiguous Real Bug Cannot Express Existential Real Pass Ambiguous Cannot Express http://129.97.7.33:8080/dash/ 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Declarative Modelling of Virtual Environments DEM 2 ONS PROJECT 2 ONS PROJECT DEM (Declarative

Declarative Modelling of Virtual Environments DEM 2 ONS PROJECT 2 ONS PROJECT DEM (Declarative

Declarative Modelling of Virtual Environments DEM 2 ONS PROJECT 2 ONS PROJECT DEM (Declarative Multimodal ModeliNg System) (Declarative Multimodal ModeliNg System) (Visual Objects: From Reality To Expression) VORTEX Team (Visual Objects: From

703 views • 22 slides
Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi

Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi

Regional Climate Modelling using Grid Infrastructures S. K. Dash and Deepika Vaddi Acknowledgements: Stefano Cozzini, Filippo Giorgi, Abdus Salam ICTP Centre for Atmospheric Sciences Indian Institute of Technology Delhi Hauz Khas, New

623 views • 36 slides
Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I 2014-01-13 15 2014-01-13 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg, Germany State

167 views • 15 slides
modelling rich interaction sensor-based systems statusevent analysis rich set of

modelling rich interaction sensor-based systems statusevent analysis rich set of

Modelling Rich Interaction statusevent analysis chapter 18 rich environments in task analysis modelling rich interaction sensor-based systems statusevent analysis rich set of phenomena events status events

661 views • 9 slides
Modelling and Synthesis of User Interfaces for Complex, Web-Based Modelling Environments Jacob

Modelling and Synthesis of User Interfaces for Complex, Web-Based Modelling Environments Jacob

Modelling and Synthesis of User Interfaces for Complex, Web-Based Modelling Environments Jacob Beard McGill University Modelling, Simulation and Design Lab (MSDL) 08/29/08 Overall Project Goal The creation of a web-based meta- modelling

124 views • 10 slides
Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 15: Hierarchical State Machines I 2013-01-08 15 2013-01-08 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg, Germany Contents

365 views • 23 slides
Software Design, Modelling and Analysis in UML Lecture 16: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 16: Hierarchical State Machines I

Software Design, Modelling and Analysis in UML Lecture 16: Hierarchical State Machines I 2014-01-15 16 2014-01-15 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg, Germany Contents

1.13k views • 96 slides
Modelling and Analysis of Traffic Networks Based on Graph Transformation Juan de Lara E.T.S. de

Modelling and Analysis of Traffic Networks Based on Graph Transformation Juan de Lara E.T.S. de

Formal Methods for Automation and Safety in Railway and Automotive Systems (FORMS/FORMAT) Braunschweig, Germany. December 2-3, 2004 Modelling and Analysis of Traffic Networks Based on Graph Transformation Juan de Lara E.T.S. de Inform

754 views • 41 slides
Software Design, Modelling and Analysis in UML Lecture 13: Core State Machines IV 2012-12-12

Software Design, Modelling and Analysis in UML Lecture 13: Core State Machines IV 2012-12-12

Software Design, Modelling and Analysis in UML Lecture 13: Core State Machines IV 2012-12-12 13 2012-12-12 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg, Germany Contents &amp; Goals

582 views • 41 slides
Software Design, Modelling and Analysis in UML Lecture 12: Core State Machines III 2011-12-21

Software Design, Modelling and Analysis in UML Lecture 12: Core State Machines III 2011-12-21

Software Design, Modelling and Analysis in UML Lecture 12: Core State Machines III 2011-12-21 12 2011-12-21 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg, Germany Contents &amp;

422 views • 26 slides
Software Design, Modelling and Analysis in UML Lecture 10: Constructive Behaviour, State Machines

Software Design, Modelling and Analysis in UML Lecture 10: Constructive Behaviour, State Machines

Software Design, Modelling and Analysis in UML Lecture 10: Constructive Behaviour, State Machines Overview 2013-12-02 10 2013-12-02 main Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit at Freiburg,

814 views • 34 slides
Declarative MapReduce 1 Declarative Languages Describe what you want to do not how to do it The

Declarative MapReduce 1 Declarative Languages Describe what you want to do not how to do it The

Declarative MapReduce 1 Declarative Languages Describe what you want to do not how to do it The most popular example is SQL Can we compile SQL queries into MapReduce program(s)? 2 Relational Operators Projection - SELECT revenue

512 views • 25 slides
Agent-based modelling for analysis of resilience in ATM Sybert Stroeve, Tibor Bosse, Henk Blom,

Agent-based modelling for analysis of resilience in ATM Sybert Stroeve, Tibor Bosse, Henk Blom,

Agent-based modelling for analysis of resilience in ATM Sybert Stroeve, Tibor Bosse, Henk Blom, Alexei Sharpanskykh, Mariken Everdij SESAR Innovation Days 2013, Stockholm, Sweden Contents Resilience and the objective of MAREA Agent-based

574 views • 28 slides
Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE

Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE

Modelling and Analysis of Parallel/ Distributed Time-dependent Systems: An Approach based on JADE Franco Cicirelli and Libero Nigro Laboratorio di Ingegneria del Software www.lis.deis.unical.it Universit della Calabria, DIMES 87036 Rende

725 views • 30 slides
Software Design, Modelling and Analysis in UML ...shall be usable... for UML Inheritance

Software Design, Modelling and Analysis in UML ...shall be usable... for UML Inheritance

Contents &amp; Goals Last Lecture: Behavioural Features State Machines Variation Points Software Design, Modelling and Analysis in UML ...shall be usable... for UML Inheritance in UML: concrete syntax Liskov Substitution

455 views • 14 slides
Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche

Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche

Empirical Analysis and Statistical Modelling of Attack Processes based on Honeypots M. Kaniche 1 , E. Alata 1 , V.Nicomette 1 , Y. Deswarte 1 , M. Dacier 2 LAAS-CNRS 1 , Eurecom 2 Mohamed.Kaaniche@laas.fr ACI Scurit &amp;

409 views • 17 slides
Concurrent programming Multiple threads working together to achieve a common goal These threads

Concurrent programming Multiple threads working together to achieve a common goal These threads

Concurrent programming slides T.S. Norvell (c) 2001 Concurrent programming Multiple threads working together to achieve a common goal These threads may share memory Communication is via shared variables. Care is required to ensure

392 views • 11 slides
LABOUR LAW ARR 214 Theme 9 THEME 9 I N D I V I D U A L L A B O U R D I S P U T E S : U N FA

LABOUR LAW ARR 214 Theme 9 THEME 9 I N D I V I D U A L L A B O U R D I S P U T E S : U N FA

LABOUR LAW ARR 214 Theme 9 THEME 9 I N D I V I D U A L L A B O U R D I S P U T E S : U N FA I R L A B O U R P R A C T I C E S

426 views • 19 slides
UIA - 55me congrs, Miami 31 octobre - 4 novembre 2011 LA RELATION ENTRE EL ABOGATO DE LA

UIA - 55me congrs, Miami 31 octobre - 4 novembre 2011 LA RELATION ENTRE EL ABOGATO DE LA

07/11/2011 UIA - 55me congrs, Miami 31 octobre - 4 novembre 2011 LA RELATION ENTRE EL ABOGATO DE LA RELATION ENTRE EL ABOGATO DE FAMILIA, SUS CLIENTES Y EL FAMILIA, SUS CLIENTES Y EL PSICOLOGO EN LA GESTION DE LA PSICOLOGO EN LA GESTION

336 views • 29 slides
Part 2 Top 10 cases (6-1) 6 Pazur v Lexington Catering Ltd 5 Hargreaves v

Part 2 Top 10 cases (6-1) 6 Pazur v Lexington Catering Ltd 5 Hargreaves v

Annual Review of Employment Law Northern Ireland 2019 Part 2 Mark McAllister Part 2 Top 10 cases (6-1) 6 Pazur v Lexington Catering Ltd 5 Hargreaves v Manchester Grammar 4 Shelbourne v Cancer Research 3

324 views • 3 slides
Concurrency &amp; Synchronization Nima Honarmand Fall 2017 :: CSE 306 Agenda Review basic

Concurrency &amp; Synchronization Nima Honarmand Fall 2017 :: CSE 306 Agenda Review basic

Fall 2017 :: CSE 306 Concurrency &amp; Synchronization Nima Honarmand Fall 2017 :: CSE 306 Agenda Review basic concurrency concepts Concurrency and parallelism Data race and mutual exclusion Locks New stuff New

554 views • 18 slides
Studying multi-threaded behavior with TSViz http://bestchai.bitbucket.io/tsviz/ Matheus Nunes,

Studying multi-threaded behavior with TSViz http://bestchai.bitbucket.io/tsviz/ Matheus Nunes,

Studying multi-threaded behavior with TSViz http://bestchai.bitbucket.io/tsviz/ Matheus Nunes, Harjeet Lalh, Ashaya Sharma, Augustine Wong, Svetozar Miucin, Alexandra Fedorova, Ivan Beschastnikh U. Federal de Minas Gerais U. of British

167 views • 13 slides
Information Flow Control for Concurrent Programs via Program Slicing Dennis Giffhorn

Information Flow Control for Concurrent Programs via Program Slicing Dennis Giffhorn

Information Flow Control for Concurrent Programs via Program Slicing Dennis Giffhorn Universitt Karlsruhe (TH), Germany Dennis Giffhorn (Universitt Karlsruhe (TH)) IFC for Concurrent Programs via Slicing PLID08 1 / 19 Context

582 views • 23 slides
Concurrency Appreciation Liam OConnor CSE, UNSW (and data61) Term 3 2019 1 Overview

Concurrency Appreciation Liam OConnor CSE, UNSW (and data61) Term 3 2019 1 Overview

Overview Critical Sections Multiple Resources Concurrency Appreciation Liam OConnor CSE, UNSW (and data61) Term 3 2019 1 Overview Critical Sections Multiple Resources Definitions Definition Concurrency is an abstraction for the

628 views • 20 slides

More recommend