AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF...
Transcript of AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF...
![Page 1: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/1.jpg)
AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS
Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1
1 Dipartimento di Ingegneria Elettrica e dell’Informazione – Politecnico di Bari, Italy2 Department of Computer Science and Engineering - Chalmers University of Technology and University of Gothenburg, Sweden
![Page 2: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/2.jpg)
Outline of the talk
• Schema and frame: cognitive psicology
• AdaptableCode-contract: AC-contract
• Instantiation of AC-contract
• Derivation of operational requirements
• Reflection and contract checking
• Android implementation: Traveller
• Conclusion and future work
![Page 3: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/3.jpg)
AC-contract: formal definition
Tuple• Schema• Frame• Adaptable Pattern• Contract checking
Meta level
Base level
Adaptation manager
AC-contract tuple
Embeds logicalpropositions in the source codeExecutes the annotationfor run-time verification
Drive adaptation
![Page 4: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/4.jpg)
Schema
• Models the structure of
information
• Tacit knowledge to use
to interpret ambiguous
situations
• Models properties to
maintain despite
adaptation
MetaobjectsInvariant
Properties
Contract
checker
SCHEMA
CheckUse
Regulate
Core Part
Adaptable
part
![Page 5: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/5.jpg)
Frame
• The set of core and
adaptable components
• Contains the pre and
post conditions of the
contract
Contract
checkerCheck
Adaptable
pattern
Core Part
Adaptable
part FRAME
Pre-conditions
Post-conditions
Adaptation manager
Drive Adaptation
![Page 6: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/6.jpg)
Adaptation manager
• Embeds the contract
checker managing
metaobjects at runtime
• Contains the adaptable
mechanism to manage
metaobjects
Contract
checkerCheck
Adaptable
pattern
Core Part
Adaptable
part FRAME
Pre-conditions
Post-conditions
Adaptation manager
Drive Adaptation
![Page 7: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/7.jpg)
Instantiated
approach
Instantiation of
AC-contract
based on user’s
requeriments
specification
![Page 8: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/8.jpg)
Requirements
High-level requirements
• Expressed according to
structured english grammar in
term of specification patterns
Operational requirements
• Formalized exploiting the
structure of specification
patterns
![Page 9: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/9.jpg)
Derivation of operational requirements
• e={Events/states}: Local properties
• SP: Specification patterns• Absence(P)
• Universality(P)
• BoundedExistence(P,n)
• Response(P,S)
• Precedence(P,S)
• ResponseChain1N(P,S,T1,..TN)
• ResponseChainN1(S,T1,..TN,P)
• PrecedenceChain1N (S, T1,..TN,P)
• PrecedenceChainN1 (P,S,T1,..TN)
• SC: Scope• Globally
• Before(R)
• After(Q)
• Between(Q,R)
• After(Q,R)
![Page 10: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/10.jpg)
Requirement specification
• reqspec= (instsc(sc,locprop) , instsp(sp,locprop))
• instsc(sc,locprop)
• maps a scope into a list of local properties
• instantiate the scope according to state/events in locprop
• instsp(sp,locprop)
• maps a pattern into a list of local properties
• instantiates the pattern according to states/events in locprop
![Page 11: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/11.jpg)
Requirement specification: an example
High-level requirement
’’The system creates an
album with the name of
signalled points of
interest only when the
multimedia files have
been already stored’’
Operational requirement
•e={e1,e2}• e1= ‘’the system creates an
album with the name of
signalled points of interest’’
• e2= ‘’the multimedia files
have been already stored’’
• SC: Globally
• SP: Precedence (P,S)
![Page 12: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/12.jpg)
Structured english grammar for req
• Globally, if ’the system creates an album with the name
of signalled points of interest’’ then it must have been
the case that ’’the multimedia files have been already
stored before ‘’the system creates an album with the
name of signalled points of interest ‘’
![Page 13: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/13.jpg)
XML fileXML file
Reflection Module
Main features
• Implements Reflection
pattern
• Deploys and executes
adaptable components
• Uses metainformation
about the extensions
Control flow of reflection module
Read XML
Reflection
client
Reflection
server
Runtime
component
call
XML file
<name></name>
<path></path>
<condition></condition>
File1.xml
File2.xml.
File3.xml
…..
frame1 frame2 framen
![Page 14: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/14.jpg)
Contract checking module
• Checks the contract
triple
• Core components of
the schema embed the
invariant of the
contract
• Each component
encodes
pre/postcondition pair
XML based
Contract
Checker
Reflection
Pattern
SchemaInvariant
Adaptable
apps
Core apps
Precondition
Frame1
Postcondition
Precondition
Frame2
Postcondition……..
Precondition
Framen
Postcondition
Precondition
Framen+1
Postcondition
……..
![Page 15: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/15.jpg)
Mobile Adaptable architecture
• Traveller: Android application for traveller assistance
• Architectural issues:
• Native/hybrid mobile architecture
• Dynamic deployment
• Executable code downloaded and executed on the device
• Innovative issues:
• Implementation of contract verification on Android platform
• Use of android Intents to manage events pre and post conditions.
![Page 16: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/16.jpg)
Traveller
AC-contract
• Schema
• Frames
• Contract checking
• Adaptable Pattern
Android instantiation
• Android container
• Apk files implementing
Activities
• XMLparser
• Reflection pattern
![Page 17: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/17.jpg)
Derivation of operational requirements
• Globally, if ‘’the systemcreates an album with the name of signalledpoints of interest’’ thenit must have been the case that ’’the multimedia files havebeen already storedbefore ‘’the systemcreates an album with the name of signalledpoints of interest ‘’
• precondition• P= ‘’the system creates an
album with the name of signalled points of interest’’
• postcondition• S= ’the multimedia files
have been already stored’’
![Page 18: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/18.jpg)
Precondition P
• P is managed using Android Intent: image capture
• Precondition P is split in:• The user wants to take a photo
• The photo is taken
• The user accepts the photo
• Low level precondition encoding :
• Event Photo ← onClick()
• setAction (i←Intent(Action_Image_capture))
• startActivity(i,Capture_active_request_code)
![Page 19: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/19.jpg)
Precondition check
• User activates the app
• If some event occurs that satisfies a requirement
• Precondition is checked to find an app satisfying the requirement
• The app is downloaded and executed by Reflection on the device
![Page 20: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/20.jpg)
Postcondition S
• Is encoded in the deployed app and checked after app
execution
• Low level postcondition encoding:
• the number of stored multimedia files on the device has increased
• Implemented using a user defined function to count the multimedia
files stored on the device’s memory
![Page 21: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/21.jpg)
Postcondition check
• S is checked after the app execution:
• The album with multimedia data has been created
• S is verified if creation of album has been performed
![Page 22: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/22.jpg)
AC-contract reasoning algorithm
App activation and execution
• Life-cycle of android app:
run from Activity
• Intent activates Events:
• A component requires the
execution of an Action by
another component
Algorithm AC-Contract
• begin
• Intent Definition
• Event Photo
• setAction(Intent)
• StartActivity(Capture_image)
• If result
• If XML ContractChecking Then
• DownloadAPK
• ReflectionCall
• CreateAlbum
• CheckPostCondition
• End
![Page 23: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/23.jpg)
Contract checking
XML file descriptor managing
• Contract checking is
managed through an XML
file descriptor:
• Each app that can be
invoked by the main
container has a XML file
descriptor
• A FTP server stores the XML
file descriptors
Contract checking algorithm
Begin
XMLParser
While nextFile XML do
getXML fromURL
For i=1..nodelistlength
Getitem
Precondition← getvalue
If CheckPrecondition then
getnameclassTag
getpathnameTag
Download
end
![Page 24: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/24.jpg)
Reflection Module
• Reflection enable the call of methodsbelonging to differentAndroid classes
• Container connects to the address of the app
• Address is returnedfrom the XML parser
• App is deployed to device container and executed on the device
![Page 25: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/25.jpg)
Conclusion
• We propose AC-contract:
• A run-time verification approach for modeling and verifying run-time
requirements of adaptable software systems
• Based on:
• Design-by-contract
• Reflection pattern
• Models operational requirements using
• Specification patterns
• Local properties
• Starting from high-level requirements identifies properties
that locally hold on single parts of the system
• Methodology is validated on a mobile application
![Page 26: AC-contract: Run-time verification of context-aware ... · AC-CONTRACT: RUN-TIME VERIFICATION OF CONTEXT-AWARE APPLICATIONS Marina Mongiello1,Patrizio Pelliccione2, Massimo Sciancalepore1](https://reader033.fdocuments.net/reader033/viewer/2022060405/5f0f2b707e708231d442d4b8/html5/thumbnails/26.jpg)
Future work
• We are currently working to extend the approach on the
theoretical basis and on experimental application:
• Extend the approach for compositional and incremental verification
• Instantiate the approach in implementative platform:
• Sensor networks
• Internet of things