Renate Ristov Fachgebiet Softwaretechnik Prof. Dr. Wilhelm Schäfer 17. Juli 2008 Synthesizing State...
-
Upload
madeline-bennett -
Category
Documents
-
view
218 -
download
2
Transcript of Renate Ristov Fachgebiet Softwaretechnik Prof. Dr. Wilhelm Schäfer 17. Juli 2008 Synthesizing State...
Renate Ristov
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
17. Juli 2008
Synthesizing State Machines from Live Sequence Charts
Software Quality and Safety
Renate Ristov Synthesis of State Machines from LSCs - 2
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferMotivation
Intra-object behaviorInter-object behavior
?
Renate Ristov Synthesis of State Machines from LSCs - 3
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferCoffee Vending Machine
Renate Ristov Synthesis of State Machines from LSCs - 4
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferPlay-in/Play-out
Renate Ristov Synthesis of State Machines from LSCs - 5
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferProblem of Consistency
Find an object system that satisfies the LSC specification: For every chart and every run, whenever the prechart holds
the run must satisfy the chart
LSC specification has to be consistent
Renate Ristov Synthesis of State Machines from LSCs - 6
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferDeciding Consistency
DFA for every LSC
Product Automaton
Eliminating Bad States and Transitions
Renate Ristov Synthesis of State Machines from LSCs - 7
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferNot Consistent Specification
Restricted messages: prep_coffee
Renate Ristov Synthesis of State Machines from LSCs - 8
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferDFA for every LSC
All messages without insert_coin
All messages not in the chart and not prep_coffee
Renate Ristov Synthesis of State Machines from LSCs - 9
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferProduct Automaton
Renate Ristov Synthesis of State Machines from LSCs - 10
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
DFA for every LSC
Product Automaton
Eliminating Bad States and Transitions
Renate Ristov Synthesis of State Machines from LSCs - 11
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Renate Ristov Synthesis of State Machines from LSCs - 12
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Renate Ristov Synthesis of State Machines from LSCs - 13
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Bad Transition: Environment Messages from Non-Accepting States
Renate Ristov Synthesis of State Machines from LSCs - 14
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Bad Transition: Environment Messages from Non-Accepting States
Renate Ristov Synthesis of State Machines from LSCs - 15
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Bad Transition: Environment Messages from Non-Accepting States
Bad State: Accepting States, where Environment Message leads to Deadlock
Renate Ristov Synthesis of State Machines from LSCs - 16
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Bad Transition: Environment Messages from Non-Accepting States
Bad State: Accepting States, where Environment Message leads to Deadlock
Renate Ristov Synthesis of State Machines from LSCs - 17
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
Bad Transition: System Messages from Accepting States
Bad Transition: Environment Messages from Non-Accepting States
Bad State: Accepting States, where Environment Message leads to Deadlock
Renate Ristov Synthesis of State Machines from LSCs - 18
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
Eliminating Bad States and Transitions
No object system found to satisfy the LSCs
LSC specification not consistent
Renate Ristov Synthesis of State Machines from LSCs - 19
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferCorrected Specification
Restricted messages: prep_coffee
Renate Ristov Synthesis of State Machines from LSCs - 20
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferGlobal System Automaton
Renate Ristov Synthesis of State Machines from LSCs - 21
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm Schäfer
DFA for every LSC
Product Automaton
Eliminating Bad States and Transitions
Distributing the Global System Automaton
Distributing the GSA
Renate Ristov Synthesis of State Machines from LSCs - 22
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferDistributing the GSA
Controller Object Controller Object in size of GSA Every Object size of 1
Full Duplication Every Object in size of GSA
Partial Duplication Every Object size smaller than GSA But overall at least size of GSA
Renate Ristov Synthesis of State Machines from LSCs - 23
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferComplexity
Size of Global System Automaton (GSA) is dependent on size of LSC specification Size of LSC specification dependent
• Number of Objects• Number of Charts• Number of Messages
Fix one number exponential in the size of other numbers Fix every number polynomial in the size of LSC
specification
Construction of GSA is polynomial in the size of GSA
Renate Ristov Synthesis of State Machines from LSCs - 24
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferDiscussion
Very simple LSCs: No variables No conditions No complex constructs like
alternatives, loops, etc.
For large systems too much time and space needed to be practical
Renate Ristov Synthesis of State Machines from LSCs - 25
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferAnother approach
Using smart play-out to find consistency Encode play-out in a transition system
(only one of many) Model Checking:
i i
Technique not complete: Another transition system can be correct, but the algorithm did not find it
LSCs have to be very detailed to bound the complexity
┐(EF(AG( for all universal charts m (active m = 1)))
Renate Ristov Synthesis of State Machines from LSCs - 26
Fachgebiet SoftwaretechnikProf. Dr. Wilhelm SchäferSummary
Object System satisfies LSC specification iff LSC specification is consistent Very simple LSCs Not practical for large systems
Another approach: Encoding with Smart Play-Out and Model Checking Richer LSCs Not complete
DFA for every LSC
Product Automaton
Eliminating Bad States and Transitions
Distributing the Global System Automaton