Upload
emerald-parrish
View
225
Download
0
Embed Size (px)
Citation preview
Parameterized Models for Distributed Java Objects
Tomás Barros & Rabéa BoulifaOASIS Project
INRIA Sophia AntipolisApril 2004
Agenda
• Main Goal
• Parametrized Models
• Generation of Models
• Properties
• Study Case
• Conclusion
• Perspectives
Main Goal
Analysis and Verification of Behavioural Properties of Distributed (Java) Systems
– Naturally description of realistic distributed systems
– (Semi) Automatic model generation from source code
– Hierarchy & Compositionability
Rabea
Tomás
Aims SnapshotInformal
Requirements
Model Checker
Source
Code
(ProActive)
Architecture
(parameterized)
Properties
(parameterized)
Instantiations
Abstract
Source CodeAbstraction
Architecture
(parameterized)
Static Analysis
Parameterized Models
ProActive library• Active objects communicate by
Remote Method Invocation.
• Each active object:
• has a request queue (always accepting incoming requests)
• has a body specifying its behaviour (local state and computation, service of requests, submission of requests)
• manages the « wait by necessity » of responses (futures)
!Serv_m(args)• request served (executed and removed)
• response received
!Serv_m(args)
Method Calls : informal diagram
• method call
Current object i Remote object j
• request arriving in the queue
!Req_m(args)
?Req_m(args)
!Rep_m(val)
?Rep_m(val)
!Req_m(args)
?Req_m(args)
?Rep_m(val)
• response sent back !Rep_m(val)
Parameterized Networks
• O= {Oi} a set of active object classes.• Dom(Oi) a set of instantiations of each class (by abstraction
of creation parameters).
Req(args)
Rep(v)
Behaviour pLTS
Queue pLTSActive Object i
Active Object j
Ai Qi
serve
Pi
Requse
Aj Qj
serve
Pj
Requse
Parameterized Synchronisation Networks
Networks of synchronised pLTSs• Parametrized Labelled transition systems, pLTSs= LTSs with guarded parameterized transitions
• 1 pNet per activity=pLTS body + pLTS queue + pLTS proxy
• Labels= Requests/Responses (method name + finite abstraction of parameters)• Construction by rules, based on the eXtended Method
Call Graph.
eXtended Method Call Graph
MCG=<id, V, C, T >
method name nodes call edges transfer edges
pa
nodes { ent(m, args), pp(lab), ret(val), call(var, o.m, ags), use(val), serve(mset, pred) }
with o typed as remote or local
It encodes both the usual control flow usual in MCG (resolution of class analysisand of method calls), and the data low relative to interesting parameters.
Buffer XMCG
Procedure
• Global Network: analyse the source code of the application, parameterized by some finite abstraction of parameters.
• For each Active Object Class (with all required passive classes):
– build the eXtended Method Call Graph, XMCG– compute the sequential pLTS, using rules– for each use node construct the proxy "Future" pLTS– generate the request queue pLTS– Combine the pLTSs (the body, the queue and the
proxy).
• Property: For a finite data abstraction Termination guarantied
Algorithm… rules
Call rule
• If o is remote, we simply generate a send message !o.Q_m(this, f, args) encoding the method name, its status and its (abstracted) param. with future var.
• else the message !o.Call_m(args) is sent to the method proccess and according to the return value is void or no the response is awaited or no.
Consumer Network
Buffer Network
Buf.Body
put
Buf.Queue
get
Parameterized Property
True/False + diagnosticTrue/False + diagnostic
Electronic Invoices in Chile
Electronic Invoices in Chile
• 15 parameterized automata
• 4 level of hierarchy
• state explosion: grouping, hiding, reduction by bisimulation
• 7 properties successful verified (after fixing the model)
Conclusions
• Outlined a graphical language
• Developed instantiating tool
• Generation of model from ProActive source code
•Validated our approach into a realistic application
Perspectives
• Refine the language and formalise the abstractions
• Parameterized verification and pre-order relation
• Components and dynamic binding/creation
• On-the-fly model checking and graphical editor (currently started)
Thank you
Tomás Barros
Rabea Boulifa
Vercors: http://www-sop.inria.fr/oasis/Vercors
ProActive: http://www-sop.inria.fr/oasis/ProActive