Workflow Verification Project

BY:Toomas KüttFraz TabassamJens Kaae Christensen

AND OR

Check Order

Get Products

Save OrderInformation in Archive

AssembleBundle

TestComputer

TestMonitor

AND

OR

a2_ch a3_cha1_ch

a2_ch

a4_cha5_ch

a5_ch

a8_ch

a7_ch

a9_cha10_cha11_ch

Check Order

Get Products

Save OrderInformation in Archive

AssembleBundle

TestComputer

TestMonitor

a2_cha3_cha1_ch

a2_ch

a4_cha5_ch

a5_ch

a8_ch

a7_ch

a9_cha10_cha11_ch

Variable declarations:

Number of running activity nodesint running;

Resources:int r1, r2, r3, r4, r5, r6;

Global declaration of channels:urgent chan letsstart, a1_channel, a2_channel, a3_channel, a4_channel, a5_channel, a7_channel, a8_channel, a9_channel, a10_channel, a11_channel;

Clocks(local, one for each activity):clock clock1, clock2, clock3, clock4, clock5, clock6;

Node declarations (Communicating Finite Automatas)

Figure 2: ActivityParameters:

- clock &processclock, - const int mintime,- const int maxtime, - int &resource,- urgent chan &in_channel,- urgent chan &out_channel

System declarations:

- CheckOrder = Activity(clock1,1,2,r1, letsstart, a1_channel);

- Split1 = ANDsplit(a1_channel, a2_channel);

- GetProducts = Activity(clock2,1,2,r2, a2_channel, a3_channel);

- SaveOrderInformInArchive = Activity(clock3,1,2, r3, a2_channel, a4_channel);

- Split2 = ORsplit(a3_channel, a5_channel);

- TestComputer = Activity(clock4,1,2, r4, a5_channel,a7_channel);

- TestMonitor = Activity(clock5,1,2, r5, a5_channel, a8_channel);

- Join1 = ORjoin(a7_channel, a8_channel, a9_channel);

- Join2 = ANDjoin(a4_channel, a9_channel, a10_channel);

- AssembleBundle = Activity(clock6, 1, 2, r6, a10_channel, a11_channel);

- end = EndNode(a11_channel);

Answers to questions:• Use UPPAAL to verify that:

 1) The end node will always be reached - A<> p: p holds in some state along every path - Query: A<> end.finished

 2) When the end node is reached no activities are waiting to get finished - A[] p: p holds in every reachable state - Query: A[] end.finished imply running == 0

 

3) The workflow is structurally incorrect if the implicit join is modeled as a merge- Query: A<> end.finished (deadlock)

4) Assemble bundle and get products may share a resource without conflict- A[] p: p holds in every reachable state- Query: A[] r6<2 : (property is satisfied)

 5) There is a conflict if “get products” and “save order information” share a resource - Query: A[] r2<2 : (property is not satisfied)

6) With time intervals [1,2] the entire workflow can be completed in 8 units - E<> p: p holds in some reachable state.- Query: E<> end.finished and clock1<=8- Query: A<> end.finished and clock1<=8

 

7) This still holds even if “save order information” gets interval [2,3] (explain why) - Same queries, “save order” set to [2,3]: - Query: E<> end.finished and clock1<=8

8) Show that “get products” is always executed before “assemble bundle” - A[] AssembleBundle.working imply GetProducts.finished

Thank You!