Introduction to Graph Transformation
Estonian Summer School on Computer and Systems Science
Lecture 1Arend Rensink, University of Twente
ESSCASS, 25 August 2008Introduction to Graph
Transformation2
Lectures & assignments
1. Introduction to Graph Transformation
A. Some puzzles and games
2. Graph-Based Operational SemanticsB. Semantics of a small language
3. Graph-Based Model Checking
ESSCASS, 25 August 2008Introduction to Graph
Transformation3
What
• The verification question:1. Given a requirement (in some logic)2. Given a system model M (in some
language that admits a semantic of the logic)
3. Does M satisfy ? (notation: M ² )
• In this course:1. Versions of temporal logic
• Safety: invariants, no exceptions thrown• Liveness: termination, fairness
2. Graph grammars as modelling language3. Model checking as basic technique
ESSCASS, 25 August 2008Introduction to Graph
Transformation4
Why
• Why verification?– Design/implementation-time sanity check
(precedes testing in software development)
– But: integration in design process not easy (due to absence of models)
– Hence: software verification• Why graph transformation?– Graphs are natural for the domain– Easier to grasp for non-specialist– Captures dynamic states (heap, stack)
ESSCASS, 25 August 2008Introduction to Graph
Transformation5
Example: Circular buffer
• Data structure module as subsystem• Model the essence– Structure captured by type graph (classes)
• Buffer cells linked in cycle• Each cell may contain a value (an object)• Pointers to first and last elements• Further data invariants
– Instances captured by graphs
• Dynamics defined by operations– E.g., insertion and deletion– Captured by changes in graphs
ESSCASS, 25 August 2008Introduction to Graph
Transformation6
Example type graph
• Node for each type• Labelled edge for each “property”– Edge label = property name
• Possible: multiplicities– These graphs are deterministic
Buffer
Cell
next
first
Objectval
last
11 1
0..1
ESSCASS, 25 August 2008Introduction to Graph
Transformation7
Example instance graph
• Snapshot of concrete data (on the heap)– Four-cell buffer, of which 2 cells filled
• Type information & multiplicities satisfied– There are many more invariant properties!
BufferCell
Cell
Cell
Cellnext
next next
next
lastfirst
Object
Objectval
val
ESSCASS, 25 August 2008Introduction to Graph
Transformation8
Graphs, formally
• Tuple <L,V,E>– L: set of labels– V: set of nodes (vertices)– E µ V £ L £ V: set of binary, labelled
edges– No node labels (but self-edges mimic
them)
• Example
Cell
Cell
next
Objectval
L = {Call, Object, next, val}V = {1, 2, 3}E = { (1,Cell,1), (2,Object,2), (3,Cell,3),
(1,val,2), (1,next,3) }Choice of identities is irrelevant
1
2
3
ESSCASS, 25 August 2008Introduction to Graph
Transformation9
Graph morphisms
• Consider G = <LG,VG,EG> and H = <LH,VH,EH>
• Morphisms f: G ! H– functions fV: VG ! VH and fE: EG ! EH
– preserve structure: fE(v,a,w) = (fV(v), a, fV(w))
• Isomorphism– fV and fE are bijective– Abstraction from node identities
• Partial morphism– f does not have an image for all elements of G
ESSCASS, 25 August 2008Introduction to Graph
Transformation10
Typing: total morphism to type graph
1
2
3
6
5 74
BufferCell
Cell
Cell
Cellnext
next next
next
lastfirst
Object
Objectval
val
Buffer
Cell
next
first
Objectval
last
1
3
2fV = { (1,3),
(2,1), (3,1), (4,1), (5,1),(6,2), (7,2)}
Type graph
Source graph
11 1
0..1
Multiplicities not regarded
ESSCASS, 25 August 2008Introduction to Graph
Transformation11
Example invariant properties
• The Cells of a Buffer form a cycle• All Cells are connected to a Buffer• Either first is pointing to a filled Cell, or
the Buffer is empty (no Cells are filled)• Either the next of a filled Cell is filled,
or the Cell is the last• If the next Cell is filled and it is not the
first, then this Cell is also filled• No Objects are shared between Cells
(?)
ESSCASS, 25 August 2008Introduction to Graph
Transformation12
Data structure operations
• What does a “put” operation do?– Move the last pointer to the next Cell– Attach an Object to the (now) last Cell– In this model, we create a fresh Object– Only if this next Cell did not have a val
yet!• What does a “get” operation do?– Delete the val of the first Cell– Move the first pointer to the next Cell– Only if the first Cell had a val!
• What does an “extend” operation do?– Insert a new Cell after the current last
ESSCASS, 25 August 2008Introduction to Graph
Transformation13
Graph transformations
• The operations are graph changes– These can be captured as changes
• What has to be removed• What has to be added
– In addition: where in the host graph• E.g., for “get”: (simultaneously)– Identify b and c connected by a first edge– Remove the val-edge and Object at c – Remove the first edge pointing to c– Add a first edge from b to the next w.r.t.
c • This constitutes a transformation rule
ESSCASS, 25 August 2008Introduction to Graph
Transformation14
Example production rule
Single-graph representation of <put>
Buffer Cell
Cell
Object
next
val
val
last
last
Object
blue = eraser:to be matched and
deleted
green = creator:
to be added
black = reader:to be matched and
preserved
red = embargo:forbidden
ESSCASS, 25 August 2008Introduction to Graph
Transformation15
Equivalent rule syntax
Buffer Cell
Cell
nextlast
Object
val
Right Hand Side(RHS)
Left Hand Side(LHS)
Buffer Cell
Cell
nextlast
Negative Application Condition (NAC)
Buffer Cell
Cell
nextlast
Object
val
Buffer Cell
Cell
Object
next
val
vallast
last
Object
Single-graph:
Multi-graph:Partial graph morphisms
ESSCASS, 25 August 2008Introduction to Graph
Transformation16
Production rules
• Partial morphism p: L R– L \ dom(p): elements to be deleted– R \ cod(p): elements to be added– Non-injectivity (f(x)=f(y) for x y):
merging
• Rule application to host graph G: – Find total matching m: L G
• Multiple matchings are possible– Subtract m-image of L from G– Add R disjointly to result
• Partial morphisms h: G H, m’: R H
ESSCASS, 25 August 2008Introduction to Graph
Transformation17
Example rule application
Buffer
Cell Cell
Cell
first | last
next
next
next
Objectval
Buffer
Cell Cell
Cell
last
firstnext
next
next
Objectval
Object
val
Buffer
Cell
Cell
Object
next
val
val
last
last Object
matching
tran
sition
ESSCASS, 25 August 2008Introduction to Graph
Transformation18
Transitions: Partial morphisms
1
2
3
6
5 7
4
BufferCell
Cell
Cell
Cell
next
next next
next
last
first
Object
Objectval
val
1
2
3
6
5
4
BufferCell
Cell
Cell
Cell
next
next next
nextlastfirst
Objectval
1 cell filled
2 cells filled
<put>
<get>
fV = { (1,1),(2,2), (3,3), (4,4),
(5,5),(6,6)}
fE partial on edge (1,last,2)
fV = { (1,1),(2,5), (3,2), (4,3), (5,4),(7,6)}
fV partial on node 6 fE partial on several edges
ESSCASS, 25 August 2008Introduction to Graph
Transformation19
Negative application conditions
Buffer Cell
Cell
nextlast
Object
val
Buffer Cell
Cell next
last
BufferCell
Cell
Cell
Cellnext
next next
next
lastfirst
Object
Objectval
val
Objectval
Object
val
• Here the rule should not be applicable!
How to rule out this matching?
LHS RHS
Buffer Cell
Cellnext
last
Object
val
NAC
m
n
There exists a total morphism
g: NAC G such that
m = g n(g factors m through n)
Gg
ESSCASS, 25 August 2008Introduction to Graph
Transformation20
Kinds of NACs
• Merge embargoes: force injectivity– Non-injective morphism n: LHS NAC– n(v1) = n(v2) rules out m(v1) = m(v2); hence
v1 and v2 must be matched injectively
• Edge embargoes: forbid edges– Edge not in image of n: LHS NAC– (v1,lab,v2) LHS and (n(v1),lab,n(v2)) NAC
imply (m(v1),lab,m(v2)) G
• General NACs: forbid larger subgraphs– Multiple NACs per rule
ESSCASS, 25 August 2008Introduction to Graph
Transformation21
forbidden
Graph Productions
Production rule
source graph
matching
Graph transition
src(t) tgt(t)morph(t) target
graph
pushout
NACNACNACs
(SPO = Single Pushout Approach)
LHS RHSrule morphism
(partial)
ESSCASS, 25 August 2008Introduction to Graph
Transformation22
Example production rule (again)Single-graph representation of <put>
Buffer Cell
Cell
Object
next
val
val
last
last
Object
blue = eraser:LHS, not RHS;
to be matched and deleted
green = creator:
RHS, not LHS;to be added
black = reader:LHS and RHS;
to be matched and preserved
red = embargo:
NAC, not LHS;forbidden
blue = eraser:to be matched and
deleted
green = creator:
to be added
black = reader:to be matched and
preserved
red = embargo:forbidden
ESSCASS, 25 August 2008Introduction to Graph
Transformation23
Graphs as states
• Every graph represents a snapshot– State of the system
• Every rule application changes the graph– Transition of the system
• Together form a state/transition system– Captures the system behaviour– Basis for verification
• Exercise: state space of a 4-cell buffer – No “extend” operations
• Will “put-get” return to the same graph?
ESSCASS, 25 August 2008Introduction to Graph
Transformation24
Graph transition system
BufferCell
Cell
Cell
Cellnext
next next
nextfirst, last
Objectval
<put>
<get>
BufferCell
Cell
Cell
Cellnext
next next
next
last
first
Object
Objectval
val
Objectval
<put>
<get>
BufferCell
Cell
Cell
Cellnext
next next
next
lastfirst
Object
Objectval
val
Objectval
Object
val
<put>
<get>
<put>
<get>BufferCell
Cell
Cell
Cellnext
next next
nextfirst
last
BufferCell
Cell
Cell
Cellnext
next next
next
lastfirst
Object
Objectval
val
ESSCASS, 25 August 2008Introduction to Graph
Transformation25
GROOVE Demo
ESSCASS, 25 August 2008Introduction to Graph
Transformation26
Example rule application
1
2
36
54
BufferCell
Cell
Cell
Cell
next
next next
nextlastfirst
Objectval
Buffer Cell
Cell
nextlast
3
2
1 Buffer Cell
Cell
nextlast
Object
val
4
5
6
7L R
G
1
2
36
5 74
BufferCell
Cell
Cell
Cell
next
next next
next
last
first
Object
Objectval
val
H
p
m m’
h
(1,4), (2,5), (3,6)
(1,1), (2,2), (3,3)
(1,1), (2,2), (3,3), (4,4), (5,5) (6,6)
(4,1), (5,2), (6,3), (7,7)
• General requirement: h m = m’ p
ESSCASS, 25 August 2008Introduction to Graph
Transformation27
Rule application: variation 1
1
2
36
54
BufferCell
Cell
Cell
Cell
next
next next
nextlastfirst
Objectval
Buffer Cell
Cell
nextlast
3
2
1 Buffer Cell
Cell
nextlast
Object
val
4
5
6
7L R
G
2
5
14
3 98
BufferCell
Cell
Cell
Cell
next
next next
next
last
first
Object
Objectval
val
H’
p
m m’
h
(1,4), (2,5), (3,6)
(1,1), (2,2), (3,3)
(1,2), (2,5), (3,1), (4,8), (5,3) (6,4)
(4,2), (5,5), (6,1), (7,9)
• Also correct: H H’
ESSCASS, 25 August 2008Introduction to Graph
Transformation28
Rule application: variation 2
1
2
36
54
BufferCell
Cell
Cell
Cell
next
next next
nextlastfirst
Objectval
Buffer Cell
Cell
nextlast
3
2
1 Buffer Cell
Cell
nextlast
Object
val
4
5
6
7L R
G
1
2
3
54
BufferCell Cell
Cellnext
nextnext
next
last
first
H
p
m m’
h
(1,4), (2,5), (3,6)
(1,1), (2,2), (3,3)
(1,1), (2,2), (3,3), (4,4), (5,5)
(4,1), (5,2), (6,3)
• What’s wrong? h m = m’ p fulfilled!
ObjectCellval 6
ESSCASS, 25 August 2008Introduction to Graph
Transformation29
Criteria for the target graph
• Should be the “minimal complete” one– Complete: elements kept when possible– Minimal: no spurious elements
• Universal property: Pushout
– Minimal because it’s “smaller” than the others– Complete because the subdiagrams commute
that’s the one!
rule (p)
matching (m)
diagramcommutes
(hm = m’p) wrong alternative
ESSCASS, 25 August 2008Introduction to Graph
Transformation30
Example pushouts
BAb
1 2 1 CAc
2
BAb
4 5
B 6b
aCA
c4 5
B 6b
a
BAb
1 2 1 CAc
3
BAb
4 5
B 6b
aCA
c4 7
B 6b
AAa
1 2 1 CAc
2
BAb
4 5a
BCb
4 5c
(1,4),(2,4)
(1,4),(2,5)
AAa
1 2 1 CAc
3
BAb
4 5a
BC6 5
(1,4),(2,4)
(1,4),(2,5)
Aa
1 2 1 A 2
AB
b
4 5
(1,4),(2,5)
BAb
4 5a
A
x1
2 3
y
A1
2 3
x,y
A4
5
x,y
A4
5
x,y
(1,4),(2,5),(3,5)
x-edge not mapped!
Lessons: - Pushouts always exist- Leave no dangling edges- Deletion always wins
ESSCASS, 25 August 2008Introduction to Graph
Transformation31
Principles of SPO transformation• What happens upon node deletion– All incident edges are deleted
• What happens upon node merging– Incident edges are copied to merged
nodes
• What happens for non-injective matches– Node deletion wins over preservation– Edge creation wins over deletion
ESSCASS, 25 August 2008Introduction to Graph
Transformation32
Assignment A: Hands-On
• Download GROOVE– sf.net/projects/groove
• Model the following games/puzzles:– Wolf-Goat-Cabbage (WGC)– Solitaire– Pacman– Ludo (see course notes)
(Answers are available as downloads)• Specify properties of WGC– Type graphs– Invariants
ESSCASS, 25 August 2008Introduction to Graph
Transformation33
Seen today
• Graphs and morphisms– Graphs: Tuples of nodes, labels, edges– Morphisms: node and edge mappings– State invariants as graph properties
• Graph transformation rules– Single-graph and multi-graph representation– Rule applications as pushouts– Negative application conditions
• GROOVE tool– State space generation – Graphs as states– Graph productions as transitions