Lecture 09: Live Sequence Charts 2015-06-11 Prof. Dr. Andreas - PowerPoint PPT Presentation

Softwaretechnik / Software-Engineering Lecture 09: Live Sequence Charts 2015-06-11 Prof. Dr. Andreas Podelski, Dr. Bernd Westphal – 09 – 2015-06-11 – main – Albert-Ludwigs-Universit¨ at Freiburg, Germany

Contents & Goals Last Lecture: • Scenarios and Anti-Scenarios • User Stories, Use Cases, Use Case Diagrams • LSC: abstract and concrete syntax This Lecture: • Educational Objectives: Capabilities for following tasks/questions. • Which are the cuts and firedsets of this LSC? • Construct the TBA of a given LSC body. • Given a set of LSCs, which scenario/anti-scenario/requirement is formalised by them? • Formalise this positive scenario/anti-scenario/requirement using LSCs. • Content: – 09 – 2015-06-11 – Sprelim – • Excursion: automata accepting infinite words • Cuts and Firedsets, automaton construction • existential LSCs, pre-charts, universal LSCs • Requirements Engineering: conclusions 2 /50

Recall: LSC Body Syntax LSC Body Example • L : l 1 , 0 ≺ l 1 , 1 ≺ l 1 , 2 ≺ l 1 , 3 , l 1 , 2 ≺ l 1 , 4 , l 2 , 0 ≺ l 2 , 1 ≺ l 2 , 2 ≺ l 2 , 3 , l 3 , 0 ≺ l 3 , 1 ≺ l 3 , 2 , l 1 , 1 ≺ l 2 , 1 , l 2 , 2 ≺ l 1 , 2 , l 2 , 3 ≺ l 1 , 3 , l 3 , 2 ≺ l 1 , 4 , l 2 , 2 ∼ l 3 , 1 , • I = {{ l 1 , 0 , l 1 , 1 , l 1 , 2 , l 1 , 3 , l 1 , 4 } , { l 2 , 0 , l 2 , 1 , l 2 , 2 , l 2 , 3 } , { l 3 , 0 , l 3 , 1 , l 3 , 2 }} , • Msg = { ( l 1 , 1 , A, l 2 , 1 ) , ( l 2 , 2 , B, l 1 , 2 ) , ( l 2 , 2 , C, l 3 , 1 ) , ( l 2 , 3 , D, l 1 , 3 ) , ( l 3 , 2 , E, l 1 , 4 ) } • Cond = { ( { l 2 , 2 } , c 2 ∧ c 3 ) } , • LocInv = { ( l 1 , 1 , ◦ , c 1 , l 1 , 2 , • ) } I 1 I 2 I 3 A c 1 C B c 2 ∧ c 3 – 08 – 2015-06-08 – Slscsyn – – 09 – 2015-06-11 – main – D E 29 /78 3 /50

– 09 – 2015-06-11 – main – LSC Semantics 4 /50

The Big Picture • Recall : decision tables • By the standard semantics, a decision table T is software , α 1 α 2 � T � = { σ 0 − → σ 1 − → σ 2 · · · | · · · } is a set of computation paths. – 09 – 2015-06-11 – Slsc – 5 /50

The Big Picture • Recall : decision tables • By the standard semantics, a decision table T is software , α 1 α 2 � T � = { σ 0 − → σ 1 − → σ 2 · · · | · · · } is a set of computation paths. • Recall : Decision tables as software specification: But We Want A Software Specification , Don’t We...? – 07 – 2015-05-21 – Set – 16 /54 – 09 – 2015-06-11 – Slsc – 5 /50

The Big Picture • Recall : decision tables • By the standard semantics, a decision table T is software , α 1 α 2 � T � = { σ 0 − → σ 1 − → σ 2 · · · | · · · } is a set of computation paths. • Recall : Decision tables as software specification: But We Want A Software Specification , Don’t We...? – 07 – 2015-05-21 – Set – 16 /54 • We want the same for LSCs. – 09 – 2015-06-11 – Slsc – 5 /50

The Big Picture • Recall : decision tables • By the standard semantics, a decision table T is software , α 1 α 2 � T � = { σ 0 − → σ 1 − → σ 2 · · · | · · · } is a set of computation paths. • Recall : Decision tables as software specification: But We Want A Software Specification , Don’t We...? – 07 – 2015-05-21 – Set – 16 /54 • We want the same for LSCs. – 09 – 2015-06-11 – Slsc – • We will give a procedure to construct for each LSC L an automaton B ( L ) . The language (or semantics) of L is the set of comp. paths accepted by B ( L ) . Thus an LSC is also software. 5 /50

The Big Picture • Recall : decision tables • By the standard semantics, a decision table T is software , α 1 α 2 � T � = { σ 0 − → σ 1 − → σ 2 · · · | · · · } is a set of computation paths. • Recall : Decision tables as software specification: But We Want A Software Specification , Don’t We...? – 07 – 2015-05-21 – Set – 16 /54 • We want the same for LSCs. – 09 – 2015-06-11 – Slsc – • We will give a procedure to construct for each LSC L an automaton B ( L ) . The language (or semantics) of L is the set of comp. paths accepted by B ( L ) . Thus an LSC is also software. • Problem : computation paths may be infinite → B¨ uchi acceptance. 5 /50

Excursion: Symbolic Büchi Automata – 09 – 2015-06-11 – main – 6 /50

From Finite Automata to Symbolic Büchi Automata A : B : Σ = { 0 , 1 } Σ = { 0 , 1 } 0 0 B¨ uchi q 1 q 2 q 1 q 2 infinite words 1 1 B ′ : 0 Σ = { 0 , 1 } 1 q 1 q 2 symbolic 1 0 symbolic A sym : B sym : Σ = ( { x } → N ) Σ = ( { x } → N ) even ( x ) even ( x ) B¨ uchi – 09 – 2015-06-11 – Stba – q 1 q 2 q 1 q 2 infinite words odd ( x ) odd ( x ) 7 /50

Symbolic Büchi Automata Definition. A Symbolic B¨ uchi Automaton (TBA) is a tuple B = ( C , Q, q ini , → , Q F ) where • C is a set of atomic propositions, • Q is a finite set of states , • q ini ∈ Q is the initial state, • → ⊆ Q × Φ( C ) × Q is the finite transition relation . Each transitions ( q, ψ, q ′ ) ∈ → from state q to state q ′ is labelled with a formula ψ ∈ Φ( C ) . – 09 – 2015-06-11 – Stba – • Q F ⊆ Q is the set of fair (or accepting) states. 8 /50

Run of TBA Definition. Let B = ( C , Q, q ini , → , Q F ) be a TBA and w = σ 1 , σ 2 , σ 3 , · · · ∈ ( C → B ) ω an infinite word, each letter is a valuation of C B . An infinite sequence ̺ = q 0 , q 1 , q 2 , . . . ∈ Q ω of states is called run of B over w if and only if • q 0 = q ini , • for each i ∈ N 0 there is a transition ( q i , ψ i , q i +1 ) ∈→ s.t. σ i | = ψ i . – 09 – 2015-06-11 – Stba – B sym : Σ = ( { x } → N ) even ( x ) Example : q 1 q 2 odd ( x ) 9 /50

The Language of a TBA Definition. We say TBA B = ( C , Q, q ini , → , Q F ) accepts the word w = ( σ i ) i ∈ N 0 ∈ ( C → B ) ω if and only if B has a run ̺ = ( q i ) i ∈ N 0 over w such that fair (or accepting) states are visited infinitely often by ̺ , i.e., such that ∀ i ∈ N 0 ∃ j > i : q j ∈ Q F . We call the set Lang ( B ) ⊆ ( C → B ) ω of words that are accepted by B the language of B . – 09 – 2015-06-11 – Stba – 10 /50

Example run: ̺ = q 0 , q 1 , q 2 , . . . ∈ Q ω s.t. σ i | = ψ i , i ∈ N 0 . q 1 ¬ a a b ∧ ¬ φ q 2 ¬ b b ∧ φ q 3 ¬ ( c ∨ e ) c ∧ e q 4 ¬ ( d ∨ f ) d ∧ ¬ f f ∧ ¬ d ¬ f q 5 q 6 d ∧ f ¬ d – 09 – 2015-06-11 – Stba – f d q 7 true 11 /50

LSC Semantics: TBA Construction – 09 – 2015-06-11 – main – 12 /50

LSC Semantics: It’s in the Cuts! – 09 – 2015-06-11 – Scutfire – 13 /50

LSC Semantics: It’s in the Cuts! Let (( L , � , ∼ ) , I , Msg , Cond , LocInv , Θ) be an LSC body. Definition. A non-empty set ∅ � = C ⊆ L is called a cut of the LSC body iff C • is downward closed , i.e. ∀ l, l ′ ∈ L • l ′ ∈ C ∧ l � l ′ = ⇒ l ∈ C, • is closed under simultaneity , i.e. ∀ l, l ′ ∈ L • l ′ ∈ C ∧ l ∼ l ′ = ⇒ l ∈ C , and • comprises at least one location per instance line , i.e. ∀ I ∈ I • C ∩ I � = ∅ . – 09 – 2015-06-11 – Scutfire – 13 /50

LSC Semantics: It’s in the Cuts! Let (( L , � , ∼ ) , I , Msg , Cond , LocInv , Θ) be an LSC body. Definition. A non-empty set ∅ � = C ⊆ L is called a cut of the LSC body iff C • is downward closed , i.e. ∀ l, l ′ ∈ L • l ′ ∈ C ∧ l � l ′ = ⇒ l ∈ C, • is closed under simultaneity , i.e. ∀ l, l ′ ∈ L • l ′ ∈ C ∧ l ∼ l ′ = ⇒ l ∈ C , and • comprises at least one location per instance line , i.e. ∀ I ∈ I • C ∩ I � = ∅ . The temperature function is extended to cuts as follows: , if ∃ l ∈ C • ( ∄ l ′ ∈ C • l ≺ l ′ ) ∧ Θ( l ) = hot � – 09 – 2015-06-11 – Scutfire – hot Θ( C ) = cold , otherwise that is, C is hot if and only if at least one of its maximal elements is hot. 13 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50

Cut Examples ∅ � = C ⊆ L — downward closed — simultaneity closed — at least one loc. per instance line I 1 I 2 I 3 l 1 , 0 l 2 , 0 l 3 , 0 E l 1 , 1 φ l 2 , 1 F l 2 , 2 l 3 , 1 – 09 – 2015-06-11 – Scutfire – G l 1 , 2 l 2 , 3 14 /50