Software Design, Modelling and Analysis in UML Lecture 13: Core - PowerPoint PPT Presentation

Software Design, Modelling and Analysis in UML Lecture 13: Core State Machines IV 2012-12-12 – 13 – 2012-12-12 – main – Prof. Dr. Andreas Podelski, Dr. Bernd Westphal Albert-Ludwigs-Universit¨ at Freiburg, Germany

Contents & Goals Last Lecture: • System configuration • Transformer This Lecture: • Educational Objectives: Capabilities for following tasks/questions. • What does this State Machine mean? What happens if I inject this event? • Can you please model the following behaviour. • What is: Signal, Event, Ether, Transformer, Step, RTC. • Content: • Transformer cont’d • Examples for transformer – 13 – 2012-12-12 – Sprelim – • Run-to-completion Step • Putting It All Together 2 /48

System Configuration, Ether, Transformer – 13 – 2012-12-12 – main – 3 /48

S 0 = ( T 0 , C 0 , V 0 , atr 0 , E ) be a signature with signals, D 0 a structure of S 0 , ( Eth , ready , ⊕ , ⊖ , [ · ]) an ether over S 0 and D 0 . System Configuration C . S 0 , D 0 , and Eth is a pair Definition. Let D S × Eth Furthermore assume there is one core state machine M C per class C ∈ A system configuration over S = ( T 0 ˙ C } , C 0 , ( σ, ε ) ∈ Σ C } where ∪ { S M C | C ∈ • E 0 } , V 0 ˙ ∪ {� stable : Bool , − , true , ∅�} ˙ E 0 } | C ∈ C } , E 0 ) ∪ {� st C : S M C , + , s 0 , ∅� | C ∈ ˙ ∪ {� params E : E 0 , 1 , + , ∅ , ∅� | E ∈ D = D 0 ˙ C } , and – 12 – 2011-12-11 – Sstmsem – { C �→ atr 0 ( C ) D ( E 0 ) = ∅ for each u ∈ dom( σ ) and r ∈ V 0 . – 13 – 2012-12-12 – Sstmsem – ∪ { stable , st C } ∪ { params E | E ∈ ∪ { S M C �→ S ( M C ) | C ∈ • • σ ( u )( r ) ∩ 9 /60 4 /48

– 13 – 2012-12-12 – Sstmsem – 5 /48

Where are we? E [ n � = ∅ ] /x := x + 1; n ! F s 1 s 2 /n := ∅ F/x := 0 s 3 • Wanted : a labelled transition relation ( cons , Snd ) → ( σ ′ , ε ′ ) ( σ, ε ) − − − − − − − on system configuration, labelled with the consumed and sent events, ( σ ′ , ε ′ ) being the result (or effect) of one object u x taking a transition of its state machine from the current state mach. state σ ( u x )( st C ) . • Have : system configuration ( σ, ε ) comprising current state machine state and stability flag for each object, and the ether. • Plan : – 12 – 2011-12-11 – Sstmsem – (i) Introduce transformer as the semantics of action annotions. – 13 – 2012-12-12 – Sstmsem – Intuitively , ( σ ′ , ε ′ ) is the effect of applying the transformer of the taken transition. (ii) Explain how to choose transitions depending on ε and when to stop taking transitions — the run-to-completion “algorithm” . 14 /60 6 /48

D S 0 , D 0 , Eth . Transformer S the set of system configurations over some D D Definition. D ( C ) × (Σ S × Eth ) × (Σ S × Eth ) Let Σ We call a relation t ⊆ a (system configuration) transformer . D ( C ) × D ( E ) × Evs ( E ˙ ∪ {∗ , + } , D ) × D ( C ) . • In the following, we assume that each application of a transformer t to some system configuration ( σ, ε ) for object u x is associated with a set of observations Obs t [ u x ]( σ, ε ) ∈ 2 – 12 – 2011-12-11 – Sstmsem – • An observation ( u src , u e , ( E, � – 13 – 2012-12-12 – Sstmsem – d ) , u dst ) ∈ Obs t [ u x ]( σ, ε ) represents the information that, as a “side effect” of u x executing t , an event (!) ( E, � d ) has been sent from u src to u dst . Special cases : creation/destruction. 15 /60 7 /48

– 13 – 2012-12-12 – Sstmsem – 8 /48

Transformer: Skip abstract syntax concrete syntax skip intuitive semantics do nothing well-typedness ./. semantics t [ u x ]( σ, ε ) = { ( σ, ε ) } observables Obs skip [ u x ]( σ, ε ) = ∅ (error) conditions – 13 – 2012-12-12 – Sstmsem – 9 /48

Transformer: Update abstract syntax concrete syntax update ( expr 1 , v, expr 2 ) intuitive semantics Update attribute v in the object denoted by expr 1 to the value denoted by expr 2 . well-typedness expr 1 : τ C and v : τ ∈ atr ( C ) ; expr 2 : τ ; J expr 2 K ( σ, β )]] with expr 1 , expr 2 obey visibility and navigability J expr 1 K ( σ, β ) , β = { this �→ u x } . semantics t update ( expr 1 ,v, expr 2 ) [ u x ]( σ, ε ) = { ( σ ′ , ε ) } where σ ′ = σ [ u �→ σ ( u )[ v �→ I u = I J expr 1 K ( σ, β ) or I J expr 2 K ( σ, β ) not defined. observables Obs update ( expr 1 ,v, expr 2 ) [ u x ] = ∅ – 13 – 2012-12-12 – Sstmsem – (error) conditions Not defined if I 10 /48

Update Transformer Example SM C : /x := x + 1 s 1 s 2 J expr 2 K ( σ, β )]] , ε ) , J expr 1 K ( σ, β ) update ( expr 1 , v, expr 2 ) t update ( expr 1 ,v, expr 2 ) [ u x ]( σ, ε ) = ( σ [ u �→ σ ( u )[ v �→ I u = I u 1 : C u 1 : C σ : : σ ′ x = 4 x = 5 y = 0 y = 0 – 13 – 2012-12-12 – Sstmsem – ε : : ε ′ 11 /48

Transformer: Send abstract syntax concrete syntax send ( E ( expr 1 , ..., expr n ) , expr dst ) intuitive semantics C \ E ; E ∈ E ; Object u x : C sends event E to object expr dst , i.e. create a fresh signal instance, fill in its attributes, and place it in the ether. well-typedness expr dst : τ D , C, D ∈ atr ( E ) = { v 1 : τ 1 , . . . , v n : τ n } ; expr i : τ i , 1 ≤ i ≤ n ; all expressions obey visibility and navigability in C J expr dst K ( σ, β ) ∈ dom( σ ) ; J expr i K ( σ, β ) for semantics t send ( E ( expr 1 ,..., expr n ) , expr dst ) [ u x ]( σ, ε ) = ( σ ′ , ε ′ ) D ( E ) a fresh identity, i.e. u �∈ dom( σ ) , where σ ′ = σ ˙ ε ′ = ε ⊕ ( u dst , u ) ; ∪ { u �→ { v i �→ d i | 1 ≤ i ≤ n }} ; if u dst = I d i = I 1 ≤ i ≤ n ; u ∈ – 13 – 2012-12-12 – Sstmsem – and where ( σ ′ , ε ′ ) = ( σ, ε ) if u dst �∈ dom( σ ) ; β = { this �→ u x } . J expr K ( σ, β ) not defined for any observables Obs send [ u x ] = { ( u x , u, ( E, d 1 , . . . , d n ) , u dst ) } (error) conditions I expr ∈ { expr dst , expr 1 , . . . , expr n } 12 /48

Send Transformer Example SM C : / . . . ; n ! F ( x + 1); . . . s 1 s 2 send ( E ( expr 1 , ..., expr n ) , expr dst ) t send ( expr src ,E ( expr 1 ,..., expr n ) , expr dst ) [ u x ]( σ, ε ) = ... σ : : σ ′ u 1 : C x = 5 – 13 – 2012-12-12 – Sstmsem – ε : : ε ′ 13 /48

Transformer: Create abstract syntax concrete syntax create ( C, expr , v ) intuitive semantics Create an object of class C and assign it to attribute v of the object denoted by expression expr . well-typedness expr : τ D , v ∈ atr ( D ) , atr ( C ) = {� v 1 : τ 1 , expr 0 i � | 1 ≤ i ≤ n } semantics . . . J expr K ( σ, β ) not defined. observables . . . (error) conditions I – 13 – 2012-12-12 – Sstmsem – • We use an “and assign”-action for simplicity — it doesn’t add or remove expressive power, but moving creation to the expression language raises all kinds of other problems such as order of evaluation (and thus creation). • Also for simplicity: no parameters to construction ( ∼ parameters of construc- tor). Adding them is straightforward (but somewhat tedious). 14 /48

Create Transformer Example SM C : / . . . ; n := new C ; . . . s 1 s 2 create ( C, expr , v ) t create ( C, expr ,v ) ( σ, ε ) = ... σ : : σ ′ d : D n = ∅ – 13 – 2012-12-12 – Sstmsem – ε : : ε ′ 15 /48

How To Choose New Identities? • Re-use : choose any identity that is not alive now , i.e. not in dom( σ ) . • Doesn’t depend on history. • May “undangle” dangling references – may happen on some platforms. • Fresh : choose any identity that has not been alive ever , i.e. not in dom( σ ) and any predecessor in current run. • Depends on history. • Dangling references remain dangling – could mask “dirty” effects of platform. – 13 – 2012-12-12 – Sstmsem – 16 /48

Transformer: Create abstract syntax concrete syntax create ( C, expr , v ) intuitive semantics Create an object of class C and assign it to attribute v of the object denoted by expression expr . well-typedness expr : τ D , v ∈ atr ( D ) , atr ( C ) = {� v 1 : τ 1 , expr 0 i � | 1 ≤ i ≤ n } D ( C ) fresh, i.e. u �∈ dom( σ ) ; semantics J expr K ( σ, β ) ; d i = I J expr 0 K ( σ, β ) if expr 0 (( σ, ε ) , ( σ ′ , ε ′ )) ∈ t D ( τ i ) otherwise; β = { this �→ u x } . iff σ ′ = σ [ u 0 �→ σ ( u 0 )[ v �→ u ]] ∪ { u �→ { v i �→ d i | 1 ≤ i ≤ n }} , ε ′ = [ u ]( ε ) ; u ∈ u 0 = I i � = ‘’ and arbitrary i value from J expr K ( σ ) not defined. – 13 – 2012-12-12 – Sstmsem – observables Obs create [ u x ] = { ( u x , ⊥ , ( ∗ , ∅ ) , u ) } (error) conditions I 17 /48

Transformer: Destroy abstract syntax concrete syntax destroy ( expr ) C intuitive semantics Destroy the object denoted by expression expr . well-typedness expr : τ C , C ∈ semantics . . . J expr K ( σ, β ) not defined. observables Obs destroy [ u x ] = { ( u x , ⊥ , (+ , ∅ ) , u ) } (error) conditions I – 13 – 2012-12-12 – Sstmsem – 18 /48

Destroy Transformer Example SM C : / . . . ; delete n ; . . . s 1 s 2 destroy ( expr ) t destroy ( expr ) [ u x ]( σ, ε ) = ... σ : : σ ′ c : C n : C – 13 – 2012-12-12 – Sstmsem – ε : : ε ′ 19 /48