specification and verification for grid component based
play

Specification and Verification for Grid Component-based Applications - PowerPoint PPT Presentation

Jan 13, 2024 •23 likes •403 views

Specification and Verification for Grid Component-based Applications E. Madelaine GridComp project Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis FMCO 08 Sophia-Antipolis oct. 21-23, 2008 Eric MADELAINE --

  1. Specification and Verification for Grid Component-based Applications E. Madelaine GridComp project Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis FMCO ’08 Sophia-Antipolis – oct. 21-23, 2008 Eric MADELAINE -- GridComp -- OASIS 1

  2. Do we need formal methods for developing component-based software ? A B ??? C A B C2 C Safe COTS-based development Safe management for complex => systems Behaviour Specifications (e.g. replacement at runtime) Eric MADELAINE -- GridComp -- OASIS 2

  3. Is it more difficult for distributed, asynchronous components ? Yes ! Asynchrony creates race-conditions, dead-locks, etc. Transparent Futures do not solve all inter-component deadlocks Eric MADELAINE -- GridComp -- OASIS 3

  4. Agenda • Context • Active Objects, Components and Grids • Safe Distributed Components • Definitions • Model generation (= operational semantics) • Checking Properties • Specification and Verification Tools, Case Study • Conclusion & Perspectives Eric MADELAINE -- GridComp -- OASIS 4

  5. Asynchronous and Deterministic Objects [Denis Caromel – Ludovic Henrio] ASP (Asynchronous Sequential Processes) = • Distributed Active Objects • Asynchronous method calls • Futures and Wait-by-necessity � Determinism/Confluence properties � Programming abstractions � Formal Basis for Verification Eric MADELAINE -- GridComp -- OASIS 5

  6. ProActive : Active objects A ag = newActive (“A”, […], VirtualNode) V v1 = ag.foo (param); V v2 = ag.bar (param); ... v1.bar(); //Wait-By-Necessity JVM JVM A ag v2 v1 A WBN! V Wait-By-Necessity Java Object Active Object Req. Queue is a Dataflow Future Object Proxy Thread Request Synchronization Eric MADELAINE -- GridComp -- OASIS 6

  7. Fractal hierarchical model : Attribute Lifecycle Binding Content Controller Controller Controller Controller Controller / membrane • Provided/Required Interfaces • Hierarchy • Separation of concern: functional / non-functional • ADL • Extensible Content composites encapsulate primitives, which encapsulates code Eric MADELAINE -- GridComp -- OASIS 7

  8. GCM [Caromel, FMCO’07] Scopes and Objectives: Grid Component Model Extension of Fractal for programming Grids Innovations: Abstract Deployment Multicast and GatherCast Controller (NF) Components Standardization By the ETSI TC-GRID Eric MADELAINE -- GridComp -- OASIS

  9. Spin-off company 2007 : 9 ProActive Parallel Suite Eric MADELAINE -- GridComp -- OASIS

  10. Agenda • Context • Active Objects, Components and Grids • Safe Distributed Components • Definitions • Model generation • Properties • Specification and Verification Tools, Case Study • Conclusion & Perspectives Eric MADELAINE -- GridComp -- OASIS 10

  11. Software Components My Definition : Software modules, composable, reconfigurable, with well-defined interfaces, and well-defined black box behaviour Our interests : 1. Encapsulation Black boxes, offered and required services 2. Composition Design of complex systems, hierarchical organization into sub-systems 3. Separation of concerns Architecture Description Language (ADL), management components 4. Distribution (e.g. Computational Grid) Interaction at interfaces through asynchronous method calls Eric MADELAINE -- GridComp -- OASIS 11

  12. Behaviour specification and Safe composition Aim : Build reliable components from the composition of smaller pieces, using their formal specification. Component paradigm : only observe activity at interfaces. Behavioural properties: Deadlock freeness, progress/termination, safety and liveness. Applications : • Check behavioural compatibility between sub-components • Check correctness of component deployment • Check correctness of the transformation inside a running application. Eric MADELAINE -- GridComp -- OASIS 12

  13. The pNET model Specification language Instantiation pNets system Abstraction Source code Verification tools Constraint: domains in pNets are “simple types”. The data domains in the source language have to be abstracted beforehand. Eric MADELAINE -- GridComp -- OASIS 13

  14. pNets : Hierarchical and Parameterized Models [Arnold, Nivat 92] Synchronization networks [Lin 92] symbolic graphs with assignments [Lakas 96] semantics of Lotos open expressions • Value-passing, Dynamic architectures, etc. • But close to code structure • Instantiation to finite structures (through abstract interpretation) [Forte’04: T. Barros, R. Boulifa, E. Madelaine] [Annals of Telecomunications’08: A. Cansado, L. Henrio, E. Madelaine ] Eric MADELAINE -- GridComp -- OASIS 14

  15. Parameterized LTSs : definition Given : A set of parameters V (with domains in first order “simple types”) An many-sorted term algebra ∑ V, with a distinguished Action sort A parameterized LTS is <V, S, s 0 , L> in which: • Each state s ∈ S has free variables fv(s) ⊆ V • Labels l ∈ L have the form <e B , α , x j := e j > • e B ∈ ∑ V,Bool a guard • α ∈ ∑ V,Action a parameterized action y=x-1 • x j := e j an assignment of the state variables i,y i,x Eric MADELAINE -- GridComp -- OASIS 15

  16. Parameterized Network of Synchronised Automata (pNets) : definition • A pNet is <V, A g , J, p j , O j , T> in which: • A g ⊆ ∑ V is the pNet sort, ie the set of global actions • J is a set of Holes, each of them with a parameter p j and a sort O j • T is the transducer (or control automaton) of the pNet, whose labels are synchronisation vectors : < α g , {a i,j }> that relate actions of some instances of the holes to a global action. PhiloNET : < Philo[k], Fork[k] > k ∈ [1:n] A g = { Think(k), TakeL(k), … } T static (single state), with synchronisation vectors : <Think(k), Think Philo[k] > <TakeL(k), TakeL Philo[k] , Take Fork[k-1] > Eric MADELAINE -- GridComp -- OASIS 16

  17. pNets and Nets : operators • pNets are generalized synchronisation operators at the semantic level, in the spirit of Lotomaton. They address: multiway synchronisation, parameterized topologies, and dynamic topologies. Define: • A System is a tree-like structure with pNets at nodes and pLTS at leaves • Abstraction : given a countable (resp, finite) domain for each parameter of a system, its instantiation is a countable (resp. finite) system. • The synchronisation product is only defined for instantiated systems. Eric MADELAINE -- GridComp -- OASIS 17

  18. Abstractions and Correctness (1) Program semantics = = > Behaviour Model (parameterized) user-specified abstract interpretation (2) Behaviour Model = = > Finite Model Value Passing case : d efine an abstract representation from a finite partition of the value domains, on a per-formula basis ⇒ Preservation of safety and liveness properties [Cleaveland & Riely 93] Families of Processes : no similar generic result (but many results for specific topologies). Counter-example : on parameterized topologies of processes, reachability properties require induction reasoning. Practical approach : • explore small finite configurations in a “bug search” fashion, • use “infinite systems” techniques for decidable domains when available Eric MADELAINE -- GridComp -- OASIS 18

  19. Agenda • Context • Active Objects, Components and Grids • Safe Distributed Components • Definitions • Model generation • Properties • Specification and Verification Tools, Case Study • Conclusion & Perspectives Eric MADELAINE -- GridComp -- OASIS 19

  20. Building Behavioural Models : Principles For a given language/framework, define an operational semantics that builds pNets from the program structure. For GCM components: • Reason separately at each composition level Primitive components : functional behaviour is known • Given by the user (specification language) • Obtained by static analysis (primitive components, e.g. ProActive active objects) • Computed from lower level Composites : structure and non functional behaviour automatically added from the component’s ADL Eric MADELAINE -- GridComp -- OASIS 20

  21. Building pNet models (ex 1) Nets for Active objects communication schema : From the set of public methods, and their signature, build : • The (parameterized) action algebra • The structure of the future proxies and request queue • One synch vector per exchanged message. Buffer(Max,S) Consumer(c) JVM JVM A v2 ag v1 body Proxy body A Queue call(get,f) [f] WBN! […] V return(get,x) Eric MADELAINE -- GridComp -- OASIS 21

  22. Building pNet models (ex 2) Nets and pLTS for ?bind(B,IA) ?unbind(B,IA) Fractal non- functional controllers : • Binding ?bind(B,IF) controllers B • Life-cycle cont. • Content cont. ?unbind(B,IF) B.Call C[c] Q_get() (alarm) bound unbound R_get(v) !Err(unbound,B,IA) Eric MADELAINE -- GridComp -- OASIS 22

  23. pNet Models for a GCM composite 1) Assemble sub- Queue Proxy Body components (f) ?Serve(M,…) Call(M,…) 2) add non-functional controls: 1) Bindings Request… Response… LF 2) Start/Stop 3) … ?bind(…) 3) Add Interceptors : !start() ?unbind(…) !stop() P(p) 1) Body B 2) Queue, LF and proxies C(c) !Err(unbound,…) Eric MADELAINE -- GridComp -- OASIS 23

Recommend

Multi-Formalism Specification and Verification in Verisoft Thorsten Bormer Universit at

Multi-Formalism Specification and Verification in Verisoft Thorsten Bormer Universit at

Multi-Formalism Specification and Verification in Verisoft Thorsten Bormer Universit at Koblenz-Landau June 15th, 2007 Component Overview Application Email Client Signature Software (User Interface) Module Com piler Networking /

389 views • 18 slides
Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification Transition systems 2

798 views • 62 slides
Formal and Incremental Verification of SysML Specifications for the Design of Component-Based

Formal and Incremental Verification of SysML Specifications for the Design of Component-Based

Formal and Incremental Verification of SysML Specifications for the Design of Component-Based Systems Oscar Carrillo Dpartement dInformatique des Systmes Complexes (DISC), Femto-ST UMR 6174 CNRS Encadrement : Hassan Mountassir et Samir

972 views • 65 slides
Formal Specification and Verification Formal specification Temporal logic 12.06.2012

Formal Specification and Verification Formal specification Temporal logic 12.06.2012

Formal Specification and Verification Formal specification Temporal logic 12.06.2012 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Formal specification Specification for program/system Specification for

443 views • 21 slides
Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification 2 Formal

627 views • 19 slides
Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm

Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm

Contract-based Specification and Verification of Dataflow Programs Jonatan Wiik Pontus Bostrm bo Akademi University, Finland Nordic Workshop on Programming Theory 2015 1 / 20 Introduction Modern software systems are increasingly

612 views • 25 slides
A component-based approach for Context-Aware Systems specification Brahim Djoudi , Chafia

A component-based approach for Context-Aware Systems specification Brahim Djoudi , Chafia

Constantine 2 University LIRE laboratory Team Software Engineering and Distributed Systems A component-based approach for Context-Aware Systems specification Brahim Djoudi , Chafia Bouanaka, Nadia Zeghib Plan Introduction Context-Aware

477 views • 35 slides
Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de Some of the slides are based on or inspired by material by Wolfgang Ahrendt, Bernhard Beckert, Reiner H ahnle, Andreas Podelski 1 Motivation

899 views • 54 slides
Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de Some of the slides are based on or inspired by material by Wolfgang Ahrendt, Bernhard Beckert, Reiner H ahnle, Andreas Podelski 1 Motivation

1.11k views • 55 slides
Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail:

Formal Specification and Verification Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de Some of the slides are based on or inspired by material by Wolfgang Ahrendt, Bernhard Beckert, Reiner H ahnle, Andreas Podelski 1 Motivation

715 views • 45 slides
An Assume-Guarantee Method for Modular An Assume-Guarantee Method for Modular Verification of

An Assume-Guarantee Method for Modular An Assume-Guarantee Method for Modular Verification of

An Assume-Guarantee Method for Modular An Assume-Guarantee Method for Modular Verification of Evolving Component-Based Software Verification of Evolving Component-Based Software Pham Ngoc Hung, Nguyen Truong Thang, and Takuya Katayama Japan

544 views • 21 slides
Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus

Introduction Specification of the Java Flight Manager Runtime Assertion Checking and Verification Conclusions Formal Specification and Verification of Avionics Software Claus Wonnemann June 7th, 2006 Claus Wonnemann Formal Specification and

708 views • 54 slides
IST-2001 - Project 33522 IST-2001-33522 Animation and formal verification of a component-based

IST-2001 - Project 33522 IST-2001-33522 Animation and formal verification of a component-based

OMEGA OMEGA IST-2001 - Project 33522 IST-2001-33522 Animation and formal verification of a component-based application using live sequence charts (LSCs) and the Play-Engine Omega workshop Grenoble February 17, 2005 Pierre Combes

488 views • 27 slides
Component-based Verification of Cyber-Physical Flow Systems Andreas Mller

Component-based Verification of Cyber-Physical Flow Systems Andreas Mller

Verified Traffic Networks: Component-based Verification of Cyber-Physical Flow Systems Andreas Mller andreas.mueller@jku.at Stefan Mitsch - stefan.mitsch@jku.at Andr Platzer - aplatzer@cs.cmu.edu Johannes Kepler University, Linz

711 views • 68 slides
Off-line Signature Verification: A Circular Outline Grid-Based Feature Extraction Approach

Off-line Signature Verification: A Circular Outline Grid-Based Feature Extraction Approach

8vas. Jornadas de Ciencias de la Computaci on (XIII JCC) XIII JCC Off-line Signature Verification: A Circular Outline Grid-Based Feature Extraction Approach Motivation Contributions Feature Marianela Parodi Extraction SVM-based &lt;

652 views • 28 slides
The ESC/Java2 Calculi and Object Logics Implications on Specification and Verification Joseph

The ESC/Java2 Calculi and Object Logics Implications on Specification and Verification Joseph

The ESC/Java2 Calculi and Object Logics Implications on Specification and Verification Joseph Kiniry Department of Computer Science University College Dublin ESC/Java2 ESC/Java2 is an extended static checker based upon DEC/Compaq SRC

278 views • 27 slides
Combining program verification with component-based architectures Alexander Senier BOB 2018

Combining program verification with component-based architectures Alexander Senier BOB 2018

Combining program verification with component-based architectures Alexander Senier BOB 2018 Berlin, February 23 rd , 2018 About Componolit 23.02.2018 2 What happens when we use what's best? 23.02.2018 3 Whats Best? Mid-90ies:

595 views • 32 slides
Electronic Visit Verification File Specification: Visit Interface Electronic Visit Verification

Electronic Visit Verification File Specification: Visit Interface Electronic Visit Verification

Electronic Visit Verification File Specification: Visit Interface Electronic Visit Verification Project February 26, 2020 Welcome HMOs, MCOs, IRIS FEAs Sandata team (EVV vendor) Wisconsin Department of Health Services team

941 views • 47 slides
specification free monitoring CS 119 can we avoid writing specs? specification and programming

specification free monitoring CS 119 can we avoid writing specs? specification and programming

specification free monitoring CS 119 can we avoid writing specs? specification and programming specification runtime verification program input output 2 properties can be hard to write To quote quite excellent NASA software engineer

987 views • 65 slides
INF5140 Specification and Verification of Parallel Systems Spring 2017 Institutt for

INF5140 Specification and Verification of Parallel Systems Spring 2017 Institutt for

INF5140 Specification and Verification of Parallel Systems Spring 2017 Institutt for informatikk, Universitetet i Oslo April 28, 2017 1 / 82 INF5140 Specification and Verification of Parallel Systems Lecture 5 - Introduction to

970 views • 82 slides
INF5140 Specification and Verification of Parallel Systems Spring 2018 Institutt for

INF5140 Specification and Verification of Parallel Systems Spring 2018 Institutt for

INF5140 Specification and Verification of Parallel Systems Spring 2018 Institutt for informatikk, Universitetet i Oslo January 26, 2018 1 / 102 Introduction INF5140 Specification and Verification of Parallel Systems Overview,

1.14k views • 79 slides
INF5140 Specification and Verification of Parallel Systems Logics, lecture 2 Spring 2015

INF5140 Specification and Verification of Parallel Systems Logics, lecture 2 Spring 2015

INF5140 Specification and Verification of Parallel Systems Logics, lecture 2 Spring 2015 February 20, 2015 1 / 37 Introduction Today: we start with the specification language Logic is the specification language for us. There are many

1.04k views • 37 slides
SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification

SAT-based verification (BMC, temporal induction) Mary Sheeran, Chalmers SAT-based verification now hot Used here in Sweden since 1989 mostly in safety critical applications (railway control program verification) Bounded Model Checking a

468 views • 25 slides
Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous

Specification and Verification for distributed applications running on heterogeneous infrastructures E. Madelaine Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis ECNU Dept of Software Engineering October 2010 Eric

683 views • 49 slides

More recommend