Automating the transformation-based analysis of visual languages

The final publication is available at Springer via http://dx.doi.org/10.1007/s00165-009-0114-yWe present a novel approach for the automatic generation of model-to-model transformations given a description of the operational semantics of the source language in the form of graph transformation rules. The approach is geared to the generation of transformations from Domain-Specific Visual Languages (DSVLs) into semantic domains with an explicit notion of transition, like for example Petri nets. The generated transformation is expressed in the form of operational triple graph grammar rules that transform the static information (initial model) and the dynamics (source rules and their execution control structure). We illustrate these techniques with a DSVL in the domain of production systems, for which we generate a transformation into Petri nets. We also tackle the description of timing aspects in graph transformation rules, and its analysis through their automatic translation into Time Petri netsWork sponsored by the Spanish Ministry of Science and Innovation, project METEORIC (TIN2008-02081/TIN) and by the Canadian Natural Sciences and Engineering Research Council (NSERC)

A Complexity Preserving Transformation from Jinja Bytecode to Rewrite Systems

We revisit known transformations from Jinja bytecode to rewrite systems from the viewpoint of runtime complexity. Suitably generalising the constructions proposed in the literature, we define an alternative representation of Jinja bytecode (JBC) executions as "computation graphs" from which we obtain a novel representation of JBC executions as "constrained rewrite systems". We prove non-termination and complexity preservation of the transformation. We restrict to well-formed JBC programs that only make use of non-recursive methods and expect tree-shaped objects as input. Our approach allows for simplified correctness proofs and provides a framework for the combination of the computation graph method with standard techniques from static program analysis like for example "reachability analysis".Comment: 36 page

Formal Analysis and Verication of Self-Healing Systems: Long Version

Self-healing (SH-)systems are characterized by an automatic discovery of system failures, and techniques how to recover from these situations. In this paper, we show how to model SH-systems using algebraic graph transformation. These systems are modeled as typed graph grammars enriched with graph constraints. This allows not only for formal modeling of consistency and operational properties, but also for their analysis and verification using the tool AGG. We present sufficient static conditions for self-healing properties, deadlock-freeness and liveness of SH-systems. The overall approach is applied to a traffic light system case study, where the corresponding properties are verified

Local Confluence Analysis of Consistent EMF Transformations

Model transformation is one of the key activities in model-driven software development. An increasingly popular technology to define modeling languages is provided by the Eclipse Modeling Framework (EMF). Several EMF model transformation approaches have been developed, focusing on different transformation aspects. For the analysis of model transformations, graph transformation techniques provide a formal basis and tool support. In this paper we aim to make use of those techniques by providing a formal foundation of consistent EMF transformations to analyze critical pairs between EMF transformation rules as well as extending the notion of local confluence to EMF transformation systems. The analysis is also demonstrated on a small example simulating the firing behavior of elementary Petri nets

On the essence of parallel independence for the double-pushout and sesqui-pushout approaches

Parallel independence between transformation steps is a basic notion in the algebraic approaches to graph transformation, which is at the core of some static analysis techniques like Critical Pair Analysis. We propose a new categorical condition of parallel independence and show its equivalence with two other conditions proposed in the literature, for both left-linear and non-left-linear rules. Next we present some preliminary experimental results aimed at comparing the three conditions with respect to computational efficiency. To this aim, we implemented the three conditions, for left-linear rules only, in the Verigraph system, and used them to check parallel independence of pairs of overlapping redexes generated from some sample graph transformation systems over categories of typed graphs

Towards a Petri net Model for Graph Transformation Systems

Graph transformation systems (GTS) have been successfully proposed as a general, theoretically sound model for concurrency. Petri nets (PN), on the other side, are a central and intuitive formalism for concurrent or distributed systems, well supported by a number of analysis techniques/tools. Some PN classes have been shown to be instances of GTS. In this paper, we change perspective presenting an operational semantics of GTS in terms of Symmetric Nets, a well-known class of Coloured Petri nets featuring a structured syntax that outlines model symmetries. Some practical exploitations of the proposed operational semantics are discussed. In particular, a recently developed structural calculus for SN is used to validate graph rewriting rules in a symbolic way

Modelling and Analysis using Graph Transformation Systems

Communication protocols, a class of critical systems, play an important role in industry. These protocols are critical because the tolerance for faults in these systems is low and it is highly desirable that these systems work correctly. Therefore, an effective methodology for describing and verifying that these systems behave according to their specifications is vitally important. Model checking is a verification technique in which a mathematically precise model of the system, either concrete or with abstraction, is built and a specification of how the system should behave is given. Then the system is considered correct if its model satisfies its specification. However, due to their size and complexity, critical systems, such as communication systems, are notoriously resistant to formal modelling and verification. In this thesis, we propose using graph transformation systems (GTSs), a visual semantic modelling approach, to model the behaviour of dynamically evolving communication protocols. Then, we show how a GTS model can facilitate verification of invariant properties of potentially unbounded communication systems. Finally, due to the use of similar isomorphic components in communication systems, we show how to exploit symmetries of these dynamically evolving models described by GTSs, to reduce the size of the model under verification. We use graph transformation systems to provide an expressive and intuitive visual description of the system state as a graph and for the computations of the system as a finite set of rules that transform the state graphs. Our model is well-suited for describing the behaviour of individual components, error-free communication channels amongst the components, and dynamic component creation and elimination. Thus, the structure of the generated model closely resembles the way in which communication protocols are typically separated into three levels: the first describing local features or components, the second characterizing interactions among components, and the third showing the evolution of the component set. The graph transformation semantics follows this scheme, enabling a clean separation of concerns when describing a protocol. This separation of concerns is a necessity for formal analysis of system behaviour. We prove that the finite set of graph transformation rules that describe behaviour of the system can be used to perform verification for invariant properties of the system. We show that if a property is preserved by the finite set of transformation rules describing the system model, and if the initial state satisfies the property, then the property is an invariant of the system model. Therefore, our verification method may avoid the explicit analysis of the potentially enormous state space that the transformation rules encode. In this thesis, we also develop symmetry reduction techniques applicable to dynamically evolving GTS models. The necessity to extend the existing symmetry reduction techniques arises because these techniques are not applicable to dynamic models such as those described by GTSs, and, in addition, these existing techniques may offer only limited reduction to systems that are not fully symmetric. We present an algorithm for generating a symmetry-reduced quotient model directly from a set of graph transformation rules. The generated quotient model is bisimilar to the model under verification and may be exponentially smaller than that model

Permutation Equivalence of DPO Derivations with Negative Application Conditions based on Subobject Transformation Systems: Long Version

Switch equivalence for transformation systems has been successfully used in many domains for the analysis of concurrent behaviour. When using graph transformation as modelling framework for these systems the concept of negative application conditions (NACs) is widely used -- in particular for the specification of operational semantics. In this paper we show that switch equivalence can be improved essentially for the analysis of systems with NACs by our new concept of permutation equivalence. Two derivations respecting all NACs are called permutation-equivalent if they are switch-equivalent disregarding the NACs. In fact, there are permutation-equivalent derivations which are not switch-equivalent with NACs. As main result of the paper, we solve the following problem: Given a derivation with NACs, we can efficiently derive all permutation-equivalent derivations to the given one by static analysis. The results are based on extended techniques for subobject transformation systems which have been introduced recently

A Comparative Analysis To Validate The Benefits Of Formal Versus Informal Software Model Transformation

In object -oriented development the Unified Modeling Language (UML) is the ISO/IEC standard for modeling language and is supported by major corporations. In relational database development, entity-relationship models have traditionally been use for modeling such systems. Transforming from one notation to another notation is of great importance in developmental environments where this is required. There are several techniques for transforming UML models to object-relational database systems. Prior assessment has been carried out on transforming UML class diagram models to object-oriented relational databases, which yield significant results. One approach to transformation may involve the use of formal (mathematical) techniques, while other approaches may rely on informal techniques to accomplish the transformation. The use of a formal technique to transform may incorporate graph-theory on UML class diagram. An informal technique may be utilized in transforming UML extension mechanisms, to represent object-relational concepts. A prior research effort examined the benefits of two such approaches in transforming UML class diagram models into object-relational database representation. That work, sought to determine the benefits of one approach (formal technique) versus the benefits of the other approach (informal technique), by way of comparative analysis. The researchers drew inferences from the comparative analysis as to the suitability of one approach versus the other on classes of problem domains. The results of such work have to be validated in order for it to become acceptable and its implication applied in software development decision making. In this work there will be an attempt to apply a similar xiv comparative analysis on a model from a different application domain (Kalman Filter Program Representation), from that which was used in the first study an (Airline Flight Reservation System). The goal of this research is to provide validation of the usefulness of this type of comparative analysis