118 research outputs found
Extending Rebeca with synchronous messages and reusable components
In this paper, we propose extended Rebeca as a tool-supported actor-based language for modeling and verifying of concurrent and distributed systems. We enrich Rebeca with a formal concept of components which integrates the message-driven computational model of actor-based languages with synchronous message passing. Components are used to encapsulate a set of internal active objects which react asynchronously to messages by means of methods and which additionally interact via a synchronous message passing mechanism. Components themselves interact only via asynchronous and anonymous messages. We present our compositional verification approach and abstraction techniques, and the theory corresponding to it, based on formal semantics of Rebeca. These techniques are exploited to overcome state explosion problem in model checkin
Modelling and Simulation of Asynchronous Real-Time Systems using Timed Rebeca
In this paper we propose an extension of the Rebeca language that can be used
to model distributed and asynchronous systems with timing constraints. We
provide the formal semantics of the language using Structural Operational
Semantics, and show its expressiveness by means of examples. We developed a
tool for automated translation from timed Rebeca to the Erlang language, which
provides a first implementation of timed Rebeca. We can use the tool to set the
parameters of timed Rebeca models, which represent the environment and
component variables, and use McErlang to run multiple simulations for different
settings. Timed Rebeca restricts the modeller to a pure asynchronous
actor-based paradigm, where the structure of the model represents the service
oriented architecture, while the computational model matches the network
infrastructure. Simulation is shown to be an effective analysis support,
specially where model checking faces almost immediate state explosion in an
asynchronous setting.Comment: In Proceedings FOCLASA 2011, arXiv:1107.584
Specification and Verification of Timing Properties in Interoperable Medical Systems
To support the dynamic composition of various devices/apps into a medical
system at point-of-care, a set of communication patterns to describe the
communication needs of devices has been proposed. To address timing
requirements, each pattern breaks common timing properties into finer ones that
can be enforced locally by the components. Common timing requirements for the
underlying communication substrate are derived from these local properties. The
local properties of devices are assured by the vendors at the development time.
Although organizations procure devices that are compatible in terms of their
local properties and middleware, they may not operate as desired. The latency
of the organization network interacts with the local properties of devices. To
validate the interaction among the timing properties of components and the
network, we formally specify such systems in Timed Rebeca. We use model
checking to verify the derived timing requirements of the communication
substrate in terms of the network and device models. We provide a set of
templates as a guideline to specify medical systems in terms of the formal
model of patterns. A composite medical system using several devices is subject
to state-space explosion. We extend the reduction technique of Timed Rebeca
based on the static properties of patterns. We prove that our reduction is
sound and show the applicability of our approach in reducing the state space by
modeling two clinical scenarios made of several instances of patterns
Construction and Analysis of Petri Net Model for Distributed Cyber Physical Systems
A Distributed Cyber-Physical System (DCPS) composition poses challenges in determining its emergent behaviour. These challenges occur due to (1) the appearance of causal loops of information and energy flow through cyber and physical channels and (2) inherent non-determinism in the temporally ordered flow of events within independently evolving interacting processes of Constituent Systems (CSs). Hence, there is a need to construct a model of the envisaged schematic of DCPS composition for analysis and verification of its significant properties in the conceptual design stage of the system development life cycle.
This paper presents a procedure to construct DCPS composition models in Petri net formalism using distributed abstractions. The model for each CS is obtained from elementary constructs using compositional operators. The interaction among CSs occurs through channels obtained by connecting send and receive constructs of two CSs participating in an interaction. The internal processing within a CS characterizing its primary function is abstracted in a generic passthrough construct. Representing these constructs with compositional operators results in the complete DCPS model in Petri net formalism. A toolchain with Reference net workshop (Renew) as an integrated Petri net editing and analysis platform is configured to support DCPS modelling, simulation and analysis. The Renew tool functionality has been enhanced with a plugin designed and developed by authors to facilitate the drawing of the distributed composition model.
A low-level Petri net analysis (Lola) v2.0 plugin is employed to verify the Petri net and temporal properties of the modelled DCPS scenarios. The properties of the resultant model are verified using well-established algorithms to analyze Petri nets. Further, system properties specified using temporal logic can be verified using model-checking algorithms for Petri nets. A moderately complex scenario involving interactions among six CSs illustrates the presented approach
Compositional schedulability analysis of real-time actor-based systems
We present an extension of the actor model with real-time, including deadlines associated with messages, and explicit application-level scheduling policies, e.g.,"earliest deadline first" which can be associated with individual actors. Schedulability analysis in this setting amounts to checking whether, given a scheduling policy for each actor, every task is processed within its designated deadline. To check schedulability, we introduce a compositional automata-theoretic approach, based on maximal use of model checking combined with testing. Behavioral interfaces define what an actor expects from the environment, and the deadlines for messages given these assumptions. We use model checking to verify that actors match their behavioral interfaces. We extend timed automata refinement with the notion of deadlines and use it to define compatibility of actor environments with the behavioral interfaces. Model checking of compatibility is computationally hard, so we propose a special testing process. We show that the analyses are decidable and automate the process using the Uppaal model checke
Formal aspects of component software
This is the pre-proceedings of 6th International Workshop on Formal Aspects of Component Software (FACS'09)
Automated Validation of State-Based Client-Centric Isolation with TLA <sup>+</sup>
Clear consistency guarantees on data are paramount for the design and implementation of distributed systems. When implementing distributed applications, developers require approaches to verify the data consistency guarantees of an implementation choice. Crooks et al. define a state-based and client-centric model of database isolation. This paper formalizes this state-based model in, reproduces their examples and shows how to model check runtime traces and algorithms with this formalization. The formalized model in enables semi-automatic model checking for different implementation alternatives for transactional operations and allows checking of conformance to isolation levels. We reproduce examples of the original paper and confirm the isolation guarantees of the combination of the well-known 2-phase locking and 2-phase commit algorithms. Using model checking this formalization can also help finding bugs in incorrect specifications. This improves feasibility of automated checking of isolation guarantees in synthesized synchronization implementations and it provides an environment for experimenting with new designs.</p
Towards reduction of Paradigm coordination models
The coordination modelling language Paradigm addresses collaboration between
components in terms of dynamic constraints. Within a Paradigm model, component
dynamics are consistently specified at a detailed and a global level of
abstraction. To enable automated verification of Paradigm models, a translation
of Paradigm into process algebra has been defined in previous work. In this
paper we investigate, guided by a client-server example, reduction of Paradigm
models based on a notion of global inertness. Representation of Paradigm models
as process algebraic specifications helps to establish a property-preserving
equivalence relation between the original and the reduced Paradigm model.
Experiments indicate that in this way larger Paradigm models can be analyzed.Comment: In Proceedings PACO 2011, arXiv:1108.145
- …