2,593 research outputs found
Verification of Branching-Time and Alternating-Time Properties for Exogenous Coordination Models
Information and communication systems enter an increasing number of areas of daily lives. Our reliance and dependence on the functioning of such systems is rapidly growing together with the costs and the impact of system failures. At the same time the complexity of hardware and software systems extends to new limits as modern hardware architectures become more and more parallel, dynamic and heterogenous. These trends demand for a closer integration of formal methods and system engineering to show the correctness of complex systems within the design phase of large projects.
The goal of this thesis is to introduce a formal holistic approach for modeling, analysis and synthesis of parallel systems that potentially addresses complex system behavior at any layer of the hardware/software stack. Due to the complexity of modern hardware and software systems, we aim to have a hierarchical modeling framework that allows to specify the behavior of a parallel system at various levels of abstraction and that facilitates designing complex systems in an iterative refinement procedure, in which more detailed behavior is added successively to the system description. In this context, the major challenge is to provide modeling formalisms that are expressive enough to address all of the above issues and are at the same time amenable to the application of formal methods for proving that the system behavior conforms to its specification. In particular, we are interested in specification formalisms that allow to apply formal verification techniques such that the underlying model checking problems are still decidable within reasonable time and space bounds.
The presented work relies on an exogenous modeling approach that allows a clear separation of coordination and computation and provides an operational semantic model where formal methods such as model checking are well suited and applicable. The channel-based exogenous coordination language Reo is used as modeling formalism as it supports hierarchical modeling in an iterative top-down refinement procedure. It facilitates reusability, exchangeability, and heterogeneity of components and forms the basis to apply formal verification methods. At the same time Reo has a clear formal semantics based on automata, which serve as foundation to apply formal methods such as model checking.
In this thesis new modeling languages are presented that allow specifying complex systems in terms of Reo and automata models which yield the basis for a holistic approach on modeling, verification and synthesis of parallel systems. The second main contribution of this thesis are tailored branching-time and alternating time temporal logics as well as corresponding model checking algorithms. The thesis includes results on the theoretical complexity of the underlying model checking problems as well as practical results. For the latter the presented approach has been implemented in the symbolic verification tool set Vereofy. The implementation within Vereofy and evaluation of the branching-time and alternating-time model checker is the third main contribution of this thesis
Specification, simulation, and verification of component connectors in Reo
Coordination and composition of components is an essential concern in component-based software engineering. In this paper, we present an operational semantics for a component composition language called Reo. Reo connectors exogenously compose and coordinate the interactions among individual components, that unawarely comprise a complex system, into a coherent collaboration. The formal semantics we present here paves the way for studying the behavior of component composition mechanisms rigorously. To demonstrate the feasibility of such a rigorous approach, we give a faithful translation of Reo semantics into the Maude term rewriting language. This translation allows us to exploit the rewriting engine and the modelchecking module in the Maude tool-set to symbolically run and model-check the behavior of Reo connectors
Deconstructing Reo
AbstractCoordination in Reo emerges from the composition of the behavioural constraints of the primitives, such as channels, in a component connector. Understanding and implementing Reo, however, has been challenging due to interaction of the channel metaphor, which is an inherently local notion, and the non-local nature of constraint propagation imposed by composition. In this paper, the channel metaphor takes a back seat, and we focus on the behavioural constraints imposed by the composition of primitives, and phrase the semantics of Reo as a constraint satisfaction problem. Not only does this provide a clear intensional description of the behaviour of Reo connectors in terms of synchronisation and data flow constraints, it also paves the way for new implementation techniques based on constraint propagation and satisfaction. In fact, decomposing Reo into constraints provides a new computational model for connectors, which we extend to model interaction with an unknown external world beyond what is currently possible in Reo
Input-output Conformance Testing for Channel-based Service Connectors
Service-based systems are software systems composed of autonomous components or services provided
by different vendors, deployed on remote machines and accessible through the web. One of the
challenges of modern software engineering is to ensure that such a system behaves as intended by its
designer. The Reo coordination language is an extensible notation for formal modeling and execution
of service compositions. Services that have no prior knowledge about each other communicate
through advanced channel connectors which guarantee that each participant, service or client, receives
the right data at the right time. Each channel is a binary relation that imposes synchronization
and data constraints on input and output messages. Furthermore, channels are composed together
to realize arbitrarily complex behavioral protocols. During this process, a designer may introduce
errors into the connector model or the code for their execution, and thus affect the behavior of a
composed service. In this paper, we present an approach for model-based testing of coordination
protocols designed in Reo. Our approach is based on the input-output conformance (ioco) testing
theory and exploits the mapping of automata-based semantic models for Reo to equivalent process
algebra specifications
Coordination via Interaction Constraints I: Local Logic
Wegner describes coordination as constrained interaction. We take this
approach literally and define a coordination model based on interaction
constraints and partial, iterative and interactive constraint satisfaction. Our
model captures behaviour described in terms of synchronisation and data flow
constraints, plus various modes of interaction with the outside world provided
by external constraint symbols, on-the-fly constraint generation, and
coordination variables. Underlying our approach is an engine performing
(partial) constraint satisfaction of the sets of constraints. Our model extends
previous work on three counts: firstly, a more advanced notion of external
interaction is offered; secondly, our approach enables local satisfaction of
constraints with appropriate partial solutions, avoiding global synchronisation
over the entire constraints set; and, as a consequence, constraint satisfaction
can finally occur concurrently, and multiple parts of a set of constraints can
be solved and interact with the outside world in an asynchronous manner, unless
synchronisation is required by the constraints. This paper describes the
underlying logic, which enables a notion of local solution, and relates this
logic to the more global approach of our previous work based on classical
logic
- …