cs599 formal methods in software architectures 1 temporal examples in rapide mohammad al said miheer...

CS599 Formal Methods in Software Architectures

1

Temporal Examples in Rapide

• Mohammad Al Said

• Miheer Bhachech

• Aditya Garg


2

Rapide Syntax

Architecture

•architecture_declaration ::= architecture identifier `(' [ parameter_list ] `)' [ return interface_expression ] is [ module_constituent_list ] [ connect { connection } ] end [ architecture ] [ identifier ] `;' •connection ::= pattern connector pattern `;' | other kinds of pattern connections ... •connector ::= `to' | `=>' | `||>'


3

InterfaceThe interface type of a component consists of the set of constituents by which the component communicates with other components.

•Interface types are declared using the following syntax: •type_declaration ::= type identifier is interface_expression `;' •interface_type_expression ::= interface { interface_constituent } [ behavior behavior_declaration ] end [ interface ] [ identifier ] •interface_constituent ::= provides { interface_declarative_item } | requires { interface_declarative_item } | action { action_name_declaration } | private { interface_declarative_item } | service { service_declarative_item } | constraint { pattern_constraint_list}


4

Actions and Functions

•action_name_declaration ::= action mode identifier `(' [ formal_parameter_list ] `)' `;' •mode ::= in | out •function_name_declaration ::= function identifier `(' [ formal_parameter_list ] `)' [ return type_expression ] `;' •For example, •action in Write(value : Data); function Read() return Data;


5

Tool Support

There are several tools to assist programmers who want to develop Rapide models of systems. The tools include:

•an architecture-based editor for defining system models, •a compiler for producing executables from the system models, •a constraint checking runtime system that is used by an executable to produce a history of the execution, •a graphical browser for viewing histories, and •an animation facility providing another view of histories. •The Rapide Toolset is available for Solaris 2.5, SunOS 4.1.3. and Linux.


6


7

Gas_StationAssumptions:• Operator schedules pumps to customers.• No mechanism that map customers to the right pump.• Main Gas tank refilling process is not included.• Main Gas Tank is divided into 3 tanks based on Fuel grade. • Car’ Gas tank is not included.


8

type Dollars is Real; type Gallons is Real;type Fuel is Integer; type Customer is interface action out Pre_Pay(Cost : Dollars), Turn_On(), Walk(), Turn_Off(), Select_Grade(Fuel_Grade : Fuel); in Okay(), Change(Cost : Dollars); behavior D : Dollars; FG : Fuel; begin start => Pre_Pay(D);; Okay => Walk;; Okay => Select_Grade(FG); Turn_On();; end Customer;

Customer


9

type Operator is interface action in Request(Cost : Dollars), Refill_Tank(FL : Boolean; Tank : Fuel), Result(Cost : Dollars); out Schedule(Cost : Dollars), behavior Payment : Dollars; Fuel_Level_Low : var Boolean :=False; Tank_Number: Fuel; Action Add_Fuel_To_Tank(Tank : Fuel); Begin (?X : Boolean ; ?Y : Fuel) (Refill_Tank(?X ; ?Y) => Fuel_Level_Low :=?X; Tank_Number :=?Y;; Fuel_Level_Low => Add_Fuel_To_Tank($Tank_Number);; (?X : Dollars)Request(?X) => Payment := ?X; Schedule(?X);; (?X : Dollars)Result(?X) => Remit($Payment - ?X);; end Operator;

Operator


10

type Pump is interface action in On(), Off(), Activate(Cost : Dollars), Select_Fuel_Grade(Fuel_Grade : Fuel), Ok(); out Report(Amount : Gallons; Cost : Dollars), Request_Gas_From_Tank(GT : Fuel); behavior Free : var Boolean := True; Premium_Cost : var Real := 1.9; Plus_Cost : var Real := 1.8; Regular_Cost : var Real :=1.7; Reading, Limit : var Dollars := 0; Gallons_Dispensed : var Gallons :=0; action In_Use(), Done(), Fuel_Grade_Selected(); begin (?X : Dollars)(On ~ Activate(?X) AND Ok) where $Free => Free := False; Limit := ?X; Fuel_Grade_Selected;; Fuel_Grade_Selected => In_Use;; In_Use => if (((?Y : Fuel) Select_Fuel_Grade(?Y) == 1 ) then Reading := $Premium_Cost * $Gallons_Dispensed ) elsif (((?Y : Fuel) Select_Fuel_Grade(?Y) == 2) then Reading := $Plus_Cost * $Gallons_Dispensed ) else Reading := $Regular_Cost * $Gallons_Dispensed endif; Done;; Off or Done => Free := True; Report($Reading);; end Pump;

Pump


11

type Fuel_Tank is interface action in Requested_Gas_Type(Fuel_Grade : Fuel); out Ok(), Request_To_Refill_Tank(FL : Boolean ; Tank : Integer); behavior Fuel_Level : var Boolean :=True; Available_Gas , Threshold : Gallons; action Select_Tank_Type(Fuel_Grade : Fuel) , Send_To_Pump(); begin (?FG : Fuel) Request_Gas_Type(?FG) => Select_Tank_Type(?FG);; (Available_Gas <= Threshold ) => Fuel_Level_Ok :=False; Request_To_Refill_Tank($Fuel_Level, ?FG);; Send_To_Pump => Ok;; end Fuel_Tank;

Fuel_Tank


12

architecture gas_station() return root is O : Operator; P1, P2, P3, P4 : Pump; C1, C2, C3, C4 : Customer; T : Tank; connect (?C : Customer; ?X : Dollars) ?C.Pre_Pay(?X) => O.Request(?X); (?X : Dollars; ?P : Pump) O.Schedule(?X) => ?P.Activate(?X); (?X : Dollars) O.Schedule(?X) => ?C.Okay; (?C : Customer; ?P : Pump; ?F : Fuel) ?C.Select_Grade(?F) => ?P.Select_Fuel_Grade(?F); (?P : Pump; T : Tank; ?F : Fuel) ?P.Request_Gas_From_Tank(?F) => T.Requested_Gas_Type(?F); (?F : Fuel ; FL : Boolean) T.Request_To_Refill_Tank(?FL , ?F) => O.Refill_Tank(?FL , ?F); (?P : Pump) T.Ok => ?P.Ok (?C : Customer; ?P : Pump) ?C.Turn_On => ?P.On; (?C : Customer; ?P : Pump) ?C.Turn_Off => ?P.Off; (?X : Gallons; ?Y : Dollars; ?P : Pump) ?P.Report(?X, ?Y) => O.Result(?Y); end gas_station;


13

Cruise Control System• Assumptions made about the system:

– The system consists of five interfaces

• Driver

• Accelerator

• Brakes

• SpeedMeter

• Cruise

– The engine is always on in the system.

– The Cruise can sense a change in the car speed.

– Whenever the accelerator is pressed, SpeedMeter increases the speed and has the current speed of the car. SpeedMeter can increase & decrease the speed of the car.

– While going uphill or downhill, the Cruise will try to maintain the CRUISE_SPEED by sending an action to the SpeedMeter.


14

System Block Diagram

in out out in

out out out out

in in in in

out in

in out

Driver

Cruise

Accelerator

SpeedMeter

Brakes


15

Driver Interface

type BOOL is boolean;

type INT is integer;

type Driver is interface

action out Press_Accelerator(),

Press_Cruise_On(),

Press_Cruise_Set(),

Press_Brakes(),

Press_Cruise_Resume(),

Release_Accelerator(),

Press_Cruise_Accelerate(),

Press_Cruise_Decelerate(),

Press_Cruise_Off();

end Driver;


16

Brakes Interface

type Brakes is interface

action in Pressed();

out Cruise_Disable();

behavior

begin

Pressed() => Cruise_Disable();;

end Brakes;


17

Accelerator Interfacetype Accelerator is interface

action in Pressed(),

Released();

out Cruise_Again(),

IncreaseSpeed(Speed : INT);

behavior

Speed : INT;

begin

Pressed() => IncreaseSpeed(?Speed);;

Released() => Cruise_Again();;

End Accelerator;


18

SpeedMeter Interface(1)

type SpeedMeter is interface

action in IncreaseSpeed(Speed : INT),

Cruise_Acc(), Cruise_Dec(),

UpHill(Speed : INT),

DownHill(Speed : INT);

out Speed_Check(Speed : INT);

Cruise_accl_dcl(Speed : INT);

behavior

currentSpeed : var INT;


19

SpeedMeter Interface(2)begin

(?X:INT) IncreaseSpeed(?X)

=> currentSpeed := ?X;

Speed_Check($currentSpeed);;

Cruise_Acc()

=> Cruise_accl_dcl($currentSpeed);;

Cruise_Dec()

=> Cruise_accl_dcl($currentSpeed);;

(?X : INT) UpHill(?X)

=> currentSpeed := ?X;;

(?X : INT) DownHill(?X)

=> currentSpeed := ?X;;

End SpeedMeter;


20

Cruise Interface (1)type Cruise is interface

action in Speed_Check(SPEED : INT);

Cruise_On();

Cruise_Off();

Cruise_Set();

Cruise_Disabled();

Cruise_Resume();

Cruise_Again();

Cruise_AccelDecel();

out Change_In_Speed(Speed : INT);


21

Cruise Interface (2)behavior

CurSpeed : var INT ;

PREVIOUS_SPEED : var INT ;

IN_CRUISE :var BOOL := False;

CRUISE_ENABLED :var BOOL := False;

CRUISE_ON : var BOOL := False;

CRUISE_SPEED : var INT ;

CRUISE_SET : var BOOL := False;

ALLOWABLE : var BOOL := False;

ACCEL_RELEASED : var BOOL := False;

BRAKE_PRESSED : var BOOL := False;

ACCEL_PRESSED : var BOOL := False;

action Cruise_Status();


22

Cruise Interface (3)begin

Cruise_Off()

=> CRUISE_ON := False;

CRUISE_ENABLED := False;

(?Y : INT) Speed_Check(?Y) where ?Y>30 and ?Y<90 and $CRUISE_ON

=> CurSpeed := ?Y;

ALLOWABLE := True;

ACCEL_PRESSED := True;

Cruise_Status();;

Cruise_Status() where $CRUISE_ENABLED := True

=> CRUISE_ENABLED := False;

ACCEL_PRESSED := False;

BRAKE_PRESSED := False;

IN_CRUISE := True;;


23

Cruise Interface (4)

Cruise_Again() where $IN_CRUISE := True

=> CRUISE_ENABLED := True;

CRUISE_SPEED := PREVIOUS_SPEED;

IN_CRUISE := False;;

Cruise_On()

=> CRUISE_ON := True;;

Cruise_Set() where $ALLOWABLE and $CRUISE_ON

=> CRUISE_SPEED :=$CurSpeed;

PREVIOUS_SPEED := $CRUISE_SPEED;

CRUISE_ENABLED := True;

ALLOWABLE := False;;


24

Cruise Interface (5)Cruise_Disabled() where $CRUISE_ENABLED := True

=> CRUISE_ENABLED := False;

BRAKE_PRESSED := True;;

Cruise_Resume() where $CRUISE_ENABLED := False and $BRAKE_PRESSED

and $CurSpeed > 30

=> CRUISE_ENABLED := True;

CRUISE_SPEED := $PREVIOUS_SPEED;

BRAKE_PRESSED := False;;

(?X : INT) Cruise_AccelDecel(?X) where ?X>30 and ?X<90 and $CRUISE_ENABLED=> CRUISE_SPEED := ?X;;


25

Cruise Interface (6)(?X : INT) Change_In_Speed(?X) where $BRAKE_PRESSED := False and

$ACCEL_PRESSED := False and ?X <$CRUISE_SPEED and ?X>30

=>SignalAccelerator($CRUISE_SPEED);;

(?X : INT) Change_In_Speed(?X) where $BRAKE_PRESSED := False and

$ACCEL_PRESSED := False and ?X >$CRUISE_SPEED and ?X<90

=>SignalBrake($CRUISE_SPEED);;

End Cruise;


26

The Architecture(1)achitecture cruise_control() return root

is

D : Driver;

A : Accelerator;

B : Brake;

S : SpeedMeter;

C : Cruise;

connect

D.Press_Cruise_On() => C.Cruise_On();

D.Press_Accelerator() => A.Pressed();

(?X : INT) A.IncreaseSpeed(?X) => S.IncreaseSpeed(?X);

(?X : INT) S.SpeedCheck(?X) => C.Speed_Check(?X)

D.Press_Cruise_Set() => C.Cruise_Set();

D.Press_Brakes() => C.Cruise_Disabled();

D.Press_Cruise_Resume() => C.Cruise_Resume();


27

The Architecture(2)D.Release_Accelerator() => A.Released();

A.Cruise_Again() => C.Cruise_Again();

D.Press_Cruise_Set() => C.Cruise_Set();

D.Press_Cruise_Accelerate() => S.Cruise_Acc();

(?X : INT) S.Cruise_accl_dcl(?X) => C.CruiseAccelDecel(?X);

D.Press_Cruise_Decelerate() => S.Cruise_Dec();

(?X : INT) S.Cruise_accl_dcl() => C.CruiseAccelDecel(?X);

(?X : INT) C.Change_In_Speed(?X) => S.UpHill(?X);

(?X : INT) C.Change_In_Speed(?X) => S.DownHill(?X);

D.Press_Cruise_Off() => C.Cruise_Off();

end cruise_control;


28

Conclusions•Using Rapide we can simulate executions of the system and verify that the traces of those executions conform to the high level specifications of the desired behavior.

•Rapide concepts are being used for complex event processing.

•Applications of Complex Event Processing:•Network Monitoring and Management

•Network Intrusion Detection

•Extensive tool support

•Huge Language

•The learning curve is high

•The manuals are not very user friendly

cs599 formal methods in software architectures 1 temporal examples in rapide mohammad al said miheer...

Documents