inria sophia-antipolis, oasis team inria rhône-alpes, vasy team feria–irit/laas, svf team...
TRANSCRIPT
INRIA Sophia-Antipolis,
Oasis team
INRIA Rhône-Alpes,
Vasy team
Feria–IRIT/LAAS,
SVF team Toulouse
GET - ENST Paris,
LTCI team
FIACRE Models and Tools for the Safety and Security Analysis
of Distributed Components and their Composition Fiabilité des assemblages de composants répartis
Action 1: Specification Formalisms and Common Intermediate FormatspNets: Parameterized Networks (Model and API)We have defined this model as a very expressive formalism, adding parameters to Arnold and Nivat’s Networks of labelled transition systems (Forte’2004). It is the central element of our method, providing a uniform semantical representation for specification, for model generation, and for analysis.
Fiacre Language: “Format Intermédiaire pour les Architectures de Composants Répartis Embarqués” (ongoing work)Fiacre is an intermediate format for the verification of asynchronous embedded component system, developed jointly in the context of the FIACRE project, the Topcased project of the “Aerospace Valley” pôle de compétitivité (http://www.topcased.org), and the OpenEmbeDD RNTL platform.It inherits of experience from the Cotre project and the NTIF intermediate format. It will be a target language for applications written in standard modelling languages (AADL, UML, etc.), and a common input format for the verification toolkits CADP and TINA.
Specialized UML Diagrams (ongoing work): design of a dedicated extension of UML composite structures and state machines for distributed hierarchical components and their behaviour. This will be the “non-expert” entry point to the fiacre analysis platform.
Dedicated Specification Patterns (at beginning stage): based on the specification pattern language of M. Dwyers, we are defining a logical language close to the natural language, but endowed with a precise semantics, and offering constructs specific to distributed grid applications.
Action 2: Semantics and Model Generation for Distributed Components.
► Applies to the distributed Fractal implementation based on the ProActive library
BCLFUser
Access
Internet
WebServer
BCLFbehaviour BODY[IACCESS] where ...process METHOD_GET[IACCESS](m:Get) : exit := IACCESS !getIP(m) !getURL(m); exitendprocprocess BODY[IACCESS]: noexit := choice IP:IP [] choice URL:URL [] ( IACCESS !C(get(IP,URL)) of IAccess; METHOD_GET[IACCESS](get(IP,URL)) ) ... >> BODY[IACCESS]endproc
System
interface IAccess { void login(IP ip, ID id); void logout(IP ip); HTML get(IP ip, URL url);}
ADL – IDL – BDL: Architecture, Interface and Behaviour Description Languages
BCext
?bind(Itf)
?unbind(Itf)
!bound(Itf)
!unbound
BCext
!started
!stopped ?stop
!started
!login(ip,id)
!logout(ip)
!get_req(ip,url)
tau
tau
?get_resp(url2)
User
Body
LF LF
BCint
WebServer
BCext
BCextBC
ext
Access
Internet
BCext
BCext
System
Semantic Model: pNets- Parameterized hierarchical networks of labelled transition systems- Target of the model generation engine, and source of gateways to the various verification engine input languages.
Impact: our Architecture and Behaviour description language has been accepted as the standard for the Grid Common Model of the CoreGRID NoE
Model Generation
ADL2N
FC2Instantiate
FC2Exp
CAESAR
pNets +Instantiation
Nets
Verification
CADP
Proofs &Diagnostics
Properties
Input
ADL +Java Intf
Primitive source code
Primitive behaviour
Source codeanalysis
SyncVector
LTS
Model Generation Tools- Structure extraction from the ADL- Generation of non-functional controllers : life-cycle, binding controller, attribute controller, content controller, request queues, future proxies
- Predefined data types with finite abstraction
- Selective visibility of messages and values
Future Developments:- Generation of pNet models and code skeletons from UML diagrams- High level specification of reconfiguration operations
OASIS
Partners:
Action 3: Verification EnginesCADP toolbox
More than 42 tools and 17 software components for thedesign and validation of distributed systems: simulation,
distributed and sequential state graph generation, verificationof temporal logic, bisimulations
New tools
• Exp.Open 2.0 tool for computingnetworks of Automata
• Reductor 5.0 on-the-fly stategraph reducer
Tool enhancements
Model checking of temporal logic extended with data
Gateways between
Tina and CADPNew gateways
• Tina generates marking graphs
in the BCG format of CADP
• Tina checks formulas on BCG graphs
• CADP translates networks of automata
in the TPN Petri net format of Tina
Ongoing: The Fiacre common
intermediate language (see Action 1)
Tina toolboxTools for the edition and analysis of Petri nets andtime Petri netsNew tools• SELT: State/Event LTLmodelchecker
• Compiler from RT/LOTOS
into Tina Petri nets
• Compiler from V-Cotre into
Tina Petri nets
Tool enhancements
Verification of systems with data, time, and priorities