A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of...
-
Upload
luis-mcdaniel -
Category
Documents
-
view
213 -
download
0
Transcript of A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of...
![Page 1: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/1.jpg)
A Formal Descriptive Semantics of UMLLijun Shan Dept of Computer ScienceNational University of Defense Technology,Changsha, China
Hong ZhuDepartment of Computing and ElectronicsOxford Brookes University, Oxford, UK
![Page 2: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/2.jpg)
Outline
What is descriptive semantics? The concept and motivation
How to specify descriptive semantics? The formal framework Mappings from diagrams to first order logic (FOPL) Application to UML class, interaction and state
machine diagrams Application of descriptive semantics to
consistency checking of UML modelsConclusion
![Page 3: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/3.jpg)
What is the meaning of UML diagrams? The system has two classes called
Member and Book, (There are two types of objects called member and book)
There is an association between them, which is called Borrow (Members can borrow books)
The upper limit of borrowing is 10 (Each member can only borrow up to 10 books at any time)
The upper limit for a book to be borrowed is 1 (Each book can only be borrowed by at most 1 member at any time)
Member
Book
Borrow
Library system
0..10
0..1
Instances of the class Member
Instances of the class Book
![Page 4: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/4.jpg)
Semantics of modelling languages
‘A model is a set of statements about some system under study’ [Seidwitz, 2003]
The semantics of a modelling language is the satisfaction relationship between a model and a system.
s m
Software model, and models in all scientific disciplines
A system in the subject domain D, i.e. universe of systems that the language is modelling.
A well-formed model in the modelling language.
s is an instance of the model m, i.e. s satisfies the statements of the model m
![Page 5: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/5.jpg)
Two types of semantics
Descriptive semantics Describe the system based on
a set of basic concepts, such as class, association multiplicity upper bound, etc.
Example: The system has two classes
called Member and Book
Functional semantics Define how the system funct
ions at run time. Example:
There are two types of objects called members and books.
Existing work on UML semantics often occurs as a combination of them. They are at ‘object level’.
Example: x.(Member(x) ||{y | Book(y) Borrows(x,y)}|| 10)
Class(Member), Class(Book), Asssociation(Borrows), …
![Page 6: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/6.jpg)
Difficulties in the formalisation of UML Interpretation in different subject domains:
One model can be interpreted in several different subject domains Library system model:
• When interpreted on the subject domain of real world systems, the library of Oxford Brookes University is an instance
• When interpreted on the computer software, …
Extension with new concepts: New basic concepts and constructs can be introduced through
extension facilities, such as introduce new stereo types in profile definitions
Uses in different context: One model may have different meanings in different context
![Page 7: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/7.jpg)
Example: Which of the following programs is the
correct semantics of the model on the right? There are exactly three different classes such that
…; There are at least three different classes such that
…; Which of the following programs can be
considered as satisfying the model?
Member
Staff Student
class Member{ … }class Staff extends Member{…}Class Student extends Member{…}
class MScStudent extends Student{…}
class Member { public enum MemberType {
Staff, Student }public MemberType
TypeOfMember;…
}
UML gives no definition on this issue!
![Page 8: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/8.jpg)
Overview of our approach
This is consistent with the theory of institution proposed by Goguen and Burstall (1992) for formal specification languages.
![Page 9: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/9.jpg)
The formal frameworkDefinition 1. (Semantics of a modelling language)
A formal semantic definition of a modelling language consists of the following elements.
A signature Sig, which defines a formal logic system; A set AxmD of axioms about the descriptive semantics, which is
in the formal logic system defined by Sig; A set AxmF of axioms about the functional semantics, which is
also in the formal logic systems defined by Sig; A mapping T from models to a set of formulas in the formal
logic system defined by Sig. The formulas are the statements for the descriptive semantics of the model;
A mapping H from models to a set of formulas in the formal logic system defined by Sig. The formulas represent the hypothesis about the context in which the descriptive semantics is interpreted.
![Page 10: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/10.jpg)
Definition 2. (Semantics of a model)
Given a semantics definition of a modelling language as in Definition 1, the semantics of a model M under the hypothesis H, written SemH(M), is defined as follows.
SemH(M) = AxmD AxmF T(M) H(M)
where T(M) and H(M) are the sets of statements obtained by applying the semantic mappings T and H to model M, respectively. The descriptive semantics of a model M under the hypothesis H, written DesSemH(M), is defined as follows.
DesSemH(M) = AxmD T(M) H (M)
![Page 11: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/11.jpg)
Satisfaction relation
Definition 4. (Subject domain)
A subject domain Dom of signature Sig with an interpretation Eva is a triple <D, Sig, Eva>, where D is a collection of systems on which the formulas of the logic system defined by Sig can be evaluated according to a specific evaluation rule Eva. The value of a formula f evaluated according to the rule Eva in the context of system sD, written as Eva(f, s), is called the interpretation of the formula f in s. We write s|=Evaf, if a formula f is evaluated to true in a system sD, i.e. s|=Evaf iff Eva(f, s)= true. Definition 5. (Satisfaction of a model)
Let Sig be a given signature and Dom a subject domain of Sig. A system s in D satisfies a model M according to a semantic definition SemH(M) if s|= SemH(M), i.e. for all formulas f in SemH(M), s|=f.
![Page 12: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/12.jpg)
Signature MappingThe signature mapping S from a metamodel M to a signature
= S (M) is defined by a set of signature rules so that statements representing the descriptive semantics of models are -sentences of first order predicates.
Signature RulesS1. For each metaclass named MC in the metamodel, we define a unary atomic predicate MC(x). S2. For each metaassociation from a metaclass X to a metaclass Y in a metamodel, if MA is the association end on the Y side of the metaassociation, a binary predicates MA(x, y) is defined. S3. For each metaattribute named MAttr of type MT in a metaclass MC in a metamodel, a unary function MAttr(x) is defined with domain MC and range MT. S4. For each enumeration value EV given in an enumeration metaclass ME in a metamodel, a constant EV is defined.
![Page 13: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/13.jpg)
A Simplified Metamodel of Class Diagram
MultiplicityElement
ValueSpecification
+upperValue+lowerValue
TypedElement
Type+type
Classifier
+isAbstract: BooleanGeneralisation
+general
DirectedRelationshipFeature
+isStatic: Boolean
StructuralFeature BehaviouralFeature
Parameter
+direction: ParameterDirectionKind
+ownedParameter
Operation ClassProperty
+aggregation: AggregationKind
+ownedAttribute0..1*
Association
+memberEnd2..*
+ownedOperation
0..1*
Relationship
ParameterDirectionKind<<enumeration>>
+in+out+inout+return
AggregationKind<<enumeration>>
+none+shared+composite
Boolean<<enumeration>>
+t+f
DataType
Signal
+specific
Interface
+ownedOperation
+ownedAttribute
NamedElement
VisibilityKind<<enumeration>>
+public+private+protected+package
+associateTo
![Page 14: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/14.jpg)
Example:
Signature elements: unary predicates :
Class(x), Classifier(x), Generalisation(x)
binary predicates: general(x, y) specific(x, y)
Classifier GeneralisationClass
+general
+specific
PersonWoman
Metamodel
![Page 15: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/15.jpg)
Translation mappingTranslation mapping is defined by a set of translation rules that
generate formulas in the signature from a UML model M.
Translation Rules T1: Classification of elements. For each identifier id of concrete type MC, a formula in the form of MC(id) is generated. T2: Properties of elements. For each element a in the model and every applicable function MAttr that represents a metaattribute MAttr, a formula in the form of MAttr(a)=v is generated, where v is a’s value on the property. T3: Relationships between elements.
For each pair (e1, e2) of elements related by relationship R, a formula in the form of R(e1, e2) is generated to specify the relationship by applying binary predicate R(x1, x2).
![Page 16: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/16.jpg)
Example:
Signature elements: unary predicates : Class(x), Classifier(x), Generalisation(x) binary predicates general(x, y) and specific(x, y)
Classifier GeneralisationClass
+general
+specific
PersonWoman
Metamodel
Model
Statements of the model: Class(Woman), Class(Person), Generalisation(wp) specific(wp, Woman), general(wp, Person)
Classifier GeneralisationClass
+general
+specific
PersonWoman
![Page 17: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/17.jpg)
Interpretation in different contexts The context in which a model is interpreted can be specified as
hypothesis. A hypothesis can be defined as a rule that maps from a model to
formulas in the signature.
Hypothesis Rules H1: Distinguishability of elements.
A hypothesis that the elements of type MC in the model are all different from each other can be generated as formulas in the form of ei ej, for ij {1,2,…,k}. H2: Completeness of elements.
A hypothesis on the completeness of elements of type MC can be generated as a formula in the following form.
x. MC(x) (x = e1) (x = e2) … (x = ek) H3: Completeness of relations.
A hypothesis on the completeness of relation R in the model can be generated as a formula in the following form.
x1,x2.R(x1,x2)((x1=e1,1)(x2=e1,2))((x1= e2,1) (x2= e2,2))
… ((x1= en,1) (x2= en,2))
![Page 18: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/18.jpg)
Axiom mappingIt is defined by a set of rules that maps metamodel to -sentence
s as axioms of the models. These rules represents the semantics of OO concepts applied to meta-modelling.
Axiom rules:A1: Completeness of classification.
Let MC1, MC2, …, MCn be the set of concrete metaclasses in a metamodel. We have an axiom x. MC1(x) MC2(x) … MCn(x)A2: Disjointness of classification.
Let MC1, MC2, …, MCn be the set of concrete metaclasses in a metamodel. For each pair of different concrete metaclasses MCi and MCj, ij, we have an axiom x. MCi(x) ¬ MCj(x). A3: Logical implication of inheritance.
For a generalisation relation from metaclass MA to MB in a metamodel, we have an axiom x. MA(x) MB(x).
![Page 19: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/19.jpg)
Strict metamodelling principle Axiom rules also contain ‘hypothesis’ on the uses of class diagra
ms as metamodels, such as the strict meta-modelling principle, which is to ensure that a metamodel is a well-defined abstract syntax of modelling language.
Strict Metamodelling:
In an n-level modelling architecture M0, M1, …, Mn, every element of an Mm-level model must be an instance-of exactly one element of an Mm+1-level model, for all 0 m < n-1, and any relationship other than the instance-of relationship between two elements X and Y implies that level(X) = level(Y).
![Page 20: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/20.jpg)
Axiom Rules (Continue)
A4: Completeness of specialisations.
Let MA be a metaclass in a metamodel and MB1, MB2, …, MBk be the set of metaclasses specialising MA. We have an axiom x. MA(x) MB1(x) MB2(x) … MBk(x).
A5: Types of parameters of predicates.
For each binary predicate MA(x, y) derived from an association from metaclass MC1 to MC2 in a metamodel, we have an axiom x, y. MA(x, y) MC1(x) MC2(y).
A6: Domain and range of functions.
For each function MAttr(x) derived from a metaattribute MAttr of type MT in a metaclass MC, we have an axiom x,y. MC(x) (MAttr(x) = y) MT(y).
A7: Multiplicity of binary predicate. For each binary predicate MA(x, y) derived from an association from metaclass MC1 to MC2 in a metamodel, let Mul be the multicity value specified on the association end MA, we have axioms in the following form.If Mul = 0..1: x, y, z. MC1(x) MA(x, y) MA(x, z) (y = z)If Mul = 1 or unspecified: x. MC1(x) y. MA(x, y) and
x, y, z. MC1(x) MA(x, y) MA(x, z) (y = z)If Mul = 1..*: x. MC1(x) y. MA(x, y)If Mul = 2..*: x. MC1(x) y, z. MA(x, y) MA(x, z) (y z)If Mul = 0..2: x, y, z, u. MC1(x) MA(x, y) MA(x, z) MA(x, u)
(y = z) (y = u) (u = z)
![Page 21: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/21.jpg)
Axiom Rules (continue)A8: Multiplicity of function.
For each function MAttr(x) derived from a metaattribute MAttr of type MT in a metaclass MC, let Mul be the multicity value of the metaattribute MAttr, we have axioms:If Mul = 0..1: x, y, z. MC(x) (MAttr(x) = y) (MAttr(x) = z) -> (y = z)If Mul = 1: x. MC(x) -> y. (MAttr(x) = y) and x, y, z. MC(x) (MAttr(x) = y) (MAttr(x) = z) -> (y = z)If Mul = 1..*: x. MC(x) -> y. (MAttr(x) = y)A9: Distinguishability of the literal constants.
For each pair of different literal values a and b of an enumeration type, we have an axiom a b. A10: Type of the literal constants.
For each enumeration value a defined in an enumeration metaclass ME, we have an axiom in the form of ME(a) stating that the type of a is ME. A11: Completeness of the enumeration.
An enumeration type only contains the listed literal constants as its values, hence for each enumeration metaclass ME with literal values a1, a2, …, ak, we have an axiom in the form ofx. ME(x) -> (x = a1) (x = a2) … (x = ak). Axiom Rule 12: Well-formedness rules.
For each WFR formally specified in OCL, we have a corresponding axiom in the first order language.
![Page 22: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/22.jpg)
Semantics of Interaction and State Machine Same signature, axiom and formula mappings are applied to the
meta-models of UML state machine and interaction diagrams. Additional Axiom Rules for inter-metamodel connectionsAxiom Rules
A10: Cross metamodel association and inheritance.
For each cross metamodel inheritance from metaclass MA to external metaclass MB, we have an axiom in the form of x. MA(x) -> MB(x).
A2’: Completeness of specialisations across metamodels.
Let MA be a metaclass depicted in two metamodels MM1 and MM2. Let metaclasses MB1, MB2, …, MBk be the set of metaclasses that specialise MA in metamodel MM1, and MC1, MC2, …, MCp be the set of metaclasses that specialise MA in metamodel MM2. We have the following axiom when a model is defined by MM1 and MM2.
x. MA(x) -> MB1(x) … MBk(x) MC1(x) … MCp(x)
![Page 23: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/23.jpg)
A Simplified Metamodel of Interaction Diagram
Interaction
Lifeline Message
+lifeline +message
ConnectableElement
+represents
MessageEvent
SendOperationEvent SendSignalEventOperation (from Kernel) Signal (from Kernel)
+operation +signal
+event
+sender
+receiver+after
Behaviour BehaviouralFeature (from Kernel)Classifier(from Kernel)
+specification
+context
TypedElement(from kernel)
![Page 24: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/24.jpg)
A Simplified Metamodel of State Machine
StateMachine
ProtocolStateMachine Vertex
StatePseudoState
+kind: PseudostateKind
Transition
+vertex
+transition
+source
+target
Trigger Constraint
+trigger +guard
ProtocolConformance
DirectedRelationship(from Kernel)
+generalMachine+specificMachine
Behaviour (from Interaction)
+exit +doActivity+entry
+effect
PseudostateKind<<enueration>>
+initial+final+deepHistory+shallowHistory+join+fork+junction+choice
BehaviourStateMachine
StateBehaviour
![Page 25: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/25.jpg)
The Tool LAMBDESLAMBDES stands for Logic Analyser of Model/Metamodel Based on Descriptive Semantics
User InterfaceLAMBDES
Logic system for metamodel
Modelling tool StarUML
Axiom Generator
Metamodel
Metamodel in XMI
Theorem prover SPASS
Inference result
Statements
Model
Model in XMI
Signature Generator
Formula Generator
Signature Axioms
Proof Goal
Hypothesis
Modelling Context
Hypothesis Generator
Domain Generator
Auxiliary constants &
formulas
Conjecture Generator
Conjecture
Logic system for model
Design Pattern Specification
Design Pattern Spec
Repository
![Page 26: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/26.jpg)
Applications of Descriptive Semantics
Consistency checking of UML models Validation of consistency constraints for UML models Consistency checking of UML meta-models Conformance checking of designs to design patterns Consistency checking of specification of design patterns
Definition 3. (Properties of a model)
Let SemH(M) be the semantics of a model M. M has a property P (represented as a formula in the logic system defined by Sig) under the semantics definition SemH(M) and the hypothesis H, if and only if AxmDAxmFT(M) H(M) P in the formal logic system. Similarly, we say that M has a property P in descriptive semantics, if and only if AxmDT(M) H(M) P in the formal logic system.
![Page 27: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/27.jpg)
Consistency checking of UML models
Definition 6. (Logical consistency)
Let SemH(M) = AxmD AxmF T(M) H(M) be the semantics of a model M. Model M is said to be logically inconsistent in the semantic definition SemH(M) if SemH(M)|-false; otherwise, we say that the model is logically consistent.
Definition 7. (Consistent interpretation in a subject domain)
Let Dom=<D, Sig, Eva> be a subject domain as defined in Definition 4. The interpretation of formulas in signature Sig is consistent with first order logic if and only if for all formulas q and p1, p2, …, pk that p1, p2, …, pk |- q, and for all systems s in D that Eva(pi, s) =true for i=1,2,…, k, we always have Eva(q, s) =true.
![Page 28: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/28.jpg)
Validity of consistency checkingTheorem 1. (Unsatisfiability of inconsistent model)
A model M that is logically inconsistent in the semantic definition SemH(M) is not satisfiable on any subject domain whose interpretation of formulas is consistent with first order logic.
Inconsistent model => it cannot be implemented (not satisfiable) Consistency model => not necessarily implementable Other issues effect satisfiability:
Property of the subject domain: e.g. whether the programming language is powerful enough to implement
Non-logic property of the model: e.g. whether the system is feasible
![Page 29: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/29.jpg)
Validation of consistency constraints Consistency constraints:
Logic statements about models, e.g. ‘a life line must represent an instance of a class’ x, y, z. Lifeline(x) represent(x,y) type(y, z) Class(z)
Definition 8. (Consistency w.r.t. consistency constraints)
Given a set of consistency constraints C={c1, c2, …, cn}, the consistency of a model M with respect to the constraints C under the semantics definition SemH(M) is the consistency of the set U = SemH(M) C of formulas. In particular, we say that a model fails on a specific constraint ck, if SemH(M) is consistent, but SemH(M) {ck} is not.
Results of experiments:• A number of sample UML models were checked to be
consistent.• Mutants of the models were checked and inconsistency in
mutants were detected.
![Page 30: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/30.jpg)
Definition of validity and effectiveness
Definition 9. (Validity of consistency constraints)
Let AxmD and AxmF be the sets of axioms for descriptive semantics and functional semantics, respectively. A set C={c1, c2, …, cn} of consistency constraints is descriptively valid if AxmDC is logically consistent. The set C of consistency constraints is functionally valid AxmDAxmFC is logically consistent. Definition 10. (Effectiveness of consistency constraints)
Let A be a set of semantics axioms. A set C={c1, c2, …, cn} of consistency constraints is logically ineffective with respect to the set A of axioms if A C.
Results of Experiments:A set of 5 consistency constraints were validated by using LAMBDES tool. They were proved valid and effective.
![Page 31: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/31.jpg)
Consistency checking of meta-modelsDefinition 11 (Inconsistency of meta-model).
A meta-model M is inconsistent if AxmD(M) is logically inconsistent.
Experiments: Subjects:
Simplified UML, UML 2.0 metamodel, AspectJ profile Findings:
Simplified metamodel: consistent UML 2.0:
16 inconsistencies due to voilation of strict meta-modelling 1 inconsistently as abstract and concrete metaclasses in different metamodel class diagrams.
AspectJ: Incomplete definition of 7 meta-classes2 inconsistency due to violation of strict meta-modelling
![Page 32: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/32.jpg)
Conclusion Separation of functional semantics from descriptive semantics ca
n simplify the formal semantic definition of UML and it is scalable Applicable for all types of diagrams defined in meta-model uniformly Applicable to multiple views defined by multiple meta-models, and addre
ssed the extendability issues Addressed the issue due to flexibility in the uses of modelling language in
different development context Addressed the issue for different interpretation of modelling languages in
different subject domains Reasoning about models in first order logic can be feasible and u
seful in model drive software development Can be automated by tools such as LAMBDES + SPASS + StarUML Can reason about properties that are not possible for semantics at object le
vel, such as The validation of consistency constraints, The consistency of meta-model, etc. The conformance of designs to patterns,
![Page 33: A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.](https://reader038.fdocuments.in/reader038/viewer/2022110116/5515ea72550346d46f8b5107/html5/thumbnails/33.jpg)
Future work Further development of the axioms for functional
semantics; Theoretical analysis of the logic properties of the
semantics definition Soundness of the rules: yes Consistency of the rules: yes Completeness of the rules:
In what sense? How to prove?
Case studies on reasoning about other properties of designs, such as Platform specific models, platform independence, etc. Transformation of models,