Advanced support for executable statechart modelling
Transcript of Advanced support for executable statechart modelling
Advancedsupportfor executablestatechartmodelling
TomMens&AlexandreDecanSo-wareEngineeringLab
DepartmentofComputerScience
informatique.umons.ac.be/genlog
ResearchContextModel-drivenso-wareengineeringGoal
Increasequalityandreliabilityofso-waresystemsbeforeimplementa.onphasethroughuseofvisualdesignmodels
How?• Specifystructureandbehaviourofso-ware-intensivesystems•athighlevelofabstracJon•withoutconsideringtechnicaldetails
• Allowformalreasoningoverthesystem• Testandsimulatesystembehaviour• FacilitatesystemevoluJon• ExploredesignalternaJves• AutomatedcodegeneraJon
2TomMens–INFORTECHday—UMONS–21April2016
ResearchContextModel-drivenso-wareengineering
3TomMens–INFORTECHday—UMONS–21April2016
BottomUp TopDown
Activities:Formalverification,modelchecking,theoremproving,…Formalisms:temporallogics,automata,Petrinets,gametheory,…
Activities:Modelexecution,modelsimulation,automatedtesting,codegeneration,…
Modelinglanguages:UMLmodels,businessprocessmodels,…
ResearchContextExecutablemodelling
4TomMens–INFORTECHday—UMONS–21April2016
state of
the art
Code
Automation level
Abstraction level
code
only
code
centric
Code Code Code
Model Model Model Model
round-trip
engineering
model
centric
executable
models
visualise synchronise generate
FocusonstatechartmodelsFrequentlyusedinindustry!Well-suitedfordescribingevent-drivenbehaviourofconcurrent,real-Jmesystems
ResearchContextExecutablemodelling
5TomMens–INFORTECHday—UMONS–21April2016
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Elevatorexample
Executablestatechartmodelling
Prosandcons!
Commercialtoolsupportavailable• IBMStatemate,IBMRhapsody,MathWorksStateflow,YakinduStatechartTools
“StandardisaJon”throughUML!ManysemanJcvariaJonsNoopensourcesoluJonsLimitedsupportforadvanceddevelopment
techniques
7TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Researchgoals
Providemoreadvancedsupportforstatecharts• DealingwithsemanJcvariaJon• AutomatedtesJngandtestgeneraJon• Designbycontract• Behaviour-drivendevelopment• FormalverificaJonandmodelchecking• ComposiJonmechanisms• DesignspaceexploraJon• DetecJngqualityproblems• Applyingmodelrefactoring• ModelevoluJon
8TomMens–INFORTECHday—UMONS–21April2016
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Sismic
• InteractiveStatechartModelInterpreterandChecker– PythonlibraryavailableonPythonPackageIndex(PyPI)– releasedunderopensourcelicenceLGPLv3– Sourcecode• github.com/AlexandreDecan/sismic
– Documentation• sismic.readthedocs.org
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Sismic
• Executingstatechartbehavioursimulator=Interpreter(my_statechart)simulator.execute_once()simulator.queue(Event(’floorSelected’,floor=4))simulator.execute_once()
• Definingandrunningastorystory=Story([Event('floorSelected',floor=1),Pause(10),Event('floorSelected',floor=4),Pause(10)])story.tell(simulator)print(simulator.time) #20print(simulator.context.get('current')) #4
TomMens–INFORTECHday—UMONS–21April2016
• Addpreciseanddynamicallyverifiablespecificationstoexecutablesoftwarecomponents(e.g.,methods,functions,classes)
• BasedonBertrandMeyer’s “DesignbyContract”
• Thecodeshouldrespect acontract,composedof– preconditions– postconditions– invariants
Executablestatechartmodelling
Contract-drivendevelopment
classDICTIONARY[ELEMENT]featureput(x:ELEMENT;key:STRING)isrequirecount<=capacitynotkey.emptyensurehas(x)item(key)=xcount=oldcount+1endinvariant0<=countcount<=capacityend
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Contract-drivendevelopment
contractElevatorSystempre:current=0pre:destination=0inv:current>=0inv:destination>=0
Exampleofstatechartcontract
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Contract-drivendevelopment
Exampleofstatechartcontractcontextmoving
pre:destination<>currentpost:current=destination@pre
contextnotMovingpre:destination=current
contextdoorsOpeninv:notoclIsInState(moving)
contextmovingUppre:current<destination
post:current>current@pre
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Contract-drivendevelopment
DetectingcontractviolationsInvariantError!Object:BasicState(doorsOpen)Assertion:notactive('moving’)Configuration:['doors','elevator','floorListener','doorsOpen','floorSelector','moving','movingUp']!Step:MacroStep@10(InternalEvent(doorsReady),[Transition(waitingForDoors,movingUp,doorsReady)],>['moving','movingUp'],<['waitingForDoors','notMoving'])!Evaluationcontext:-destination=4-current=2
TomMens–INFORTECHday—UMONS–21April2016
ExecutablestatechartmodellingTest-driven&behaviour-drivendevelopment
TomMens–INFORTECHday—UMONS–21April2016
• Includeacceptancetestandcustomertestpracticesintotest-drivendevelopment
• Encouragecollaborationbetweendevelopers,QA,andnon-technicalstakeholders(domainexperts,projectmanagers,users)
• Useadomain-specific(non-technical)languagetospecifyhowthecodeshouldbehave– Bydefiningfeaturespecificationsandscenarios– UsingGherkinlanguage
• Reducesthetechnicalgapbetweendevelopersandotherprojectstakeholders
Executablestatechartmodelling
Behaviour-DrivenDevelopment
TomMens–INFORTECHday—UMONS–21April2016
Example(takenfromdocs.behat.org/en/v2.5/guides/1.gherkin.html)
Executablestatechartmodelling
Behaviour-drivendevelopment
Feature:ServecoffeeInordertoearnmoneycustomersshouldbeabletobuycoffee!Scenario:BuylastcoffeeGiventhereis1coffeeleftinthemachineAndIhavedeposited1dollarWhenIpressthecoffeebuttonThenIshouldbeservedacoffee
TomMens–INFORTECHday—UMONS–21April2016
Feature:Elevatorsystem(continued)!…!Scenario:Doorscloseafter10secondsGivenIreproduce"Elevatormovesto4thfloor"WhenIwait10secondsThenstatedoorsOpenshouldnotbeactive!Scenario:Elevatormovestogroundafter30secsGivenIreproduce"Doorscloseafter10seconds"WhenIwait30secondsThenthevalueofcurrentshouldbe0
Executablestatechartmodelling
Behaviour-drivendevelopment
Example:FeaturespecificationforElevatorstatechart
Feature:Elevatorsystem!Scenario:ElevatorstartsongroundfloorWhenIexecutethestatechartThenthevalueofcurrentshouldbe0Andthevalueofdestinationshouldbe0AndstatedoorsOpenshouldbeactive!Scenario:Elevatormovesto4thfloorWhenIsendeventfloorSelectedwithfloor=4Thenthevalueofcurrentshouldbe4AndstatedoorsOpenshouldbeactive
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Behaviour-drivendevelopment
• SupportingBDDFeature:ElevatorSystem[...]!1featurepassed,0failed,0skipped4scenariospassed,0failed,0skipped13stepspassed,0failed,0skipped,0undefinedTook0m0.017s
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Behaviour-drivendevelopment
• SupportingBDD
Failingscenarios:Elevatormovestogrounda-er30secs
AsserJonFailed:Variablecurrentequals4!=00featurespassed,1failed,0skipped 3scenariospassed,1failed,0skipped 12stepspassed,1failed,0skipped,0undefined
Took0m0.014s
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Sismic
• CoverageanalysisStatecoverage:92.86%Enteredstates:root(4)|elevator(4)|moving(4)|movingUp(12)|movingDown(4)|notMoving(8)|standing(9)|waitingForDoors(4)|doors(4)|doorsOpen(8)|doorsClosed(6)|floorSelector(4)floorListener(4)|Remainingstates:halted!Transitioncoverage:73.33%Processedtransitions:movingUp[None]->movingUp(9)|moving[None]->notMoving(4)|standing[None]->waitingForDoors(4)|...
TomMens–INFORTECHday—UMONS–21April2016
Executablestatechartmodelling
Sismic• Definingpropertiesoverstatecharts
– IfelevatordoesnotreceivefloorSelectedeventduring30seconds,groundfloorshouldbereached5secondsafter
– Canbecheckeddynamicallybymeansofruntimemonitoring
TomMens–INFORTECHday—UMONS–21April2016
ExecutablestatechartmodellingFuturework
• Compositionandcommunicationmechanisms
TomMens–INFORTECHday—UMONS–21April2016
ExecutablestatechartmodellingFuturework
• Automateddetectionofcontracts,basedon• dynamicanalysisofstatechartexecutions• staticsymbolicanalysisofactionsandguards
• Automatedtestgeneration• Basedoncontractspecifications• Basedonmutationtestingorconcolictesting
• Formalverificationandmodelchecking• Basedontemporallogicproperties• Expressedindomain-specificlanguage(e.g.Dwyerspecificationpatterns)
TomMens–INFORTECHday—UMONS–21April2016
ExecutablestatechartmodellingFuturework
• Supportforqualityanalysis• Detectionofmodelsmells
• Supportforqualityimprovement• Automated(behaviourpreserving)modelrefactoring
TomMens–INFORTECHday—UMONS–21April2016
ExecutablestatechartmodellingFuturework
• Softwareproductfamilydesignandvariabilityanalysis
• Example:featuremodel ofanelevatorcontrolsystemproductline