ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial...
Transcript of ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial...
![Page 1: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/1.jpg)
1
ADVISES Tutorials:ICO Tutorial
LIIHS-IRIT, University Toulouse 3
Rémi Bastide, David NavarrePhilippe Palanque
![Page 2: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/2.jpg)
2
Overview
Introduction to Petri netsprinciplesexemples & exercisesverification techniques
Introduction to the ICOsprinciplesexemple & exercisetool support
![Page 3: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/3.jpg)
3
Development process
Qualitative analysis
ith
iteration
System modelling
Quantitative analysis
CheckObjectives
Improve thesystem model
OkNot Ok
Maintain task and systemmodels consistency
TowardsUsabilityTesting
ith
iteration
Task modelling
ith
iteration
Requirements modelling
Maintain conformance torequirements
Performanceevaluation
Complexityevaluation
Models
Activities
![Page 4: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/4.jpg)
4
ICO Tutorial - Petri Nets
![Page 5: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/5.jpg)
5
Content
Introduction
An intuitive introduction to Petri Nets
The five Petri Nets Principles
Introduction to Analysis Techniques
Conclusion
![Page 6: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/6.jpg)
6
An intuitive introduction : two racing cars (1)
![Page 7: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/7.jpg)
7
An intuitive introduction : two racing cars (2)
T1: car a; send ready sign
T2: car a; start race
T3: starter; give start sign
T4: car b; send ready sign
T5: car b; start race
P1: car a; preparing for startP2: car a; waiting for startP3: car a; runningP4: ready sign of car aP5: start sign for car aP6: starter; waiting for ready signsP7: starter; start sign givenP8: car b; preparing for startP9: car b; waiting for startP10: car b; runningP11: ready sign of car bP12: start sign for car b
List of actionsList of actions List of conditionsList of conditions
![Page 8: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/8.jpg)
8
An intuitive introduction : two racing cars (3)
P1 car a; preparing for start
P2=true car a; waiting for start
P3 car a; running
P4=true ready sign of car a
P5 start sign for car a
P6=true starter; waiting for ready s.
P7 starter; start sign given
P8=true car b; preparing for start
P9 car b; waiting for start
P10 car b; running
P11 ready sign of car b
P12 start sign for car b
car a; preparing for start P1=true
car a; waiting for start P2
car a; running P3
ready sign of car a P4
start sign for car a P5
starter; waiting for ready s. P6=true
starter; start sign given P7
car b; preparing for start P8=true
car b; waiting for start P9
car b; running P10
ready sign of car b P11
start sign for car b P12
T1
![Page 9: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/9.jpg)
9
An intuitive introduction : two racing cars (4)
P1 car a; preparing for start
P2=true car a; waiting for start
P3 car a; running
P4=true ready sign of car a
P5 start sign for car a
P6=true starter; waiting for ready s.
P7 starter; start sign given
P8=true car b; preparing for start
P9 car b; waiting for start
P10 car b; running
P11 ready sign of car b
P12 start sign for car b
car a; preparing for start P1=true
car a; waiting for start P2
car a; running P3
ready sign of car a P4
start sign for car a P5
starter; waiting for ready s. P6=true
starter; start sign given P7
car b; preparing for start P8=true
car b; waiting for start P9
car b; running P10
ready sign of car b P11
start sign for car b P12
T1
![Page 10: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/10.jpg)
10
An intuitive introduction : two racing cars (5)
P1 car a; preparing for start
P2=true car a; waiting for start
P3 car a; running
P4=true ready sign of car a
P5 start sign for car a
P6=true starter; waiting for ready s.
P7 starter; start sign given
P8 car b; preparing for start
P9=true car b; waiting for start
P10 car b; running
P11=true ready sign of car b
P12 start sign for car b
car a; preparing for start P1=true
car a; waiting for start P2
car a; running P3
ready sign of car a P4
start sign for car a P5
starter; waiting for ready s. P6=true
starter; start sign given P7
car b; preparing for start P8=true
car b; waiting for start P9
car b; running P10
ready sign of car b P11
start sign for car b P12
T1
T4
![Page 11: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/11.jpg)
11
The five Petri Nets Principles
The principle of DualityThe principle of LocalityThe principle of ConcurrencyThe principle of Graphical RepresentationThe principle of Algebraic Representation
![Page 12: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/12.jpg)
12
The Principle of Duality
Two sets of elements
places : passive elements of the representation places : passive elements of the representation of the real worldof the real world
transitions : active elements of the transitions : active elements of the representation of the real worldrepresentation of the real world
![Page 13: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/13.jpg)
13
The Principle of Locality
The behaviour of transitions depends only on their input and output places.
![Page 14: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/14.jpg)
14
The Principle of Concurrency
Transitions having disjoint locality occur independently i.e. true concurrency
![Page 15: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/15.jpg)
15
The Principle of Graphical Representation : Definition
Places are represented by rounded graphical symbols
Transitions are represented by edged graphical symbols
Arcs connect a transition to its locality
Additionally, there may be inscriptions like names, tokens, expressions or guards
![Page 16: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/16.jpg)
16
The Principle of Graphical Representation : An example
A Petri Net for the car a
P1
P5P4
P3T2P2T1
![Page 17: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/17.jpg)
17
Graphical Representation
P1
P5P4
P3T2P2T1
P8
P12P11
P10T5P9T4
P6 P7T3
![Page 18: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/18.jpg)
18
The Principle of Algebraic Representation
To each graphical representation an equivalent algebraic representation is associated
Generally a matrix
![Page 19: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/19.jpg)
19
An algebraic Representation (1)
54321
100000100121
pre
ppppp
tt
=
54321
000110010021
post
ppppp
tt
=
=
−
+
=−+=
01010
00001
01010
00001
)1()1(0 1 tpretpostmm
=
00001
m0
![Page 20: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/20.jpg)
20
An algebraic Representation (2)
54321
10011011
0121
pre -post C
ppppp
tt
−
−−
==
=
−
+
=+=
01010
01011
00001
)1(01 tCmm
=
00001
m0
![Page 21: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/21.jpg)
21
Introduction to Analysis Technique
Several behaviours of a mousedrag’n’dropdrag’n’dropclick and double clickclick and double click
Requirementsno defectno defectno dead branchno dead branch
![Page 22: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/22.jpg)
22
The Drag’n’Drop part
mD
uE
d
Idle
mB
Down
Moving
mD
uE
d; u; d
Idle
mCB
Second_Down
Moving
![Page 23: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/23.jpg)
23
Click and Double-Click parts
du / StartTimer
mC,M
uDC
Idle DownOne_Click Second_Down
tC
tC
d
![Page 24: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/24.jpg)
24
Complete View of the Mouse
du / StartTimer
mC,M
uDC
Idle DownOne_Click Second_Down
tC
tC
mD
uE
d
mB
Moving
mC,B
![Page 25: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/25.jpg)
25
Analysis techniques
Aimslook for defectsverify fulfilment of requirements
Various techniquesalgebraic verificationtopological analysisgraph theory analysis on the marking graph
Optimisation : reduction technique
![Page 26: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/26.jpg)
26
Petri Nets Reduction : implicit transition
t1
t5
t4t3
t2
p1 p4 p5
p2
p3
t11
t10
t9
t8t7t6
![Page 27: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/27.jpg)
27
Petri Nets Reduction : Fusion of transitions
t5
t4t3
t2
p1 p4 p5
p2
p3
t11
t10
t9
t8t7t6
![Page 28: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/28.jpg)
28
Petri Nets Reduction : Fusion of places
t5
t4t3
t2
p1 p4 p5
p2
p3
t11
t9 & 10
t8t7t6
![Page 29: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/29.jpg)
29
Petri Nets Reduction : Fusion of places (2)
t5
t4
t2
p1 & 2 p4 p5p3
t11
t9 & 10
t8t7t6
![Page 30: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/30.jpg)
30
Petri Nets Reduction : Fusion of places (3)
t5
t4
t2
p1 & 2 & 3 p4 p5
t11
t9 & 10
t8t7
![Page 31: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/31.jpg)
31
Petri Nets Reduction :Final Steps
t5
t2
p1 & 2 & 3 & 4 p5
t11 t9 & 10
t8
t5
t2
p1 & 2 & 3 & 4p5
t11
t8
t5
t2
p1 & 2 & 3 & 4 & 5
t11
T
p
![Page 32: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/32.jpg)
32
Conclusion
allow designers to model –– control structurecontrol structure–– concurrency (parallelism and synchronisation)concurrency (parallelism and synchronisation)–– time modelling (time on places, transitions and arcs)time modelling (time on places, transitions and arcs)
graphical representation, mathematically foundedstructuring mechanisms –– hierarchical refinement (macro and fusion)hierarchical refinement (macro and fusion)–– composition mechanisms (clientcomposition mechanisms (client--server protocol, communication)server protocol, communication)
however lack of –– methodological structuring (how to break down the system model)methodological structuring (how to break down the system model)–– handling of data structure handling of data structure
objects, maybe?objects, maybe?
![Page 33: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/33.jpg)
33
Requirements mouse
What are the expected properties of the system ?⌧There is no influence between uses.⌧There is no dead branch in the specification.
![Page 34: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/34.jpg)
34
Transposition into Petri nets theory
These above requirements can be proved directly on Petri nets thanks to algebra and / or markings graph
Liveness (potential fireability in all reachable markings ) → Commoner theorem + ‘Traps & siphons’ algorithm
Reversibility (recoverability of the initial marking from any reachable markings) → Markings graph or using traps.
![Page 35: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/35.jpg)
35
Tool support for analysisTool support for analysis
![Page 36: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/36.jpg)
36
Tool support (2)Tool support (2)
1 0 0 0 0
0 0 1 0 0
0 1 0 0 0 0 0 0 1 0
0 0 0 0 1
M1
M2
M3M4
M5
T4
T8
T9
T7
T5
T2
T1
T6
T10
T3
Markings graph build from matrix
![Page 37: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/37.jpg)
37
Description of properties How to represent properties: Temporal logic CTL*Every property is equivalent to some combination of safety property and liveness property.⌧Safety property: ‘ Nothing bad ever happens’ ⌧Liveness property: ‘ Something good will eventually happen’
Verification of prropertiesBuild the markings graph associated the model system (model by Petri nets)Check these properties in each node of the marking graph (model checking)
Automatic verificationAutomatic verification
Requirements System??
![Page 38: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/38.jpg)
38
Temporal logic CTL* (1)Temporal logic CTL* (1)
CTL* (Computational Tree Logic Star)1 state has one or more successor:1 state has one or more successor:Model: infinite treeModel: infinite tree
OperatorsOperators::⌧A (all possible future); E (one possible future) + {F, G, X, U}
Connectors logic:Connectors logic:⌧∧ (and); ∨ (or); (not); ⇒ (implication)
![Page 39: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/39.jpg)
39
Graphical interpretationGraphical interpretation
Temporal logic CTL* (2)Temporal logic CTL* (2)
si |= AGp si |= AFp
si si
The formulae p (resp. q) is true at the red (resp. blue) state and false at the white state
si |= EGp
si
si |= EFp
si
![Page 40: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/40.jpg)
40
Graphical interpretationGraphical interpretation
Temporal logic CTL* (3)Temporal logic CTL* (3)
si |= AXp si |= EXp
si si
si
si |= A(p U q) si |= E(p U q)
si
![Page 41: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/41.jpg)
41
Case study: cash dispenserCase study: cash dispenser
Insert CardInsert Code (maxi. 3 tests)Select AmountTake out Credit cardTake out Money
Display (Code ?)Display (Amount ?)Exit Credit cardDistribute MoneyReinitialize
User actions System
![Page 42: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/42.jpg)
42
Cash dispenser: requirementsCash dispenser: requirements
Requirements and specification in CTL*The system reinitialises after the end of operatorsThere is no dead branchWell pin number is necessary to continue operators: AG(Code = Ok ⇒ AX(Display (‘ Code ? ’)) ⇔ AG(IncorrectCode ⇒ AX CardIn)Only entering pin numbers three times is legal, beyond the system reinitialises: AG(f ∧ (X f ∧ (X f)) ⇒ AX (Reinitialise)) f:= Display(‘Code ?’) ∧ (Code = Ok) ⇔ AG(Counter=3 ⇒AX(Idle))
![Page 43: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/43.jpg)
43
Cash dispenser: modelled by Cash dispenser: modelled by Petri netPetri net
InsertCard
CardIn
InsertCode<C,Code>
CodeIn
Idle
C.Code<>CorrectCode
<C,Code>
<c>
<Code>
<c>
<c>
InsertAmount<Amount>
<c>
32
Incorrect Code
Counter
P3
P4
P5
T1 T2
T3
T4
Reinitialize
C.Code=CorrectCode
<C,Code>
Three entering pin numbers for cash dispenser modeled by
ordinary Petri net
InsertCard
CardIn
InsertCode<C,Code,n>
CodeIn
Idle
C.Code<>BonCode C.Code=BonCode
<Code,n>
<c>
<Code>
<c,n>
<c,n>
TestCode
n:=0
n:=n+1
<n>
n<3 n=3
<n>
<n> <n>
T1_2 T3
Three entering pin numbers for cash dispenser modeled by
Object Petri net
![Page 44: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/44.jpg)
44
Cash dispenser: verification of Cash dispenser: verification of propertiesproperties
Cash dispenser (three entering pin numbers): Liveness and boudness property
Verification of two last properties need a model checking. Verification of two first properties can be proved directly on the structure of Petri nets thanks to markings graph, reversible and liveness properties
![Page 45: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/45.jpg)
45
Case study: cash dispenser (3)Case study: cash dispenser (3)
Reachable markings Markings ‘graph’ (shape of matrix)
![Page 46: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/46.jpg)
46
Case study: cash dispenser (4)Case study: cash dispenser (4)
1 0 0 0 0 0 2 0
0 1 0 0 0 0 2 0
0 0 1 0 0 0 2 0
0 0 0 1 1 0 2 0 0 0 0 0 0 1 2 1
0 1 0 0 1 0 1 0
0 0 1 0 1 0 1 0
0 0 0 1 2 0 1 0 0 0 0 0 1 1 1 1
0 1 0 0 2 0 0 0
0 0 1 0 2 0 0 0
0 0 0 1 3 0 0 0 0 0 0 0 2 1 0 1
M1
M2
M3
M4 M5
M6
M7
M8 M9
M10
M11
M12
M13
T1 (InsertCard)
T2 (InsertCode)
T3 T4
T6
T8
T7 (Reinitialize)
T3T4 (Code Ok)
T6
T3 (Code Not Ok)T4 (Code Ok)
T5
T5
(Code not Ok) (Code Ok)
(Code not Ok)
T2 (InsertCode)
T2 (InsertCode)
Cash dispenser (three entering pin numbers): Markings graph from matrix result
Number of nodes in each level of the graph
![Page 47: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/47.jpg)
47
Conclusions and prospectsConclusions and prospects
Model checking shows satisfaction between the system model (modelled by generalised Petri nets) and system properties (specified in CTL*)
Size of model and of markings graph is considerableDirections
Object Petri nets: easier to model, the size of model will be reduced⌧relationship between generalised and object Petri nets⌧Analysis of OOPN: Symbolic graph, P, T-invariants
High level temporal logic: adapts to Object Petri nets⌧property specification will be less complex
![Page 48: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/48.jpg)
48
System modelling
One single formalism the Interactive Cooperative Objects (based on Petri nets and the OO approach)OO constructs for structuring, Petri nets for dynamicsSpecial components for interface design (for input and for output)
activation functionrendering part (places and transitions)
![Page 49: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/49.jpg)
49
Why using OO constructs ?
structuring of systems in an efficient wayeasier to manage–– to test, to adapt, to reuse to test, to adapt, to reuse =>=> loosely coupled and highly coherent componentsloosely coupled and highly coherent components
easier to understand –– data and actions gathereddata and actions gathered–– information information hiddinghidding => => close to the objects of the real wordclose to the objects of the real word
however, –– control structure of the system distributed among the objects control structure of the system distributed among the objects –– handling of concurrent objects by breaking them downhandling of concurrent objects by breaking them down
![Page 50: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/50.jpg)
50
Why Petri nets ?
deal with–– concurrency (parallelism and synchronisation)concurrency (parallelism and synchronisation)–– time time modelingmodeling (time on places, transitions and arcs)(time on places, transitions and arcs)
mathematically founded & GR–– static analysis (intrinsic properties of models)static analysis (intrinsic properties of models)–– dynamic analysis (simulation, execution)dynamic analysis (simulation, execution)
structuring mechanisms–– hierarchical refinement (macro and fusion)hierarchical refinement (macro and fusion)–– composition mechanisms (clientcomposition mechanisms (client--server protocol, communication)server protocol, communication)
however lack of –– methodological structuring (how to break down the system model)methodological structuring (how to break down the system model)–– handling of data structurehandling of data structure
![Page 51: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/51.jpg)
51
Objects inside Petri nets–– places are the state variables of places are the state variables of
the system, their value is a set of the system, their value is a set of objects (system state=current objects (system state=current marking and current marking and current marking=set of objects marking=set of objects references)references)
–– arcs arcs aresares labelled by variables, labelled by variables, stating the flow of objects stating the flow of objects references in the netreferences in the net
–– transitions model state changes transitions model state changes in the system in the system
» use and modify objects’ value by requesting methods
» feature preconditions testing the value of the objects in the incoming places
Trash
RadarViewPlanes
<p><p><p,values>
Shoot<p,values>
values=100
Strips : <p: planes; value: tuple>; RadarView, Planes : <p:planes>;
Strips
![Page 52: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/52.jpg)
52
The ICO formalism: Presentation part
Rendering in placestoken entered token entered token removedtoken removedtoken resettoken reset
Rendering in transitionsStart actionStart actionStop actionStop action
![Page 53: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/53.jpg)
53
A short example: The ATM
Only several servicesOnly part of the presentationComplete behaviour
![Page 54: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/54.jpg)
54
OO representation of the ATM
Class ATM
Selectamount
Insertcard
Withdrawcard
Withdrawcash
innerstate
EnterPin
![Page 55: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/55.jpg)
55
OO representation of the ATM 2
Class ATMAttributesa, b: Real; c: Card;r: {CANCEL, RETRY};
MethodsOk <a,b:real> : Boolean;Avail <c:Card> : Real;Visible commands
DisplayCardIn, DisplayAmount, DisplayCashCardAvail, DialogWindow, DisplayCardRemoved, DisplayCashRemoved,
ServicesInsertCard <c:Card>;
Select <a: Real>;GetCash; GetCard;
EnterPin <n:Integer>;
ObCSPresentation
LayoutActivationRendering
![Page 56: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/56.jpg)
56
ICO modelling of the ATM '1
Layout
![Page 57: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/57.jpg)
57
ICO modelling of the ATM '2
Widget User's actions ServicePushbutton InsertCard Click InsertCardPushbutton "£ 20" Click SelectPushbutton "£ 40" Click SelectPushbutton "£ 60" Click Select… … SelectPushbutton "£ 160" Click SelectPushbutton Cash Click GetCashPushbutton Card Click GetCardPushbutton Cancel Click User CancelPushbutton Retry Click User Retry
Activation RenderingObCS's transitions MethodInsertCard DisplayCardInEnter Pin DisplayPinSelect DisplayAmountT4 DisplayCashCardAvailT5 DialogWindowT8 DisplayCardRemovedT9 DisplayCashRemovedOthers No specific Rendering
![Page 58: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/58.jpg)
58
ICO modelling of the ATM '3
No Card
InsertCard
Card inMachine
Ready to select
Select
<a>
<a>
<a><a>
<b>
<b>
<b>
b:=Avail(c)
<c>
<c>
<c>
Not Ok(a,b)Ok(a,b)r:=User.choice
<r>
<r> <r>
r=RETRYr=CANCEL
GetCashGetCard
P0
P2 P3
T0
T2 T3
P4 P5
T4 T5
P6
P7 P8
P9 P10
Completed
RetryCancelT6 T7
T8 T9
T10
Choice
AmountSelected
BalanceCalculated
Ready for Pin
EnterPin
<c> P1
T1
<a><c>
ObCS
![Page 59: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/59.jpg)
59
A short example the SuperPie
A button "Up" (not available if p >= 100)A button "Down" (not available if p=0)A text widget to type-in pA Chart widget for selecting p
![Page 60: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/60.jpg)
60
OO representation of the SP
Class SuperPiechart
ServicesStart; Stop; Up; Down;
SetPercentage <x:Int>
Mup; Mdown; Mmove <x,y:Int>;
Key <x:Int>
ObCS // Definition of the places’ type
Idle, Running, Dragging, NotDragging: <Boolean>
Percentage: <Int>
![Page 61: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/61.jpg)
61
ICO modelling of the SP
Upn:=n+1
Start
Downn:=n-1
Stop
MMoven:=P_CalcInput(x,y)
<n> <n>Percentage
Idle
Running
MUp
<n><n>
MDown
Dragging
Not Dragging
SetPercentagen:=value
Keyn:=P_CalcKey(key)
<value>
<n>
<key>
<x,y>
n < 100n > 0
![Page 62: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/62.jpg)
62
ICO modelling of the SP '2Widgets Graphical
representationEvents Service
ButtonStart Click Start
ButtonStop Click Stop
ButtonUp Click Up
ButtonDown Click Down
TextZone Keypress Key
MouseMove MMove
MouseDown MDown
PieChart
MouseUp MUp
![Page 63: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/63.jpg)
63
ICO modelling of the SP '3
ObCS element RenderingIdle All arcs No renderingRunning All arcs No rendering
Token entered N/A (No incoming arc)Token removed N/A (No outgoing arc)
Percentage
Token resetSystem state renderingDisplay percentage in the TextZoneand PieChart widgets
Token entered Dialogue renderingSet mouse cursor to cross
Token removed Dialogue renderingSet mouse cursor to normal
Dragging
Token reset No rendering
Places
NotDragging All arcs No rendering
![Page 64: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/64.jpg)
64
Tool support
Aim : Integrate the ObCS with external UI components and toolsApproach : based on the Model-View-Controller model
Model : the core entity, Model : the core entity, independantindependant of any user of any user interfaceinterfaceView : how the model is presented to the userView : how the model is presented to the userController : how the user triggers actions on the Controller : how the user triggers actions on the modelmodel
![Page 65: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/65.jpg)
65
ICO and MVC
Model : the ObCS netView : rendering of the state of the net
Fireability of transitions maps to enabling of buttons, menu items ...Marking of the places maps to display using text boxes, labels, colors, sound, whatever
Controller : UI components can trigger fireable transitions in the ObCS
![Page 66: ADVISES Tutorials: ICO Tutorial - IRIT Tutorial.pdf · 1 ADVISES Tutorials: ICO Tutorial LIIHS-IRIT, University Toulouse 3 Rémi Bastide, David Navarre Philippe Palanque](https://reader036.fdocuments.in/reader036/viewer/2022070814/5f0db90d7e708231d43bc388/html5/thumbnails/66.jpg)
66
Implementation
Based on Java and SwingGraphic editing and debugging of netsEmbedded Petri net interpretor
Allows instantaneous testing of the net under designAllows instantaneous testing of the net under design
Seamless integration of analysis algorithmsGenerates non-visual java « beans » (i.e. components) that can be integrated in any component-based UIMS (BeanBox, Visual Basic)Uses CORBA for object communication, enables distributed and multi-language application prototyping