MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L....
-
Upload
peter-morrison -
Category
Documents
-
view
221 -
download
0
description
Transcript of MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L....
![Page 1: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/1.jpg)
MICON 2000
Formal methods for design methodology
by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,...
SCHOOL OF INFORMATION TECHNOLOGY AND ENGINEERING
UNIVERSITY OF OTTAWA
![Page 2: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/2.jpg)
Basic Idea Use Case Maps provide a good basis for high-
level description and design of many aspects of telecom systems
LOTOS is a formal language that matches UCMs in level of abstraction
Translate UCMs into LOTOS and then use LOTOS formal methodology
The LOTOS spec is a ‘formal prototype’ for the UCM requirements
![Page 3: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/3.jpg)
What does this buy us
Validation and Verification� Feature Interaction Detection
Semi-automatic derivation of functional test cases
Semi-automatic derivation of implementations
The design process extends itself into implementation and testing
![Page 4: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/4.jpg)
From UCMs to LOTOSStart/end pointsResponsibilitiesAgents/componentsStubs
Plug-insInter-path causality
Databases, conditions
Visible gatesHidden gatesProcessesProcesses (implement selection policies)ProcessesHidden inter-processsynchronization (msg)Abstract Data Types
![Page 5: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/5.jpg)
Interprocess Communication
LOTOS process synchronization concept can be implemented as a blackboard system
Establishing a relation with a methodology already in place at Mitel
![Page 6: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/6.jpg)
UCM to LOTOS example
Process Agent[A_U, U_A, A_A, req]: (a:Agent, u:User):= U_A !u !a !conReq ?dU:User; req !dU ?dA; A_A !a !dA !conReq !dU; ( A_A !dA !a !conConf !ring; A_U !a !u !conConf !ring; exit [] (* - OR - *) A_A !dA !a !conConf !busy; A_U !a !u !conConf !busy; exit )endproc
Process User[ dial, U_A, A_U, ringBack, busyTone ]:(a:Agent, u:User):= dial !u ?dU:User; U_A !u !a !conReq !dU; ( A_U !a !u !conConf !ring; ringBack; exit [] (* - OR - *) A_U !a !u !conConf !busy; busyTone; exit )endproc
![Page 7: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/7.jpg)
How to use LOTOS methodology
LOTOS can be used to ‘execute’ UCMs� Scenarios for the UCMs can be obtained� Validation tools can be applied to detect
errors� Functional test cases can be obtained
![Page 8: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/8.jpg)
Detection of feature interactions
New, more efficient methods developed Have both static and dynamic feature
interaction detection Proven performance:
� second place (very near to 1st) in 2000 Feature Interaction contest (Glasgow, Scotland)
![Page 9: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/9.jpg)
Feature Interaction Detection Using Predicate Logic, UCM and LOTOS
Feature Interaction Filtering at requirement stage using Prolog
• Identification of possible interactions• Based on requirements
Based on the UCM model• Validation of the global model
Rapid methodNicolas Gorse Master Thesis
![Page 10: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/10.jpg)
Feature Interaction Detection Using Predicate Logic, UCM and LOTOS (cont’d)
Derivation of a LOTOS specification• Provides an executable model• Provides information for scenario generation
Scenario Generation for possible Interactions identified
• Using information on the structure of the feature• Based on possible interactions identified
![Page 11: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/11.jpg)
Feature Interaction Detection Using Predicate Logic, UCM and LOTOS (cont’d)
Feature Interaction scenario-based validation of the LOTOS specification
• Allows to verify whether the possible interactions identified are present in the LOTOS spec
• Method only identifies possible interactions, however experimental study showed very high hit rate
• Scenarios derived can be reused at final system testing stage
![Page 12: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/12.jpg)
Representation of features� Pre-conditions
• CFA: {subs(B, cfa), concerns(B, cfb), cfa(C)}• CFB: {subs(B, cfb), concerns(B, cfb), busy(A), cfb(D)
� Triggering Events• CFA: {call(A, B)} Same triggering events• CFB: {call(A, B)} for both features
� Results• CFA: {call(A, C)} Different results, • CFB: {call(A, D)} non determinism
Feature Interaction Filtering Using Predicate Logic
![Page 13: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/13.jpg)
Feature Interaction Filtering Using Predicate Logic (cont’d)
Mitel Project• 22 feature descriptions (484 pairs), 4 users• 43 possible interactions found in 84.14 secs
Feature Interaction Contest• 97 feature descriptions (9409 pairs), 4 users• 149 possible interactions found in 1299.93 secs
The representation of features is fairly quick to obtain
![Page 14: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/14.jpg)
Another application:
Derivation of Test Cases
![Page 15: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/15.jpg)
The Big Picture
UCMS
LOTOSspecification
test purposes
mappingM
mappingM
LOTOSscenarios
Validationwith LOLA
TGV
TTCNtest suites
MSCgeneration
LOTOS scenarios used for :(1) the spec validation(2) the TTCN test suite generation
(1)
(2)
Leila Charfi’s Master thesis
Several Tools used:
• LOLA
• CAESAR
• TGV (in CAESAR)
• lot2msc
• . . .
![Page 16: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/16.jpg)
busy idle
incomingCallinitiateCall
onHook
disconnection
Phone 1 Switch Phone 2
offHook
ringStub
Callerdisconnection Calleedisconnection
onHook onHookdisconndisconn
busy
offHooktalk
ringringBack
![Page 17: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/17.jpg)
A coverage algorithm uses the internal
representation of the UCM to cover all possible paths at least once
![Page 18: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/18.jpg)
phone1: startpoint ‘offHook’ ;phone1: resp ‘initiateCall’;phone2: resp ‘incomingCall’;phone2: point ‘busy’;phone1: point ‘busy’;phone1: endpoint ‘onHook’;
phone1: startpoint ‘offHook’ ;phone1: resp ‘initiateCall’;phone2: resp ‘incomingCall’;phone2: point ‘idle’;(phone2: resp ‘ring’;exit |||phone1: resp ‘ringBack’;exit) >>phone2: resp ‘offHook’;switch: point ‘talk’;phone2: startpoint ‘onHook’;switch: resp ‘disconn’;
phone1: startpoint ‘offHook’ ;phone1: resp ‘initiateCall’;phone2: resp ‘incomingCall’;phone2: point ‘idle’;(phone2: resp ‘ring’;exit|||phone1: resp ‘ringBack’;exit) >>phone2: resp ‘offHook’;switch: point ‘talk’;phone1: startpoint ‘onHook’;switch: resp ‘disconn’;
user_to_phone !A !offHook; phone_to_user !A !dialTone; user_to_phone !A !dial !B;( phone_to_user !B !ringingOn; exit ||| phone_to_user !A !ringBackTone; exit) user_to_phone !B !offHook; phone_to_user !A !ringBackToneOff; user_to_phone !B !onHook; phone_to_user !A !disconnectTone; user_to_phone !A !onHook;
lotos scenario
scenarioBusyCallee scenarioForwardTakeDown scenarioBackwardTakeDown
des (0, 14, 14)(0, "USER_TO_PHONE !A !OFFHOOK", 1)(1, "PHONE_TO_USER !A !DIALTONE", 2)(2, "USER_TO_PHONE !A !DIAL !B", 3)(3, "PHONE_TO_USER !B !RINGINGON", 4)(3, "PHONE_TO_USER !A !RINGBACKTONE", 5)(4, "PHONE_TO_USER !A !RINGBACKTONE", 6)(5, "PHONE_TO_USER !B !RINGINGON", 6)(6, i, 7)(7, "USER_TO_PHONE !B !OFFHOOK", 8)(8, "PHONE_TO_USER !A !RINGBACKTONEOFF", 9)(9, "USER_TO_PHONE !B !ONHOOK", 10)(10, "PHONE_TO_USER !A !DISCONNECTTONE", 11)(11, "USER_TO_PHONE !A !ONHOOK", 12)(12, ACCEPT, 12)
scenario Aldebaran format
![Page 19: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/19.jpg)
ADT ADT
lotos spec
scenarios from UCMUCM
TGV
test suite
lotos scenario
bcg_min scenario
CAESAR ENVIRONMENT
Choose scenarios to cover all UCM
![Page 20: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/20.jpg)
scenarioForwardTakeDown Test suite generated with TGV
![Page 21: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/21.jpg)
New Topics: CPL and SIP
CPL, the SIP Call Processing Language� CPL has a logic somewhat similar to the
one of LOTOS: communicating processes, with no explicit notion of state
• Develop formal semantics for CPL based on LOTOS
• Develop FI detection methods for CPL based on LOTOS
![Page 22: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/22.jpg)
New Topics: The whole method
Exploring the relation between � interaction resolution methods (e.g. OPI)� UCMs, � LOTOS-based methods
Three methodologies that must work together but are not (yet) clearly coordinated� where do we start, how to use them together
![Page 23: MICON 2000 F ormal methods for design methodology by Luigi Logrippo with D. Amyot, R. Chan, L. Charfi, N. Gorse, J.Sincennes, R. Plesa,... S CHOOL OF I.](https://reader034.fdocuments.in/reader034/viewer/2022052406/5a4d1b477f8b9ab0599a3fe7/html5/thumbnails/23.jpg)
Proof of concept has been provided,but many challenges are ahead...