ObjectCheck: A Model Checking Tool for Executable Object-oriented Software System Designs Fei Xie...
-
Upload
warren-welch -
Category
Documents
-
view
219 -
download
1
Transcript of ObjectCheck: A Model Checking Tool for Executable Object-oriented Software System Designs Fei Xie...
ObjectCheck: A Model Checking Tool for Executable Object-oriented Software
System Designs
Fei Xie and James C. Browne
Dept. of Computer Sciences
Univ. of Texas at Austin
Vladimir Levin
Bell-Labs
Lucent Technologies
2
Presentation Agenda
• Background and Overview of ObjectCheck
• Demonstration of ObjectCheckDemonstration of ObjectCheck
• More Case StudiesMore Case Studies
• Summary and Future WorkSummary and Future Work
3
Motivations
• Executable OO modeling languages are widely applied to specify software system designs.
• Model Checking may improve the reliabilities of executable OO software system designs.
• State-of-the-art model checkers are not directly applicable to executable OO system designs.
• A tool supporting application of model checking to executable OO system designs is needed.
4
xUML: An Executable OO Modeling Language
• Executable dialect of UML;
• Expressive system and class hierarchies;
• Extended Moore state machines as state models;– Each state may have an associated state action;
– Each state action is run-to-completion;
• Asynchronous interleaving execution semantics.– A system execution is an asynchronous interleaving
of the executions of state models in the system.
5
Architecture and Workflow of ObjectCheck
Property Specification Interface xUML IDE Error Visualizer
xUML-to-S/R Translator Error Report Generator
COSPAN Model Checker
S/R ModelS/R Query
Error Report
Error Track
Designer
xUML ModelProperty
6
Development of ObjectCheck
• Developed in conjunction with SDLCheck;– SDLCheck is an SDL model checking tool
developed by Robert P. Kurshan, Vladimir Levin, and Husnu Yenigun of Bell-labs.
• Reuses modules from SDLCheck, such as optimization modules that conduct SPOR.– SPOR (Static Partial Order Reduction).
7
Presentation Agenda
• Background and Overview of ObjectCheck
• Demonstration of ObjectCheckDemonstration of ObjectCheck
• More Case StudiesMore Case Studies
• Summary and Future WorkSummary and Future Work
8
Case Study for Demonstration
• Classic Dining Philosophers Problem
• More realistic case studies will be shown after the demonstration.
9
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
10
11
12
13
14
15
16
17
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
18
19
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
20
21
22
23
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
24
25
26
27
28
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
29
30
31
Step-by-Step Demonstration
Designer
Property Specification Interface xUML IDE Error Visualizer
Error ReportxUML ModelProperty
xUML-to-S/R Translator Error Report Generator
Error TrackS/R ModelS/R Query
COSPAN Model Checker
32
33
34
35
36
37
38
39
Presentation Agenda
• Background and Overview of ObjectCheck
• Demonstration of ObjectCheckDemonstration of ObjectCheck
• More Case StudiesMore Case Studies
• Summary and Future WorkSummary and Future Work
40
More Case Studies
• NASA Robot Controller– A typical control-intensive embedded systems;– Presented at FASE 2001 by Natasha Sharygina;
• Online Ticket Sale System– A typical commercial transaction systems;– Presented at FASE 2002;– Focus: Integrated state space reduction.
41
NASA Robot Controller (Class Diagram)
42
NASA Robot Controller(A State Model)
43
An Online Ticket Sale System (Class Diagram)
44
An Online Ticket Sale System (A State Model)
45
Some Verification Statistics of Online Ticket Sale System
• Verification of a liveness property– After an agent is assigned to a customer,
eventually the agent will be released.
• Statistics related to state space reductionsSPOR SMC Memory Usage Time Usage
Off Off Out of Memory -
Off On 113.73M 44736.S
On Off 17.3M 6668.3S
On On 74.0M 1450.3S
46
Related Work
• Most closely related work– UML Model Checking toolset from University
of Michigan– vUML tool from Åbo Akademi University– Both tools employ UML dialects with ad-hoc
execution semantics and without well-defined action semantics.
47
Summary and Future Work
• ObjectCheck– Combines industrial software design and development
environments and model checkers with research tools;
– Provides comprehensive automation support for model checking xUML models;
– Has enabled verification of non-trivial software system designs modeled in xUML.
• Future work is focused on enhancing state space reduction capability of ObjectCheck.