Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
1/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
A DSL to feedback formal ver...
2/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Goals: Improve the developme...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Formal model verification
mod...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Formal model verification
mod...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Translational approach
model...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
DSML Verifier: Reuse formal t...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Defining a translational sema...
3/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Completing the integration
m...
4/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V in...
5/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V in...
6/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Defining a DSML
Software & Sy...
7/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Defining a DSML
SPEM as a DSM...
8/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The executable DSML pattern
...
8/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The executable DSML pattern
...
8/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The executable DSML pattern
...
8/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The executable DSML pattern
...
9/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
DSML verification
Behavioral ...
10/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V i...
11/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The FIACRE language
Interme...
12/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The FIACRE language
Example...
12/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The FIACRE language
Example...
13/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The FIACRE language
Works a...
14/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
The FIACRE language
Fiacre ...
15/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V i...
16/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Defining DSML queries
Formal...
17/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Defining the translational s...
18/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Update SPEM primitive queri...
19/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Leveraging formal verificati...
20/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Leveraging formal verificati...
21/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V i...
22/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Current problem
Verification...
23/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Current problem
Ad-hoc solu...
24/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V i...
25/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Prerequisites
Motivations
E...
26/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Prerequisites
Introduce run...
27/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
28/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
29/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
30/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
31/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
31/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Implementation of SPEM-Fiac...
32/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Outline
1 Integrating V&V i...
33/33
V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives
Review
Presented Work
Propo...
Upcoming SlideShare
Loading in …5
×

A DSL to feedback formal verification results

270 views

Published on

Talk given at the Model Driven Engineering Verification and Validation (MODEVVA 2016) at the MODELS 2016.

Published in: Software
  • Be the first to comment

  • Be the first to like this

A DSL to feedback formal verification results

  1. 1. 1/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives A DSL to feedback formal verification results Faiez ZALILA 1 Xavier CREGUT 2 Marc PANTEL 2 1IRT Saint-Exupéry, Toulouse, France 2 University of Toulouse, IRIT-CNRS October 3, 2016
  2. 2. 2/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Goals: Improve the development of critical systems Resources Model-driven engineering Formal verification model model model represented by represented by represented by conforms to conforms to conforms to Model-Driven EngineeringLanguage Engineering Formal verification editors Language expert Domain expert simulators User verifiers generators DSML editors simulators User verifiers generators DSML editors simulators User verifiers generators DSML Language expert Domain expert Language expert Domain expert
  3. 3. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Formal model verification model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains defines/uses DSML behavioral properties Formal verification DSML Verifier
  4. 4. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Formal model verification model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains defines/uses DSML behavioral properties model-checking tools Formal model Formal properties Formal verification results DSML Verifier
  5. 5. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Translational approach model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains defines/uses DSML behavioral properties model-checking tools Formal model Formal properties Formal verification results Translational semantics Domain expert Language expert specifies implements DSML Verifier
  6. 6. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives DSML Verifier: Reuse formal tools model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains defines/uses DSML behavioral properties model-checking tools Formal model Formal properties Formal verification results Translational semantics Domain expert Language expert specifies implements Properties generation Feedback verification results DSML Verifier
  7. 7. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Defining a translational semantics model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains DSML behavioral properties model-checking tools Formal model Formal properties Formal verification results Translational semantics Domain expert Language expert specifies implements Properties generation Feedback verification results Missing DSML Verifier
  8. 8. 3/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Completing the integration model-checking tools DSML model Formal model Formal properties Formal verification results DSML verification results DSML end-user defines obtains DSML behavioral properties model-checking tools Formal model Formal properties Formal verification results Translational semantics Domain expert Language expert specifies implements Properties generation Feedback verification results Ad-hoc DSML Verifier
  9. 9. 4/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  10. 10. 5/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  11. 11. 6/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Defining a DSML Software & Systems Process Engineering Metamodel (SPEM) 2 finishToFinish 2 2 finishToFinish Programming Documenting TestCaseWriting Designing startToStart finishToStart startToStart Developer --------------- count = 3 2 1 Designer --------------- count = 2 2 1 Computer --------------- count = 3 1 startToStart startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence quantity: Int Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 resource 0..* resources conforms to
  12. 12. 7/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Defining a DSML SPEM as a DSML startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence quantity: Int Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 resource 0..* resources Abstract syntax Well-formedness properties Workdefinitions names uniqueness context Process inv names_uniqueness: self.workDefinitions ->forAll(wd1, wd2|wd1 <> wd2 implies wd1.name <> wd2.name) Graphical concrete syntax Textual concrete syntax Execution semantics
  13. 13. 8/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The executable DSML pattern Explicit the execution semantics The executable DSML pattern (Combemale et al.) A general approach to assist in the definition of an execution semantics for a DSML Make explicit the various concerns for the execution of DSMLs <<import>> <<merge>>DDMM EDMM SPEMEvent WorkDefinitionEvent StartWD FinishWD TM3 Scenario Trace name : String date : Int Internal : Boolean RuntimeEvent startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 ressource 0..* ressources 0 .. * tracesruntimeEvents 0..* 1 workDefinition SDMM state: ExecutionState WorkDefinition notStarted running finished <<enumeration>> ExecutionState 0..* dynamic_wds <<merge>> <<merge>>
  14. 14. 8/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The executable DSML pattern Explicit the execution semantics The executable DSML pattern (Combemale et al.) A general approach to assist in the definition of an execution semantics for a DSML Make explicit the various concerns for the execution of DSMLs <<import>> <<merge>>DDMM EDMM SPEMEvent WorkDefinitionEvent StartWD FinishWD TM3 Scenario Trace name : String date : Int Internal : Boolean RuntimeEvent startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 ressource 0..* ressources 0 .. * tracesruntimeEvents 0..* 1 workDefinition SDMM state: ExecutionState WorkDefinition notStarted running finished <<enumeration>> ExecutionState 0..* dynamic_wds <<merge>> <<merge>> States
  15. 15. 8/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The executable DSML pattern Explicit the execution semantics The executable DSML pattern (Combemale et al.) A general approach to assist in the definition of an execution semantics for a DSML Make explicit the various concerns for the execution of DSMLs <<import>> <<merge>>DDMM EDMM SPEMEvent WorkDefinitionEvent StartWD FinishWD TM3 Scenario Trace name : String date : Int Internal : Boolean RuntimeEvent startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 ressource 0..* ressources 0 .. * tracesruntimeEvents 0..* 1 workDefinition SDMM state: ExecutionState WorkDefinition notStarted running finished <<enumeration>> ExecutionState 0..* dynamic_wds <<merge>> <<merge>> StatesEvents StartWD Designing FinishWD Designing StartWD TestCaseWriting ... ... ..
  16. 16. 8/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The executable DSML pattern Explicit the execution semantics The executable DSML pattern (Combemale et al.) A general approach to assist in the definition of an execution semantics for a DSML Make explicit the various concerns for the execution of DSMLs <<import>> <<merge>>DDMM EDMM SPEMEvent WorkDefinitionEvent StartWD FinishWD TM3 Scenario Trace name : String date : Int Internal : Boolean RuntimeEvent startToStart startToFinish finishToStart finishToFinish <<enumeration>> WSType name: String minTime : Int maxTime : Int Process name : String minTime : Int maxTime : Int WorkDefinition linkType : WSType WorkSequence Parameter name : String count : Int Resource 0 .. * workDefinitions 1 successor 0 .. * workSequences 1 predecessor linkToSuccessor 0 .. * linkToPredecessor 0 .. * 0..* parameters 1 workDefinition 1 ressource 0..* ressources 0 .. * tracesruntimeEvents 0..* 1 workDefinition SDMM state: ExecutionState WorkDefinition notStarted running finished <<enumeration>> ExecutionState 0..* dynamic_wds <<merge>> <<merge>> StatesTracesEvents StartWD Designing FinishWD Designing StartWD TestCaseWriting ... ... ..
  17. 17. 9/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives DSML verification Behavioral properties SPEM behavioral properties Can the process finish? OCL fit for simple cases context WorkDefinition inv not_reflexive: self.predecessor <> self.successor TestCaseWriting startToStart Does the model behaves as expected during the execution? =⇒ Model execution is required Translational semantics Define a translational semantics FIACRE as formal semantics State/Event Linear Temporal Logic (SE-LTL) to express properties The pattern as a support to formalize the translational semantics
  18. 18. 10/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  19. 19. 11/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The FIACRE language Intermediate Format for the Architectures of Embedded Distributed Components Formal intermediate model to describe embedded and distributed systems Process= basic component Describe the behaviour of sequential components a set of control states and transitions Data handling Communication (messages, shared variables) Component= compositions + constraints Describe the composition of processes Associate timing constraints with communications Define priority between communication events
  20. 20. 12/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The FIACRE language Example: Alternating bit protocol type seqno is bool type packet is seqno process Buffer [pin: in packet, pout: out packet] is states idle var buff : queue 1 of packet := {||}, pkt: packet from idle select pin?pkt; on not (full buff);buff := enqueue (buff,pkt); to idle [] on not (empty buff); pout!first buff; buff := dequeue buff; to idle [] wait [0,1]; on not (empty buff); buff := dequeue buff; to idle end process Sender [mbuff: out packet, abuff: in packet] is states idle, send, waita var ssn, n: seqno := false from idle to waita from send mbuff! ssn; to waita from waita select abuff? n; if n=ssn then ssn := not ssn; to idle else to idle end [] wait ]4,5]; to send end
  21. 21. 12/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The FIACRE language Example: Alternating bit protocol process Receiver [mbuff: in packet, abuff: out packet] is states rcve, ack var rsn: seqno := false, m: packet := true from rcve mbuff? m; if m = rsn then rsn := not rsn; to ack else to ack end from ack abuff! m; to rcve /* Main component */ component abp is port minp : packet in [0,0], mout : packet in [0,1], ainp : packet in [0,2], aout : packet in [0,1] par * in Sender [minp, aout] || Buffer [minp, mout] || Buffer [ainp, aout] || Receiver [mout, ainp] end /* Entry point */ abp Receiver Buffer Sender Buffer minp aout mout ainp
  22. 22. 13/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The FIACRE language Works around FIACRE AADL2Fiacre Fiacre: an Intermediate Language for Model Verification in the Topcased Environment Berthomieu B., Bodeveix J.-P., Farail P., Filali M., Garavel H., Gaufillet P., Lang F., Vernadat F. ERTS 2008 BPEL2Fiacre Verification of Timed BPEL 2.0 Models. Elie Fares, Jean-Paul Bodeveix, Mamoun Filali. BPMDS 2011 Formal Requirement Verification for Timed Choreographies. Nawal Guermouche, Silvano Dal Zilio Ladder2Fiacre A model-driven engineering approach to formal verification of PLC programs. de Queiroz, M.H., da Rocha, V.G., Carpes, A.M.M., Vernadat, F.,Cregut, X. ETFA 2011
  23. 23. 14/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives The FIACRE language Fiacre tooling Front: front-end (common for flac and frac) Parser & Typing control Typing, initialisations, communications, ... Frac: back-end pour Tina-TTS Reducing derived constructions (select, any, etc) Static composition of components Optimisations Variables analysis Transitions normalisation Code generation .tts = PetriNet (.net) + Data processing (.c, API TTS)
  24. 24. 15/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  25. 25. 16/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Defining DSML queries Formalization behavioral properties -- Does the process finish? (P1 requirement) context SPEM!Process inv willFinish: eventually self.isFinished() -- The process will never finish (P2 requirement) context SPEM!Process inv willNeverFinish: not (eventually self.isFinished()) Formalization of queries -- Composite queries context SPEM!Process def: isFinished(): String = self.workDefinitions->forAll(wd | wd.isFinished()); -- Primitive queries context SPEM!WorkDefinition def : isFinished(): String = deferred;
  26. 26. 17/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Defining the translational semantics process Documenting [Start: sync, Finish : sync] (& wds: WDsQueries) is states notStarted, Running, Finished from notStarted if ( wds[$(DesigningId)].isStarted) then Start; wds[$(DocumentingId)].isStarted:= true; to Running else loop end if from Running if ( WorkDefinition[$(DesigningId)].isFinished ) then Finish; WorkDefinition[$(DocumentingId)].isFinished:= true; to Finished else loop end if component Process is var wds: WDsQueries := [{isStarted=false,isFinished=false}, {isStarted=false,isFinished=false}, {isStarted=false,isFinished=false}, {isStarted=false,isFinished=false}] port DesigningStart : sync in [0,0], DesigningFinish : sync in [0,0], ProgrammingStart : sync in [0,0], ProgrammingFinish : sync in [0,0], DocumentingStart : sync in [0,0], DocumentingFinish : sync in [0,0], TestCaseWritingStart : sync in [0,0], TestCaseWritingFinish : sync in [0,0] par * in Designing [DesigningStart, DesigningFinish](&wds) || Programming [ ProgrammingStart, ProgrammingFinish](&wds) || Documenting [ DocumentingStart, DocumentingFinish](&wds) || TestCaseWriting [ TestCaseWritingStart, TestCaseWritingFinish](&wds) end finishToFinish finishToFinish ProgrammingDocumenting TestCaseWriting Designing startToStart finishToStart startToStart startToStart Process2Component WorkSequence2ConditionalStatement WorkDefinition2Process
  27. 27. 18/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Update SPEM primitive queries Update the primitive queries context SPEM!WorkDefinition def : isFinished(): String = ’Main/1/value WorkDefinition[$(’ + self.name + ’id)].isFinished’; Generated Fiacre properties property w i l l F i n i s h is l t l <> ( Main / 1 / value WorkDefinition [ $ ( DesigningWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ (ProgrammingWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ ( DocumentingWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ ( TestCaseWritingWD ) ] . isFinished ) property willNeverFinish is l t l ( not ( <> ( Main / 1 / value WorkDefinition [ $ ( DesigningWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ (ProgrammingWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ ( DocumentingWD ) ] . isFinished and Main / 1 / value WorkDefinition [ $ ( TestCaseWritingWD ) ] . isFinished ) ) )
  28. 28. 19/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Leveraging formal verification for DSMLs: goals Resolved issues Lack of semantics of the MDE =⇒ Applying the metamodeling pattern The unfitness for model analysis =⇒ Connecting TINA toolbox to the DSML Lack of expressing DSML behavioral propoerties =⇒ Defining the TOCL language Lack of generating automatically formal properties =⇒ Proposing an automatic transformation of DSML behavioral properties DSML end-user expectations DSML verifier that hides formal aspects =⇒ Obtain verification results in the domain side Domain expert and Language expert expectations Tools for building seamless verification toolchain =⇒ Manage the feedback of verification results for each DSML
  29. 29. 20/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Leveraging formal verification for DSMLs: missing elements SPEM model SPEM2Fiacre translational semantics SPEM2Fiacre properties generation Fiacre model Fiacre properties Fiacre verification results Fiacre verifier Fiacre2SPEM feedback verification results SPEM verification results SPEM verifier SPEM behavioral properties
  30. 30. 21/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  31. 31. 22/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Current problem Verification results generated in the formal side Difficult to understand Formal verification results generated by the model-checker Hard to use for the DSML end-user
  32. 32. 23/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Current problem Ad-hoc solutions Backward transformation Write the backward transformation manually Bidirectional model transformation Combine both transformations (both translational semantics and backward transformation) Drawbacks Implementation-specific solutions Hard-coded solutions Do not favor the definition of generative tools Do not ease the integration of tools for new DSMLs
  33. 33. 24/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  34. 34. 25/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Prerequisites Motivations Executable DSML <<import>> <<merge>> DDMM Domain Definition MetaModel QDMM Queries Definition MetaModel EDMM Events Definition MetaModel TM3 Trace Managment MetaModel <<merge>> SDMM States Definition MetaModel <<merge>> <<merge>> <<implement>> Language expert Model transformation TOCL editor FeVeReL editor uses <<uses>> <<uses>> <<uses>> uses uses uses FeVeReL: Feedback Verification Results Language
  35. 35. 26/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Prerequisites Introduce runtime extensions for Fiacre <<import>> <<merge>>DDMM EDMM FiacreEvent PortEvent StateEvent VariableEvent TM3 Scenario Trace name : String date : Int Internal : Boolean RuntimeEvent 0..* runtimeEvents <<merge>> SDMM currentState: StateDeclaration InstanceDeclaration currentValue: Expression VariableDeclaration 0..* traces <<merge>> PortDeclaration StateDeclaration TagDeclaration VariableDeclaration port state variable tag TagEvent ProcessDeclaration ComponentDeclaration ModelDeclaration 0..* declarations ... ... ...
  36. 36. 27/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL FeVeReL architecture ATL.ecoreDSPL FeVeReL Language ocl Object Constraint Language atl Atlas Transformation Language FeVeReL2ATL.atl piggyback pattern source-to-source pattern
  37. 37. 28/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL FeVeReL architecture FeVeReL model FormalScenario 2DSMLScenario Formal language metamodel Formal language semantics metamodel DSML metamodel DSML semantics metamodel <<extends>><<extends>> Formal scenario <<conformsTo>> Formal model <<refersTo>> <<conformsTo>> DSML scenario <<conformsTo>> DSML model <<refersTo>> <<conformsTo>> usesproduces Language expert DSML end-user <<defines>> <<obtains>> <<defines>> FeVeReL2ATL uses uses uses uses
  38. 38. 29/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL Define events mappings between SPEM and Fiacre Events mappings events mapping swd2t : DSMLEvent swd : DSMLSemantics . StartWD ( date <− ev1 . date ) maps FormalEvent ev1 : FormalSemantics . EnterEvent ( ev1 . state .name = ’ running ’ and FormalAS ! Model . allInstances ()−> f i r s t ( ) . root . body . blocks −>indexOf ( ev1 . path . instances −> f i r s t ( ) ) = DSML! Process . allInstances ()−> f i r s t ( ) . workDefinitions −>indexOf (swd . w o r k d e f i n i t i o n ) ) end events mapping events mapping fwd2te : DSMLEvent fwd : DSMLSemantics . FinishWD ( date <− ev2 . date ) maps FormalEvent ev2 : FormalSemantics . EnterEvent ( ev2 . state .name = ’ fin is he d ’ and FormalAS ! Model . allInstances ()−> f i r s t ( ) . root . body . blocks −>indexOf ( ev2 . path . instances −> f i r s t ( ) ) = DSML! Process . allInstances ()−> f i r s t ( ) . workDefinitions −>indexOf ( fwd . w o r k d e f i n i t i o n ) ) end events mapping
  39. 39. 30/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL Define states mappings between SPEM and Fiacre States mappings states mapping wdnotStarted2vd : DSMLState wd:DSMLMM. WorkDefinition ( state <− #notStarted ) observed as FormalState vd : FormalMM . VariableDeclaration ( vd .name= ’ WorkDefinition ’ and vd . value . values−>at (wd. getIndex ( ) ) . f i e l d s −>at ( 0 ) . value . oclIsTypeOf (FormalMM ! F a l s e L i t e r a l ) ) end states mapping states mapping wdrunning2vd : DSMLState wd:DSMLMM. WorkDefinition ( state <− #running ) observed as FormalState vd : FormalMM . VariableDeclaration ( vd .name= ’ WorkDefinition ’ and vd . value . values−>at (wd. getIndex ( ) ) . f i e l d s −>at ( 0 ) . value . oclIsTypeOf (FormalMM ! T r u e L i t e r a l ) and vd . value . values−>at (wd. getIndex ( ) ) . f i e l d s −>at ( 1 ) . currentValue . oclIsTypeOf (FormalMM ! F a l s e L i t e r a l ) ) end states mapping states mapping wdfinished2vd : DSMLState wd:DSMLMM. WorkDefinition ( state <− # fin is he d ) observed as FormalState vd : FormalMM . VariableDeclaration ( vd .name= ’ WorkDefinition ’ and vd . value . values−>at (wd. getIndex ( ) ) . f i e l d s −>at ( 1 ) . currentValue . oclIsTypeOf (FormalMM ! T r u e L i t e r a l ) ) end states mapping
  40. 40. 31/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL SPEM end-user overview P1 P2
  41. 41. 31/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Implementation of SPEM-Fiacre mappings using FeVeReL SPEM end-user overview Computer --------------- count = 4 P1 P2 P1 P2
  42. 42. 32/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Outline 1 Integrating V&V in MDE 2 Introducing the formal language 3 Integrating the verification activity for DSML 4 Feedback of verification results to the DSML level: Current state 5 Feedback Verification Results Language (FeVeReL) 6 Conclusion & Perspectives
  43. 43. 33/33 V&V and MDE Formal language V&V for DSML Current state FeVeReL Conclusion & Perspectives Review Presented Work Propose a DSL to specify mappings between DSML and formal language runtime information Current and Future Work Extend the FeVereL language to support sophisticated mappings Experiment the FeVeReL language with other verification toolchains (AADL2Fiacre, LADDER2 FIacre)

×