SlideShare a Scribd company logo

A Language Support for Exhaustive Fault-Injection in Message-Passing System Models

Takuo Watanabe
Takuo Watanabe

1st Workshop on Logics and Model-Checking for Self-* Systems (MOD* 2014) http://dx.doi.org/10.4204/EPTCS.168.4

Software
1 of 23
Download to read offline
A Language Support for Exhaustive Fault-Injection in Message-Passing System Models! Masaya Suzuki & Takuo Watanabe! Department of Computer Science! Tokyo Institute of Technology 1 MOD*2014, Bertinoro
About This Work • Proposes a modeling language Sandal that is aimed to describe fault-prone distributed systems.! - Sandal provides a fixed set of features for describing faults and fault-handling actions! • timeout, message lost, shutdown! ! • Talk Outline! - Background! - Modeling Faults and Fault-Handling Actions! - Language Features of Sandal! - Case Study: 2PC! - Final Stuff 2
Research Background (1):! Adaptive Distributed Systems • Concurrent Context-Oriented Programming! • "A Reflective Approach to Actor-Based Concurrent Context- Oriented Systems" [Watanabe & Takeno, COP 2014]! - asynchronous context manipulation using reflection! • optimistic and pessimistic synchronization! ! ! ! ! ! ! ! • Verification of context manipulation mechanism 3 observer context change info. O A B cross-context message
Research Background (2):! Modeling Human-Made Faults • Verifying workflows including recovery processes of human-made faults! • "A Model-Checking Based Approach to Robustness Analysis of Procedures under Human-Made Faults" [Nagatou & Watanabe, APBPM 2014]! - Modeling a system as a set of concurrent processes! - Injecting possible human-made fault actions to the model! • cf. HAZOP! - Model-check the fault-injected model! - Applications! • Blood Testing, Radar Data Processing, etc.! ! • Modular fault description mechanism 4
Modular Description of Self-* Behaviors • Generally, modeling/specification languages need good modularization mechanisms for describing/ specifying self-* behaviors and/or non-functional behaviors such as:! - Faults, Fault Handling Actions! - (Dynamic) Adaptation / Evolution / Self-Updating! - Context-Aware / Context-Oriented Behaviors! - Resource Aware Actions! - (Application-Aware) Synchronizations! - Security / Safety Related Behaviors! ! • cf. Advanced Modularization Mechanisms in Programming Languages: AOP, FOP, COP, etc. 5
Motivation: Modeling a Faulty System • From an experience on building a complex service on a distributed system: testing is not satisfactory for some fault-prone environments! • Tried to borrow the idea of SFI (software fault injection) for describing the abstract model of the service to be model checked. 6
Describing Faults (1) • A simple timeout action for a message reception
 (in Promela)! ! ! ! ! ! ! ! ! - Note: Promela's timeout primitive can not be used for this purpose. 7 ch ? var; if :: var == Done -> ... :: ... fi bool recv_timeout = false; if :: ch ? var; :: recv_timeout = true; fi; if :: var == Done -> ... :: ... fi the original model! (w/o timeout) a model with timeout action
Describing Faults (2) • Unexpected termination actions (highlighted) should be inserted to wherever needed. 8 proctype Arbiter() { mtype resp; if :: true; false :: true fi; worker1_recv ! Ready; if :: true; false :: true fi; worker2_recv ! Ready; if :: true; false :: true fi; worker1_send ? resp; if :: true; false :: true fi; if :: resp == NotReady -> if :: true; false :: true fi; all_ready = false :: else fi; if :: true; false :: true fi; worker2_send ? resp; if :: true; false :: true fi; if :: resp == NotReady -> if :: true; false :: true fi; all_ready = false :: else fi; determined = true; if :: true; false :: true fi; if :: all_ready -> if :: true; false :: true fi; worker1_recv ! Commit; if :: true; false :: true fi; woeker2_recv ! Commit :: else -> if :: true; false :: true fi; worker1_recv ! Abort; if :: true; false :: true fi; worker2_recv ! Abort fi } proctype Worker1() { mtype resp; if :: true; false :: true fi; worker1_recv ? resp; if :: true; false :: true fi; if :: worker1_ready = true; if :: true; false :: true fi; worker1_send ! Ready :: worker1_ready = false; if :: true; false :: true fi; worker1_send ! NotReady fi; if :: true; false :: true fi; worker1_recv ? worker1_resp } proctype Worker2() { ... }
Need for Modular Description Mechanism • Manually inserting faults and fault-handling actions into a model is itself fault-prone. ! • Modeling language should have features that support modular descriptions for faults and fault-handling actions. 9
Current Contribution • We designed and implemented a modeling language Sandal that is aimed to describe fault-prone distributed systems.! • Some case studies, including two phase commit (2PC) protocol, show the effectiveness of the language features of Sandal. 10
Sandal • A process-oriented modeling language with features for describing typical faults:! - unexpected process termination! - timeout in message reception! - random loss of message! ! • Langauge Processor (translator to NuSMV)! - Source code: https://github.com/draftcode/sandal! - You need! • Go (http://golang.org) to build the translator! • NuSMV (http://nusmv.fbk.eu) to verify translated models 11
Target Systems 12
Example 13 data Message { Ping, Pong } proc PingProc(ch_send channel { Message }, ch_recv channel { Message }) { for { var msg Message send(ch_send, Ping) recv(ch_recv, msg) } } ... init { P0_0: PingProc(ping_to_pong_0, pong_to_ping_0), P1_0: PongProc(pong_to_ping_0, ping_to_pong_0), ping_to_pong_0: channel { Message }, pong_to_ping_0: channel { Message } }
Unexpected Process Termination &! Random Loss of Messages (1) • @shutdown! - specifies that the process may terminate unexpectedly! • @drop! - specifies that the channel may lost messages 14 init { P0_0: PingProc(ping_to_pong_0, pong_to_ping_0) @shutdown, P1_0: PongProc(pong_to_ping_0, ping_to_pong_0) @shutdown, ping_to_pong_0: channel { Message } @drop, pong_to_ping_0: channel { Message } @drop, }
Unexpected Process Termination &! Random Loss of Messages (2) 15 Unexpected Termination Random Loss of Messages
Timeout (Nonblock) Message Reception 16 var result bool = timeout_recv(ch, v)
Case Study: Two Phase Commit Protocol 17
Case Study: Experimental Result 18 (arbiter.determined^ ¬arbiter.all ready ! (¬worker1.resp = Commit ^ ¬worker2.resp = Commit)) Speed LOC Memory No Fault 0.96 sec 51 26.4 MB With Timeout 2.88 sec 51 (6) 21.8 MB With Message Loss 2.11 sec 51 (8) 11.9 MB With Termination 0.51 sec 51 (6) 17.1 MB Arch Linux (Kernel 3.12.7) Intel Core i7-3370K @ 3.50GHz 16GB Memory
 NuSMV 2.5.4 (CUDD 2.4.1 MiniSat2-070721), Spin 6.2.5 Property to be checked: Result:
Comparison (1): Time & Memory Footprint 19 Sandal Spin NuSMV No Fault 20.8 MB 128 MB 6.42 MB With Timeout 21.2 MB 128 MB 6.64 MB With Message Loss 25.2 MB 128 MB 6.82 MB With Termination 12.7 MB 128 MB 6.57 MB Sandal Spin NuSMV No Fault 0.42 sec 0.87 sec 0.016 sec With Timeout 0.50 sec 0.89 sec 0.018 sec With Message Loss 0.95 sec 0.88 sec 0.025 sec With Termination 0.21 sec 0.95 sec 0.015 sec
Comparison (2): Size of Models • (n) : # of lines modified / added to "No Fault" version 20 LOC (Diff) Sandal Promela NuSMV No Fault 45 28 178 (58) With Timeout 48 (5) 37 (13) 180 (6) With Message Loss 45 (2) 34 (10) 182 (14) With Termination 45 (6) 41 (21) 179 (23)
Related Work • Automatic fault-injection tools targeted to models! - MODIFI [Svenningsson et al, 2010]! - FSAP/NuSMV-SA [Bozzano et al, 2003]! • both are for hardware faults! • modularization problem! • Model-checking message-based distributed systems! - Rebeca [Sirjani et al, 2004]! • AOP for modeling languages! - Aspect-Oriented Promela [Ohno & Kishi, 2008]! - Moxa [Yamada & Watanabe, 2005]! • Aspect-Oriented Extension of JML 21
Future Work • Optimizing the Translator! - Abstraction Refinement, K-Induction, etc.! • AOP/FOP version of Sandal! - Model-level separation of concerns (parameterization?)! • Probabilistic Models for Faulty Behaviors! ! • Verifying Multi-Level Models of Self-* Systems! • Compositional Construction of Actor-Based
 Group-Wide Reflection [Watanabe, 2013]! - Self-* actions vs. base-level actions 22 a"group"of"objects meta0group
Summary • We propose a modeling language Sandal that provides features for describing faults and fault- handling actions! - timeout, random loss of messages, unexpected termination! • Case study (2PC protocol) shows the effectiveness of the language features. 23

Recommended

Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...
Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...
Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...Takuo Watanabe
 
Intro to OpenMP
Intro to OpenMPIntro to OpenMP
Intro to OpenMPjbp4444
 
OpenMP And C++
OpenMP And C++OpenMP And C++
OpenMP And C++Dragos Sbîrlea
 
Open mp library functions and environment variables
Open mp library functions and environment variablesOpen mp library functions and environment variables
Open mp library functions and environment variablesSuveeksha
 
OpenMP Tutorial for Beginners
OpenMP Tutorial for BeginnersOpenMP Tutorial for Beginners
OpenMP Tutorial for BeginnersDhanashree Prasad
 
A synchronous scheduling service for distributed real-time Java
A synchronous scheduling service for distributed real-time JavaA synchronous scheduling service for distributed real-time Java
A synchronous scheduling service for distributed real-time JavaUniversidad Carlos III de Madrid
 
Programming using Open Mp
Programming using Open MpProgramming using Open Mp
Programming using Open MpAnshul Sharma
 
Parallelization using open mp
Parallelization using open mpParallelization using open mp
Parallelization using open mpranjit banshpal
 

Recommended

Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...
Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...
Towards an Integration of the Actor Model in an FRP Language for Small-Scale ...Takuo Watanabe
 
Intro to OpenMP
Intro to OpenMPIntro to OpenMP
Intro to OpenMPjbp4444
 
OpenMP And C++
OpenMP And C++OpenMP And C++
OpenMP And C++Dragos Sbîrlea
 
Open mp library functions and environment variables
Open mp library functions and environment variablesOpen mp library functions and environment variables
Open mp library functions and environment variablesSuveeksha
 
OpenMP Tutorial for Beginners
OpenMP Tutorial for BeginnersOpenMP Tutorial for Beginners
OpenMP Tutorial for BeginnersDhanashree Prasad
 
A synchronous scheduling service for distributed real-time Java
A synchronous scheduling service for distributed real-time JavaA synchronous scheduling service for distributed real-time Java
A synchronous scheduling service for distributed real-time JavaUniversidad Carlos III de Madrid
 
Programming using Open Mp
Programming using Open MpProgramming using Open Mp
Programming using Open MpAnshul Sharma
 
Parallelization using open mp
Parallelization using open mpParallelization using open mp
Parallelization using open mpranjit banshpal
 
MPI n OpenMP
MPI n OpenMPMPI n OpenMP
MPI n OpenMPSurinder Kaur
 
Introduction to OpenMP
Introduction to OpenMPIntroduction to OpenMP
Introduction to OpenMPAkhila Prabhakaran
 
Concurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System DiscussionConcurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System DiscussionCherryBerry2
 
Semaphores and Monitors
Semaphores and Monitors Semaphores and Monitors
Semaphores and Monitorssathish sak
 
openmp
openmpopenmp
openmpNeel Bhad
 
Enhancing the region model of RTSJ
Enhancing the region model of RTSJEnhancing the region model of RTSJ
Enhancing the region model of RTSJUniversidad Carlos III de Madrid
 
Open mp intro_01
Open mp intro_01Open mp intro_01
Open mp intro_01Oleg Nazarevych
 
OpenMP
OpenMPOpenMP
OpenMPEric Cheng
 
Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21Hussain111321
 
Semophores and it's types
Semophores and it's typesSemophores and it's types
Semophores and it's typesNishant Joshi
 
Semaphore
SemaphoreSemaphore
SemaphoreArafat Hossan
 
Module-related pages
Module-related pagesModule-related pages
Module-related pagesbutest
 
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal ConstraintsIdentifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal ConstraintsLionel Briand
 
Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)Akhila Prabhakaran
 
Programming at Compile Time
Programming at Compile TimeProgramming at Compile Time
Programming at Compile TimeemBO_Conference
 
Presentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel ProgrammingPresentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel ProgrammingVengada Karthik Rangaraju
 
Commit messages - Good practices
Commit messages - Good practicesCommit messages - Good practices
Commit messages - Good practicesTarin Gamberini
 
No Heap Remote Objects for Distributed real-time Java
No Heap Remote Objects for Distributed real-time JavaNo Heap Remote Objects for Distributed real-time Java
No Heap Remote Objects for Distributed real-time JavaUniversidad Carlos III de Madrid
 
Jvm profiling under the hood
Jvm profiling under the hoodJvm profiling under the hood
Jvm profiling under the hoodRichardWarburton
 
Open mp directives
Open mp directivesOpen mp directives
Open mp directivesPrabhakaran V M
 
A Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented SystemA Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented SystemTakuo Watanabe
 
A Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented SystemsA Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented SystemsTakuo Watanabe
 

More Related Content

What's hot

Concurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System DiscussionConcurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System DiscussionCherryBerry2
 
Semaphores and Monitors
Semaphores and Monitors Semaphores and Monitors
Semaphores and Monitorssathish sak
 
Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21Hussain111321
 
Semophores and it's types
Semophores and it's typesSemophores and it's types
Semophores and it's typesNishant Joshi
 
Module-related pages
Module-related pagesModule-related pages
Module-related pagesbutest
 
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal ConstraintsIdentifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal ConstraintsLionel Briand
 
Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)Akhila Prabhakaran
 
Programming at Compile Time
Programming at Compile TimeProgramming at Compile Time
Programming at Compile TimeemBO_Conference
 
Presentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel ProgrammingPresentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel ProgrammingVengada Karthik Rangaraju
 
Commit messages - Good practices
Commit messages - Good practicesCommit messages - Good practices
Commit messages - Good practicesTarin Gamberini
 
Jvm profiling under the hood
Jvm profiling under the hoodJvm profiling under the hood
Jvm profiling under the hoodRichardWarburton
 

What's hot (20)

MPI n OpenMP
MPI n OpenMPMPI n OpenMP
MPI n OpenMP
 
Introduction to OpenMP
Introduction to OpenMPIntroduction to OpenMP
Introduction to OpenMP
 
Concurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System DiscussionConcurrent Programming OpenMP @ Distributed System Discussion
Concurrent Programming OpenMP @ Distributed System Discussion
 
Semaphores and Monitors
Semaphores and Monitors Semaphores and Monitors
Semaphores and Monitors
 
openmp
openmpopenmp
openmp
 
Enhancing the region model of RTSJ
Enhancing the region model of RTSJEnhancing the region model of RTSJ
Enhancing the region model of RTSJ
 
Open mp intro_01
Open mp intro_01Open mp intro_01
Open mp intro_01
 
OpenMP
OpenMPOpenMP
OpenMP
 
Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21Lab3 advanced port scanning 30 oct 21
Lab3 advanced port scanning 30 oct 21
 
Semophores and it's types
Semophores and it's typesSemophores and it's types
Semophores and it's types
 
Semaphore
SemaphoreSemaphore
Semaphore
 
Module-related pages
Module-related pagesModule-related pages
Module-related pages
 
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal ConstraintsIdentifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
Identifying Optimal Trade-Offs between CPU Time Usage and Temporal Constraints
 
Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)Introduction to OpenMP (Performance)
Introduction to OpenMP (Performance)
 
Programming at Compile Time
Programming at Compile TimeProgramming at Compile Time
Programming at Compile Time
 
Presentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel ProgrammingPresentation on Shared Memory Parallel Programming
Presentation on Shared Memory Parallel Programming
 
Commit messages - Good practices
Commit messages - Good practicesCommit messages - Good practices
Commit messages - Good practices
 
No Heap Remote Objects for Distributed real-time Java
No Heap Remote Objects for Distributed real-time JavaNo Heap Remote Objects for Distributed real-time Java
No Heap Remote Objects for Distributed real-time Java
 
Jvm profiling under the hood
Jvm profiling under the hoodJvm profiling under the hood
Jvm profiling under the hood
 
Open mp directives
Open mp directivesOpen mp directives
Open mp directives
 

Viewers also liked

A Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented SystemA Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented SystemTakuo Watanabe
 
A Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented SystemsA Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented SystemsTakuo Watanabe
 
Class Responsibility Assignment as Fuzzy Constraint Satisfaction
Class Responsibility Assignment as Fuzzy Constraint SatisfactionClass Responsibility Assignment as Fuzzy Constraint Satisfaction
Class Responsibility Assignment as Fuzzy Constraint SatisfactionShinpei Hayashi
 
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...Shinpei Hayashi
 
Guiding Identification of Missing Scenarios for Dynamic Feature Location
Guiding Identification of Missing Scenarios for Dynamic Feature LocationGuiding Identification of Missing Scenarios for Dynamic Feature Location
Guiding Identification of Missing Scenarios for Dynamic Feature LocationShinpei Hayashi
 
Toward Understanding How Developers Recognize Features in Source Code from De...
Toward Understanding How Developers Recognize Features in Source Code from De...Toward Understanding How Developers Recognize Features in Source Code from De...
Toward Understanding How Developers Recognize Features in Source Code from De...Shinpei Hayashi
 
Feature Location for Multi-Layer System Based on Formal Concept Analysis
Feature Location for Multi-Layer System Based on Formal Concept AnalysisFeature Location for Multi-Layer System Based on Formal Concept Analysis
Feature Location for Multi-Layer System Based on Formal Concept AnalysisHiroshi Kazato
 
Terminology Matching of Requirements Specification Documents and Regulations ...
Terminology Matching of Requirements Specification Documents and Regulations ...Terminology Matching of Requirements Specification Documents and Regulations ...
Terminology Matching of Requirements Specification Documents and Regulations ...Shinpei Hayashi
 
Refactoring Edit History of Source Code
Refactoring Edit History of Source CodeRefactoring Edit History of Source Code
Refactoring Edit History of Source CodeShinpei Hayashi
 
Incremental Feature Location and Identification in Source Code
Incremental Feature Location and Identification in Source CodeIncremental Feature Location and Identification in Source Code
Incremental Feature Location and Identification in Source CodeHiroshi Kazato
 
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...Generating Assertion Code from OCL: A Transformational Approach Based on Simi...
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...Shinpei Hayashi
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsShinpei Hayashi
 
Detecting Occurrences of Refactoring with Heuristic Search
Detecting Occurrences of Refactoring with Heuristic SearchDetecting Occurrences of Refactoring with Heuristic Search
Detecting Occurrences of Refactoring with Heuristic SearchShinpei Hayashi
 
iFL: An Interactive Environment for Understanding Feature Implementations
iFL: An Interactive Environment for Understanding Feature ImplementationsiFL: An Interactive Environment for Understanding Feature Implementations
iFL: An Interactive Environment for Understanding Feature ImplementationsShinpei Hayashi
 
Understanding Source Code Differences by Separating Refactoring Effects
Understanding Source Code Differences by Separating Refactoring EffectsUnderstanding Source Code Differences by Separating Refactoring Effects
Understanding Source Code Differences by Separating Refactoring EffectsShinpei Hayashi
 
Toward Structured Location of Features
Toward Structured Location of FeaturesToward Structured Location of Features
Toward Structured Location of FeaturesHiroshi Kazato
 
Supporting Design Model Refactoring for Improving Class Responsibility Assign...
Supporting Design Model Refactoring for Improving Class Responsibility Assign...Supporting Design Model Refactoring for Improving Class Responsibility Assign...
Supporting Design Model Refactoring for Improving Class Responsibility Assign...Shinpei Hayashi
 
Sentence-to-Code Traceability Recovery with Domain Ontologies
Sentence-to-Code Traceability Recovery with Domain OntologiesSentence-to-Code Traceability Recovery with Domain Ontologies
Sentence-to-Code Traceability Recovery with Domain OntologiesShinpei Hayashi
 
Visualizing Stakeholder Concerns with Anchored Map
Visualizing Stakeholder Concerns with Anchored MapVisualizing Stakeholder Concerns with Anchored Map
Visualizing Stakeholder Concerns with Anchored MapTakanori Ugai
 
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」Takashi Kobayashi
 

Viewers also liked (20)

A Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented SystemA Reflective Implementation of an Actor-based Concurrent Context-Oriented System
A Reflective Implementation of an Actor-based Concurrent Context-Oriented System
 
A Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented SystemsA Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
A Reflective Approach to Actor-Based Concurrent Context-Oriented Systems
 
Class Responsibility Assignment as Fuzzy Constraint Satisfaction
Class Responsibility Assignment as Fuzzy Constraint SatisfactionClass Responsibility Assignment as Fuzzy Constraint Satisfaction
Class Responsibility Assignment as Fuzzy Constraint Satisfaction
 
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...
Recording Finer-Grained Software Evolution with IDE: An Annotation-Based Appr...
 
Guiding Identification of Missing Scenarios for Dynamic Feature Location
Guiding Identification of Missing Scenarios for Dynamic Feature LocationGuiding Identification of Missing Scenarios for Dynamic Feature Location
Guiding Identification of Missing Scenarios for Dynamic Feature Location
 
Toward Understanding How Developers Recognize Features in Source Code from De...
Toward Understanding How Developers Recognize Features in Source Code from De...Toward Understanding How Developers Recognize Features in Source Code from De...
Toward Understanding How Developers Recognize Features in Source Code from De...
 
Feature Location for Multi-Layer System Based on Formal Concept Analysis
Feature Location for Multi-Layer System Based on Formal Concept AnalysisFeature Location for Multi-Layer System Based on Formal Concept Analysis
Feature Location for Multi-Layer System Based on Formal Concept Analysis
 
Terminology Matching of Requirements Specification Documents and Regulations ...
Terminology Matching of Requirements Specification Documents and Regulations ...Terminology Matching of Requirements Specification Documents and Regulations ...
Terminology Matching of Requirements Specification Documents and Regulations ...
 
Refactoring Edit History of Source Code
Refactoring Edit History of Source CodeRefactoring Edit History of Source Code
Refactoring Edit History of Source Code
 
Incremental Feature Location and Identification in Source Code
Incremental Feature Location and Identification in Source CodeIncremental Feature Location and Identification in Source Code
Incremental Feature Location and Identification in Source Code
 
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...Generating Assertion Code from OCL: A Transformational Approach Based on Simi...
Generating Assertion Code from OCL: A Transformational Approach Based on Simi...
 
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security RequirementsModeling and Utilizing Security Knowledge for Eliciting Security Requirements
Modeling and Utilizing Security Knowledge for Eliciting Security Requirements
 
Detecting Occurrences of Refactoring with Heuristic Search
Detecting Occurrences of Refactoring with Heuristic SearchDetecting Occurrences of Refactoring with Heuristic Search
Detecting Occurrences of Refactoring with Heuristic Search
 
iFL: An Interactive Environment for Understanding Feature Implementations
iFL: An Interactive Environment for Understanding Feature ImplementationsiFL: An Interactive Environment for Understanding Feature Implementations
iFL: An Interactive Environment for Understanding Feature Implementations
 
Understanding Source Code Differences by Separating Refactoring Effects
Understanding Source Code Differences by Separating Refactoring EffectsUnderstanding Source Code Differences by Separating Refactoring Effects
Understanding Source Code Differences by Separating Refactoring Effects
 
Toward Structured Location of Features
Toward Structured Location of FeaturesToward Structured Location of Features
Toward Structured Location of Features
 
Supporting Design Model Refactoring for Improving Class Responsibility Assign...
Supporting Design Model Refactoring for Improving Class Responsibility Assign...Supporting Design Model Refactoring for Improving Class Responsibility Assign...
Supporting Design Model Refactoring for Improving Class Responsibility Assign...
 
Sentence-to-Code Traceability Recovery with Domain Ontologies
Sentence-to-Code Traceability Recovery with Domain OntologiesSentence-to-Code Traceability Recovery with Domain Ontologies
Sentence-to-Code Traceability Recovery with Domain Ontologies
 
Visualizing Stakeholder Concerns with Anchored Map
Visualizing Stakeholder Concerns with Anchored MapVisualizing Stakeholder Concerns with Anchored Map
Visualizing Stakeholder Concerns with Anchored Map
 
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」
FOSE2010 ミニチュートリアル 「データマイニング技術を応用したソフトウェア構築・保守支援」
 

Similar to A Language Support for Exhaustive Fault-Injection in Message-Passing System Models

What’s eating python performance
What’s eating python performanceWhat’s eating python performance
What’s eating python performancePiotr Przymus
 
EclipseCon Eu 2015 - Breathe life into your Designer!
EclipseCon Eu 2015 - Breathe life into your Designer!EclipseCon Eu 2015 - Breathe life into your Designer!
EclipseCon Eu 2015 - Breathe life into your Designer!melbats
 
Golang Performance : microbenchmarks, profilers, and a war story
Golang Performance : microbenchmarks, profilers, and a war storyGolang Performance : microbenchmarks, profilers, and a war story
Golang Performance : microbenchmarks, profilers, and a war storyAerospike
 
A tale of bug prediction in software development
A tale of bug prediction in software developmentA tale of bug prediction in software development
A tale of bug prediction in software developmentMartin Pinzger
 
Ruby3x3: How are we going to measure 3x
Ruby3x3: How are we going to measure 3xRuby3x3: How are we going to measure 3x
Ruby3x3: How are we going to measure 3xMatthew Gaudet
 
When Web Services Go Bad
When Web Services Go BadWhen Web Services Go Bad
When Web Services Go BadSteve Loughran
 
The Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingThe Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingAndrey Karpov
 
The Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingThe Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingPVS-Studio
 
PVS-Studio and static code analysis technique
PVS-Studio and static code analysis techniquePVS-Studio and static code analysis technique
PVS-Studio and static code analysis techniqueAndrey Karpov
 
Velocity 2015: Building Self-Healing Systems
Velocity 2015: Building Self-Healing SystemsVelocity 2015: Building Self-Healing Systems
Velocity 2015: Building Self-Healing SystemsSOASTA
 
Velocity 2015 building self healing systems (slide share version)
Velocity 2015 building self healing systems (slide share version)Velocity 2015 building self healing systems (slide share version)
Velocity 2015 building self healing systems (slide share version)SOASTA
 
Module-related pages
Module-related pagesModule-related pages
Module-related pagesbutest
 
magellan_mongodb_workload_analysis
magellan_mongodb_workload_analysismagellan_mongodb_workload_analysis
magellan_mongodb_workload_analysisPraveen Narayanan
 
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Nicolas Navet
 
Chelberg ptcuser 2010
Chelberg ptcuser 2010Chelberg ptcuser 2010
Chelberg ptcuser 2010Clay Helberg
 
Monitoring your Python with Prometheus (Python Ireland April 2015)
Monitoring your Python with Prometheus (Python Ireland April 2015)Monitoring your Python with Prometheus (Python Ireland April 2015)
Monitoring your Python with Prometheus (Python Ireland April 2015)Brian Brazil
 
Making fitting in RooFit faster
Making fitting in RooFit fasterMaking fitting in RooFit faster
Making fitting in RooFit fasterPatrick Bos
 
PAC 2019 virtual Arjan Van Den Berg
PAC 2019 virtual Arjan Van Den Berg PAC 2019 virtual Arjan Van Den Berg
PAC 2019 virtual Arjan Van Den Berg Neotys
 

Similar to A Language Support for Exhaustive Fault-Injection in Message-Passing System Models (20)

What’s eating python performance
What’s eating python performanceWhat’s eating python performance
What’s eating python performance
 
EclipseCon Eu 2015 - Breathe life into your Designer!
EclipseCon Eu 2015 - Breathe life into your Designer!EclipseCon Eu 2015 - Breathe life into your Designer!
EclipseCon Eu 2015 - Breathe life into your Designer!
 
Golang Performance : microbenchmarks, profilers, and a war story
Golang Performance : microbenchmarks, profilers, and a war storyGolang Performance : microbenchmarks, profilers, and a war story
Golang Performance : microbenchmarks, profilers, and a war story
 
A tale of bug prediction in software development
A tale of bug prediction in software developmentA tale of bug prediction in software development
A tale of bug prediction in software development
 
Surge2012
Surge2012Surge2012
Surge2012
 
Ruby3x3: How are we going to measure 3x
Ruby3x3: How are we going to measure 3xRuby3x3: How are we going to measure 3x
Ruby3x3: How are we going to measure 3x
 
When Web Services Go Bad
When Web Services Go BadWhen Web Services Go Bad
When Web Services Go Bad
 
The Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingThe Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and Everything
 
The Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and EverythingThe Ultimate Question of Programming, Refactoring, and Everything
The Ultimate Question of Programming, Refactoring, and Everything
 
PVS-Studio and static code analysis technique
PVS-Studio and static code analysis techniquePVS-Studio and static code analysis technique
PVS-Studio and static code analysis technique
 
Velocity 2015: Building Self-Healing Systems
Velocity 2015: Building Self-Healing SystemsVelocity 2015: Building Self-Healing Systems
Velocity 2015: Building Self-Healing Systems
 
Velocity 2015 building self healing systems (slide share version)
Velocity 2015 building self healing systems (slide share version)Velocity 2015 building self healing systems (slide share version)
Velocity 2015 building self healing systems (slide share version)
 
Module-related pages
Module-related pagesModule-related pages
Module-related pages
 
magellan_mongodb_workload_analysis
magellan_mongodb_workload_analysismagellan_mongodb_workload_analysis
magellan_mongodb_workload_analysis
 
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
 
Matopt
MatoptMatopt
Matopt
 
Chelberg ptcuser 2010
Chelberg ptcuser 2010Chelberg ptcuser 2010
Chelberg ptcuser 2010
 
Monitoring your Python with Prometheus (Python Ireland April 2015)
Monitoring your Python with Prometheus (Python Ireland April 2015)Monitoring your Python with Prometheus (Python Ireland April 2015)
Monitoring your Python with Prometheus (Python Ireland April 2015)
 
Making fitting in RooFit faster
Making fitting in RooFit fasterMaking fitting in RooFit faster
Making fitting in RooFit faster
 
PAC 2019 virtual Arjan Van Den Berg
PAC 2019 virtual Arjan Van Den Berg PAC 2019 virtual Arjan Van Den Berg
PAC 2019 virtual Arjan Van Den Berg
 

Recently uploaded

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 

Recently uploaded (20)

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 

A Language Support for Exhaustive Fault-Injection in Message-Passing System Models

  • 1. A Language Support for Exhaustive Fault-Injection in Message-Passing System Models! Masaya Suzuki & Takuo Watanabe! Department of Computer Science! Tokyo Institute of Technology 1 MOD*2014, Bertinoro
  • 2. About This Work • Proposes a modeling language Sandal that is aimed to describe fault-prone distributed systems.! - Sandal provides a fixed set of features for describing faults and fault-handling actions! • timeout, message lost, shutdown! ! • Talk Outline! - Background! - Modeling Faults and Fault-Handling Actions! - Language Features of Sandal! - Case Study: 2PC! - Final Stuff 2
  • 3. Research Background (1):! Adaptive Distributed Systems • Concurrent Context-Oriented Programming! • "A Reflective Approach to Actor-Based Concurrent Context- Oriented Systems" [Watanabe & Takeno, COP 2014]! - asynchronous context manipulation using reflection! • optimistic and pessimistic synchronization! ! ! ! ! ! ! ! • Verification of context manipulation mechanism 3 observer context change info. O A B cross-context message
  • 4. Research Background (2):! Modeling Human-Made Faults • Verifying workflows including recovery processes of human-made faults! • "A Model-Checking Based Approach to Robustness Analysis of Procedures under Human-Made Faults" [Nagatou & Watanabe, APBPM 2014]! - Modeling a system as a set of concurrent processes! - Injecting possible human-made fault actions to the model! • cf. HAZOP! - Model-check the fault-injected model! - Applications! • Blood Testing, Radar Data Processing, etc.! ! • Modular fault description mechanism 4
  • 5. Modular Description of Self-* Behaviors • Generally, modeling/specification languages need good modularization mechanisms for describing/ specifying self-* behaviors and/or non-functional behaviors such as:! - Faults, Fault Handling Actions! - (Dynamic) Adaptation / Evolution / Self-Updating! - Context-Aware / Context-Oriented Behaviors! - Resource Aware Actions! - (Application-Aware) Synchronizations! - Security / Safety Related Behaviors! ! • cf. Advanced Modularization Mechanisms in Programming Languages: AOP, FOP, COP, etc. 5
  • 6. Motivation: Modeling a Faulty System • From an experience on building a complex service on a distributed system: testing is not satisfactory for some fault-prone environments! • Tried to borrow the idea of SFI (software fault injection) for describing the abstract model of the service to be model checked. 6
  • 7. Describing Faults (1) • A simple timeout action for a message reception
 (in Promela)! ! ! ! ! ! ! ! ! - Note: Promela's timeout primitive can not be used for this purpose. 7 ch ? var; if :: var == Done -> ... :: ... fi bool recv_timeout = false; if :: ch ? var; :: recv_timeout = true; fi; if :: var == Done -> ... :: ... fi the original model! (w/o timeout) a model with timeout action
  • 8. Describing Faults (2) • Unexpected termination actions (highlighted) should be inserted to wherever needed. 8 proctype Arbiter() { mtype resp; if :: true; false :: true fi; worker1_recv ! Ready; if :: true; false :: true fi; worker2_recv ! Ready; if :: true; false :: true fi; worker1_send ? resp; if :: true; false :: true fi; if :: resp == NotReady -> if :: true; false :: true fi; all_ready = false :: else fi; if :: true; false :: true fi; worker2_send ? resp; if :: true; false :: true fi; if :: resp == NotReady -> if :: true; false :: true fi; all_ready = false :: else fi; determined = true; if :: true; false :: true fi; if :: all_ready -> if :: true; false :: true fi; worker1_recv ! Commit; if :: true; false :: true fi; woeker2_recv ! Commit :: else -> if :: true; false :: true fi; worker1_recv ! Abort; if :: true; false :: true fi; worker2_recv ! Abort fi } proctype Worker1() { mtype resp; if :: true; false :: true fi; worker1_recv ? resp; if :: true; false :: true fi; if :: worker1_ready = true; if :: true; false :: true fi; worker1_send ! Ready :: worker1_ready = false; if :: true; false :: true fi; worker1_send ! NotReady fi; if :: true; false :: true fi; worker1_recv ? worker1_resp } proctype Worker2() { ... }
  • 9. Need for Modular Description Mechanism • Manually inserting faults and fault-handling actions into a model is itself fault-prone. ! • Modeling language should have features that support modular descriptions for faults and fault-handling actions. 9
  • 10. Current Contribution • We designed and implemented a modeling language Sandal that is aimed to describe fault-prone distributed systems.! • Some case studies, including two phase commit (2PC) protocol, show the effectiveness of the language features of Sandal. 10
  • 11. Sandal • A process-oriented modeling language with features for describing typical faults:! - unexpected process termination! - timeout in message reception! - random loss of message! ! • Langauge Processor (translator to NuSMV)! - Source code: https://github.com/draftcode/sandal! - You need! • Go (http://golang.org) to build the translator! • NuSMV (http://nusmv.fbk.eu) to verify translated models 11
  • 13. Example 13 data Message { Ping, Pong } proc PingProc(ch_send channel { Message }, ch_recv channel { Message }) { for { var msg Message send(ch_send, Ping) recv(ch_recv, msg) } } ... init { P0_0: PingProc(ping_to_pong_0, pong_to_ping_0), P1_0: PongProc(pong_to_ping_0, ping_to_pong_0), ping_to_pong_0: channel { Message }, pong_to_ping_0: channel { Message } }
  • 14. Unexpected Process Termination &! Random Loss of Messages (1) • @shutdown! - specifies that the process may terminate unexpectedly! • @drop! - specifies that the channel may lost messages 14 init { P0_0: PingProc(ping_to_pong_0, pong_to_ping_0) @shutdown, P1_0: PongProc(pong_to_ping_0, ping_to_pong_0) @shutdown, ping_to_pong_0: channel { Message } @drop, pong_to_ping_0: channel { Message } @drop, }
  • 15. Unexpected Process Termination &! Random Loss of Messages (2) 15 Unexpected Termination Random Loss of Messages
  • 16. Timeout (Nonblock) Message Reception 16 var result bool = timeout_recv(ch, v)
  • 17. Case Study: Two Phase Commit Protocol 17
  • 18. Case Study: Experimental Result 18 (arbiter.determined^ ¬arbiter.all ready ! (¬worker1.resp = Commit ^ ¬worker2.resp = Commit)) Speed LOC Memory No Fault 0.96 sec 51 26.4 MB With Timeout 2.88 sec 51 (6) 21.8 MB With Message Loss 2.11 sec 51 (8) 11.9 MB With Termination 0.51 sec 51 (6) 17.1 MB Arch Linux (Kernel 3.12.7) Intel Core i7-3370K @ 3.50GHz 16GB Memory
 NuSMV 2.5.4 (CUDD 2.4.1 MiniSat2-070721), Spin 6.2.5 Property to be checked: Result:
  • 19. Comparison (1): Time & Memory Footprint 19 Sandal Spin NuSMV No Fault 20.8 MB 128 MB 6.42 MB With Timeout 21.2 MB 128 MB 6.64 MB With Message Loss 25.2 MB 128 MB 6.82 MB With Termination 12.7 MB 128 MB 6.57 MB Sandal Spin NuSMV No Fault 0.42 sec 0.87 sec 0.016 sec With Timeout 0.50 sec 0.89 sec 0.018 sec With Message Loss 0.95 sec 0.88 sec 0.025 sec With Termination 0.21 sec 0.95 sec 0.015 sec
  • 20. Comparison (2): Size of Models • (n) : # of lines modified / added to "No Fault" version 20 LOC (Diff) Sandal Promela NuSMV No Fault 45 28 178 (58) With Timeout 48 (5) 37 (13) 180 (6) With Message Loss 45 (2) 34 (10) 182 (14) With Termination 45 (6) 41 (21) 179 (23)
  • 21. Related Work • Automatic fault-injection tools targeted to models! - MODIFI [Svenningsson et al, 2010]! - FSAP/NuSMV-SA [Bozzano et al, 2003]! • both are for hardware faults! • modularization problem! • Model-checking message-based distributed systems! - Rebeca [Sirjani et al, 2004]! • AOP for modeling languages! - Aspect-Oriented Promela [Ohno & Kishi, 2008]! - Moxa [Yamada & Watanabe, 2005]! • Aspect-Oriented Extension of JML 21
  • 22. Future Work • Optimizing the Translator! - Abstraction Refinement, K-Induction, etc.! • AOP/FOP version of Sandal! - Model-level separation of concerns (parameterization?)! • Probabilistic Models for Faulty Behaviors! ! • Verifying Multi-Level Models of Self-* Systems! • Compositional Construction of Actor-Based
 Group-Wide Reflection [Watanabe, 2013]! - Self-* actions vs. base-level actions 22 a"group"of"objects meta0group
  • 23. Summary • We propose a modeling language Sandal that provides features for describing faults and fault- handling actions! - timeout, random loss of messages, unexpected termination! • Case study (2PC protocol) shows the effectiveness of the language features. 23