From Analysis to Code Generation of Distributed Systems with a UML-Based Formal Environment Named TURTLE 2005

Transcription

1 From Analysis to Code Generation of Distributed Systems with a UML-Based Formal Environment Named TURTLE 2005 Ludovic Apvrille ludovic.apvrille@enst.fr Eurecom, Office 223 Ludovic Apvrille - October 12, Page 1 Outline Context TURTLE, A UML profile TURTLE 2005: analysis, design and deployment TTool, the TURTLE toolkit Demonstration From analysis to design Generation of Java code Future work Ludovic Apvrille - October 12, Page 2

2 UML at a Glance Noting new but a federation of best practices A notation, not a methodology An international standard at OMG (Object Management Group) 12 diagrams to express complementary point of views Semantic variation points No standardized formal semantics Profile: the possibility to tailor the UML for your application domain Industry support Tools (TAU G2, ) Lingua franca for software-intensive system designers and developers Research work Real-time? Adding formality to the UML A UML model for simulation, verification, code generation, test generation, performance evaluation, Ludovic Apvrille - October 12, Page 3 Propositions Idea: let us enrich UML UML operators are informal UML lacks advanced temporal operators such as time intervals UML has no methodology (no validation) Proposition: Semi-formal UML-based environment Semantics given by mapping to a Formal Description Technique What formal language? Well-defined formal semantics Logical and temporal operators Tools => RT-LOTOS / Petri Nets with real-time extensions => TURTLE UML profile (Timed UML and RT-LOTOS Environment) Ludovic Apvrille - October 12, Page 4

3 Chronology of TURTLE 1999 First definition of operators Definition of a methodology supporting validation Modeling and translation rules Translation from TURTLE to RT-LOTOS partially implemented 2002 New operators (temporal operators, new diagrams) Methodological extensions 2003 First release of the TURTLE toolkit (TTool) 2005 TURTLE analysis TURTLE deployment Generation of executable code (Java) Ludovic Apvrille - October 12, Page 5 Labs and People Involved in TURTLE LAAS / CNRS Jean-Pierre Courtiat ENSICA Pierre de Saqui-Sannes Concordia University Ferhat Khendek ENST Ludovic Apvrille ENST Bretagne Christophe Lohr Alcatel Space Industries Ludovic Apvrille - October 12, Page 6

4 References Definition of the profile L. Apvrille, P. de Saqui-Sannes, A. Apvrille, Une méthodologie de conception des systèmes distribués basée sur UML, Actes de la 5ème conférence sur les nouvelles technologies de la répartition (NOTERE'05), p , Gatineau, QC, Canada, 29 aout - 1er septembre L. Apvrille, P. de Saqui-Sannes, F. Khendek, Synthèse d'une conception UML temps-réel à partir de diagrammes de séquences, Actes du Colloque Francophone sur l'ingénierie des Protocoles (CFIP'05), Bordeaux, France, 29 mars - 1er avril 2005 (in French). L. Apvrille, J.-P. Courtiat, C. Lohr, P de Saqui-Sannes, TURTLE: A Real-Time UML Profile Supported by a Formal Validation Toolkit, IEEE Transactions on Software Engineering, Vol. 30, No. 7, pp , July 2004 C. LOHR, L. APVRILLE, P DE SAQUI-SANNES, J.-P. COURTIAT, "New Operators for the TURTLE Profile", 6th IFIP International Conference on Formal Methods for Open Objectbased Distributed Systems (FMOODS'03), LNCS, Springer, Paris, France, November P. DE SAQUI-SANNES, L. APVRILLE, C. LOHR, P. SÉNAC, J.-P. COURTIAT, "UML and RT-LOTOS: An Integration for Real-Time System Validation", European Journal of Automation (JESA), Vol. 36, p , Ed. Hermès, L. APVRILLE, P. DE SAQUI-SANNES, C. LOHR, P. SÉNAC, J.-P. COURTIAT, "A New UML Profile for Real-time System Formal Design and Validation", Proceedings of the Fourth International Conference on the Unified Modeling Language (UML'2001), Toronto, Canada, October Use of the profile L. APVRILLE, P DE SAQUI-SANNES, P. SENAC, C. LOHR, "Verifying Service Continuity in a Satellite Reconfiguration Procedure", Journal of Automated Software, Engineering, Kluver, issue 11:2, L. APVRILLE, P. DE SAQUI-SANNES, P. SÉNAC, C. LOHR, "Reconfiguration dynamique de protocoles embarqués à bord de satellites", Actes du Colloque Francophone sur l'ingéniérie des Protocoles (CFIP'2002), Montréal, mai Ludovic Apvrille - October 12, Page 7 TURTLE: Methodology Formal validation Code generation (3) Deployment: components + DD (4) Code (Java) Execution Generation and execution of Java Code (2) Design CD + ADs Formal validation Automatic synthesis (1) Analysis IOD + SDs Formal validation Ludovic Apvrille - October 12, Page 8

5 TURTLE Analysis Interaction Overview Diagram Sequence Diagram Ludovic Apvrille - October 12, Page 9 TURTLE Design Ludovic Apvrille - October 12, Page 10

6 TURTLE Deployment Ludovic Apvrille - October 12, Page 11 TTool: an Open-Source Toolkit Developed at ENST - LabSoC Ludovic Apvrille - October 12, Page 12 Page 6

7 Demonstration Basic authentication mechanism of HTTP Analysis, design Proof of security flaw We demonstrate that a network attacker may obtain protected data Hacking of network packets + replay of the same packet with slight modifications Design Automatic Java code generation from design and deployment diagram From design: monolithic application is generated From deployment: a distributed application is generated Ludovic Apvrille - October 12, Page 13 Automatic Generation of TURTLE Design from TURTLE Analysis Fundamentals One instance in scenarios -> one TURTLE class Behavior of instance -> behavior of the corresponding TURTLE class (activity diagram, and more generally, state machine) Communication channels between instances -> for each trio (I1, msg, I2), a FIFO communication channel is settled between the corresponding TURTLE classes and gates Two TURTLE classes / FIFO channel On FIFO channel is modeled with two TURTLE classes But: Described scenarios are not always implementable TTool does not detect scenario non-implementability May be detected, sometimes, at generated design reachability graph level Deadlock situation Ludovic Apvrille - October 12, Page 14

8 Example of Non-Implementability For example, trace!a!c!e is included into the generated design Ludovic Apvrille - October 12, Page 15 Main Features of The Java Code Generator Code generated from TURTLE design Monolithic application Translation process relies on libraries Temporal operators, synchronization, etc. Code may be generated, compiled and executed from TTool Code generated from TURTLE deployment Networked application Asynchronous links are implemented using UDP, TCP or RMI May be configured in TTool Code may be generated and compiled from TTool Ludovic Apvrille - October 12, Page 16

9 Generating Java Code from TURTLE Deployment Reuse of the generator implemented for TURTLE designs Issue of links between nodes Links are modeled both for formal validation purpose and for code generation Some parameters cannot be taken into account Delay, loss rate, etc. and some others have to be taken into account Protocols, port number, network addresses, etc. Ludovic Apvrille - October 12, Page 17 Generating Java Code from TURTLE Deployment (Cont.) C1 C2 (1) C1_T1.g1 = L12.gt1 Synchro C1_T1 L12 code Java L12.gt2 = C2_T2.g2 Synchro (2) (2) C2_T2 Main_C2.java (1) Generation of a marked TURTLE design UDP / TCP / RMI + corresponding parameters (2) Reuse of the TURTLE design code generator Extended generator Network marked gates are computed differently Several executable modules are generated Libraries managing actions on gates have been extended Data sending and receiving using UDP / TCP / RMI Ludovic Apvrille - October 12, Page 18

10 Conclusions TURTLE profile Real-time UML profile Analysis, design and deployment have been enhanced with logical and temporal operators Graphic syntax compliant with UML 2.0 Formal semantics Java code generation TTool Diagram edition Highly intuitive interface Transparent use of powerful formal validation techniques Applications Alcatel Space UDCast Used in several European research projects DIPCAST, MAESTRO, etc. Ludovic Apvrille - October 12, Page 19 Future work Refinement process at specification and design level TURTLE 2.0 Formal semantics Petri Nets Code generation SystemC Toolkits TINA Ludovic Apvrille - October 12, Page 20

11 Related Work Real-Time UML profiles (selection) ACCORD/UML OMEGA ARTEMIS OMG profile STP (Scheduling, Time, Performance) TURTLE libraries MARTE (Modeling and Analysis of Real-Time and Embedded Systems) Formal verification tools Synchronous languages Hybrid automata (HYTECH) Timed automata (UPPAAL) Promela (SPIN) Time Petri nets (TINA) Ludovic Apvrille - October 12, Page 21 Any questions? TURTLE s website: TTool s website: Ludovic Apvrille - October 12, Page 22