Counterexample Guided Synthesis of Monitors for Realizability Enforcement. Matthias Güdemann Gwen Salaün Meriem Ouederni

Similar documents
Checking the Realizability of BPMN 2.0 Choreographies

Realizability of Choreographies using Process Algebra Encodings

Reliable Self-Deployment of Cloud Applications

Realizability of Choreographies using Process Algebra Encodings

Adaptation of Asynchronously Communicating Software

Model-Based Adaptation of Software Communicating via FIFO Buffers

VBPMN: Automated Verification of BPMN Processes

Asynchronous synthesis techniques for coordinating autonomic managers in the cloud

Formal Design of Dynamic Reconfiguration Protocol for Cloud Applications

TTool Training. III. Using TTool

Using LNT Formal Descriptions for Model-Based Diagnosis

Checking Business Process Evolution

Consolidation of Interacting BPEL Process Models with Fault Handlers

Comparator: A Tool for Quantifying Behavioural Compatibility

UniLFS: A Unifying Logical Framework for Service Modeling and Contracting

Context-Switch-Directed Verification in DIVINE

Checking Business Process Evolution

Idioms for Interaction: Functional Types, Process Types and Distributed Systems

CADP 2006: A Toolbox for the Construction and Analysis of Distributed Processes

TURTLE Four Weddings and a Tutorial

A step towards reconciling GALS industrial design with formal verification

Automatic Skeleton Generation for Data-Aware Service Choreographies

Asynchronous Coordination of Stateful Autonomic Managers in the Cloud

Analyzing Conversations of Web Services

Diagnostic Information for Control-Flow Analysis of Workflow Graphs (aka Free-Choice Workflow Nets)

Checking the Realizability of BPMN 2.0 Choreographies

Modeling Interactions of Web Software

Quantifying the Parallelism in BPMN Processes using Model Checking

Formal Specification and Verification of Fully Asynchronous Implementations of the Data Encryption Standard

Creating Smart Agents:

Towards a Theory of Web Service Choreographies

Automated Analysis of Industrial Workflow-based Models

DLC: Compiling a Concurrent System Formal Specification to a Distributed Implementation

Formal Analysis of the ACE Specification for Cache Coherent Systems-On-Chip

Symbolic Bounded Analysis for Component Behavioural Protocols

INF672 Protocol Safety and Verification. Karthik Bhargavan Xavier Rival Thomas Clausen

Distributed Systems Programming (F21DS1) Formal Verification

COMMUNICATION PROTOCOL ENGINEERING

Realizability and Dynamic Reconfiguration of Chor Specifications

Collaboration vs Choreography Conformance in BPMN 2.0: from Theory to Practice

4/6/2011. Model Checking. Encoding test specifications. Model Checking. Encoding test specifications. Model Checking CS 4271

Telecooperation. Application of Subject-oriented Modeling in Automatic Service Composition. Erwin Aitenbichler. Technische Universität Darmstadt

EE249 Discussion Petri Nets: Properties, Analysis and Applications - T. Murata. Chang-Ching Wu 10/9/2007

Modular Verification of Web Services Using Efficient Symbolic Encoding and Summarization

Web Services Choreography and Process Algebra

Session Types and Multiparty Session Types. Nobuko Yoshida Imperial College London

Network Verification: Reflections from Electronic Design Automation (EDA)

Modelling (and Analyzing) Interorganizational Communication. Jan Martijn van der Werf

Towards Choreography Transactions

Research Collection. Formal background and algorithms. Other Conference Item. ETH Library. Author(s): Biere, Armin. Publication Date: 2001

Verifying Periodic Programs with Priority Inheritance Locks

Parametric Real Time System Feasibility Analysis Using Parametric Timed Automata

Automatic Distributed Code Generation from Formal Models of Asynchronous Processes Interacting by Multiway Rendezvous

Binary Decision Diagrams and Symbolic Model Checking

Foundation of Contract for Things

Behavioral Adaptation of Component Compositions based on Process Algebra Encodings

Slicing for Model Reduction in Adaptive Embedded Systems Development

Probabilistic Model Checking

Model Checking Revision: Model Checking for Infinite Systems Revision: Traffic Light Controller (TLC) Revision: 1.12

MICROSERVICES ORCHESTRATIONS WITH BPM. Dr. Marigianna Skouradaki

Comparison of Model Checking Tools for Information Systems

Synthesis of Synchronization using Uninterpreted Functions

The ConcurTaskTrees Environment Help CTT Notation

Verifiable Architectural Interface for Supporting Model-Driven Development with Adequate Abstraction Level

Asynchronous Communication Mechanisms (ACMs) EECE, Newcastle University

Overview of SRI s. Lee Pike. June 3, 2005 Overview of SRI s. Symbolic Analysis Laboratory (SAL) Lee Pike

Verification of Web Services

CSE 486/586 Distributed Systems

Specification of Realizable Service Conversations Using Collaboration Diagrams

Kronos: A Model-Checking Tool for Real-Time Systems*

Evaluating Context Descriptions and Property Definition Patterns for Software Formal Validation

FORMAL METHODS IN NETWORKING COMPUTER SCIENCE 598D, SPRING 2010 PRINCETON UNIVERSITY LIGHTWEIGHT MODELING IN PROMELA/SPIN AND ALLOY

Approach. Property. Specifications. Abstraction and Translation. Program. Verified Components

Distributed System Design from Global Requirements

By: Chaitanya Settaluri Devendra Kalia

The Consistency of Web Conversations

Eventuation properties and interaction contracts

Lecture1: Symbolic Model Checking with BDDs. Edmund M. Clarke, Jr. Computer Science Department Carnegie Mellon University Pittsburgh, PA 15213

System Models for Distributed Systems

Verification Finite-state process modeling and reachability analysis

Distributed Systems. coordination Johan Montelius ID2201. Distributed Systems ID2201

Investigation on Soundness Regarding Lazy Activities

Modelling and verification of BPEL business processes

Model-checking Synthesizable SystemVerilog Descriptions of Asynchronous Circuits

On the Semantics of Communicating Hardware Processes and their Translation into LOTOS for the Verification of Asynchronous Circuits with CADP

An Overview on Protocol Adaptors for Service Component Integration

From Analysis to Code Generation of Protocols and Embedded Software with a UML-Based Formal Environment Named TURTLE 2005

Complexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.

Design Space Exploration of Systems-on-Chip: DIPLODOCUS

A Symbolic Approach for the Verification and the Test of Service Choreographies

Blockchain and Additive Manufacturing

The ComFoRT Reasoning Framework

Design for Verification for Asynchronously Communicating Web Services

A Communicating Petri Net Model for the Design of Concurrent Asynchronous Modules

Service composition: Deriving Component Designs from Global Requirements

Static program checking and verification

Modular Verification of Asynchronous Service Interactions Using Behavioral Interfaces

Distributed Systems Programming (F21DS1) SPIN: Formal Analysis II

Encoding Web Service Constraints at your Service Coreographies as Constraints

want turn==me wait req2==0

Transcription:

Counterexample Guided Synthesis of Monitors for Realizability Enforcement Matthias Güdemann Gwen Salaün Meriem Ouederni

Choreographies Global contract specifications Participants, communication, message sequence, choices, synchronizations etc. Used e.g. Service Oriented Computing, Web services, Cloud Computing, Business Processes In general: contract specification of interaction-based systems Implementation Distributed system Top-down or bottom-up development

Overview Choreography Introduction Verification of Choreographies Enforcing Realizability of Choreographies Summary

Example Using an application in the cloud Client connects to service interface Interface sets up application Client accesses application Client logs out from interface Application logs events to database

Example Distributed implementation Projection onto single peers Parallel composition of peers Message exchange via asynchronous communication (FIFO Buffers)

Example Distributed implementation Projection: relabeling and reduction with CADP

Realizability Is the behavior of the choreography equivalent to the distributed implementation?? =

Realizability Is the behavior of the choreography equivalent to the distributed implementation?? = No! Counterexample: connect, access

Overview Choreography Introduction Verification of Choreographies Enforcing Realizability of Choreographies Outlook

Verifying Choreographies Model-Checking Verification with EVALUATOR Specification of temporal logic formulas Reachability, liveness, deadlocks etc.

Verifying Choreographies Realizability Top-down development approach Equivalence check with BISIMULATOR Conformance Analogous to realizability Bottom-up approach (no projection required) Synchronizability Equivalence check of synchronous and asynchronous system Synchronizable systems are bounded

Verifying Choreographies A non-faulty choreography is realizable if It is synchronizable and the behavior of the synchronous distributed system is equivalent to the global contract of the choreography (Fu et al. [POPL12])

Non-faulty Choreographies potential problem at selection:

Non-faulty Choreographies potential problem at selection: (Possibly) no problem if confluent! Verification using XTL (extensible temporal logic) Analysis of choices and interleavings

Transformation to Lotos NT Simple choice encoding in LNT s1 process s0[...] connect; s1[]; end process s0 process s1[...] select access; s1[]; [] logout; s0[]; end select end process

Transformation to Lotos NT Simple choice encoding in LNT s0 s1 process s0[...] connect; s1[]; end process process s1[...] select access; s1[]; [] logout; s0[]; end select end process Transformation to BCG / SVL (REDUCTOR, smart composition) Analysis with various CADP tools

Overview Choreography Introduction Verification of Choreographies Enforcing Realizability of Choreographies Summary

Enforcing Realizability What if a choreography is not realizable? Formal analysis benefits: CADP will provide counterexamples Explanation why the system is not realizable

Enforcing Realizability What if a choreography is not realizable? Formal analysis benefits: CADP will provide counterexamples Explanation why the system is not realizable Our solution: distributed monitors which control send messages without changing the original peers

Original System

Monitored System Local, distributed Monitors

Extended Choreography Counterexample: connect, access

Extended Choreography Counterexample: connect, access Synchronization message for monitors

Monitor Generation Similar to projection Local reception via message renaming Most permissive construction (peer continues)

Iterative Approach

Extended Choreography Counterexample: connect, setup, log

Extended Choreography Counterexample: connect, setup, log

Extended Choreography Counterexample: connect, setup, logout, connect

Repairability Results

Overview Choreography Introduction Verification of Choreographies Enforcing Realizability of Choreographies Summary

Summary Contributions: Realizability enforcement, i.e., repairability using non-intrusive distributed monitors Fully automatized, prototypical implementation Minimal number of additional messages Identifies all problematic messages

Summary Contributions: Realizability enforcement, i.e., repairability using non-intrusive distributed monitors Fully automatized, prototypical implementation Minimal number of additional messages Identifies all problematic messages Outlook Larger set of repairable choreographies Full support for higher level formalisms (e.g. Chor, BPEL4Chor, BPMN 2.0 choreographies)

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback