320 likes | 435 Views
ASAP: An Extensible Platform for State Space Analysis. Michael Westergaard (Aarhus, DK) Sami Evangelista (Aarhus, DK) Lars Michael Kristensen (Bergen, NO). Outline. Tool overview Specification of verification jobs The state space search engine Extending ASAP Benchmarks Conclusion.
E N D
ASAP: An Extensible Platformfor State Space Analysis Michael Westergaard (Aarhus, DK)Sami Evangelista (Aarhus, DK)Lars Michael Kristensen (Bergen, NO)
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
Whatis ASAP? • Next generation of computer tool support for state space analysis of CPN models. • Developed within the ASCoVeCo research project. • Supported by the Danish Research Council for Technology and Production [09/2006 – 09/2009]. • Project members ASCoVeCo Advanced State Space Methods and Computer Tools for Verification of Communication Protocols ASAP ASCoVeCoState Space Analysis Platform
Aim and vision • A state space analysis tool and development platform aimed at • Research – implementation of verification algorithms / state space reduction techniques (e.g., sweep line); experimental comparison of algorithms • Education – user- and implementation perspective • Industrial use– ease of use; stability; highly automatic; pragmatic methods; practical expressiveness of models. • The challenge: support all this in a coherent manner with a suitable user interface. • Implementation of ASAP started in summer 2007.
Software architecture State SpaceExploration Engine Graphical User Interface Explorations JoSEL Editor JoSEL Scheduler CPN Model Instantiator CPN Model Loader Method-specific tasks Reporting QueryLanguages Storages Waiting sets JoSELRepresentation CPN Model Representation BIRT Graphical Modelling Framework Eclipse Modelling Framework CPN Tools Simulator Standard ML Eclipse Rich Client Platform JAVA ASAP runs on Windows XP/Vista, Linux, and Mac OS X.
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
Task name JoSELoverview - 1 • Graphicallanguageinspired by • Dataflowdiagrams (input and output) • Coloured Petri nets (hierarchy concept, abstraction mechanism) • A task isthe atomic unit of computation • Tasks have typed input and output ports. Typically used to represent instantiation or execution of a component on the underlying state space exploration platform
JoSELoverview - 2 • Output ports and input ports canbeconnected • A verification job • is a collection of tasks and their connections • specifies a producer/consumer scenario
JoSELoverview - 3 • A job can have exported ports. • A job can be abstractly represented by a macro task. • The use of macros enables • reuse of sub-jobs among different verification jobs • simplification of JoSEL specifications • different levels of abstraction
JoSELexample – Top-level of a job Load file containing CPN model Instantiation of CPN model simulator Macro task for checking a safety property Macro task for report generation Load file containing the property Instantiate safety property to be checked Name of safety property
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
The state spacesearchengine • Written in SML • Based on a few SML signatures ( JAVA interfaces) • STORAGE for data structures storing states • EXPLORATION for searchalgorithms • MODEL for specific model operations • WAITING_SET for data structures storing states waiting to beprocessed by an EXPLORATION
The MODEL signature signature MODEL = sig eqtype state eqtype event valgetInitialStates: unit -> (state * event list) list valnextStates: state * event -> (state * event list) list valexecuteSequence: state * event list -> (state * event list) list valstateToString: state -> string valeventToString: event -> string end Get the initial state(s) withtheirenabledevents Compute the successor(s) of a state by executing an event Execute a sequence of events and return the states on the path String representation of states and events
Currentstatus of the engine • Searchalgorithms: • DFS, BFS • Randomwalks • Externalmemoryalgorithms • Reduction techniques • Bit-state hashing, hash compaction • State caching • Sweep-line method • ComBackmethod • Type of propertiesanalyzed • Safetyproperties • Deadlock • Genericproperties of CPNs (liveness, boundness, home markings, …)
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
Integration of a sweep-line plug-in - 1 State SpaceExploration Engine Graphical User Interface Explorations JoSEL Editor JoSEL Scheduler CPN Model Instantiator CPN Model Loader Method-specific tasks Reporting QueryLanguages Storages Waiting sets JoSELRepresentation CPN Model Representation BIRT Graphical Modelling Framework Eclipse Modelling Framework CPN Tools Simulator Standard ML Eclipse Rich Client Platform JAVA
SML implementation of thesweep-line algorithm functorSweepLineExploration ( structure Storage: STORAGE structure Model: MODEL structureMeasure: PROGRESS_MEASURE): EXPLORATION = struct fun explore filterEventstransformStatearcHookstateHook = … end Functionscalled for each state and arcs of the reachability graph Data structure used to store reachable states Model of whichwe explore the graph Exploration algorithmusing the sweep-line method. ≈100 lines of SML code Used to evaluate the progression of states Filter the executableevents of a state, e.g., for partial-orderreduction Transform a state, e.g., with a canonicalizationfunction
Integration of a sweep-line plug-in - 2 State SpaceExploration Engine Graphical User Interface Explorations JoSEL Editor JoSEL Scheduler CPN Model Instantiator CPN Model Loader Method-specific tasks Reporting QueryLanguages Storages Waiting sets JoSELRepresentation CPN Model Representation BIRT Graphical Modelling Framework Eclipse Modelling Framework CPN Tools Simulator Standard ML Eclipse Rich Client Platform JAVA
JAVA implementationof the sweep-line task functorSweepLineExploration ( structure Storage: STORAGE structure Model: MODEL structureMeasure: PROGRESS_MEASURE): EXPLORATION = struct fun explore filterEventstransformStatearcHookstateHook = … end
JAVA implementationof the sweep-line task • classSweepLineExplorationTaskimplementsFunctorTask { • String getName () { • return "Sweep Line Exploration"; } • String getFunctor () { • return "SweepLineExploration"; } • Value getReturnType () { • return new Value ("Traversal", Exploration.class); } • Value[] getParameters () { • return new Value[] { new Value ("Model", Model.class), • new Value ("Storage", Storage.class), • new Value ("Progress Measure", Measure.class) }; } • Exploration exec (Model m, Storage s, Measure p) { … } • } Name of the SML functor in the searchengine Generates the SML code executedwhen the taskisperformed
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
Experimentationcontext • ASAP canload • CPN modelsproduced by CPN Tools • DVE models (language of the DiVinE model checker) • Two types of inputs • CPN modelsfromourown collection • DVE modelsfrom the BEEM database: http://anna.fi.muni.cz/models/ • Performed an exhaustive state space exploration (with and without the ComBackmethod) and recordedexecution time.
ASAP vs CPN Tools State space exploration time (sec.)
ASAP vs DiVinE State space exploration time (sec.)
Outline • Tooloverview • Specification of verification jobs • The state spacesearchengine • Extending ASAP • Benchmarks • Conclusion
To sum up • ASAP is a state spaceanalysistool. • It isgraphical, based on the eclipseplatform • Verificationtasks are performedusing the JoSELgraphicallanguage. • Intented to beeasy to use by different types of users • Students • Researchers • Industrialusers and to extendw.r.t. • verificationalgorithms • specificationlanguages • ASAP is free of charge.
What’snext • Temporal logicverification(LTL, CTL) • Drawing of state spaces • Multi-threaded / distributedverification
Thankyou for your attention! ASAP download page: http://www.cs.au.dk/~ascoveco/download.html Visit us duringtoolsdemonstration.