1 / 11

Finite Model Generation for Distributed Java Programs

Finite Model Generation for Distributed Java Programs. Eric MADELAINE Rabea BOULIFA OASIS team INRIA Sophia-Antipolis, France. This talk. Context. Analysis and verification software platform for distributed Java applications. Pervasive and mobile computing, e-commerce, grid computing

tansy
Download Presentation

Finite Model Generation for Distributed Java Programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Finite Model Generation for Distributed Java Programs Eric MADELAINE Rabea BOULIFA OASIS team INRIA Sophia-Antipolis, France

  2. This talk. Context • Analysis and verification software platform for distributed Java applications. Pervasive and mobile computing, e-commerce, grid computing • Long term goal: full language, usable by non-specialists • Automatic tools = static analysis, model-checkers, equiv / preorder checkers. Graphical / Logical Specifications Automatic tools, diagnostics, etc. Code analysis Finite model Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  3. Software verification: ESC-Java, CADP, Slam, Blast, Feaver, Bandera, JPF • So, what’s special with distributed applications ? • Asynchronous communication • error-prone, state explosion • Structured: composition of distributed components • hierarchical construction / reduction / analysis of models • bisimulation semantics • Well-defined, architecture-independent semantics • with the ProActive Library. • Inherit methods and tools from existing software: • Static analysis from Soot. • Slicing / abstraction from Bandera. • Standard or prototype checkers (action based) Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  4. Distributed Java Applications: the ProActive Library • Features : distributed, mobile, heterogeneous. • Transparent distribution no shared data between distributed objects. • Message semantics (method calls + request queue) => delivery guarantied by the middleware (MOP). • Requests and responses : transparent future objects with “wait by necessity”. Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  5. f = RO.M (args); !Req (M, args, f) 1: method call ? Req (M, args, f) 2: request arriving in the queue 3: request served (executed and removed) V= Serv (M, args) 4: response send, then received !Rep (V, f) ? Rep (V, f) X = f.a ; ProActive: Communication Scheme Local object Remote object Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  6. [st>0] ?Serve(stamp)-> st-- ! Req (Newstamps) ?Rep (Newstamps, x) -> st+=x Stock(s) Invoice(v,k) Model: Parameterised Networks of synchronised LTSs • Actions = Requests/Responses (method name + finite abstraction of arguments) • Finite Extended LTSs (integer variables) • Synchronisation Networks [Arnold 80] Global action < *, …, L1, …, L2, …, * • Concrete syntax : FC2 intermediate language extended for encoding integer parameters Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  7. Model Construction (1): Nets • Finitely manyactive objects class / creation points • User provided approximation of arguments (abstract interpretation to finite or integer domains) => Boxes and Links computed by static analysis (dataflow, reference and alias analysis) Q3 + A3 Q1 + A1 Req (M, args) P(k) Q2 + A2 Rep (v) Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  8. Model Construction (2): Activities • 1 LTS per activity • Construction by SOS rules, based on the Method Call Graph of the active object. • Termination guarantied (for a finite data abstraction) => Rules and proofs in the full paper: http://www-sop.inria.fr/oasis/Vercors Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  9. Classical Tools FC2 (bisimulation-based) Model Checkers Eq/Preorder Checkers FC2p Specialised Tools : Moped (PD Systems) TRex (Automata on reg. Struct.) Harvey (constraint, eq. Theories) Parameterised Verification Methods Source Code Model Construction Finite Instantiation Parameterised Specification : Parameterised networks / Parameterised logics Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  10. Conclusion • Behaviour models of ProActive distributed applications encode asynchronous communication between distributed objects. • With usual data/structure abstraction, we build finite, hierarchical, models suitable for automatic verification. • Parameterised models can be finitely instantiated (adapted to each property), or directly fed into specialised tools. They are more compact and more flexible. • Case Study: Chilean electronic tax system • Other ProActive features : group communication, security policy specification. • Behaviour specification for distributed components (in ObjectWeb / Fractal) Directions Model Checking for Dependable Software-Intensive Systems San-Francisco, june 21, 2003

  11. Finite Model Generation for Distributed Java Programs Eric MADELAINE Rabea BOULIFA OASIS team INRIA Sophia-Antipolis, France http://www-sop.inria.fr/oasis/Vercors http://www-sop.inria.fr/oasis/Proactive

More Related