Behavioural Models for Distributed Hierarchical Components

Slides:

Advertisements

Similar presentations

Semantic Formalisms 2: Software Components Eric Madelaine INRIA Sophia-Antipolis Oasis team UNICE – EdStic Mastère Réseaux.

Advertisements

Elton Mathias and Jean Michael Legait 1 Elton Mathias, Jean Michael Legait, Denis Caromel, et al. OASIS Team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis,

Component Oriented Programming 1 Chapter 2 Theory of Components.

Denis Caromel1 Joint work with Ludovic Henrio – Eric Madelaine et. OASIS members OASIS Team INRIA -- CNRS - I3S – Univ. of Nice Sophia-Antipolis, IUF.

Background information Formal verification methods based on theorem proving techniques and modelchecking –to prove the absence of errors (in the formal.

An Automata-based Approach to Testing Properties in Event Traces H. Hallal, S. Boroday, A. Ulrich, A. Petrenko Sophia Antipolis, France, May 2003.

Eric MADELAINE1 E. Madelaine, Antonio Cansado, Emil Salageanu OASIS Team, INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis OSCAR meeting, Valparaiso,

Component-Interaction Automata for Specification and Verification of Component Interactions P. Vařeková and B. Zimmerova Masaryk University in Brno Czech.

Optimisation of behaviour of component-based distributed systems INRIA - I3S - CNRS – University of Nice Sophia-Antipolis EPC SCALE Galyna Zholtkevych.

Safe composition of distributed adaptable components A distributed component model Behavioural specification and verification Ludovic Henrio and Eric Madelaine.

INRIA Sophia-Antipolis, Oasis team INRIA Rhône-Alpes, Vasy team Feria–IRIT/LAAS, SVF team Toulouse GET - ENST Paris, LTCI team FIACRE Models and Tools.

Oct Multi-threaded Active Objects Ludovic Henrio, Fabrice Huet, Zsolt Istvàn June 2013 –

The Grid Component Model: an Overview “Proposal for a Grid Component Model” DPM02 “Basic Features of the Grid Component Model (assessed)” -- DPM04 CoreGrid.

The Grid Component Model and its Implementation in ProActive CoreGrid Network of Excellence, Institute on Programming Models D.PM02 “Proposal for a Grid.

Formalism and Platform for Autonomous Distributed Components Bio-inspired Networks and Services A Distributed Component Model Formalisation in Isabelle.

Eric Madelaine FORTE ’04 -- Madrid sept /25 Parameterized Models for Distributed Java Objects Eric Madelaine work with Tomás Barros, Rabéa Boulifa.

Eric MadelaineOSMOSE -- WP2 -- Prague June 2004 Models for the Verification of Distributed Java Objects Eric Madelaine work with Tomás Barros, Rabéa Boulifa,

Denis Caromel1 Troisieme partie Cours EJC 2003, AUSSOIS, Denis Caromel OASIS Team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis.

Eric MADELAINE1 T. Barros, L. Henrio, E. Madelaine OASIS Team, INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis (FACS’05), Fractal workshop, Grenoble.

A graphical specification environment for GCM component-based applications INRIA – I3S – CNRS – University of Nice-Sophia Antipolis EPC OASIS Oleksandra.

Asynchronous Components with Futures: Semantics, Specification, and Proofs in a Theorem Prover Components (Distributed) Futures Formalisations (and proofs)

1 Romain Quilici ObjectWeb Architecture meeting July 2nd 2003 ProActive Architecture of an Open Middleware for the Grid.

Grid programming with components: an advanced COMPonent platform for an effective invisible grid © GridCOMP Grids Programming with components.

FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.

1. 2 Objects to Distributed Components (1) Typed Group Java or Active Object ComponentIdentity Cpt = newActiveComponent (params); A a = Cpt ….getFcInterface.

SOFTWARE DESIGN. INTRODUCTION There are 3 distinct types of activities in design 1.External design 2.Architectural design 3.Detailed design Architectural.

A Component Platform for Experimenting with Autonomic Composition A component framework for supporting composition of autonomic services and bio-inspired.

Mastère RSD - TC4 2005/20061 Distributed Components –ProActive-Fractal : main concepts –Behaviour models for components –Deployment, management, transformations.

Parameterized Models for Distributed Java Objects Tomás Barros & Rabéa Boulifa OASIS Project INRIA Sophia Antipolis April 2004.

ProActive components and legacy code Matthieu MOREL.

Eric MadelaineOSCAR Workshop -- Santiago Nov Verification of Distributed Applications Eric Madelaine work with Isabelle Attali, Tomás Barros, Rabéa.

SelfCon Foil no 1 Variability in Self-Adaptive Systems.

A visualisation and debugging tool for multi-active objects Ludovic Henrio, Justine Rochas LAMHA, Nov 2015.

Transparent First-class Futures and Distributed Components Introduction: components, futures, and challenges Statically Representing Futures An Example.

Eric MADELAINE ---- OASIS1 E. Madelaine Oasis team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis RESECO ’08 Santiago – Nov. 24, 2008 Specification.

Eric MADELAINE1 A. Cansado, L. Henrio, E. Madelaine OASIS Team, INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis Fractal workshop, Nantes, 3 july.

RESECO - Montevideo - 22 nov 2007Reseco, Montevideo, 22 nov 2007 Eric Madelaine - OASIS Team1 Specifying and Generating Safe GCM Components INRIA – Sophia.

VERIFYING THE CORRECT COMPOSITION OF DISTRIBUTED COMPONENTS: FORMALISATION AND TOOL Ludovic Henrio 1, Oleksandra Kulankhina 1,2, Dongqian Liu 3, Eric Madelaine.

Specifying Fractal and GCM Components With UML Solange Ahumada, Ludovic Apvrille, Tomás Barros, Antonio Cansado, Eric Madelaine and Emil Salageanu SCCC.

Tomás BarrosMonday, April 18, 2005FIACRE Toulouse p. 1 Behavioural Models for Hierarchical Components Tomás Barros, Ludovic Henrio and Eric Madelaine.

Distributed Components and Futures: Models and Challenges A Distributed Component Model Distributed Reconfiguration Calculi for Components and Futures.

A Theory of Distributed Objects Toward a Foundation for Component Grid Platforms Ludovic HENRIO l A Theory of Distributed Objects l Components l Perspectives.

Eric MADELAINE -- GridComp -- OASIS 1 E. Madelaine (A. Cansado) GridComp project OASIS team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis GridComp.

Eric MADELAINE1 T. Barros, L. Henrio, E. Madelaine OASIS Team, INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis DCC, University.

Mastère RSD - TC4 2005/20061 Distributed JAVA Aims and Principles The ProActive library Models of behaviours Generation of finite (parameterized) models.

1 Romain Quilici OASIS Team INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis, IUF July 2nd 2003 ProActive Architecture.

2. CALCULUS: A S P. A Theory of Distributed Objects D. Caromel, L. Henrio, Springer 2005, Monograph A Calculus: ASP: Asynchronous Sequential Processes.

Model Generation for Distributed Java Programs Rabéa Boulifa Eric Madelaine Oasis Team INRIA, Sophia-Antipolis France, I3S, UNSA Luxembourg, November 28,

Eric MADELAINE1 T. Barros, L. Henrio, E. Madelaine OASIS Team, INRIA -- CNRS - I3S -- Univ. of Nice Sophia-Antipolis (FACS’05), Fractal workshop, Grenoble.

Asynchronous Distributed Components: Concurrency and Determinacy I. Context: Distributed Components and Active Objects II. Asynchronous Distributed Components.

SOFA 2 Component Model Tomáš Bureš, Petr Hnětynka, František Plášil CHARLES UNIVERSITY PRAGUE Faculty of Mathematics and Physics Czech Republic.

The Role of Reflection in Next Generation Middleware

Formal Specification and Verification of Distributed Component Systems

About the Presentations

Object oriented system development life cycle

Distributed Components and Futures: Models and Challenges

Inventory of Distributed Computing Concepts and Web services

Service-centric Software Engineering

Logical architecture refinement

Lecture 4: RPC Remote Procedure Call Coulouris et al: Chapter 5

Analysis models and design models

Chapter 19: Interfaces and Components

Chapter 19: Interfaces and Components

Semantic Formalisms 3: Distributed Applications

ProActive Architecture of an Open Middleware for the Grid

Design Yaodong Bi.

Interfaces and Components

The Grid Component Model and its Implementation in ProActive

Chapter 19: Interfaces and Components

Presentation transcript:

Behavioural Models for Distributed Hierarchical Components Tomás Barros, Ludovic Henrio and Eric Madelaine INRIA Sophia Antipolis OASIS project Monday, September 26th, 2005 FIACRE Grenoble

Plan Components/Fractal Fractive Behavioural models ProActive based Fractal Behavioural models Properties verification Monday, September 26th, 2005 FIACRE Grenoble

Component base programming Component = software unit, deployment unit Industrial acceptance : EJBs, CCM, COM … 3 key concepts : 1. Encapsulation Black boxes, offered and required services, configuration 2. Composition Design of complex systems Hierarchical organization into sub-systems 3. Separate administration ADL Tools HIGH ABSTRACTION LEVEL COMPLEXITY HANDLING REUSABILITY CUSTOMIZATION Monday, September 26th, 2005 FIACRE Grenoble

Fractal’s Components Primitive/Composite LIFE CYCLE BINDING CONTENT ATTRIBUTE Content Primitive/Composite Optional non-functional interfaces Membrane, internal and external interfaces Fractal semantics (e.g binding only when stopped) Monday, September 26th, 2005 FIACRE Grenoble

Component Behaviour Temporal Phases Deployment Definition of its content and initial binds Usually defined in an ADL Running Only functional operations Reconfiguration Structural and non-structural changes Monday, September 26th, 2005 FIACRE Grenoble

Fractal example <?xml version="1.0" encoding="ISO-8859-1" ?> <!DOCTYPE .... > <definition name="components.System"> <component name="BufferSystem" definition="components.BufferSystem(3)"> <interface name="alarm" role="client" signature="components.AlarmInterface"/> </component> <component name="Alarm"> <interface name="alarm" role="server" <content class="components.Alarm"> <behaviour file="AlarmBehav" format="FC2Param"/> </content> <binding client="BufferSystem.alarm" server="Alarm.alarm"/> </definition> Monday, September 26th, 2005 FIACRE Grenoble

Fractive’s components Fractal Implementation using ProActive Fractal features: Hierarchical components ADL description (Fractal’s XML Schema/DTD) Proactive features: Distributed components (from distributed objects) Asynchronous communication Monday, September 26th, 2005 FIACRE Grenoble

ProActive’s middleware Provides active and passive (standard) Java objects Remote (transparent) references to active objects Deep copy of parameters in method’s calls and responses. No shared objects Only Active objects may be references Monday, September 26th, 2005 FIACRE Grenoble

Active Objects Have their own and unique thread Have request queue, where method’s calls are dropped (rendez-vous phase) User define policies for serving methods from the queue by overloading the method RunActive (default FIFO) Non blocking responses by giving a “future” reference. Synchronisation wait-by-necessity Monday, September 26th, 2005 FIACRE Grenoble

Active Objects communications Monday, September 26th, 2005 FIACRE Grenoble

Active Objects communications Blocking of access f Monday, September 26th, 2005 FIACRE Grenoble

Active Objects communications Monday, September 26th, 2005 FIACRE Grenoble

Active Objects communications Monday, September 26th, 2005 FIACRE Grenoble

Fractive implementation Primitive component => Active object Composite membrane => Active object Primitive’s active object are reify Forwarder for functional calls Monday, September 26th, 2005 FIACRE Grenoble

Fractive’s implementation choices Hierarchical start/stop While stopped only non-functional request are served. No path between functional and non-functional interfaces Monday, September 26th, 2005 FIACRE Grenoble

Behaviour: Parameterized Networks Parameterized LTS (pLTS) & Synchronisation Network (pNet) Guarded actions with parameters Parameters encoding value and process reference passing Parameters encoding family of processes parameterized synchronisation vectors pAg <- [*, *, a3(k3), *, a4(k4), *] Instantiation : for a finite abstraction of the parameters domains Dv Finite Network pLTS x Dv  LTS pNet x Dv  Net T. Barros, R. Boulifa, E. Madelaine: Parameterized Models for Distributed Java Objects, Forte'2004 Conference, Madrid, Sep. 2004, LNCS 3235, © Springer-Verlag Monday, September 26th, 2005 FIACRE Grenoble

Fractive Behavioural Models Functional behaviour is known Given by the user Obtained by static analysis Non functional behaviour is automatically added from the component’s ADL Automata within a synchronisation network, named controller Component’s behaviour is the controller’s synchronisation product Monday, September 26th, 2005 FIACRE Grenoble

Fractive Behavioural Models Visible actions and errors Monday, September 26th, 2005 FIACRE Grenoble

Previous work: ProActive behavioural models (presented at Forte 2002) T. Barros, R. Boulifa, E. Madelaine: Parameterized Models for Distributed Java Objects, Forte'2004 Conference, Madrid, Sep. 2004, LNCS 3235, © Springer-Verlag Monday, September 26th, 2005 FIACRE Grenoble

Fractive primitives Body is the functional behaviour Monday, September 26th, 2005 FIACRE Grenoble

Fractive composites Automatically generated Future update in chain Monday, September 26th, 2005 FIACRE Grenoble

Static Automaton Deployment Automaton Static is also the sub-component’s behaviour for the next level of the hierarchy Static = ( Controller || Deployment ) + hiding & minimisation Monday, September 26th, 2005 FIACRE Grenoble

Behaviour correctness (from the user point of view) Initial Composition Requirements expressed as temporal formulas Respect a SPEC Reconfiguration New properties (features) Preservation Monday, September 26th, 2005 FIACRE Grenoble

Properties Verification (ACTL) Deployment (on controller||deployment with successful synchronisation visible) The deployment is always successful Error absence during deployment e.g. to start Buffer without linking alarm Monday, September 26th, 2005 FIACRE Grenoble

Properties Verification (regular -calculus) Effective start (due to asynchronisms) [ true*.Sig(start(System))] true  [ true*. Sig(start(BufferSystem))] true  [ true*.Sig(start(Alarm))] true  [ true*.Sig(start(Buffer))] true  [ true*.Sig(start(Consumer))] true  [ true*.Sig(start(Producer))] true Monday, September 26th, 2005 FIACRE Grenoble

Properties Verification (regular -calculus) Funtional behaviour (on the static automaton) Get from the buffer eventually gives an answer [ true*.get_req() ] X. (< true > true  [get_rep() ] X ) Monday, September 26th, 2005 FIACRE Grenoble

Properties Verification (regular -calculus) Functional under reconfiguration reconfiguration actions are allowed after deployment Monday, September 26th, 2005 FIACRE Grenoble

Properties Verification (regular -calculus) Functional under reconfiguration Future update (once the method served) independent of life-cicle or bindins reconfigurations E.g: Enabling: [ true*.get_req() ] X. (< true > true  [get_rep() ] X ) Monday, September 26th, 2005 FIACRE Grenoble

Structural Transformations Controller of the new structure Action mapping Identify states in the original controller where transformation is possible (set T) “Connect” both controllers from T through the transformation  (T’ is the image of ) The new behaviour is the reachable parts from T’ (using the action mapping) Monday, September 26th, 2005 FIACRE Grenoble

Synchronous former example B2 Structural transformations No errors during functional phase Monday, September 26th, 2005 FIACRE Grenoble

Conclusions Automatic construction of behaviour for distributed hierarchical models (including errors) Taking into account functional and no-functional aspects Reconfigurations and asynchronism Verification of properties in different phases Implementation of a prototype tool (Java) for model construction. CADP toolset for composition and verification of properties Monday, September 26th, 2005 FIACRE Grenoble

Related Work Wright Darwin Sofa Behavioural Contracts (Carrez et al.) Connectors specified using CSP Compatibility relation (modify CSP refinement) Darwin LTS specifications, construction by parallel composition, hiding and weak bisimulation reduction Properties expressed through LTS and Büchi automata Sofa Frame (spec) vs. Architecture (implementation) compliance relation based on traces Hierarchical construction through parallel composition detection of errors: bad activity, no activity and divergence Behavioural Contracts (Carrez et al.) Behavioural typing (CSP like specification) Interface behavioural-type compatibility (decidable) and components contract compliance (non decidable). Monday, September 26th, 2005 FIACRE Grenoble