ANR-07-SESUR-003 Using Constraints to Verify Properties of Rule Programs Bruno Berstel, University of Freiburg & IBM Michel Leconte, IBM CSTVA10 – April 10 th, 2010 ANR-07-SESUR-003
What are Business Rules?
ANR-07-SESUR-003 What are business rules? Rule upgrade-to-platinum if the category of the customer is Gold and the value of the shopping cart is more than $1500 then change the category of the customer to Platinum
ANR-07-SESUR-003 Agenda What are Business Rules? Verification –rules as transition constraints –properties as constraint problems Impact on CP Solver –slow propagation –how to cope with it Conclusion
ANR-07-SESUR-003 Example rules Rule gold-discount when category = Gold & value 2000 then discount := discount + 10 Rule platinum-discount when category = Platinum & value 1000 then discount := discount + 15 Rule upgrade when category = Gold & age 60 then category := Platinum Verification
ANR-07-SESUR-003 Conflict (example) Verification cat = Gold age = 65 value = 2500 discount = 0 cat = Gold age = 65 value = 2500 discount = 10 cat = Platinum age = 65 value = 2500 discount = 25 cat = Platinum age = 65 value = 2500 discount = 0 cat = Platinum age = 65 value = 2500 discount = 15 gold-discount upgrade upgrade + platinum- discount platinum-discount cat = Gold age 60 cat := Plat cat = Gold value 2000 disc += 10 cat = Plat value 1000 disc += 15 cat = Gold age 60 value 1000 cat := Plat disc += 15
ANR-07-SESUR-003 Conflict (general principle) Verification initial state final state #1 final state #2 execution #1 = ? execution #2
ANR-07-SESUR-003 Compute the transition constraints for all executions –e.g. ρ(upgrade platinum-discount) is c =Gold a 60 v 1000 c =Plat d = d +15 a =a v =v –interested in maximal executions only –bound length of traces to cope with infinite executions –many unfeasible executions: ρ Look for conflicting executions –s s 1 s s 2 s 1 s 2 –init ρ 1 ρ 2 ξ 1 ξ 2 Is one of these constraint problems satisfiable? –Yes: we found a witness! –No: there is no conflict in the rule program. –Dont know Conflict (general principle) Verification ξ Var
ANR-07-SESUR-003 Conflict (example with constraints) Verification category c age a value v discount d category c 2 age a 2 value v 2 discount d 2 category c 1 age a 1 value v 1 discount d 1 =? gold-discount upgrade platinum-discount upgrade platinum-discount c =Gold a 60 v 1000 c 1 =Plat d 1 = d +15 a 1 =a v 1 =v c =Gold a 60 v 2000 c 2 =Plat d 2 = d +25 a 2 =a v 2 =v v 1000 v 2000 d 1 = d + 15 d 2 = d + 25 d 1 d 2
ANR-07-SESUR-003 Challenging the CP Solver with the conjunction of Large Domains –variables are ranging over machine-representable values –typically 2 32 or 2 64 values for integers Slow Propagation –when the time of domain reduction is proportional to the size of the domain –e.g. d = d + 15 d = d + 25
ANR-07-SESUR-003 Slow convergence of propagation d = d + 15 d = d + 25 d, d [-2 31, ] d = d + 15 d [ , ] d = d + 25 d [-2 31, ] d = d + 15 d [ , ] d = d + 25 d [-2 31, ] d = d + 15 d [ , ] etc. It takes approx steps to reduce the domains to the empty set.
ANR-07-SESUR-003 Slow propagation unsatisfiability x > ux x [-2 31, ] u {0, 1} x y + 1 y = ux x, y [-2 31, ] u {0, 1} x y + 1 y = ux 2 31 steps of interval reduction u = steps of interval reduction to empty domains x [1, ] y [0, ] u {0, 1}
ANR-07-SESUR-003 Slow propagation unsatisfiability x > ux x [-2 31, ] u {0, 1} x y + 1 y = ux x, y [-2 31, ] u {0, 1} x y + 1 y = ux 2 31 steps of interval reduction u = 0 x 1 solution found in steps (best case) x [1, ] y [0, ] u {0, 1}
ANR-07-SESUR-003 Fighting against slow propagation From specialized procedures –linear normalization (x = x +1 ) –cycle detection (x < y y < x) –congruence domains ( 2x+2y = 1) –… To pragmatic techniques –Let the user specify domains (age in [0, 100] ) –Stop the propagation before fix point
ANR-07-SESUR-003 Conclusion Using constraints for rule program verification –to translate rules into transition constraints –to express properties –to find answers using a CP Solver It scales because –problems are small in practice –techniques are put in place to fight against slow propagation