Verification of DSMLs Using Graph Transformation: A Case Study with Alloy Zekai Demirezen 1, Marjan Mernik 1,2, Jeff Gray 1, Barrett Bryant 1 1 Department.

Slides:



Advertisements
Similar presentations
1 Verification by Model Checking. 2 Part 1 : Motivation.
Advertisements

A Formal Descriptive Semantics of UML Lijun Shan Dept of Computer Science National University of Defense Technology, Changsha, China Hong Zhu Department.
Visual Model-based Software Development EUD-Net Workshop, Pisa, Italy September 23 rd, 2002 University of Paderborn Gregor Engels, Stefan Sauer University.
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
Eugene Syriani and Huseyin Ergin University of Alabama Software Modeling Lab Software Engineering Group Department of Computer Science College of Engineering.
1. Scala 2. Traffic DSL in Scala 3. Comparison AToM3 4. Conclusion & Future work.
Semantics Static semantics Dynamic semantics attribute grammars
Alan Shaffer, Mikhail Auguston, Cynthia Irvine, Tim Levin The 7th OOPSLA Workshop on Domain-Specific Modeling October 21-22, 2007 Toward a Security Domain.
Budapest University of Technology and EconomicsDagstuhl 2004 Department of Measurement and Information Systems 1 Towards Automated Formal Verification.
CS 355 – Programming Languages
This research is supported by NSF CAREER award CCF A Demonstration-based Approach to Support Live Transformations in a Model Editor Yu SunUniversity.
This research is supported by NSF CAREER award CCF MT-Scribe: A Flexible Tool to Support Model Evolution Yu SunUniversity of Alabama at Birmingham.
Formal Methods of Systems Specification Logical Specification of Hard- and Software Prof. Dr. Holger Schlingloff Institut für Informatik der.
Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.
1 A UML Class Diagram Analyzer Tiago Massoni Rohit Gheyi Paulo Borba Software Productivity Group Informatics Center – UFPE October 2004.
Design Patterns for Metamodel Design Domain-Specific Modeling Workshop Portland, Oregon October 23, 2011 Hyun Cho and Jeff Gray University of Alabama Department.
Model Checking. Used in studying behaviors of reactive systems Typically involves three steps: Create a finite state model (FSM) of the system design.
Institute For Software Integrated Systems Vanderbilt University Applications of Model Integrated Computing to The Synchronous Language Signal Ethan Jackson.
CS 330 Programming Languages 09 / 18 / 2007 Instructor: Michael Eckmann.
Using the Vanderbilt Generic Modeling Environment (GME) to Address SOA QoS Sumant Tambe Graduate Intern, Applied Research, Telcordia Technologies Inc.
On the Correctness of Model Transformations Gabor Karsai ISIS/Vanderbilt University.
End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI
1 Scenario-based Analysis of UML Design Class Models Lijun Yu October 4th, 2010 Oslo, Norway.
Mining Metamodels From Instance Models: The MARS System Faizan Javed Department of Computer & Information Sciences, University of Alabama at Birmingham.
1 Ivano Malavolta, University of L’aquila, Computer Science Department Ivano Malavolta DUALLy: an Eclipse platform for architectural languages interoperability.
Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
Behaviour-Preserving Model Transformation Arend Rensink, University of Twente IPA Spring Days, 18 April 2012.
Verification technique on SA applications using Incremental Model Checking 컴퓨터학과 신영주.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
An Information Theory based Modeling of DSMLs Zekai Demirezen 1, Barrett Bryant 1, Murat M. Tanik 2 1 Department of Computer and Information Sciences,
Formalizing and Analyzing Feature models in Alloy
Katanosh Morovat.   This concept is a formal approach for identifying the rules that encapsulate the structure, constraint, and control of the operation.
A Generative and Model Driven Framework for Automated Software Product Generation Wei Zhao Advisor: Dr. Barrett Bryant Computer and Information Sciences.
Yu SunUniversity of Alabama at Birmingham PAR Works Jeff Gray University of Alabama Montpellier, France July 3rd, 2013 This research is supported.
Yu Sun 1, Zekai Demirezen 1, Marjan Mernik 2, Jeff Gray 1, Barret Bryant 1 1 Department of Computer and Information Sciences, University of Alabama at.
1 Modularity in Abstract Software Design: A Theory and Applications Yuanfang Cai Dept. of Computer Science University of Virginia Dissertation Proposal.
Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.
Assessing the Suitability of UML for Modeling Software Architectures Nenad Medvidovic Computer Science Department University of Southern California Los.
VERIFICATION OF ASPECT ORIENTED MODELS BY DON MARTIN JAYASHREE VENKIPURAM PATHANGI PIYUSH SRIVASTAVA REFERENCES F. Mostefaoui and J. Vachon,” Design level.
Key Challenges for Modeling Language Creation by Demonstration Hyun Cho, Jeff Gray Department of Computer Science University of Alabama Jules White Bradley.
A Semantic Framework for DSLs Zekai Demirezen Advisor: Dr. Jeff Gray Doctoral Symposium OOPSLA 2009 Software Composition and Modeling Lab This work funded.
Building Tools by Model Transformations in Eclipse Oskars Vilitis, Audris Kalnins, Edgars Celms, Elina Kalnina, Agris Sostaks, Janis Barzdins Institute.
Model-Driven Analysis Frameworks for Embedded Systems George Edwards USC Center for Systems and Software Engineering
VERIFICATION OF ASPECT-ORIENTED MODELS Review of Aspect-Oriented Definitions aspect – crosscutting concern that may involve multiple classes pointcut –
Verification and Validation in the Context of Domain-Specific Modelling Janne Merilinna.
University of Paderborn Software Engineering Group Prof. Dr. Wilhelm Schäfer Towards Verified Model Transformations Holger Giese 1, Sabine Glesner 2, Johannes.
This research is supported by NSF CAREER award CCF A WYSISYG Approach forConfiguring Model Layout using Model Transformations Yu SunUniversity.
Verification of behavioural elements of UML models using B Truong, Ninh-Thuan and Souquieres, Jeanine In Proceedings of the 2005 ACM Symposium on.
Contact Profile (1/2) Yu Sun, University of Alabama at Birmingham Hyun Cho, University of Alabama Jeff Gray, University of Alabama Jules White, Virginia.
Toward a Semantic Anchoring Infrastructure for Domain-Specific Modeling Languages Kai Chen Janos Sztipanovits Sandeep Neema Matthew Emerson Sherif Abdelwahed.
Automata Based Method for Domain Specific Languages Definition Ulyana Tikhonova PhD student at St. Petersburg State Politechnical University, supervised.
Visual Specification of a DSL Processor Debugger Tamás Mészáros and Tihamér Levendovszky Budapest University of Technology and Economics.
3.2 Semantics. 2 Semantics Attribute Grammars The Meanings of Programs: Semantics Sebesta Chapter 3.
Semantics for DSL Group Members: Ritu Arora, Diyang Chu, Zekai Demirezen, Jeff Gray, Jacob Gulotta, Luis Pedro, Arturo Sanchez, Greg Sullivan,Ximing Yu.
Chapter 3 Part II Describing Syntax and Semantics.
Programming Languages and Design Lecture 3 Semantic Specifications of Programming Languages Instructor: Li Ma Department of Computer Science Texas Southern.
Model Transformations Require Formal Semantics Yu Sun 1, Zekai Demirezen 1, Tomaz Lukman 2, Marjan Mernik 3, Jeff Gray 1 1 Department of Computer and Information.
Concepts and Realization of a Diagram Editor Generator Based on Hypergraph Transformation Author: Mark Minas Presenter: Song Gu.
Class Diagrams. Terms and Concepts A class diagram is a diagram that shows a set of classes, interfaces, and collaborations and their relationships.
T imed Languages for Embedded Software Ethan Jackson Advisor: Dr. Janos Szitpanovits Institute for Software Integrated Systems Vanderbilt University.
Model Transformation By Demonstration Yu Sun, Jules White, Jeff Gray This work funded in part by NSF CAREER award CCF CIS Dept. – University of.
AUTOMATIC GENERATION OF MODEL TRAVERSALS FROM METAMODEL DEFINITIONS Authors: Tomaž Lukman, Marjan Mernik, Zekai Demirezen, Barrett Bryant, Jeff Gray ACM.
Artificial Intelligence Knowledge Representation.
ALLOY: A Formal Methods Tool Glenn Gordon Indiana University of Pennsylvania COSC 481- Formal Methods Dr. W. Oblitey 26 April 2005.
On Combining Multi-formalism Knowledge to Select Models for Model Transformation Testing Sagar Sen (1 st year PhD student), Benoit Baudry, Jean-Marie Mottu.
Model Checking Early Requirements Specifications in Tropos Presented by Chin-Yi Tsai.
SysML v2 Formalism: Requirements & Benefits
Model-Driven Analysis Frameworks for Embedded Systems
The Extensible Tool-chain for Evaluation of Architectural Models
OOPSLA Workshop on Domain-Specific Modeling Tools Workgroup
Presentation transcript:

Verification of DSMLs Using Graph Transformation: A Case Study with Alloy Zekai Demirezen 1, Marjan Mernik 1,2, Jeff Gray 1, Barrett Bryant 1 1 Department of Computer and Information Sciences, University of Alabama at Birmingham {zekzek, gray, 2 University of Maribor, Slovenia This work funded in part by NSF CAREER award CCF

Overview Motivation Background Specifying DSML Semantics Case Study Verification of DSML Models Goals Mapping a DSML Model to an Alloy Model DSML Specifications Alloy

Specification of DSMLs Abstract Syntax: Concepts, Relationships, Domain Metamodels Concrete Syntax: Textual or Graphical Representations Well-formedness rules and Static Semantics: Model Instance Consistency Behavioral Semantics: Operational Semantics of the Domain Elements

Specifying Dynamic Semantics using Graph Grammars Behavioral semantics of a DSML can be represented by a sequence of Graph Transition Rules This approach divides all semantic concerns into discrete states and transition relations as in-place model transformations An in-place model transformation rule is defined as: L: [NAC]*LHS->RHS Sequence definitions based on Activity Diagrams can be used to control what state transition is to be fired, in what order

Motivation Domain-Specific Modeling Languages (DSMLs) enable domain experts to specify models using domain concepts However, there remain several challenges, such as how to use a model defined in a DSML to support simulation, code generation, model checking Formal verification tools are often required to detect design errors, which are difficult to recognize by checking manually The low-level details of verification tools make them challenging to use by end-users One solution to overcome this situation is the use of automated transformations that map a designers high level definitions into the representation used by a model checker

An Outline of Our Approach

Verifying Properties of a DSML using Alloy Alloy is a structural language based on first-order logic, which provides effective techniques for model checking Signatures represent the concepts of the domain Relations are Signature fields that show relations between domain concepts Facts are constraints about the Signatures and the Relations, which always hold for all the instances of the model Predicates: are like facts, only represent temporary constraints and checked when needed Asserts are constraints follows from the facts. A counterexample is generated by the Alloy analyzer when an assertion does not hold

Mapping a DSML Model to an Alloy Model Automated model checking of a DSML requires interoperation of existing model checking tools with the syntax and semantics of a DSML. mapping metamodel elements to Alloy abstract signatures mapping model elements to Alloy concrete signatures mapping graph transformation rules to Alloy predicates mapping verification tasks to Alloy asserts

Case Study: The Maze Game Maze Game Metamodel Maze Game Instance with 3 Rooms, 6 Doors, 2 Weapons, and 1 Monster

The Behavioral Semantics of a User Move Activity Move Door# Check Move LHSRHS TRUE User Room Door -number:. =Door# * -roomIn* 1 1 Check Move LHSRHS TRUE User Room Door -number:. =Door# * -roomIn* 1 1

The Behavioral Semantics of a User Move Activity Move Door# Check Move LHSRHS TRUE User Room Door -number:. =Door# * -roomIn* 1 1 Change Room LHSRHS Change Room LHSRHS

Step-1: Mapping Metamodel Elements to Alloy Abstract Signatures Maze Game Metamodel abstract sig Game{ rooms:set Room, user: one User } abstract sig Room{ number:one Int, doors:set Door, monster:one Monster, weapon:one Weapon } abstract sig Door{ number:one Int, openTo:one Room } abstract sig User{ power:one Int, roomIn:one Int, status:one Int } abstract sig Weapon{ power:one Int } abstract sig Monster{ power:one Int } Maze Game Alloy Abstract Signatures

Step-2: Mapping Model Elements to Alloy Concrete Signatures Maze Game Instance with 3 Rooms, 6 Doors, 2 Weapon, and 1 Monster one sig R1,R2,R3 extends Room{} one sig D1,D2,D3,D4,D5,D6 extends Door{} one sig M1 extends Monster{} one sig G1,G2 extends Weapon{} one sig U1 extends User{} pred initGame(g:Game){ } Maze Game Alloy Concrete Signatures and InitGame Predicate pred initGame(g:Game){ D1.number=1 && D2.number=2 && D3.number=3 && D4.number=4 && D5.number=5 && D6.number=6 && D1.openTo=R2 && D2.openTo=R3 && D3.openTo=R1 && D4.openTo=R3 && D5.openTo=R1 && D6.openTo=R2 && g.rooms=R1+R2+R3 && R1.number=1 && R2.number=2 && R3.number=3 && M1.power=10 && G1.power=4 && G2.power=11 && g.user=U1 && R1.weapon=G1 && R1.doors=D1+D2 && U1.power=9 && U1.status=0 && R2.monster=M1 && R2.doors=D3+D4 && R3.weapon=G2 && R3.doors=D5+D6 && U1.roomIn=1

Step-3:Mapping Graph Transformation Rules to Alloy Predicates Change Room LHSRHS pred changeRoom(g:Game, g:Game, rNo:Int) { one room: g.rooms | one door:room.doors | one nextRoom: door.openTo | g.user.roomIn=room.number && nextRoom.number=rNo && g.user.roomIn!=g.user.roomIn && g.rooms=g.rooms && g.user.power=g.user.power && g.user.roomIn=rNo) } LHS RHS

Step-4: Mapping Sequence of Graph Transformation Rules to an Alloy Run Command Move Door# run{ one init:Game | one g1:Game | one g2:Game | one g3:Game | one g4:Game | initGame[init] && ( !checkMove[init,#] && IllegalMove[init,g1]) || checkMove[init,#]&& changeRoom[init,g1,#] && !checkMonsterPower[g1] && dead[g1,g2] || checkMove[init,#]&& changeRoom[init,g1,#] && checkMonsterPower[g1] && subtractMonsterPower[g1,g2] && collectWeapon[g2,g3] && succesfulMove(g3,g4)

Step-5: Mapping Verification Tasks to Alloy Asserts assert UserStatus(g:Ga me){ g.user.power<0 && g.user.status=1 (Dead) } The verification task checks whether the given configuration is reachable from the initial graph In the maze game, the designer defines one task to check the status of the user when he/she runs out of weapon power

Limitations & Future Work Formal Definitions of the mappings Graph Transformations Steps Imperative to Declarative Mapping Tool Support Enable to define dynamic semantics visually Enable to map DSML specifications to verification tools automatically Optimization techniques during mapping steps to reduce state explosion Conflict and Dependency Analysis

Conclusion A simple case study for the verification of simple models using Alloy Demonstration of how DSML designers can define semantic and verification specifications using visual models

Question ? Comments ? This work funded in part by NSF CAREER award CCF

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.