Verifying Properties of Process Definitions Jamieson M. Cobleigh, Lori A. Clarke, and Leon J. Osterweil Laboratory for Advanced Software Engineering Research.

Slides:



Advertisements
Similar presentations
Software Quality Assurance Plan
Advertisements

Hiding the Formalism in Formal Methods Lori A. Clarke Laboratory for Advanced Software Engineering Research (LASER) University of Massachusetts, Amherst.
Department of Computer Science Key UMass Amherst Resources for SERC Collaboration Leon J. Osterweil Lori A. Clarke
Software Failure: Reasons Incorrect, missing, impossible requirements * Requirement validation. Incorrect specification * Specification verification. Faulty.
1 Concurrency Specification. 2 Outline 4 Issues in concurrent systems 4 Programming language support for concurrency 4 Concurrency analysis - A specification.
Introduction To System Analysis and Design
Software Testing and Quality Assurance
C. FlanaganSAS’04: Type Inference Against Races1 Type Inference Against Races Cormac Flanagan UC Santa Cruz Stephen N. Freund Williams College.
Detailed Design Kenneth M. Anderson Lecture 21
Algorithms and Problem Solving-1 Algorithms and Problem Solving.
CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.
Discrete-Event Simulation: A First Course Steve Park and Larry Leemis College of William and Mary.
Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.
Copyright L. Osterweil, all rights reserved USC CSSE 17 March 2008 The Little-JIL Process Definition Language Leon J. Osterweil Lab.
1 SWE Introduction to Software Engineering Lecture 5.
Software Engineering CSE470: Requirements Analysis 1 Requirements Analysis Defining the WHAT.
Finite State Verification for Software Systems Lori A. Clarke University of Massachusetts Laboratory for Advanced Software Engineering Research
1 Simulation Modeling and Analysis Verification and Validation.
The Rare Glitch Project: Verification Tools for Embedded Systems Carnegie Mellon University Pittsburgh, PA Ed Clarke, David Garlan, Bruce Krogh, Reid Simmons,
Course Map The Java Programming Language Basics Object-Oriented Programming Exception Handling Graphical User Interfaces and Applets Multithreading Communications.
Semantics with Applications Mooly Sagiv Schrirber html:// Textbooks:Winskel The.
© Copyright Eliyahu Brutman Programming Techniques Course.
Sharif University of Technology1 Design and Use-case Realization Software Engineering Laboratory Fall 2006.
Describing Syntax and Semantics
Chapter 2: Algorithm Discovery and Design
Chapter 2: Algorithm Discovery and Design
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Software Process Activities. Process activities Real software processes are inter-leaved sequences of technical, collaborative and managerial activities.
Students: Nadia Goshmir, Yulia Koretsky Supervisor: Shai Rozenrauch Industrial Project Advanced Tool for Automatic Testing Final Presentation.
Cheng/Dillon-Software Engineering: Formal Methods Model Checking.
Software Configuration Management (SCM)
Software Engineering 1 The Life Cicle of Software Lesson 5.
S/W Project Management Software Process Models. Objectives To understand  Software process and process models, including the main characteristics of.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 8: Modelling Interactions and Behaviour.
Data-Flow Analysis. Approaches Static Analysis Inspections Dependence analysis Symbolic execution Software Verification Data flow analysis Concurrency.
Finite-State Verification. A quick look at three approaches to FSV Model Checking Flow Equations Data Flow Analysis FLAVERS.
CMSC 345 Fall 2000 Unit Testing. The testing process.
L. Dillon Software Engineering & Network Systems Laboratory Michigan State University 1 Getting Results From Testing Laura K. Dillon Software Engineering.
Copyright Leon J. Osterweil, All rights reserved 3 December 2003 Preparation and Planning for ICSE 2006 (28th International Conference on Software Engineering)
Software Design Deriving a solution which satisfies software requirements.
Java Software Solutions Lewis and Loftus Chapter 14 1 Copyright 1997 by John Lewis and William Loftus. All rights reserved. Advanced Flow of Control --
Dynamic Analysis of Multithreaded Java Programs Dr. Abhik Roychoudhury National University of Singapore.
Chapter 10 Analysis and Design Discipline. 2 Purpose The purpose is to translate the requirements into a specification that describes how to implement.
Requirements Engineering Southern Methodist University CSE 7316 – Chapter 3.
Requirements Specification. Welcome to Software Engineering: “Requirements Specification” “Requirements Specification”  Verb?  Noun?  “Specification”
FDT Foil no 1 On Methodology from Domain to System Descriptions by Rolv Bræk NTNU Workshop on Philosophy and Applicablitiy of Formal Languages Geneve 15.
Fall 2004EE 3563 Digital Systems Design EE 3563 VHSIC Hardware Description Language  Required Reading: –These Slides –VHDL Tutorial  Very High Speed.
Conformance Test Experiments for Distributed Real-Time Systems Rachel Cardell-Oliver Complex Systems Group Department of Computer Science & Software Engineering.
Shared Memory Consistency Models. SMP systems support shared memory abstraction: all processors see the whole memory and can perform memory operations.
Theory of Programming Languages Introduction. What is a Programming Language? John von Neumann (1940’s) –Stored program concept –CPU actions determined.
Manipulating the Quota in Weighted Voting Games (M. Zuckerman, P. Faliszewski, Y. Bachrach, and E. Elkind) ‏ Presented by: Sen Li Software Technologies.
HACNet Simulation-based Validation of Security Protocols Vinay Venkataraghavan Advisors: S.Nair, P.-M. Seidel HACNet Lab Computer Science and Engineering.
Course: COMS-E6125 Professor: Gail E. Kaiser Student: Shanghao Li (sl2967)
What’s Ahead for Embedded Software? (Wed) Gilsoo Kim
Properties as Processes : FORTE slide Properties as Processes: their Specification and Verification Joel Kelso and George Milne School of Computer.
Software Systems Verification and Validation Laboratory Assignment 4 Model checking Assignment date: Lab 4 Delivery date: Lab 4, 5.
Agenda  Quick Review  Finish Introduction  Java Threads.
V-Shaped Software Development Life Cycle Model. Introduction: Variation of water fall model. Same sequence structure as water fall model. Strong emphasis.
Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.
Dillon: CSE470: ANALYSIS1 Requirements l Specify functionality »model objects and resources »model behavior l Specify data interfaces »type, quantity,
Chapter3:Software Processes
Software Process Activities.
Unified Modeling Language
Software Design Methodology
Specifying collaborative decision-making systems
SDLC Model A framework that describes the activities performed at each stage of a software development project.
Baisc Of Software Testing
Algorithms and Problem Solving
Overview Activities from additional UP disciplines are needed to bring a system into being Implementation Testing Deployment Configuration and change management.
Software Development Process Using UML Recap
Presentation transcript:

Verifying Properties of Process Definitions Jamieson M. Cobleigh, Lori A. Clarke, and Leon J. Osterweil Laboratory for Advanced Software Engineering Research University of Massachusetts Amherst Thanks to Aaron Cass, Sandy Wise, and Hyungwon Lee

Outline Process Example Process Analysis of the Process Conclusions

What is a Process? Complex Task Resources Artifacts Agents Examples: Design Configuration Management e-commerce

Example: An Auction Need to coordinate bidders and auctioneer These may be distributed over a network May be human users or computer programs Want an process definition that describes how to conduct an auction

A process definition language Graphical language Has rigorous formal semantics specified Supports Concurrency Resource Management Exceptions Choice steps to give humans users flexibility Pre- and post-requisites

Little-JIL Step Step Name Interface Resources Used Exceptions Thrown Parameters Pre-requisite Post-requisite Exception Handling Control Flow Substep Sequencing

Accept One Bid Submit Bid BidIsHigher Accept Bids From Bidder Update Best Bid BidIsBetter Sequencing Badges : Sequential Parallel Choice Try Open-Cry Auction AuctionNotClosed Accept One Bid Accept Bids From Bidder Close Auction

NoMoreBidders AuctionClosed Accept One Bid Submit Bid BidIsHigher Accept Bids From Bidder Update Best Bid BidIsBetter Sequencing Badges : Sequential Parallel Choice Try Open-Cry Auction AuctionNotClosed Accept One Bid Accept Bids From Bidder Exception Badges: Rethrow Continue Complete Restart NoMoreBidders AuctionClosed BidNotHigher BidNotBetter DeadlineExpired Close Auction

Modeling Processes This process is intuitively easy to understand However, it still has complicated control structures These constructs can mask erroneous behavior Even high-level process definitions need to be validated

Auction Concerns Are late bids considered? Does the highest bidder win the auction? Is the auction vulnerable to fraud?

FLow Analysis for VERification of Systems Can verify concurrent and sequential software Uses an efficient state propagation algorithm Worst case bounds: O(N 2 ·S) Relatively language independent: Ada, Java, C++, Jovial Can incrementally add information to the analysis to improve precision

FLAVERS Overview Property Specification Software Software Translator TFG State Propagation Property Translator Property FSA Constraint FSA... Results s Little-JIL Human Translator

FLAVERS Model A Trace Flow Graph (TFG) Derived from labeled Control Flow Graphs (CFG) Labels represent events of interest Need CFG models for Little-JIL constructs

Leaf Step Model

A Choice Step Do B Choice Do ADo C Do ADo CDo B A Completed Do BDo C Choice A Terminated Choice Completed … … … …

Choice Step Model

Properties Checked No Late Bids Accepted Checked on the Open-Cry Auction Inconclusive Results Several process experts studied the example in detail without noticing the fault Need to add an “AuctionNotClosed” prerequisite to “Update Best Bid”

Race Condition Property Another property involved data flow There is a variable best that keeps track of the best bid seen so far Can be used by multiple steps concurrently Want to ensure there is no race condition

Race Condition Can Exist Determined a race condition can exist Auctioneer could be considering two bids at the same time Two updates to best occur The final value of best depends on the order of the updates

No Race Condition Need to ensure proper access to variable best Requires knowledge of agent behavior Proved that if no access control, a race condition can occur Proved that with a lock on best, no race condition can occur

Analysis Results The Little-JIL program had 8 steps

Conclusions Process models have strengths and weaknesses Leads to intuitive understanding Can mislead people into believing they understand the process Our example illustrates how important it it to validate processes FLAVERS successfully analyzed the Little-JIL process There is a tension between expressiveness and analyzability Humans require flexibility, leading to more complex analysis

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.