Leiden Workshop 20/06/ Presentation of the CADP toolbox CADP toolbox What is CADP ? LOTOS language Tools for functional verification CADP extended for performance evaluation IMC formalism From LOTOS to Markov chain From LOTOS to Markov chain – example - Tools for performance evaluation

Leiden Workshop 20/06/ CADP: « Construction and Analysis of Distributed Processes » Developped at INRIA Rhônes-Alpes (France) by the VASY team Toolbox for the design of communication protocols and distributed systems. What is CADP?

Leiden Workshop 20/06/ LOTOS language LOTOS =Process Algebra (CCS & CSP) + Abstract Data Type Algebra (ACT-ONE) caesar.adt compiler caesar compiler

Leiden Workshop 20/06/ PUSH process queue_behavior [PUSH, POP] (SMax:Nat, Q: Queue) : noexit := [getCurrentSize(Q) PUSH; queue_behavior[PUSH, POP] (SMax,Push(Q)) [] [getCurrentSize(Q)>0] -> POP; queue_behavior[PUSH, POP] (SMax,Pop(Q)) endproc POP PUSH POP PUSH POP LOTOS language bcg format

Leiden Workshop 20/06/ PUSH POP Physical queue memory TO_MEM FROM_MEM memory.bcg = generation of memory.lotos; phys_queue.bcg = generation of phys_queue.lotos; system.bcg = memory.bcg |[TO_MEM, FROM_MEM]| phys_queue.bcg; queue.bcg = hide TO_MEM, FROM_MEM in system.bcg LOTOS language

Leiden Workshop 20/06/ Tools for functional verification Model checking on the LTS Various temporal logics and mu-calculus (evaluator, XTL) Equivalence checking Minimization and comparisons modulo bisimulations relations (bcg_min, bisimulator) Simulation & co-simulation Visual checking (bcg_edit) Step-by-step simulation (ocis) C simulator (caesar –simulator)

Leiden Workshop 20/06/ The behavior of a physical system can often be represented by : All the states the system may occupy How the system move from one state to another Functional behavior: (LTS) action based Timed behaviour: (CTMC) time based rate λ rate μ rate λ rate μ PUSH POP PUSH POP Performance measures No composition, synchronization… ↓ ↓ ↓ Performance evaluation of complex systems reserved to specialists Composition Concurrency Synchronization ↓ ↓ ↓ Description of large systems && Formal verification IMC IMC formalism

Leiden Workshop 20/06/ IMC formalism IMC Interactive transitions Synchronization Composition Markovian transitions Represent delays Hiding of Markovian transitions and minimization LTS Hiding of Interactive transitions and stochastic minimization CTMC 1 model Functional verification Performance evaluation

Leiden Workshop 20/06/ Performance evaluation with LOTOS/CADP : Introduction of Markov transitions in LOTOS models. ≈ Introduction of delays in LOTOS models. => Generation of an Interactive Markov Chain (IMC) Identifying the start and end of relevant timing delays in the model 1 Exposing each start and end as LOTOS gates 2 Identifying the distribution of the delay 3 Approximating the delays as CTMC 4 Embedding each delay into start/end gates 5 From LOTOS to Markov chains

Leiden Workshop 20/06/ Time between 2 PUSH(δ 1 ) Time between 2 POP(δ 2 ) Time needed to process a PUSH(λ) Time needed to process a POP(μ) Exposing each start and end as LOTOS gates 2 Identifying the distribution of the delays 3 Approximating the delays as CTMC 4 Embedding each delay into start/end gates 5 Identifying the start and end of relevant timing delays in the model 1 ENVIRONMENT SYSTEM RSP PUSH_RQ GENERATOR QUEUE [ PUSH_RQ, PUSH_RSP, POP_RQ, POP_RSP,] CONSUMER PUSH_RSP POP_RQ POP_RSP RQRSPRQ PUSH time RQRSP POP RQRSPRQRSP QUEUE [ PUSH_RQ, PUSH_RSP, POP_RQ, POP_RSP, λ_START, λ_STOP, μ_START, μ_STOP ] GENERATOR […] : δ 1 _START; δ 1 _STOP; PUSH_RQ !DATA; PUSH_RSP; GENERATOR […] CONSUMER […] : δ 2 _START; δ 2 _STOP; POP_RQ; POP_RSP ?Elmt; CONSUMER […] Proba time 1 0 GEN_DELAY δ 1 _STOP δ 1 _START PUSH_DELAY λ _STOP λ _START POP_DELAY μ _STOP μ _START CONS_DELAY δ 2 _START δ 2 _STOP POP_DELAY […] : μ_START; μ_DELAY; μ_STOP; POP_DELAY […] PUSH_DELAY […] : λ_START; λ_DELAY; λ_STOP; PUSH_DELAY […] GEN_DELAY […] : δ 1 _START; δ 1 _DELAY; δ 1 _STOP; GEN_DELAY […] CONS_DELAY […] : δ 2 _START; δ 2 _DELAY; δ 2 _STOP; CONS_DELAY […] From LOTOS to Markov chains - example -

Leiden Workshop 20/06/ Performance evaluation with LOTOS/CADP : Introduction of Markov transitions in LOTOS models. ≈ Introduction of delays in LOTOS models. => Generation of an Interactive Markov Chain (IMC) Hiding of the non-Markovian transition and minimisation => generation of a Markov Chain (CTMC) Performance evaluation based on the analysis of these CTMC. Identifying the start and end of relevant timing delays in the model 1 Exposing each start and end as LOTOS gates 2 Identifying the distribution of the delay 3 Approximating the delays as CTMC 4 Embedding each delay into start/end gates 5 From LOTOS to Markov chains

Leiden Workshop 20/06/ Tools for performance evaluation Stochastic minimization (bcg_min) Based on the maximum progress rule => generation of a Markov Chain (CTMC) Performance evaluation based on the analysis of a CTMC. Transient state probabilities (bcg_transient) Steady state probabilities (bcg_steady) Throughput results (-thr option) Use of the state probabilities for more complex measures Weighted sum of the state probabilities Mean queue length Mean time before failure … API in CADP for graph exploration for this kind of computation

Leiden Workshop 20/06/ Summary : performance evaluation my_model_with_start_and_stop_delay_gates.bcg = generation of my_model_with_start_and_stop_delay_gates.lotos; my_delay1.bcg = generation of my_delay1.lotos; … my_delayN.bcg = generation of my_delayN.lotos; my_imc.bcg = ( ( ( my_model_with_start_and_stop_delay_gates.bcg |[DL1_START, DL1_STOP]| my_delay1.bcg ) |[...]| … ) |[DLN_START, DLN_STOP]| my_delayN.bcg ); my_mc.bcg = stochastic reduction of hide …. in my_imc.bcg %bcg_steady –sol my_mc.sol my_mc.bcg

Leiden Workshop 20/06/ More information at : free of charge for universities and public research centers Toolbox written in C and available for: Solaris Linux Windows MacOS Questions ? Conclusion