Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSEC Experimenting with Progress Mappings for the Sweep-Line Analysis of the Internet Open Trading Protocol Guy Edward Gallasch, Chun Ouyang, Jonathan.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CSEC Experimenting with Progress Mappings for the Sweep-Line Analysis of the Internet Open Trading Protocol Guy Edward Gallasch, Chun Ouyang, Jonathan."— Presentation transcript:

1 CSEC Experimenting with Progress Mappings for the Sweep-Line Analysis of the Internet Open Trading Protocol Guy Edward Gallasch, Chun Ouyang, Jonathan Billington Lars Michael Kristensen CPN Workshop 10 th October 2004 Computer Systems Engineering Centre School of Electrical and Information Engineering University of South Australia Department of Computer Science University of Aarhus

2 CSEC 2 Outline Motivation and Contribution The Sweep-Line Method Internet Open Trading Protocol (IOTP) A Revised IOTP CPN Model Sweep-Line Exploration of IOTP Experimental Results Conclusions and future work

3 CSEC 3 Motivation and Contribution State Explosion Problem: –Too many states to fit in computer memory! Evaluation of the Sweep-line method on an industrial example. Evaluation of Sweep-line using different progress mappings. Gain experience in applying Sweep-line effectively. Obtain verification results for IOTP that were previously out of reach.

4 CSEC 4 Sweep-Line Method – Progress Measure A notion of progress within the system being modelled: –States with lower progress are unlikely to be reached from states with higher progress. –States with lower progress can be deleted on-the-fly. A progress measure: –Formally captures the notion of progress. –Specifies a progress mapping  from markings to ordered progress values. We can take the set of natural numbers as the progress values and the usual orderings on this set, e.g. ≤,.

5 CSEC 5 Sweep-Line Method – Progress Mappings A mapping  is monotonic if: –There is only progress, no regress. –For each reachable marking, all successors have the same progress value or a higher progress value. A mapping  is non-monotonic if: –We have regress edges. –Arcs leading from states with higher progress values to states with lower progress values. The Sweep-line method can deal with regress: –Mark destinations of regress edges as persistent. –Re-explore the occurrence graph from these persistent states.

6 CSEC 6 IOTP – Basic Concepts Informal narrative description in RFC 2801 (290 pages). Trading Roles: –Consumer, Merchant, Payment Handler, Delivery Handler (and Merchant Customer Care Provider) IOTP Messages Document Exchanges: –Authentication –Offer (Brand Dependent Offer and Brand Independent Offer) –Payment –Delivery –Payment-and-Delivery IOTP Transactions: –Authentication, Purchase, Refund, Deposit, Withdrawal, and Value Exchange

7 CSEC 7 IOTP – Transaction Procedures IOTP Transactions are constructed by combining document exchanges –An example of Purchase Transaction

8 CSEC 8 IOTP – Transaction Procedures IOTP Transactions are constructed by combining document exchanges –An example of Purchase Transaction Transaction Cancellation and Error Handling –Cancel Message –Error Message –Message Identifier (local to each trading role) Authentication (optional) Payment Brand Dependent Offer Brand Independent Offer Payment Delivery Payment -and- Delivery

9 CSEC 9 A Revised IOTP CPN – Overview

10 CSEC 10 Revised IOTP CPN – Top Level Four IOTP entities (trading roles) communicate with each other via a simple model of the underlying transport medium (HTTP service)

11 CSEC 11 Consumer Trading Role Page

12 CSEC 12 Consumer Trading Role Page Token contains: Trading Role internal state Transaction type Current Document Exchange Message ID and Retrans counter of last message sent Message ID of last message received.

13 CSEC 13 Analysis of the Revised IOTP The analysis focuses on the six Authentication and Payment- related transactions. Analysis of each transaction for different values of RCmax – RCmax : the maximum value of the message retransmission counter. The value of RCmax is not specified in RFC 2801. –Unbounded number of configurations of the CPN to analyse. When RCmax > 4, the number of states of both the Purchase and the Value Exchange transactions became too large to manage with available computer resources.

14 CSEC 14 Sweep-Line Exploration of IOTP The sweep-line method is applied to alleviate the problem of state explosion for the revised IOTP CPN with RCmax > 4 Two approaches to define a progress mapping: –Generic features: Sequence numbers and Retransmission counters. –IOTP-specific features: take advantage of behavioural properties of IOTP. Three progress mappings defined: –Generic progress mapping –IOTP-specific progress mapping –Combined progress mapping Valid transaction termination property of IOTP is examined

15 CSEC 15 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP:

16 CSEC 16 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP:

17 CSEC 17 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP: TR = {Consumer, Merchant, Payment Handler, Delivery Handler}

18 CSEC 18 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP: TR = {Consumer, Merchant, Payment Handler, Delivery Handler} GetRC tr : Marking -> Trading Role Retrans Counter

19 CSEC 19 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP: TR = {Consumer, Merchant, Payment Handler, Delivery Handler} GetRC tr : Marking -> Trading Role Retrans Counter GetMessID tr : Marking -> Trading Role Message ID

20 CSEC 20 Generic Progress Mapping Wouldn’t it be nice… a progress mapping giving good performance, based on common protocol attributes: –Sequence numbers (Message IDs). –Retransmission counters. Each IOTP trading role maintains its own message identifier and retransmission counter for the message most recently sent. Definition of generic progress mapping  generic_2 for IOTP: TR = {Consumer, Merchant, Payment Handler, Delivery Handler} GetRC tr : Marking -> Trading Role Retrans Counter GetMessID tr : Marking -> Trading Role Message ID (RCmax+1) is one greater than Max( GetRC tr )

21 CSEC 21 IOTP-Specific Progress Mapping Two sources of IOTP-specific progress are identified: 1.Within a transaction, progress is exhibited by the execution of successive document exchanges. –The mapping  exch_comb enumerates the combinations of document exchanges in the order that they occur in e.g. a Purchase Transaction. 2.Within a document exchange, progress is exhibited by the internal state changes of the trading roles. –Four mappings,  m,  c,  ph and  dh, enumerate the trading role internal states in the order that they occur. Definition of the IOTP-specific progress mapping  specific

22 CSEC 22 IOTP-Specific Progress Mapping Two sources of IOTP-specific progress are identified: 1.Within a transaction, progress is exhibited by the execution of successive document exchanges. –The mapping  exch_comb enumerates the combinations of document exchanges in the order that they occur in e.g. a Purchase Transaction. 2.Within a document exchange, progress is exhibited by the internal state changes of the trading roles. –Four mappings,  m,  c,  ph and  dh, enumerate the trading role internal states in the order that they occur. Definition of the IOTP-specific progress mapping  specific

23 CSEC 23 IOTP-Specific Progress Mapping (2) Mapping values are engineered so that successive document exchanges are explored sequentially –i.e. ‘flatten’ the occurrence graph to make it ‘long and narrow’ rather than ‘short and wide’

24 CSEC 24 IOTP-Specific Progress Mapping (2) Mapping values are engineered so that successive document exchanges are explored sequentially –i.e. ‘flatten’ the occurrence graph to make it ‘long and narrow’ rather than ‘short and wide’ Example: –Purchase Transaction Occurrence Graph looks something like this. –We want to ‘flatten’ it Auth Pay BD Offer Deliv Pay -and- Del Pay BI Offer Deliv Pay -and- Del Pay

25 CSEC 25 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Progress 0

26 CSEC 26 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth BD Offer Progress 0104

27 CSEC 27 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Progress 0104208 Pay

28 CSEC 28 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay Progress 0104208286

29 CSEC 29 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay -and- Del Pay Progress 0104208286364

30 CSEC 30 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay -and- Del Pay BI Offer Progress 0104208286364494

31 CSEC 31 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay -and- Del Pay BI Offer Pay Progress 0104208286364494598

32 CSEC 32 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay -and- Del Pay BI Offer Deliv Pay Progress 0104208286364494598676

33 CSEC 33 IOTP-Specific Progress Mapping (3) Example: Purchase Transaction OG Exploration Auth Pay BD Offer Deliv Pay -and- Del Pay BI Offer Deliv Pay -and- Del Pay Progress 0104208286364494598676754

34 CSEC 34 Combination of Generic and Specific Progress Mapping The generic progress mapping  generic_2 incorporates the RCmax parameter and is hoped to ‘scale’ well with RCmax. The IOTP-specific progress mapping  specific takes advantage of knowledge of the sequential nature of IOTP operations, but lacks potential for scalability. We hope to obtain a progress mapping with the advantages of both  generic_2 and  specific Definition of a combined progress mapping  comb for IOTP:

35 CSEC 35 Combination of Generic and Specific Progress Mapping The generic progress mapping  generic_2 incorporates the RCmax parameter and is hoped to ‘scale’ well with RCmax. The IOTP-specific progress mapping  specific takes advantage of knowledge of the sequential nature of IOTP operations, but lacks potential for scalability. We hope to obtain a progress mapping with the advantages of both  generic_2 and  specific Definition of a combined progress mapping  comb for IOTP: where weight is (at least) one larger than Max(  generic_2 )

36 CSEC 36 Combination of Generic and Specific Progress Mapping (2) Max( GetMessID tr ): –15 non-error and non-cancel messages, used at most once. –Message ID of sender increments for every new message. –Each new error message (requesting retransmission) increments the Message ID of the receiver. –Retransmissions have the same Message ID as the original. –Reception of a message may stimulate a response from the receiver, incrementing the Message ID once more. Max( GetMessID tr ) = 15(RCmax+1) Max( GetRC tr ) = RCmax Thus Max(  generic_2 ) = 4(15(RCmax+1) 2 + RCmax Therefore weight = 4(15(RCmax+1) 2 + RCmax + 1

37 CSEC 37 Sweep-line statistics for the analysis of the revised IOTP CPN using  generic_2 –The progress mapping is non-monotonic. –This is expected, as message identifiers and retransmission counters are reset to 0 at various times during an IOTP transaction. –Not a useful reduction. Experimental Results -  generic_2

38 CSEC 38 Sweep-line statistics for the analysis of the revised IOTP CPN using  specific –The progress mapping is monotonic –The reduction in space and time is better than when using  generic_2 –The space reduction worsens as RCmax increases Experimental Results -  specific

39 CSEC 39 Sweep-line statistics for the analysis of the revised IOTP CPN using  comb –The progress mapping is monotonic –The reduction in space is identical to using  specific for small RCmax but does not worsen as rapidly when RCmax increases Experimental Results -  comb

40 CSEC 40 Conclusions Particularised the sweep-line method for CPNs, which allows us to just associate a progress mapping with the CPN. Defined three progress mappings for the analysis of the revised IOTP CPN model and presented our intuition and rationale behind each. Verified transaction termination property of the revised IOTP with RCmax increased to 7. Demonstrated that the sweep-line method can be successfully applied to a complex real-life example. Future work –Formalise the progress mapping using vectors, as has been done in similar work on the Wireless Application Protocol. –To apply the compositional sweep-line method to the analysis of IOTP. –To apply sweep-line method to investigate more properties of IOTP. –Develop guidelines for successful application of sweep-line.

Download ppt "CSEC Experimenting with Progress Mappings for the Sweep-Line Analysis of the Internet Open Trading Protocol Guy Edward Gallasch, Chun Ouyang, Jonathan."

Similar presentations

DISTRIBUTED COMPUTING PARADIGMS

DISTRIBUTED COMPUTING PARADIGMS
Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.

Tintu David Joy. Agenda Motivation Better Verification Through Symmetry-basic idea Structural Symmetry and Multiprocessor Systems Mur ϕ verification system.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Modelling and Analysis of the CES Protocol of H.245 Lin Liu and Jonathan Billington Computer Systems Engineering Centre University of South Australia.

Modelling and Analysis of the CES Protocol of H.245 Lin Liu and Jonathan Billington Computer Systems Engineering Centre University of South Australia.
IETF Trade Working Group January 2000 XML Messaging Overview January 2000.

IETF Trade Working Group January 2000 XML Messaging Overview January 2000.
PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,

PROTOCOL VERIFICATION & PROTOCOL VALIDATION. Protocol Verification Communication Protocols should be checked for correctness, robustness and performance,
CIS-74 Computer Software Quality Assurance Systematic Software Testing Chapter 1: An Overview of the Testing Process.

CIS-74 Computer Software Quality Assurance Systematic Software Testing Chapter 1: An Overview of the Testing Process.
MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT

MANETs Routing Dr. Raad S. Al-Qassas Department of Computer Science PSUT
Kurt Jensen Lars M. Kristensen 1 Coloured Petri Nets Department of Computer Science Coloured Petri Nets Modelling and Validation of Concurrent Systems.

Kurt Jensen Lars M. Kristensen 1 Coloured Petri Nets Department of Computer Science Coloured Petri Nets Modelling and Validation of Concurrent Systems.
Page 1 Building Reliable Component-based Systems Chapter 7 - Role-Based Component Engineering Chapter 7 Role-Based Component Engineering.

Page 1 Building Reliable Component-based Systems Chapter 7 - Role-Based Component Engineering Chapter 7 Role-Based Component Engineering.
1 Digital Rights Management using RFID in an E-Commerce Environment World Applied Sciences Journal,5 (3), pp. 324-331, 2008 Asso Hamzehei Department of.

1 Digital Rights Management using RFID in an E-Commerce Environment World Applied Sciences Journal,5 (3), pp , 2008 Asso Hamzehei Department of.
Banker’s Algorithm Implementation in CPN Tools Michal Žarnay Department of Transportation Networks University of Žilina, Slovakia.

Banker’s Algorithm Implementation in CPN Tools Michal Žarnay Department of Transportation Networks University of Žilina, Slovakia.
SPECIFYING COGNITIVE MODELS Using Patterns and Conflicts A. Macklem, F. Mili Oakland University S. Dungrani TARDEC June, 2004.

SPECIFYING COGNITIVE MODELS Using Patterns and Conflicts A. Macklem, F. Mili Oakland University S. Dungrani TARDEC June, 2004.
Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.

Introduction and Overview “the grid” – a proposed distributed computing infrastructure for advanced science and engineering. Purpose: grid concept is motivated.
Chapter 7 Using Data Flow Diagrams

Chapter 7 Using Data Flow Diagrams
Sweep-line Analysis of DCCP Connection Management Somsak Vanit-Anunchai Jonathan Billington Guy Edward Gallasch 25 th October 2006.

Sweep-line Analysis of DCCP Connection Management Somsak Vanit-Anunchai Jonathan Billington Guy Edward Gallasch 25 th October 2006.
Modelling with Coloured Petri Nets Søren Christensen Department of Computer Science University of Aarhus.

Modelling with Coloured Petri Nets Søren Christensen Department of Computer Science University of Aarhus.
1 Computer Systems Engineering Centre University of South Australia An Abstract Model of Routing in Mobile Ad Hoc Networks Cong Yuan, Jonathan Billington,

1 Computer Systems Engineering Centre University of South Australia An Abstract Model of Routing in Mobile Ad Hoc Networks Cong Yuan, Jonathan Billington,
CPN’0410/10/2004 1 Formal Specification and State Space Analysis of an Operational Planning Process Brice Mitchell, Lars M. Kristensen, and Lin Zhang.

CPN’0410/10/ Formal Specification and State Space Analysis of an Operational Planning Process Brice Mitchell, Lars M. Kristensen, and Lin Zhang.
An Agent-Oriented Approach to the Integration of Information Sources Michael Christoffel Institute for Program Structures and Data Organization, University.

An Agent-Oriented Approach to the Integration of Information Sources Michael Christoffel Institute for Program Structures and Data Organization, University.

Similar presentations

Ads by Google