Using CSPB in new ways - PowerPoint PPT Presentation

1 / 23
About This Presentation
Title:

Using CSPB in new ways

Description:

Converting between diverging and blocking assertions. Divergence freedom ... Replace the diverging assertions on the machine channels of C1(t1) and C2(t2) ... – PowerPoint PPT presentation

Number of Views:32
Avg rating:3.0/5.0
Slides: 24
Provided by: computing97
Category:
Tags: cspb | diverging | gain1 | new | team1 | using | ways

less

Transcript and Presenter's Notes

Title: Using CSPB in new ways


1
Using CSPB in new ways
Collaborative work with Neil Evans, Neil Grant,
Wilson Ifill, Steve Schneider

2
Applying CSPB to a new area
  • Analyse integrity of xUML models
  • Merge into system development methodology
  • Examine whether formal methods can reveal issues
    and/or give confidence in thexUML model
  • Focused on xUML because it is a subset of UML,
    the number of UML diagrams usedis limited and
    there is a translator to SPARK Ada

3
Principles of CSPB model
  • Provide a model of application
  • Must be pattern oriented
  • Data methods of the objects in the B
  • Sequences of actions from the ASL statements in
    CSP
  • Provide a model of the environment
  • Important to reflect how signals, which form
    transitions on the state machines, are modelled
    in terms of queues
  • Our attempt revealed interesting observations
    about timeout signals

4
Heating Period State Machine
5
Heated Space State Machine
6
Changing the architecture
  • Motivated by passing objects in a network
  • Q might not pick up the control for M in its
    initial state
  • Assertions needed at point of passing and gaining
    control
  • Should not have access to machine state after
    process/machine pair de-coupled

7
Inc/Dec with Two Processes
Might want to have assertions at different points
which is why guarantee is parameterised
pass is the synchronisation channel which passes
control
But this version does not guarantee giving up
control
8
Augmenting operations with control
  • Augment the main operations so that a process
    identifier can be passed (inc!1)
  • guarantee and rely can stay the same
  • Now pass needs to changed to be an operation as
    well as a synchronising event

9
Odd/Even Example
  • Recall that in order to prove divergence freedom
    of this combination, we had to augment the
    communication channels with blocking and
    diverging assertions

oddpass
x mod 2 1
ltx mod 2 1gt
OddCtrl PROCESS
EvenCtrl PROCESS
y mod 2 0
lty mod 2 0gt
evenpass
oddput
oddget
evenput
evenget
Odd MACHINE
Even MACHINE
  • Each channel passes a natural number in the
    direction indicated by the arrows

10
Changing the architecture
  • Motivated by passing objects in a network
  • Q might not pick up the control for M in its
    initial state
  • Assertions needed at point of passing and gaining
    control
  • Should not have access to machine state after
    process/machine pair de-coupled

11
A Similar Example
pass1to2
C1 PROCESS
C2 PROCESS
pass2to1
gain1
remove1
gain2
remove2
Team1 MACHINE
Team2 MACHINE
  • Each channel passes a persons name in the
    direction indicated by the arrows

12
The 1 Side

pass1to2
C1 PROCESS
pass2to1
gain1
remove1
Team1 MACHINE
13
The 2 Side

pass1to2
C2 PROCESS
pass2to1
gain2
remove2
Team2 MACHINE
14
The Problem
  • If we perform a divergence freedom check by
    splitting the parallel composition, we run into
    the same problems as the odd/even example
  • Therefore we can begin by augmenting the
    communication channels with blocking assertions
    to fulfil the preconditions of operations gain1
    and gain2

15
Augmenting the Processes
  • To do this, we must first lift some state

pass1to2
ltx / t2gt
C1 PROCESS
C2 PROCESS
pass2to1
lty / t1gt
gain1
remove1
gain2
remove2
Team1 MACHINE
Team2 MACHINE
  • But, as we saw earlier, we also need to add
    diverging assertions to guarantee the blocking
    assertions

16
Augmenting the Processes
pass1to2
?
ltx / t2gt
C1 PROCESS
C2 PROCESS
pass2to1
lty / t1gt
?
gain1
remove1
gain2
remove2
Team1 MACHINE
Team2 MACHINE
  • But, as we saw earlier, we also need to add
    diverging assertions to guarantee the blocking
    assertions

17
Chunks
  • We bring together some of the techniques that we
    have used previously to solve this
  • Adding blocking assertions to communication
    channels
  • Adding diverging assertions to machine channels
  • Converting between diverging and blocking
    assertions
  • Divergence freedom checking using FDR

18
The 1 Side Again

pass1to2
C1 PROCESS
pass2to1
gain1
remove1
Team1 MACHINE
19
The 2 Side

pass1to2
C2 PROCESS
pass2to1
gain2
remove2
Team2 MACHINE
20
Plus one more step
  • Replace the blocking assertions on the
    communication channels of C1(t1) and C2(t2) with
    diverging assertions
  • Replace the diverging assertions on the machine
    channels of C1(t1) and C2(t2) with blocking
    assertions
  • Check their parallel composition for divergence
    freedom using FDR

21
Pictorially
pass1to2
ltx / t2gt
C1(t1) PROCESS
C2(t2) PROCESS

lty / t1gt
pass2to1
gain1
remove1
gain2
remove2
x t1
y t2
pass1to2
x / t2
C1(t1) PROCESS
C2(t2) PROCESS
pass2to1
y / t1
gain1
remove1
gain2
remove2
ltx t1gt
lty t2gt
22
(No Transcript)
23
lt gt
lt timeout gt
hp1 20
lt gt
timeout
lt gt
lt gt
lt gt
lt startMonitor gt
lt gt
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Using CSPB in new ways" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!