1 ALLOY4SPV Part of Yoann Laurent’s Phd Work (a Year and half) - LIP6 yoann.laurent@lip6.fr Reda Bendraou- LIP6 Definitions: Agents, Activities & Artifacts Software Process Agent Activity Artifact … build ... in order to produce… Modeler Developer Tester … Models Source Code Tests … Software Activity is an elementary task. Artifact is a product created or modified during a process either as a required result or to facilitate the process. Agent is a performer of the process. It may be a human or a computerized tool. Software Process is a set of partially ordered activities realized by agents, which create/maintain sets of related artifacts. Based on [Lonchamp, ICSP’93] 2 Definitions : Software Process Model « … is an abstract software process description. It can be more or less formal. A given process model expresses: (i) a certain level of abstraction and (ii) a particular view on the process. » [Lonchamp, SICSP’93] Artifact designModel design sourceCode code Activity Used for learning, vericiation and execution purposes 3 Some constraints are not represented in Software Process Models 4 Software Process Models never come alone Organizational Constraints Business Constraints Timing and resources assignement issues Specific and very contextual to the project And of course, process models should be sound before deployment Well-Known soundness properties Behavioral Constraints 5 (1) Soundness A B D Control-Flow {Initial, A, Decision, C, Merge, D, Final} C {Initial, A, Decision, B, Merge} « CtoD » will not receive an offer « D » input will never receive an offre 1..1 A B 1..1 Data-Flow D {Initial, A, Decision, B, Merge, D, Final} C {Initial, A, Decision, C, Merge} « Soundness of Workflow nets » [Aalst’11] (1) Option to complete (2) Proper completion (3) No dead transition Behavioral Constraints 6 (2) Organizational A B1 D (1hour) (1hour) (1hour) B2 Execution path Time Possible in 3 hours? (2hour) B3 (30min) [continue] {A, B1, D} 3h yes {A, B2, D} 4h Impossible {A, (B3)*, D} [2:30 à oo] yes but only if B executes only once Behavioral Constraints 7 (3) Business ImportantArtifact A B D ImportantAction Constraints specific to a given project: ImportantAction should be executed whatever the execution path. ImportantArtifact should be created whatever the execution path. {Initial, A, Decision, ImportantAction, Merge, D, Final} {Initial, A, Decision, B(ImportantArtifact), Merge, D, Final} Software Process Constraintes 8 Logiques temporelles LTL : Linear Temporal Logic CTL : Computation Tree Logic PSEE – Process-centered Software Engineering Environment « … provides some assistance to its users by interpreting software proces models » Based on [Lonchamp, SICSP’93] designModel design Process Modeler start design create design Model sourceCode code end design Agent Are the required artifacts present? Are the produced artifacts correct? Manager Is the agent doing what she/he is supposed to do? 9 Process Models: Strong assumptions 10 1) The process model is perfect captures the right steps, milestones, artifacts, roles & workflow 2) Process’s agents are strictly following the process model They don’t take any personal initiative to perform the process differently Process Deviations Business Constraints 11 Process Model Organizational Constraints Process Description Process realization C o n s i s t e n c y …. PSEE / Execution Agent deviation from the process model C o n s i s t e n c y Time What the PSEE/Project Manager should do? Deviation: any action performed by an agent during the process execution which is not defined in the process model (In almost 98% of the time [Vissagio]) Deviation Vs Exception [Lerner et al.] What are the impacts of these deviations? 12 H I A J Soundness ? E F G Skip an Activity Organizational Constraints ? H I A Business Constraints ? J E F G J I A E F G Add a new Activity X Consequences of agent’s deviations 13 Do they represent a threat to the process’s continuity & project management ? Do we still have a chance to respect project deadlines? What are the impacts of these deviations? How can we make sure to preserve these constraints along the process execution if deviations or modifications have to occur? Our previous work on process deviations 14 Early detection of deviations [MoDELS 10a, b][TSI 13][Caise-F 12] Handling of deviations [Caise 10, EDOCW11] Living with Deviations [ASE 11] But we never explored the idea of on the fly process model modification to handel deviations => need to calculate the impact of a modification/deviation Requirements for more flexibiliy in handling process deviations 15 Ability to decorate the process model with various constraints More reusability of process models Ability to verify process models before execution Ability to preserve process constraints at runtime even if deviations occur Planning possible solutions Our Proposition: Alloy4SPV Alloy for Software Process Verification UML2.0 Activities 16 fUML Process Model AlloyToProcess PSEE is Enacted Process View Process Engine interact ProcessToAlloy PropertiesToAll oyView Properties Alloy Modules Semantic.als Alloy4SPV Alloy Analyzer Syntax.als ProcessModel.als Properties.als Satysfying Solution Counterexample Our Proposition: Alloy4SPV 17 Constraints specification through a GUI Automatic translation to Alloy Why Alloy? 18 You define your own semantics, you don’t need to rely on any other formalims such as Petri Nets. It supports a wide variety of properties such as invariants, user-defined assertions, LTL and CTL formulas with fairness constraints It is expressive enough to represent a UML-based model associated with OCL constraints A model-finder (and not a model-checker) Simulation (run) : finds an instance that satisfies a set of constraintes Checking (check) : finds a counter-example that violates a constraint On-the-shelf SAT-solvers (MiniSat, ZChaff,...). Contributions so far 19 Formalization of the fUML in first order logic [1] Implementation of the fUML semantics using Alloy Process execution engine and debugger based on fUML A library of ready to use and customizable constraints expressed through a graphical interface Graphical Alloy-based Verification tool [1] http://pagesperso-systeme.lip6.fr/Yoann.Laurent/alloy4sp/formal.pdf Results 20 Time to analyze the « OptionToComplete » property with Alloy4SPV We had « good » results (18 bilion clauses . 7 Bilion vars.) in less than 1 minute This proofs the effectiveness of the approach… 21 Still to achieve: Performance issues Some Intuitions ! Abstracting the process 22 H A Sequence Reduction I J B C E F IJ D A BCD E G 10 Actions H FG 6 Actions Reduction Rules for Petri-Net [Murata’89,Desel’95] Decomposition 23 Program slicing methods Single Entry Single Exit (SESE) [Johnson’94] H I J B C 2 1 A D E 3 F G A Scope and Constraints reductions 24 H I A Impact Reduction J E F F Currently executing G G X X New activity Scope and constraints reductions [SPE Journal 13] Conclusion 25 Some promising results so far Two perspectives on the agenda To To increase performance at runtime use the “Synthesis” facility of Alloy to compute solutions and repair plans Questions 26 Paper accepted this year around this work Executing and Debugging UML Models: an fUML extension, SAC’2013 Generation of Process using Multi-objective Genetic Algorithm, ICSSP’2013 (ICSE co-located event) Submitted Alloy4SPV: a Formal Framework for Software Process Verification, SLE’2013