from analysis to code generation of distributed systems ... · from analysis to code generation of...

Ludovic Apvrille - October 12, 2005. Page 1

From Analysis to Code Generation of Distributed Systems with a UML-Based

Formal Environment Named TURTLE’2005

Ludovic [email protected]

Eurecom, Office 223


Outline

ContextTURTLE, A UML profileTURTLE’2005: analysis, design and deploymentTTool, the TURTLE toolkit DemonstrationFrom analysis to designGeneration of Java codeFuture work


UML at a Glance

Noting new but a federation of best practicesA notation, not a methodologyAn international standard at OMG (Object Management Group)

12 diagrams to express complementary point of views Semantic variation points

No standardized formal semanticsProfile: the possibility to tailor the UML for your application domain

Industry supportTools (TAU G2, …)Lingua franca for software-intensive system designers and developers

Research workReal-time?Adding formality to the UMLA UML model for simulation, verification, code generation, test generation, performance evaluation, …


Propositions

Idea: let us enrich UMLUML operators are informalUML lacks advanced temporal operators such as time intervalsUML has no methodology (no validation)

Proposition: Semi-formal UML-based environmentSemantics given by mapping to a Formal Description Technique

What formal language?Well-defined formal semanticsLogical and temporal operatorsTools

=> RT-LOTOS / Petri Nets with real-time extensions=> TURTLE UML profile (Timed UML and RT-LOTOS Environment)


Chronology of TURTLE

1999First definition of operators

2000 -2001Definition of a methodology supporting validationModeling and translation rulesTranslation from TURTLE to RT-LOTOS partially implemented

2002New operators (temporal operators, new diagrams)Methodological extensions

2003First release of the TURTLE toolkit (TTool)

2005TURTLE analysisTURTLE deploymentGeneration of executable code (Java)


Labs and People Involved in TURTLE

LAAS / CNRSJean-Pierre Courtiat

ENSICAPierre de Saqui-Sannes

Concordia UniversityFerhat Khendek

ENSTLudovic Apvrille

ENST BretagneChristophe Lohr

Alcatel Space Industries


ReferencesDefinition of the profile

L. Apvrille, P. de Saqui-Sannes, A. Apvrille, “Une méthodologie de conception des systèmesdistribués basée sur UML”, Actes de la 5ème conférence sur les nouvelles technologies de la répartition (NOTERE'05), p 217-214, Gatineau, QC, Canada, 29 aout - 1er septembre 2005.L. Apvrille, P. de Saqui-Sannes, F. Khendek, “Synthèse d'une conception UML temps-réel àpartir de diagrammes de séquences”, Actes du Colloque Francophone sur l'Ingénierie des Protocoles (CFIP'05), Bordeaux, France, 29 mars - 1er avril 2005 (in French).L. Apvrille, J.-P. Courtiat, C. Lohr, P de Saqui-Sannes , “TURTLE: A Real-Time UML Profile Supported by a Formal Validation Toolkit”, IEEE Transactions on Software Engineering, Vol. 30, No. 7, pp. 473-487, July 2004 C. LOHR , L. APVRILLE, P DE SAQUI-SANNES, J.-P. COURTIAT, "New Operators for the TURTLE Profile", 6th IFIP International Conference on Formal Methods for Open Object-based Distributed Systems (FMOODS'03), LNCS, Springer, Paris, France, November 2003.P. DE SAQUI-SANNES, L. APVRILLE, C. LOHR, P. SÉNAC, J.-P. COURTIAT, "UML and RT-LOTOS: An Integration for Real-Time System Validation", European Journal of Automation (JESA), Vol. 36, p. 1029-1042, Ed. Hermès, 2002.L. APVRILLE, P. DE SAQUI-SANNES, C. LOHR, P. SÉNAC, J.-P. COURTIAT, "A New UML Profile for Real-time System Formal Design and Validation", Proceedings of the Fourth International Conference on the Unified Modeling Language (UML'2001), Toronto, Canada, October 2001.

Use of the profileL. APVRILLE, P DE SAQUI-SANNES, P. SENAC, C. LOHR, "Verifying Service Continuity in a Satellite Reconfiguration Procedure", Journal of Automated Software, Engineering, Kluver , issue 11:2, 2004.L. APVRILLE, P. DE SAQUI-SANNES, P. SÉNAC, C. LOHR, "Reconfiguration dynamiquede protocoles embarqués à bord de satellites", Actes du Colloque Francophone sur l'Ingéniériedes Protocoles (CFIP'2002), Montréal, mai 2002.


TURTLE: Methodology

(1) AnalysisIOD + SDs

Formal validation

(2) DesignCD + ADs

(3) Deployment:components + DD

Formal validation

(4) Code (Java)

Automatic synthesis

Code generation

Formal validation

Execution

Generation and execution of Java Code


TURTLE Analysis

Interaction Overview DiagramSequence Diagram


TURTLE Design


TURTLE Deployment


TTool: an Open-Source Toolkit Developed at ENST - LabSoC


Demonstration

Basic authentication mechanism of HTTPAnalysis, design

Proof of security flaw We demonstrate that a network attacker may obtain protected data

Hacking of network packets + replay of the same packet with slight modifications

Design

Automatic Java code generation from design and deployment diagram

From design: monolithic application is generatedFrom deployment: a distributed application is generated


Automatic Generation of TURTLE Design from TURTLE Analysis

FundamentalsOne instance in scenarios -> one TURTLE classBehavior of instance -> behavior of the corresponding TURTLE class (activity diagram, and more generally, state machine)Communication channels between instances -> for each trio (I1, msg, I2), a FIFO communication channel is settled between the corresponding TURTLE classes and gates

Two TURTLE classes / FIFO channelOn FIFO channel is modeled with two TURTLE classes

But:Described scenarios are not always implementableTTool does not detect scenario non-implementabilityMay be detected, sometimes, at generated design reachability graph level

Deadlock situation


Example of Non-Implementability

For example, trace !a!c!e is included into the generated design


Main Features of The Java Code Generator

Code generated from TURTLE designMonolithic applicationTranslation process relies on libraries

Temporal operators, synchronization, etc.

Code may be generated, compiled and executed from TToolCode generated from TURTLE deployment

Networked applicationAsynchronous links are implemented using UDP, TCP or RMI

May be configured in TTool

Code may be generated and compiled from TTool


Generating Java Code from TURTLE Deployment

Reuse of the generator implemented for TURTLE designs Issue of links between nodes

Links are modeled both for formal validation purpose and for code generationSome parameters cannot be taken into account …

Delay, loss rate, etc.

…and some others have to be taken into accountProtocols, port number, network addresses, etc.


Generating Java Code from TURTLE Deployment (Cont.)

(1) Generation of a “marked” TURTLE design

UDP / TCP / RMI + corresponding parameters

(2) Reuse of the TURTLE design code generator

Extended generatorNetwork marked gates are computed differentlySeveral executable modules are generated

Libraries managing actions on gates have been extended

Data sending and receiving using UDP / TCP / RMI

C1 C2

(1)

C1_T1 C2_T2L12Synchro Synchro

C1_T1.g1 = L12.gt1 L12.gt2 = C2_T2.g2

code Java_____

______

___

_____

______

___

Main_C2.java

(2) (2)


Conclusions

TURTLE profileReal-time UML profile

Analysis, design and deployment have been enhanced with logical and temporal operatorsGraphic syntax compliant with UML 2.0Formal semanticsJava code generation

TToolDiagram edition

Highly intuitive interfaceTransparent use of powerful formal validation techniques

ApplicationsAlcatel SpaceUDCastUsed in several European research projects

DIPCAST, MAESTRO, etc.


Future work

Refinement process at specification and design levelTURTLE 2.0Formal semantics

Petri NetsCode generation

SystemCToolkits

TINA


Related Work

Real-Time UML profiles (selection)ACCORD/UMLOMEGAARTEMIS

OMG profileSTP (Scheduling, Time, Performance)

TURTLE librariesMARTE (Modeling and Analysis of Real-Time and Embedded Systems)

Formal verification toolsSynchronous languagesHybrid automata (HYTECH)Timed automata (UPPAAL)Promela (SPIN)Time Petri nets (TINA)


Any questions?

TURTLE’s website:http://labsoc.comelec.enst.fr/turtle

TTool’s website:http://labsoc.comelec.enst.fr/turtle/ttoolindex.html

from analysis to code generation of distributed systems ... · from analysis to code generation of...

Documents