SlideShare ist ein Scribd-Unternehmen logo

Internal Behavior Reduction for Services

Universität Rostock
Universität Rostock

Workshop presentation given by Niels Lohmann on February 22, 2011 in Karlsruhe, Germany at the Third Central-European Workshop on Services and their Composition (ZEUS 2011).

BildungGesundheit & MedizinTechnologie
1 von 32
Downloaden Sie, um offline zu lesen
INTERNAL BEHAVIOR REDUCTION FOR PARTNER SYNTHESIS Niels Lohmann
PARTNER SYNTHESIS 1 SYNTHESIS ✔
PARTNER SYNTHESIS 1 SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
PARTNER SYNTHESIS 1 INTERFACE SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
PARTNER SYNTHESIS 1 INTERFACE PARTNER SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
PARTNER SYNTHESIS 2 MODELING TEST CASE SUPPORT GENERATION VALIDATION ADAPTER AND DIAGNOSIS SYNTHESIS
PARTNER SYNTHESIS 2 MODELING TEST CASE SUPPORT GENERATION VALIDATION ADAPTER AND DIAGNOSIS SYNTHESIS
COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2
COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2 SIZE OF SERVICE MODEL 2
COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2 SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL REDUCTION ON-THE-FLY REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SYMBOLIC REPRESENTATION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SYMBOLIC REPRESENTATION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
EXTERNAL VS. INTERNAL ACTIONS 5 EXTERNAL ACTIONS: INSERT COIN CHOOSE REFRESHING BEVERAGE TAKE ICE COLD CAN INTERNAL ACTIONS: WEIGH AND CHECK COIN GUIDE COIN TO COIN BASKET EVALUATE CHOICE CHECK TEMPERATURE FILL CAN SLOT TRIGGER CAN EJECTION DISPLAY “THANK YOU”
EXTERNAL VS. INTERNAL ACTIONS 5 EXTERNAL ACTIONS: INSERT COIN CHOOSE REFRESHING BEVERAGE TAKE ICE COLD CAN INTERNAL ACTIONS: ✘ WEIGH AND CHECK COIN GUIDE COIN TO COIN BASKET EVALUATE CHOICE CHECK TEMPERATURE FILL CAN SLOT TRIGGER CAN EJECTION DISPLAY “THANK YOU”
REDUCTION OF INTERNAL BEHAVIOR 6 4148 states 13832 transitions (9288 internal) 150 states 397 transitions (12 internal)
REDUCTION RULES 7 946 • Eric Y. T. Juan et al. Compositional Verification of Concurrent Systems Using Petri-Net-Based Condensation Rules TADAO MURATA Fig. 23. Application of Rule 1 (Redundant Parall ERIC Y.T. JUAN, JEFFREY J.P. TSAI, and Loops). el Edges) and Rule 2 (Fusion of Intern al University of Illinois at Chicago transitional Petri-net reduction rules scale because the condensation is per- ation has obstructed its application to large- formed hierarchically on IO-graphs whic The state-explosion problem of formal verific ilure h capture the dynamic behaviors of uce a set of new condensation theories: IOT-fa systems. software systems. In this article, we introd firing-depen dence theory to cope with this problem. Rules 1 and 2 below preserve IOT-state equivalence, IOT-state equivalence, and sitional equivalence and IOT-failure r than current theories used for the compo Our condensation theories are much weake n theories can eliminate the equivalence. Therefore, Rules 1 and 2 More significantly, our new condensatio can be applied for the analysis of verification of Petri nets. technique reachable markings, boundedness, and ronously sending actions. Therefore, our deadlock states. Rule 1 removes interleaved behaviors caused by asynch ronous edges which are parallel and have identical for the compositional verification of asynch provides a much more powerful means IO-edge-labels. Rule 2 suggests analyze severa l state-based properties: boundedness, that vertices which are linked by a loop processes. Our technique can efficiently of our of internal edges can be fused into , and deadlock states. Based on the notion a macrovertex. In Rule 2, every vertex reachable markings, reachable submarkings verification of large-scale v involved in the loop of internal new theories, we develop a set of condensation rules for efficient edges is not IOT-stable because vertex i analysis of s show a significant improvement in the v i has one out-edge e i whose input software systems. The experimental result edge-label is empty. Nevertheless, the large-scale concurrent systems. macrovertex v in the condensed cation; IO-graph may be IOT-stable. This probl [Software Engineering]: Program Verifi em can be solved if we add one Categories and Subject Descriptors: D.2.4 Verifying and Reasoning about self-loop-internal edge to vertex v. Neve F.3.1 [Logics and Meanings of Programs]: Specifying and rtheless, this approach will cause overhead in verifying the preconditions Programs—mechanical verification of other rules in practice, e.g., ation, Reliability, Theory, Verification Rules 5, 6, and 7 below. Therefore, we use General Terms: Algorithms, Experiment a boolean function BF-nonstable deadlock states, to indicate that the macrovertex v is not Boundedness, compositional verification, IOT-stable, i.e., BF-nonstable(v ) Additional Key Words and Phrases: “ON.” As a result, we redefine the stabi bility graphs, reachable markings lity of vertices as shown in Petri nets, reachability analysis, reacha Definition 8.1 below. Boolean function BF-n onstable has been considered in the proofs and the parallel composition algorithm in the Appendix. Rule 1 (Redundant Parallel Edges) (IOT -State Equivalence, IOT-Failure 1. INTRODUCTION Equivalence, and Boundedness). If two edges have an identical (1) start- as a suitable tool for modeling and ing vertex, (2) ending vertex, and (3) IO-ed Petri nets have been widely recognized ge-labels, then one of the two ; Silva 1989; Tsai and Weigert edges can be removed. analyzing concurrent systems [Murata 1989 ever, because of the complexity of 1993; Tsai et al. 1996; Yoeli 1987]. How - Definition 8.1 (IOT-Stable Vertices (Stat the state-space explosion [Lipt on 1976], efficient analysis by using reach Function BF-Nonstable). A vertex of es) of IO-Graphs with Boolean m models. To deal with the state an IO-graph is IOT-stable if BF- ability graphs is restricted to small syste nonstable( ) “ON” and vertex has no outgoing edge e such that e.IEL , where BF-nonstable is a boolean funct ion. Otherwise, vertex v is not A under grant CCR-9633536. IOT-stable. J. Tsai was supported by NSF and DARP and Computer Science, University of Authors’ addre ss: Department of Electrical Engineering Definition 8.2 (Deadlock States of IO-G ; {juan; tsai; murata}@eecs. Illinois at Chicago, 851 South Morgan Street, Chicago, IL 60607 raphs). For an IO-graph G, a marking M is a deadlock state of G if and uic.edu. oom use only if M is a reachable marking part or all of this work for personal or classr of G; M has no outgoing edge; and boole Permission to make digital / hard copy of an function BF-nonstable( ) copies are not made or distributed for profit or “OFF,” where is the vertex of M. is granted without fee provided that the appear, , the title of the publication, and its date commercial advantage, the copyright notice copy otherwise, to and notice is given that copyin g is by permission of the ACM, Inc. To Rule 2 (Fusion of Internal Loops) (IOT ribute to lists, requires prior specific permi ssion -State Equivalence, IOT-Failure republish, to post on servers, or to redist Equivalence, and Boundedness). If verti ces are linked by an (internal) and / or a fee. loop p { 1 e 1 2 . . . n e n 1 } (n 1) such that @e i © 1998 ACM 0164-0925/98/0900 –0917 $5.00 p (1 i n): e i er 1998, Pages 917–979. ACM Transactions on Programming Langua ges and Systems, Vol. 20, No. 5, Septemb ges and Systems, Vol. 20, No. 5, Septem ACM Transactions on Programming Langua ber 1998.
REDUCTION RULES 7 x x x τ τ τ x y x τ x y y
IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
EXPERIMENTAL RESULTS: REDUCTION 9 100.000 STATES 92206 10.000 26667 23381 19683 11381 14569 14990 4148 1.000 420 504 100 150 10 25 1 deliver goods car analysis identity card product order SMTP philosophers 1.000.000 INTERNAL TRANSITIONS 100.000 80137 70464 113023 66500 27231 34159 10.000 9288 1.000 100 164 135 10 12 0 0 1 deliver goods car analysis identity card product order SMTP philosophers
EXPERIMENTAL RESULTS: PARTNER SYNTHESIS 10 10.000 s TIME CONSUMPTION 35 7236 4098 1.000 s 2101 0 299 12 2 210 100 s 88 108 104 75 64 10 s 0 3 3 1s deliver goods car analysis identity card product order SMTP philosophers
EXPERIMENTAL RESULTS: PARTNER SYNTHESIS 10 10.000 s TIME CONSUMPTION 35 7236 4098 1.000 s 2101 0 299 12 2 210 100 s 88 108 104 75 64 10 s 0 3 3 1s deliver goods car analysis identity card product order SMTP philosophers 10.000 MB MEMORY CONSUMPTION 6078 1.000 MB 1467 368 427 249 100 MB 75 98 10 MB 18 13 3 1 MB 2 deliver goods car analysis identity card product order SMTP philosophers
NEXT STEPS 11 946 • Eric Y. T. Juan et al. Fig. 23. Application of Rule 1 (Redundant Parallel Edges) and Rule 2 (Fusion of Internal Loops). transitional Petri-net reduction rules because the condensation is per- formed hierarchically on IO-graphs which capture the dynamic behaviors of systems. 948 • Eric Y. T. Juan et al. Rules 1 and 2 below preserve IOT-state equivalence and IOT-failure equivalence. Therefore, Rules 1 and 2 can be applied for the analysis of reachable markings, boundedness, and deadlock states. Rule 1 removes IMPROVE RUNTIME edges which are parallel and have identical IO-edge-labels. Rule 2 suggests that vertices which are linked by a loop of internal edges can be fused into a macrovertex. In Rule 2, every vertex v i involved in the loop of internal edges is not IOT-stable because vertex v i has one out-edge e i whose input edge-label is empty. Nevertheless, the macrovertex v in the condensed IO-graph may be IOT-stable. This problem can be solved if we add one self-loop-internalIllustration vertex 6 (Redundant Vertices Linked by an Internal Edge). Top left: Fig. 25. edge to of Rule v. Nevertheless, this approach will cause overheadCondition (a). Top the preconditions of other rules in practice, e.g., in verifying right: Condition (b). Bottom left: Condition (c). Bottom right: Condition (d). Rules 5, 6, and 7 below. Therefore, we use a boolean function BF-nonstable to indicate that the macrovertex v is not IOT-stable, i.e., BF-nonstable(v) vertices 1 and 2 are fused into one macrovertex by Rule A (Vertex “ON.” As a result, we redefine the stability of vertices as shown in Fusion); (2) redundant parallel in-edges and out-edges of vertex are Definition 8.1 below. Boolean function BF-nonstable has been considered in REMOVE removed by Rule 1; and (3) redundant self-loop internal edges are removed the proofs and theCompositional Verification of Concurrent Systems parallel composition algorithm in the Appendix. 947 by Rule 2. • Rule 1 (Redundant Parallel Edges) (IOT-State Equivalence, IOT-Failure Rule 5 is applied to remove redundant initial vertices and internal edges. Equivalence, and Boundedness). If two edges have an identical (1) start- Rule 5 preserves IOT-failure equivalence (deadlock states) and the property BUGS ing vertex, (2) ending vertex, and (3) IO-edge-labels, then one of the two of boundedness. edges can be removed. Rule 5 (Redundant Initial Vertices and Internal Edges) (IOT-Failure Definition 8.1 (IOT-Stable Vertices (States) of vertex Equivalence and Boundedness). If (1) IO-Graphs with initial vertex, (2) Boolean 1 is the FunctionvertexBF-Nonstable). in-edge and hasan unique out-edge e (Redundant A vertex of a IO-graph is IOT-stable if BF- Fig. 24. Application of has no 4 (Fusion of In-Equivalent Vertices), and Rule 5 , (3) edge e rm is an Rules 3, 1 rm nonstable( ) “ON” and vertex hasand outgoing edge ), such (4) the starting vertex Initial Vertices). internal edge (e rm .IEL no e .OEL e and that e.IEL rm , whereand ending vertexaof edge e function. Otherwise, vertex a self-loop edge), BF-nonstable is boolean v is not rm are different (e rm is not IOT-stable. then vertex 1 and edge ee .OEL be removed, and the initial vertex is is an internal edge (e i .IEL and rm can i ), then all edges in loop p removed; 8.2 (Deadlock States of IO-Graphs).. macrovertex by Rulea changed to the ending vertex of edge e rm For an IO-graph G, areDefinition all vertices in loop p are fused Compositional Verification of Concurrent Systems into one • 949 marking Fusion) below; state of G if and only if BF-nonstable( ) is set to is a deadlock conditions, function M is a reachable marking A (Vertex MRule 6 providesand boolean under which one of two vertices linked by an “ON.” M internal edge can be removed.boolean function BF-nonstable( ) of G; has no outgoing edge; and Redundant internal edges and parallel edges “OFF,” where is the as well.of M. simplicity, subconditions of Condition (3) can be are removed vertex For Rule A (Vertex Fusion) (Fusing a Set of Vertices { 1 , 2 , . . . , n } (n 2) into a Macrovertex of).Internal as in-edge in a , i ) of25. Rule i6 becomes ( IOT-failure Rule 2discussed separately Loops) (IOT-State Equivalence, preserves a , (Fusion (1) Each shown ( Figure vertex IOT-Failure Equivalence,out-edge (deadlock states)vertices are (linked by an (1 ), and each and Boundedness). If and the propertyb ), where (internal) equivalence ( , ) of vertex i b i becomes , of boundedness. i n); (2) one Rule 62 verticese n 11 }Vertices ,Linked by @e i Internal Edge)n): e i loop p { of ethe (Redundant, (n . . 1) suchis the an 1 1 ... n { 2 , . n } that initial vertex, then p (1 i (IOT-Failure becomes the initial vertex; (3) vertex Equivalence and Boundedness). represents the markings of all If there exist two distinct vertices 1 and ACM Transactions on Programming Languages and Systems, Vol. 20, No. 5, September 1998. IMPLEMENT MORE vertices { 1 , such .that n }; and (4) all has one out-edge. e7.1, and} 7.2 (Condensation and Edges in Series). 2, . . , (1) vertex 26. vertices { 1of Rules . rm which is an internal edge Fig. 1 Application , 2 , . n are removed. 2 (e rm .IEL applied to fuse in-equivalent2vertices. Rule 3 preserves , and (3) Rules 3 and 4 are and e rm .OEL ), (2) is the ending vertex of e rm IOT-state@ out-edges eand of vertex propertieseare removed, and (5)2redundant parallel edges are equivalence 1 vertex 1 the 1 edge ie rm of boundedness and ereach- vertex 2 i hence and (e 1 rm ): ? an out-edge j of able markings. Rule 4 isremoved to Rule 3, but is satisfied—(a) 2 is not the initial and one of the similar by conditions Rule 4 preserves IOT-state following Rule 1. REDUCTION RULES failure and therefore thethe unique in-edge of of2,deadlock states. Rule 4 .IEL; (b) vertex, e rm is reachability analysis and e 1 i .IEL e2 j e 2 jRule 7 eis i .OEL efficiently condense two-edge and e 2 into single-edge .IEL, 1 used to e 2 j .OEL, and edges e 1 i paths j also preserves.IEL property of boundedness. e 1 i the share an ending vertex; (c) e 1 i .IEL vertexj .IEL, e 1 rm is not the initial vertex). Rule 7 paths and remove one e2 rm (if i .OEL e 2 j .OEL, Definition 8.3 (In-Equivalent Vertices). Two equivalence(d) e 2 .IEL and edges e 1 ipreserves are self-loop edges; and and 1 i are saide 2 jand the property of and e 2 j IOT-failure vertices 1 (deadlock states) .IEL, to be in-equivalent, if vertex 1 has at least ending vertex of e each in-edge ending e .OEL e boundedness. the one in-edge and for ; and .OEL; is is the 1 i 2 j 2 1 i 1
TAKE HOME POINTS 12 HAVE EXPERIMENTAL RESULTS EARLY! dy SIMPLE TECHNIQUES CAN en /w SOLVE COMPLEX PROBLEMS! rg .o gy lo DON’T BE AFRAID no ch OF COMPLEXITY! te e- ic rv se MODULAR ARCHITECTURES EASE PROTOTYPING!
INTERNAL BEHAVIOR REDUCTION FOR PARTNER SYNTHESIS http://about.me/nlohmann Niels Lohmann

Empfohlen

A P2P Deployment Methodology
A P2P Deployment MethodologyA P2P Deployment Methodology
A P2P Deployment MethodologyAndreas Freund, PhD
 
Verifying Deadlock and Livelock Freedom in an SOA Scenario
Verifying Deadlock and Livelock Freedom in an SOA ScenarioVerifying Deadlock and Livelock Freedom in an SOA Scenario
Verifying Deadlock and Livelock Freedom in an SOA ScenarioUniversität Rostock
 
Wendy: a tool to synthesize partners for services
Wendy: a tool to synthesize partners for servicesWendy: a tool to synthesize partners for services
Wendy: a tool to synthesize partners for servicesUniversität Rostock
 
Verification with LoLA: 6 Integrating LoLA
Verification with LoLA: 6 Integrating LoLAVerification with LoLA: 6 Integrating LoLA
Verification with LoLA: 6 Integrating LoLAUniversität Rostock
 
From public views to private views - Correctness by design for services
From public views to private views - Correctness by design for servicesFrom public views to private views - Correctness by design for services
From public views to private views - Correctness by design for servicesUniversität Rostock
 
Karsten Wolf @ Carl Adam Petri Memorial Symposium
Karsten Wolf @ Carl Adam Petri Memorial SymposiumKarsten Wolf @ Carl Adam Petri Memorial Symposium
Karsten Wolf @ Carl Adam Petri Memorial SymposiumUniversität Rostock
 
Verification with LoLA: 2 The LoLA Input Language
Verification with LoLA: 2 The LoLA Input LanguageVerification with LoLA: 2 The LoLA Input Language
Verification with LoLA: 2 The LoLA Input LanguageUniversität Rostock
 
Artifact-centric Choreographies
Artifact-centric ChoreographiesArtifact-centric Choreographies
Artifact-centric ChoreographiesUniversität Rostock
 

Empfohlen

A P2P Deployment Methodology
A P2P Deployment MethodologyA P2P Deployment Methodology
A P2P Deployment MethodologyAndreas Freund, PhD
 
Verifying Deadlock and Livelock Freedom in an SOA Scenario
Verifying Deadlock and Livelock Freedom in an SOA ScenarioVerifying Deadlock and Livelock Freedom in an SOA Scenario
Verifying Deadlock and Livelock Freedom in an SOA ScenarioUniversität Rostock
 
Wendy: a tool to synthesize partners for services
Wendy: a tool to synthesize partners for servicesWendy: a tool to synthesize partners for services
Wendy: a tool to synthesize partners for servicesUniversität Rostock
 
Verification with LoLA: 6 Integrating LoLA
Verification with LoLA: 6 Integrating LoLAVerification with LoLA: 6 Integrating LoLA
Verification with LoLA: 6 Integrating LoLAUniversität Rostock
 
From public views to private views - Correctness by design for services
From public views to private views - Correctness by design for servicesFrom public views to private views - Correctness by design for services
From public views to private views - Correctness by design for servicesUniversität Rostock
 
Karsten Wolf @ Carl Adam Petri Memorial Symposium
Karsten Wolf @ Carl Adam Petri Memorial SymposiumKarsten Wolf @ Carl Adam Petri Memorial Symposium
Karsten Wolf @ Carl Adam Petri Memorial SymposiumUniversität Rostock
 
Verification with LoLA: 2 The LoLA Input Language
Verification with LoLA: 2 The LoLA Input LanguageVerification with LoLA: 2 The LoLA Input Language
Verification with LoLA: 2 The LoLA Input LanguageUniversität Rostock
 
Artifact-centric Choreographies
Artifact-centric ChoreographiesArtifact-centric Choreographies
Artifact-centric ChoreographiesUniversität Rostock
 
Demonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and FionaDemonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and FionaUniversität Rostock
 
Safira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service BehaviorSafira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service BehaviorUniversität Rostock
 
Partner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service ModelsPartner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service ModelsUniversität Rostock
 
Implementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDAImplementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDAUniversität Rostock
 
Verification with LoLA
Verification with LoLAVerification with LoLA
Verification with LoLAUniversität Rostock
 
Pragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementationsPragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementationsUniversität Rostock
 
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0Universität Rostock
 
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...Universität Rostock
 
The Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functionsThe Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functionsUniversität Rostock
 
Correctness of services and their composition
Correctness of services and their compositionCorrectness of services and their composition
Correctness of services and their compositionUniversität Rostock
 
Operating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesOperating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesUniversität Rostock
 
El Reino de León
El Reino de León El Reino de León
El Reino de León Legio Sexta
 
Where did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process modelsWhere did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process modelsUniversität Rostock
 
Decidability Results for Choreography Realization
Decidability Results for Choreography RealizationDecidability Results for Choreography Realization
Decidability Results for Choreography RealizationUniversität Rostock
 
Artifact-centric modeling using BPMN
Artifact-centric modeling using BPMNArtifact-centric modeling using BPMN
Artifact-centric modeling using BPMNUniversität Rostock
 
Compliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business ProcessesCompliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business ProcessesUniversität Rostock
 
Verification with LoLA: 7 Implementation
Verification with LoLA: 7 ImplementationVerification with LoLA: 7 Implementation
Verification with LoLA: 7 ImplementationUniversität Rostock
 
Verification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case StudiesVerification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case StudiesUniversität Rostock
 
Verification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLAVerification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLAUniversität Rostock
 
Verification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space ReductionVerification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space ReductionUniversität Rostock
 
Verification with LoLA: 1 Basics
Verification with LoLA: 1 BasicsVerification with LoLA: 1 Basics
Verification with LoLA: 1 BasicsUniversität Rostock
 
Saarbruecken
SaarbrueckenSaarbruecken
SaarbrueckenUniversität Rostock
 

Weitere ähnliche Inhalte

Andere mochten auch

Demonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and FionaDemonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and FionaUniversität Rostock
 
Safira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service BehaviorSafira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service BehaviorUniversität Rostock
 
Partner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service ModelsPartner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service ModelsUniversität Rostock
 
Implementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDAImplementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDAUniversität Rostock
 
Pragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementationsPragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementationsUniversität Rostock
 
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0Universität Rostock
 
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...Universität Rostock
 
The Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functionsThe Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functionsUniversität Rostock
 
Correctness of services and their composition
Correctness of services and their compositionCorrectness of services and their composition
Correctness of services and their compositionUniversität Rostock
 
Operating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesOperating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesUniversität Rostock
 
El Reino de León
El Reino de León El Reino de León
El Reino de León Legio Sexta
 

Andere mochten auch (12)

Demonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and FionaDemonstration of BPEL2oWFN and Fiona
Demonstration of BPEL2oWFN and Fiona
 
Safira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service BehaviorSafira: Implementing Set Algebra for Service Behavior
Safira: Implementing Set Algebra for Service Behavior
 
Partner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service ModelsPartner Generation for Petri Net Based Service Models
Partner Generation for Petri Net Based Service Models
 
Implementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDAImplementation of an Interleaving Semantics for TLDA
Implementation of an Interleaving Semantics for TLDA
 
Verification with LoLA
Verification with LoLAVerification with LoLA
Verification with LoLA
 
Pragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementationsPragmatic model checking: from theory to implementations
Pragmatic model checking: from theory to implementations
 
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
A Feature-Complete Petri Net Semantics for WS-BPEL 2.0
 
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
Analysis on demand? - Instantaneous Soundness Checking of Industrial Business...
 
The Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functionsThe Petri Net API - A collection of Petri net-related functions
The Petri Net API - A collection of Petri net-related functions
 
Correctness of services and their composition
Correctness of services and their compositionCorrectness of services and their composition
Correctness of services and their composition
 
Operating Guidelines for Finite-State Services
Operating Guidelines for Finite-State ServicesOperating Guidelines for Finite-State Services
Operating Guidelines for Finite-State Services
 
El Reino de León
El Reino de León El Reino de León
El Reino de León
 

Mehr von Universität Rostock

Where did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process modelsWhere did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process modelsUniversität Rostock
 
Decidability Results for Choreography Realization
Decidability Results for Choreography RealizationDecidability Results for Choreography Realization
Decidability Results for Choreography RealizationUniversität Rostock
 
Artifact-centric modeling using BPMN
Artifact-centric modeling using BPMNArtifact-centric modeling using BPMN
Artifact-centric modeling using BPMNUniversität Rostock
 
Compliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business ProcessesCompliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business ProcessesUniversität Rostock
 
Verification with LoLA: 7 Implementation
Verification with LoLA: 7 ImplementationVerification with LoLA: 7 Implementation
Verification with LoLA: 7 ImplementationUniversität Rostock
 
Verification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case StudiesVerification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case StudiesUniversität Rostock
 
Verification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLAVerification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLAUniversität Rostock
 
Verification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space ReductionVerification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space ReductionUniversität Rostock
 
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...Universität Rostock
 
service-technology.org — A tool family for correct
business processes and ser...
service-technology.org — A tool family for correct
business processes and ser...service-technology.org — A tool family for correct
business processes and ser...
service-technology.org — A tool family for correct
business processes and ser...Universität Rostock
 
Modellierung eines verteilten Algorithmus
Modellierung eines verteilten AlgorithmusModellierung eines verteilten Algorithmus
Modellierung eines verteilten AlgorithmusUniversität Rostock
 
Analyzing Interacting BPEL Processes - A Tool Demo
Analyzing Interacting BPEL Processes - A Tool DemoAnalyzing Interacting BPEL Processes - A Tool Demo
Analyzing Interacting BPEL Processes - A Tool DemoUniversität Rostock
 
Analyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Analyzing Interacting BPEL Processes - An Overview of the Chair’s WorkAnalyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Analyzing Interacting BPEL Processes - An Overview of the Chair’s WorkUniversität Rostock
 
Reachability Analysis via Net Structure
Reachability Analysis via Net StructureReachability Analysis via Net Structure
Reachability Analysis via Net StructureUniversität Rostock
 

Mehr von Universität Rostock (20)

Where did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process modelsWhere did I go wrong? Explaining errors in process models
Where did I go wrong? Explaining errors in process models
 
Decidability Results for Choreography Realization
Decidability Results for Choreography RealizationDecidability Results for Choreography Realization
Decidability Results for Choreography Realization
 
Artifact-centric modeling using BPMN
Artifact-centric modeling using BPMNArtifact-centric modeling using BPMN
Artifact-centric modeling using BPMN
 
Compliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business ProcessesCompliance by Design for Artifact-Centric Business Processes
Compliance by Design for Artifact-Centric Business Processes
 
Verification with LoLA: 7 Implementation
Verification with LoLA: 7 ImplementationVerification with LoLA: 7 Implementation
Verification with LoLA: 7 Implementation
 
Verification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case StudiesVerification with LoLA: 5 Case Studies
Verification with LoLA: 5 Case Studies
 
Verification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLAVerification with LoLA: 4 Using LoLA
Verification with LoLA: 4 Using LoLA
 
Verification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space ReductionVerification with LoLA: 3 State Space Reduction
Verification with LoLA: 3 State Space Reduction
 
Verification with LoLA: 1 Basics
Verification with LoLA: 1 BasicsVerification with LoLA: 1 Basics
Verification with LoLA: 1 Basics
 
Saarbruecken
SaarbrueckenSaarbruecken
Saarbruecken
 
Ws4 dsec talk @ Kickoff RS3
Ws4 dsec talk @ Kickoff RS3Ws4 dsec talk @ Kickoff RS3
Ws4 dsec talk @ Kickoff RS3
 
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
Formale Fundierung und effizientere Implementierung der schrittbasierten TLDA...
 
service-technology.org — A tool family for correct
business processes and ser...
service-technology.org — A tool family for correct
business processes and ser...service-technology.org — A tool family for correct
business processes and ser...
service-technology.org — A tool family for correct
business processes and ser...
 
Tools4BPEL Tutorial
Tools4BPEL TutorialTools4BPEL Tutorial
Tools4BPEL Tutorial
 
Diagnosis of Open Workflow Nets
Diagnosis of Open Workflow NetsDiagnosis of Open Workflow Nets
Diagnosis of Open Workflow Nets
 
Analyzing Web Service Behavior
Analyzing Web Service BehaviorAnalyzing Web Service Behavior
Analyzing Web Service Behavior
 
Modellierung eines verteilten Algorithmus
Modellierung eines verteilten AlgorithmusModellierung eines verteilten Algorithmus
Modellierung eines verteilten Algorithmus
 
Analyzing Interacting BPEL Processes - A Tool Demo
Analyzing Interacting BPEL Processes - A Tool DemoAnalyzing Interacting BPEL Processes - A Tool Demo
Analyzing Interacting BPEL Processes - A Tool Demo
 
Analyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Analyzing Interacting BPEL Processes - An Overview of the Chair’s WorkAnalyzing Interacting BPEL Processes - An Overview of the Chair’s Work
Analyzing Interacting BPEL Processes - An Overview of the Chair’s Work
 
Reachability Analysis via Net Structure
Reachability Analysis via Net StructureReachability Analysis via Net Structure
Reachability Analysis via Net Structure
 

Kürzlich hochgeladen

Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 

Kürzlich hochgeladen (20)

Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 

Internal Behavior Reduction for Services

  • 2. PARTNER SYNTHESIS 1 SYNTHESIS ✔
  • 3. PARTNER SYNTHESIS 1 SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
  • 4. PARTNER SYNTHESIS 1 INTERFACE SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
  • 5. PARTNER SYNTHESIS 1 INTERFACE PARTNER SYNTHESIS ✔ SERVICE / SERVICE COMPOSITION
  • 6. PARTNER SYNTHESIS 2 MODELING TEST CASE SUPPORT GENERATION VALIDATION ADAPTER AND DIAGNOSIS SYNTHESIS
  • 7. PARTNER SYNTHESIS 2 MODELING TEST CASE SUPPORT GENERATION VALIDATION ADAPTER AND DIAGNOSIS SYNTHESIS
  • 8. COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 9. COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2 SIZE OF SERVICE MODEL 2
  • 10. COMPLEXITY 3 SERVICE’S STATES + SIZE OF INTERFACE SIZE OF PARTNER ≤2 SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 11. REDUCTION TECHNIQUES 4 SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 12. REDUCTION TECHNIQUES 4 STRUCTURAL REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 13. REDUCTION TECHNIQUES 4 STRUCTURAL REDUCTION ON-THE-FLY REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 14. REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SIZE OF SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 15. REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 16. REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SYMBOLIC REPRESENTATION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 17. REDUCTION TECHNIQUES 4 STRUCTURAL A POSTERIORI REDUCTION ON-THE-FLY REDUCTION REDUCTION SYMBOLIC REPRESENTATION SIZE OF HEURISTICS SERVICE 2 + MODEL SIZE OF INTERFACE SIZE OF PARTNER ≤2
  • 18. EXTERNAL VS. INTERNAL ACTIONS 5 EXTERNAL ACTIONS: INSERT COIN CHOOSE REFRESHING BEVERAGE TAKE ICE COLD CAN INTERNAL ACTIONS: WEIGH AND CHECK COIN GUIDE COIN TO COIN BASKET EVALUATE CHOICE CHECK TEMPERATURE FILL CAN SLOT TRIGGER CAN EJECTION DISPLAY “THANK YOU”
  • 19. EXTERNAL VS. INTERNAL ACTIONS 5 EXTERNAL ACTIONS: INSERT COIN CHOOSE REFRESHING BEVERAGE TAKE ICE COLD CAN INTERNAL ACTIONS: ✘ WEIGH AND CHECK COIN GUIDE COIN TO COIN BASKET EVALUATE CHOICE CHECK TEMPERATURE FILL CAN SLOT TRIGGER CAN EJECTION DISPLAY “THANK YOU”
  • 20. REDUCTION OF INTERNAL BEHAVIOR 6 4148 states 13832 transitions (9288 internal) 150 states 397 transitions (12 internal)
  • 21. REDUCTION RULES 7 946 • Eric Y. T. Juan et al. Compositional Verification of Concurrent Systems Using Petri-Net-Based Condensation Rules TADAO MURATA Fig. 23. Application of Rule 1 (Redundant Parall ERIC Y.T. JUAN, JEFFREY J.P. TSAI, and Loops). el Edges) and Rule 2 (Fusion of Intern al University of Illinois at Chicago transitional Petri-net reduction rules scale because the condensation is per- ation has obstructed its application to large- formed hierarchically on IO-graphs whic The state-explosion problem of formal verific ilure h capture the dynamic behaviors of uce a set of new condensation theories: IOT-fa systems. software systems. In this article, we introd firing-depen dence theory to cope with this problem. Rules 1 and 2 below preserve IOT-state equivalence, IOT-state equivalence, and sitional equivalence and IOT-failure r than current theories used for the compo Our condensation theories are much weake n theories can eliminate the equivalence. Therefore, Rules 1 and 2 More significantly, our new condensatio can be applied for the analysis of verification of Petri nets. technique reachable markings, boundedness, and ronously sending actions. Therefore, our deadlock states. Rule 1 removes interleaved behaviors caused by asynch ronous edges which are parallel and have identical for the compositional verification of asynch provides a much more powerful means IO-edge-labels. Rule 2 suggests analyze severa l state-based properties: boundedness, that vertices which are linked by a loop processes. Our technique can efficiently of our of internal edges can be fused into , and deadlock states. Based on the notion a macrovertex. In Rule 2, every vertex reachable markings, reachable submarkings verification of large-scale v involved in the loop of internal new theories, we develop a set of condensation rules for efficient edges is not IOT-stable because vertex i analysis of s show a significant improvement in the v i has one out-edge e i whose input software systems. The experimental result edge-label is empty. Nevertheless, the large-scale concurrent systems. macrovertex v in the condensed cation; IO-graph may be IOT-stable. This probl [Software Engineering]: Program Verifi em can be solved if we add one Categories and Subject Descriptors: D.2.4 Verifying and Reasoning about self-loop-internal edge to vertex v. Neve F.3.1 [Logics and Meanings of Programs]: Specifying and rtheless, this approach will cause overhead in verifying the preconditions Programs—mechanical verification of other rules in practice, e.g., ation, Reliability, Theory, Verification Rules 5, 6, and 7 below. Therefore, we use General Terms: Algorithms, Experiment a boolean function BF-nonstable deadlock states, to indicate that the macrovertex v is not Boundedness, compositional verification, IOT-stable, i.e., BF-nonstable(v ) Additional Key Words and Phrases: “ON.” As a result, we redefine the stabi bility graphs, reachable markings lity of vertices as shown in Petri nets, reachability analysis, reacha Definition 8.1 below. Boolean function BF-n onstable has been considered in the proofs and the parallel composition algorithm in the Appendix. Rule 1 (Redundant Parallel Edges) (IOT -State Equivalence, IOT-Failure 1. INTRODUCTION Equivalence, and Boundedness). If two edges have an identical (1) start- as a suitable tool for modeling and ing vertex, (2) ending vertex, and (3) IO-ed Petri nets have been widely recognized ge-labels, then one of the two ; Silva 1989; Tsai and Weigert edges can be removed. analyzing concurrent systems [Murata 1989 ever, because of the complexity of 1993; Tsai et al. 1996; Yoeli 1987]. How - Definition 8.1 (IOT-Stable Vertices (Stat the state-space explosion [Lipt on 1976], efficient analysis by using reach Function BF-Nonstable). A vertex of es) of IO-Graphs with Boolean m models. To deal with the state an IO-graph is IOT-stable if BF- ability graphs is restricted to small syste nonstable( ) “ON” and vertex has no outgoing edge e such that e.IEL , where BF-nonstable is a boolean funct ion. Otherwise, vertex v is not A under grant CCR-9633536. IOT-stable. J. Tsai was supported by NSF and DARP and Computer Science, University of Authors’ addre ss: Department of Electrical Engineering Definition 8.2 (Deadlock States of IO-G ; {juan; tsai; murata}@eecs. Illinois at Chicago, 851 South Morgan Street, Chicago, IL 60607 raphs). For an IO-graph G, a marking M is a deadlock state of G if and uic.edu. oom use only if M is a reachable marking part or all of this work for personal or classr of G; M has no outgoing edge; and boole Permission to make digital / hard copy of an function BF-nonstable( ) copies are not made or distributed for profit or “OFF,” where is the vertex of M. is granted without fee provided that the appear, , the title of the publication, and its date commercial advantage, the copyright notice copy otherwise, to and notice is given that copyin g is by permission of the ACM, Inc. To Rule 2 (Fusion of Internal Loops) (IOT ribute to lists, requires prior specific permi ssion -State Equivalence, IOT-Failure republish, to post on servers, or to redist Equivalence, and Boundedness). If verti ces are linked by an (internal) and / or a fee. loop p { 1 e 1 2 . . . n e n 1 } (n 1) such that @e i © 1998 ACM 0164-0925/98/0900 –0917 $5.00 p (1 i n): e i er 1998, Pages 917–979. ACM Transactions on Programming Langua ges and Systems, Vol. 20, No. 5, Septemb ges and Systems, Vol. 20, No. 5, Septem ACM Transactions on Programming Langua ber 1998.
  • 22. REDUCTION RULES 7 x x x τ τ τ x y x τ x y y
  • 23. IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
  • 24. IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
  • 25. IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
  • 26. IMPLEMENTATION 8 FULL REDUCED SERVICE STATE STATE PARTNER SPACE SPACE service-technology.org/wendy
  • 27. EXPERIMENTAL RESULTS: REDUCTION 9 100.000 STATES 92206 10.000 26667 23381 19683 11381 14569 14990 4148 1.000 420 504 100 150 10 25 1 deliver goods car analysis identity card product order SMTP philosophers 1.000.000 INTERNAL TRANSITIONS 100.000 80137 70464 113023 66500 27231 34159 10.000 9288 1.000 100 164 135 10 12 0 0 1 deliver goods car analysis identity card product order SMTP philosophers
  • 28. EXPERIMENTAL RESULTS: PARTNER SYNTHESIS 10 10.000 s TIME CONSUMPTION 35 7236 4098 1.000 s 2101 0 299 12 2 210 100 s 88 108 104 75 64 10 s 0 3 3 1s deliver goods car analysis identity card product order SMTP philosophers
  • 29. EXPERIMENTAL RESULTS: PARTNER SYNTHESIS 10 10.000 s TIME CONSUMPTION 35 7236 4098 1.000 s 2101 0 299 12 2 210 100 s 88 108 104 75 64 10 s 0 3 3 1s deliver goods car analysis identity card product order SMTP philosophers 10.000 MB MEMORY CONSUMPTION 6078 1.000 MB 1467 368 427 249 100 MB 75 98 10 MB 18 13 3 1 MB 2 deliver goods car analysis identity card product order SMTP philosophers
  • 30. NEXT STEPS 11 946 • Eric Y. T. Juan et al. Fig. 23. Application of Rule 1 (Redundant Parallel Edges) and Rule 2 (Fusion of Internal Loops). transitional Petri-net reduction rules because the condensation is per- formed hierarchically on IO-graphs which capture the dynamic behaviors of systems. 948 • Eric Y. T. Juan et al. Rules 1 and 2 below preserve IOT-state equivalence and IOT-failure equivalence. Therefore, Rules 1 and 2 can be applied for the analysis of reachable markings, boundedness, and deadlock states. Rule 1 removes IMPROVE RUNTIME edges which are parallel and have identical IO-edge-labels. Rule 2 suggests that vertices which are linked by a loop of internal edges can be fused into a macrovertex. In Rule 2, every vertex v i involved in the loop of internal edges is not IOT-stable because vertex v i has one out-edge e i whose input edge-label is empty. Nevertheless, the macrovertex v in the condensed IO-graph may be IOT-stable. This problem can be solved if we add one self-loop-internalIllustration vertex 6 (Redundant Vertices Linked by an Internal Edge). Top left: Fig. 25. edge to of Rule v. Nevertheless, this approach will cause overheadCondition (a). Top the preconditions of other rules in practice, e.g., in verifying right: Condition (b). Bottom left: Condition (c). Bottom right: Condition (d). Rules 5, 6, and 7 below. Therefore, we use a boolean function BF-nonstable to indicate that the macrovertex v is not IOT-stable, i.e., BF-nonstable(v) vertices 1 and 2 are fused into one macrovertex by Rule A (Vertex “ON.” As a result, we redefine the stability of vertices as shown in Fusion); (2) redundant parallel in-edges and out-edges of vertex are Definition 8.1 below. Boolean function BF-nonstable has been considered in REMOVE removed by Rule 1; and (3) redundant self-loop internal edges are removed the proofs and theCompositional Verification of Concurrent Systems parallel composition algorithm in the Appendix. 947 by Rule 2. • Rule 1 (Redundant Parallel Edges) (IOT-State Equivalence, IOT-Failure Rule 5 is applied to remove redundant initial vertices and internal edges. Equivalence, and Boundedness). If two edges have an identical (1) start- Rule 5 preserves IOT-failure equivalence (deadlock states) and the property BUGS ing vertex, (2) ending vertex, and (3) IO-edge-labels, then one of the two of boundedness. edges can be removed. Rule 5 (Redundant Initial Vertices and Internal Edges) (IOT-Failure Definition 8.1 (IOT-Stable Vertices (States) of vertex Equivalence and Boundedness). If (1) IO-Graphs with initial vertex, (2) Boolean 1 is the FunctionvertexBF-Nonstable). in-edge and hasan unique out-edge e (Redundant A vertex of a IO-graph is IOT-stable if BF- Fig. 24. Application of has no 4 (Fusion of In-Equivalent Vertices), and Rule 5 , (3) edge e rm is an Rules 3, 1 rm nonstable( ) “ON” and vertex hasand outgoing edge ), such (4) the starting vertex Initial Vertices). internal edge (e rm .IEL no e .OEL e and that e.IEL rm , whereand ending vertexaof edge e function. Otherwise, vertex a self-loop edge), BF-nonstable is boolean v is not rm are different (e rm is not IOT-stable. then vertex 1 and edge ee .OEL be removed, and the initial vertex is is an internal edge (e i .IEL and rm can i ), then all edges in loop p removed; 8.2 (Deadlock States of IO-Graphs).. macrovertex by Rulea changed to the ending vertex of edge e rm For an IO-graph G, areDefinition all vertices in loop p are fused Compositional Verification of Concurrent Systems into one • 949 marking Fusion) below; state of G if and only if BF-nonstable( ) is set to is a deadlock conditions, function M is a reachable marking A (Vertex MRule 6 providesand boolean under which one of two vertices linked by an “ON.” M internal edge can be removed.boolean function BF-nonstable( ) of G; has no outgoing edge; and Redundant internal edges and parallel edges “OFF,” where is the as well.of M. simplicity, subconditions of Condition (3) can be are removed vertex For Rule A (Vertex Fusion) (Fusing a Set of Vertices { 1 , 2 , . . . , n } (n 2) into a Macrovertex of).Internal as in-edge in a , i ) of25. Rule i6 becomes ( IOT-failure Rule 2discussed separately Loops) (IOT-State Equivalence, preserves a , (Fusion (1) Each shown ( Figure vertex IOT-Failure Equivalence,out-edge (deadlock states)vertices are (linked by an (1 ), and each and Boundedness). If and the propertyb ), where (internal) equivalence ( , ) of vertex i b i becomes , of boundedness. i n); (2) one Rule 62 verticese n 11 }Vertices ,Linked by @e i Internal Edge)n): e i loop p { of ethe (Redundant, (n . . 1) suchis the an 1 1 ... n { 2 , . n } that initial vertex, then p (1 i (IOT-Failure becomes the initial vertex; (3) vertex Equivalence and Boundedness). represents the markings of all If there exist two distinct vertices 1 and ACM Transactions on Programming Languages and Systems, Vol. 20, No. 5, September 1998. IMPLEMENT MORE vertices { 1 , such .that n }; and (4) all has one out-edge. e7.1, and} 7.2 (Condensation and Edges in Series). 2, . . , (1) vertex 26. vertices { 1of Rules . rm which is an internal edge Fig. 1 Application , 2 , . n are removed. 2 (e rm .IEL applied to fuse in-equivalent2vertices. Rule 3 preserves , and (3) Rules 3 and 4 are and e rm .OEL ), (2) is the ending vertex of e rm IOT-state@ out-edges eand of vertex propertieseare removed, and (5)2redundant parallel edges are equivalence 1 vertex 1 the 1 edge ie rm of boundedness and ereach- vertex 2 i hence and (e 1 rm ): ? an out-edge j of able markings. Rule 4 isremoved to Rule 3, but is satisfied—(a) 2 is not the initial and one of the similar by conditions Rule 4 preserves IOT-state following Rule 1. REDUCTION RULES failure and therefore thethe unique in-edge of of2,deadlock states. Rule 4 .IEL; (b) vertex, e rm is reachability analysis and e 1 i .IEL e2 j e 2 jRule 7 eis i .OEL efficiently condense two-edge and e 2 into single-edge .IEL, 1 used to e 2 j .OEL, and edges e 1 i paths j also preserves.IEL property of boundedness. e 1 i the share an ending vertex; (c) e 1 i .IEL vertexj .IEL, e 1 rm is not the initial vertex). Rule 7 paths and remove one e2 rm (if i .OEL e 2 j .OEL, Definition 8.3 (In-Equivalent Vertices). Two equivalence(d) e 2 .IEL and edges e 1 ipreserves are self-loop edges; and and 1 i are saide 2 jand the property of and e 2 j IOT-failure vertices 1 (deadlock states) .IEL, to be in-equivalent, if vertex 1 has at least ending vertex of e each in-edge ending e .OEL e boundedness. the one in-edge and for ; and .OEL; is is the 1 i 2 j 2 1 i 1
  • 31. TAKE HOME POINTS 12 HAVE EXPERIMENTAL RESULTS EARLY! dy SIMPLE TECHNIQUES CAN en /w SOLVE COMPLEX PROBLEMS! rg .o gy lo DON’T BE AFRAID no ch OF COMPLEXITY! te e- ic rv se MODULAR ARCHITECTURES EASE PROTOTYPING!