SlideShare a Scribd company logo

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

IncQuery Labs
IncQuery Labs

Authors: Bence Graics, Ákos Hajdu, Zoltán Micskei, Vince Molnár, István Ráth, Luigi Andolfato, Ivan Gomes, and Robert Karban Read the research here: https://dl.acm.org/doi/10.1145/3417990.3421407

Engineering
1 of 20
Download to read offline
Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
Motivating Example and Scope 5 Battery control Data transfer
Property to check 6 Should never transmit when the battery is below 40%
Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40

Recommended

Software bug prediction
Software bug prediction Software bug prediction
Software bug prediction
Muthukumaran Kasinathan
 
ERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to Task
ICSM 2011
 
Software Architecture - Quiz Questions
Software Architecture - Quiz QuestionsSoftware Architecture - Quiz Questions
Software Architecture - Quiz Questions
CodeOps Technologies LLP
 
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
Ali Ouni
 
Qtp (basics to advanced)
Qtp (basics to advanced)Qtp (basics to advanced)
Qtp (basics to advanced)
G.C Reddy
 
Mapping and visualization of source code a survey
Mapping and visualization of source code a surveyMapping and visualization of source code a survey
Mapping and visualization of source code a survey
Nakul Sharma
 
Scam2010 thomas presentation
Scam2010 thomas presentationScam2010 thomas presentation
Scam2010 thomas presentation
SAIL_QU
 
Web Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingWeb Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic Programming
Ali Ouni
 

Recommended

Software bug prediction
Software bug prediction Software bug prediction
Software bug prediction
Muthukumaran Kasinathan
 
ERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to Task
ICSM 2011
 
Software Architecture - Quiz Questions
Software Architecture - Quiz QuestionsSoftware Architecture - Quiz Questions
Software Architecture - Quiz Questions
CodeOps Technologies LLP
 
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
Ali Ouni
 
Qtp (basics to advanced)
Qtp (basics to advanced)Qtp (basics to advanced)
Qtp (basics to advanced)
G.C Reddy
 
Mapping and visualization of source code a survey
Mapping and visualization of source code a surveyMapping and visualization of source code a survey
Mapping and visualization of source code a survey
Nakul Sharma
 
Scam2010 thomas presentation
Scam2010 thomas presentationScam2010 thomas presentation
Scam2010 thomas presentation
SAIL_QU
 
Web Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingWeb Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic Programming
Ali Ouni
 
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
IncQuery Labs
 
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
Ákos Horváth
 
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Gábor Szárnyas
 
PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talk
Ray Buse
 
Model-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime Inconsistencies
Daniel Lehner
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
Daniel Varro
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators Families
Mohamed BOUSSAA
 
Web Macros
Web MacrosWeb Macros
Web Macros
cscaffid
 
SICOMORO
SICOMOROSICOMORO
SICOMORO
miso_uam
 
Prasad_CTP
Prasad_CTPPrasad_CTP
Prasad_CTP
Prasad Bhat
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software Engineering
Heiko Koziolek
 
Focap
FocapFocap
Focap
Adrian FLOREA
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Luca Berardinelli
 
SERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_school
Henry Muccini
 
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENEWorkshop
 
Modernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-Architect
DevOps.com
 
Paper summary
Paper summaryPaper summary
Paper summary
Adam Feldscher
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle Software
Alessio Bucaioni
 
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
Robert Grossman
 
IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery Labs
 
IncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdf
IncQuery Labs
 

More Related Content

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talk
Ray Buse
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
Daniel Varro
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators Families
Mohamed BOUSSAA
 
Web Macros
Web MacrosWeb Macros
Web Macros
cscaffid
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software Engineering
Heiko Koziolek
 
Focap
FocapFocap
Focap
Adrian FLOREA
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Luca Berardinelli
 

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods (20)

Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
 
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP Talk
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
 
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
 
PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talk
 
Model-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime Inconsistencies
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators Families
 
Web Macros
Web MacrosWeb Macros
Web Macros
 
SICOMORO
SICOMOROSICOMORO
SICOMORO
 
Prasad_CTP
Prasad_CTPPrasad_CTP
Prasad_CTP
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software Engineering
 
Focap
FocapFocap
Focap
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
 
SERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_school
 
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the Cloud
 
Modernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-Architect
 
Paper summary
Paper summaryPaper summary
Paper summary
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle Software
 
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
 

More from IncQuery Labs

IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery Labs
 
The Genesis of Holistic Systems Design
The Genesis of Holistic Systems DesignThe Genesis of Holistic Systems Design
The Genesis of Holistic Systems Design
IncQuery Labs
 

More from IncQuery Labs (12)

IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptx
 
IncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdf
 
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
 
IncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IWIncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IW
 
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
 
Towards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps ArtefactsTowards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps Artefacts
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
 
The Genesis of Holistic Systems Design
The Genesis of Holistic Systems DesignThe Genesis of Holistic Systems Design
The Genesis of Holistic Systems Design
 
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery LabsIncquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
 
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
 
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
 

Recently uploaded

Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
dharasingh5698
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
ssuser89054b
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
SUHANI PANDEY
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 

Recently uploaded (20)

A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptxCOST-EFFETIVE and Energy Efficient BUILDINGS ptx
COST-EFFETIVE and Energy Efficient BUILDINGS ptx
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoorTop Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
Top Rated Call Girls In chittoor 📱 {7001035870} VIP Escorts chittoor
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf22-prompt engineering noted slide shown.pdf
22-prompt engineering noted slide shown.pdf
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Unit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdfUnit 1 - Soil Classification and Compaction.pdf
Unit 1 - Soil Classification and Compaction.pdf
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
Minimum and Maximum Modes of microprocessor 8086
Minimum and Maximum Modes of microprocessor 8086Minimum and Maximum Modes of microprocessor 8086
Minimum and Maximum Modes of microprocessor 8086
 
Unit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdfUnit 2- Effective stress & Permeability.pdf
Unit 2- Effective stress & Permeability.pdf
 
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
Call Now ≽ 9953056974 ≼🔝 Call Girls In New Ashok Nagar ≼🔝 Delhi door step de...
 

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

  • 1. Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
  • 2. Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
  • 3. Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
  • 4. Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
  • 5. Motivating Example and Scope 5 Battery control Data transfer
  • 6. Property to check 6 Should never transmit when the battery is below 40%
  • 7. Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
  • 8. Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
  • 9. Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
  • 10. MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
  • 11. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
  • 12. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
  • 13. MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
  • 14. Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
  • 15. Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
  • 16. References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
  • 17. References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
  • 18. Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
  • 19. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
  • 20. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40