abstract state machine

8/12/2019 Abstract State Machine

1/27

ABSTRACT STATE MACHIN(ASM)

SubmiMohit Mu

Kishore GSurendra K

Satish Chandra


2/27

CONTENTS

Introduction

Basic Concepts

Requirements capture and specification of case 1

Requirements capture and specification of case 2

Extending domainsSequentialisation and iteration

Conclusion


3/27

Introduction

ASM : a state machine operating on states which are arbitrary d

structure.

State Machine : a mathematical model of computation used to d

both computer programs and sequential logic circuits.

ASM method bridges the gap between the two ends of systemdevelopment.

the human understanding and formulation of real world prob

the deployment of their algorithmic solutions by code- execumachines on changing platforms.


4/27

Basic Concepts

The method mainly based on three basic concepts:

1. ASM ----- finite state machines to operate ovarbitrary data structures

2. Ground Model ----- a rigorous form of blueprints3. Refinement ----- most general scheme for stepwise

instantiations of model abstractions to concrete system elemenBecause of these three concepts ASM models can be analyzedusing verification or validation


5/27

Requirements capture and specification ofcase1 and case2

Identifying the agents

Identifying the states

Identifying static and dynamic parts of the states

Identifying the transitions

Identifying the initial and final statesExceptions handling and robustness

Identifying the desired properities


6/27

Extensions of ASM

Extending domains

Sequentialisation and Iteration


7/27

Requirements captuand specification o

case1


8/27

Identifying the agents

Q1. Who are the system agents and What are their relations? I

particular, what is the relation between the system and its

environment*?

R1 says the subject is to invoice orders.

Environment: The context in which an agent machine computesrepresented by an external agent called environment.


9/27

Identifying the states

State: defined as an algebraic structure, where data come as a

objects, i.e., as elements of sets.

Q2: What are the system states? What are the domains of obje

what are the functions, predicates and relations defined on them

R1 set ORDERSR2 function orderState ----- invoiced or pending

R3 referenced product (consists of two functions)

R4 not injective and not constant

R5 function stockQuantity


10/27

Identifying the static and dynamic parts of states

Separation is concerned with information hiding, data abstractio

modularization and stepwise refinement.

ASM method distinguishes basic and derived functions.

Basic functions static and dynamic

Q3. What are the static and the dynamic parts of states? Who cupdate dynamic functions?

R6a ORDERS is static

R2 & R5 orderstate is dynamic

R3 & R6a static


11/27

Sample Code

Asm orderSystemCase1

signature:static abstract domain Ordersenum domain OrderStatus = { INVOICED | PENDING }static abstract domain Products

static domain Quantity subsetof Naturalstatic referencedProduct: Orders->Productsdynamiccontrolled orderstate:Orders->OrderStatusstatic orderQuantity:Orders->Quantity

dynamic controlled stockQuantity:Product->Quantity


12/27

Identifying the transition

Basic ASMs are finite sets of so-called transition rules of the for

if Condition then UpdatesQ4. How and by which transitions (actions) do system evolve? which conditions (guards) do the state transitions of single agenhappen and what is their effect on the state? What is supposed

happen if those conditions are not satisfied?Ans. By R2 and R5 there is only one transition to change the storder.


13/27

cont...

Q5. Could the system actions be parallelized anyhow? Namely

case of invoicing orders, can the system invoice several orders

step?

To speed up invoicing of orders, parallelism can be exploited in

directions.a.) A first strategy consists of selecting a given product and th

simultaneously invoicing all the corresponding orders, if possiblb.) An alternative policy could be selecting, still non-determin

a set of orders to be invoiced in parallel.


14/27

Identifying the initial and final states

Q6. What is the initialization of the system and who provides it?

there termination conditions and, if so, how are they determined

is the relation between initialization/termination and input/outpu

Ans. No explicit initialization is specified, although one can assuall the orders are initially pending. No termination condition is geither. We can assume that the system keeps to invoice orders as there are orders which can be invoiced.


15/27

Exception handling and robustness

Q7. Which forms of erroneous use are to be foreseen and whic

exception handling mechanisms should be installed to catch the

What are the desired robustness features?

Ans. Since no exceptional computations are mentioned in the

requirements and no inconsistent updates are allowed by thespecification, we don not make use of the techniques supported

ASM method to the error handling purpose.


16/27

Identifying the desiredproperties(validation/verification)

Validation: This can be done by simulation and testing

Verification: This technique is used to prove ASM model proper

proof sketches over traditional or formalized mathematical proo

supported interactive or automatic theorem proving or model ch

Q8. Is the system description complete and consistent?Ans. Completeness with respect to the requirements can be ve

example by checking that every requirement can be analysed a

captured by our specification.


17/27

Cont...

Q9. What are the system assumptions and what are the desired

properties? What do the requirements say about the state of the

system?

Ans. No explicit assumptions or desired properties are given in

original specification. Through the requirements capture we havintroduced several assumptions to fill missing information. Assu

can be introduced by means of auxiliary aximos.

State of every order is either pending or invoiced but never und


18/27

Requirements capture aspecification of case2


19/27

Specification for case-2

In this case we have to formulate the same as in case-1, smore changes are included in case-2.

In this case we have to know what is system agents and s

states.

Agents does not specify dynamic manipulation of orders, s

and products, interact for shared data.

And for this project we consider only one agent which perf

the requested actions.

The main program executed by the agent will take care of

synchronization of actions to avoid inconsistencies.


20/27

SPECIIFICATIONS FOR CASE-2

System state introduce three monitored functions which are seq

of orders to add, orders to cancel and new quantities to add in s

monitored neworders: seq(prod(products, quantity)monitored orderstocancel: seq(orders)monitored newitems: seq(prod(products, quantity)

The value of these functions may be determined by the user, ansystem is considered system inputs.Coming to the domains and functions.These are classified as the set of orders is dynamic since new can be added and old orders can be deleted.


21/27

SPECIIFICATIONS FOR CASE-2

Some of the transitions system state evolve area) Cancelation of ordersb) Insertion of new ordersc) Addition of quantities of products in the stock

These operations are also driven my the monitored functions.Rule r_cancel orders =Forall $i in natural with $i < length (orderstocancel)doOrderstate(at(orderstocancel,$i)):=canceled.

If the sequence is empty the action has no effect.


22/27

Extending Domains

To construct new elements and to add them to domains, ASMs

introduces the extend notion:

extend D with v do R(v)

where D ---- name of the abstract type-domainv ---- logical variableR ---- transition rule executed after v is added to D

In general R performs initialization over v.


23/27

Cont...

Q14. Could the domains be extended by adding new items? Na

the case of invoicing orders, can new orders be inserted?

Ans. We answer this question by the following rule AddOrders wextends the domain Orders with new elements and sets all the on these locations:

Rule r_AddOrders=For all $i in Natural with $i


24/27

Sequentialisation and iteration

Basic ASMs lack support of practical composition and structurin

principles.

Turbo ASMs offer as building blocks sequential composition, ite

and parameterized sub-machines extending the macro notion w

ASMsSequential composition is denoted by two ASM rules by P seq

Iterate R iterates the sequential execution of a rule R encapsula

compositions with a finite number of iterated steps into one step

Two natural stop situations such as when update set becomesand when it becomes inconsistent.


25/27

Cont...

Q15.How can location updates be sequentialized in order to av

synchronous inconsistent updating?

Ans. The rule Additems performs the entry of quantities in the s

increasing the value of the function stockQuantity for the entere

products.Since the monitored sequence newitems contain same it could not be updated several times, the function stockQuantitbe updated in parallel for each product in the sequence, otherwinconsistent updates may appear.

The three new rules CancelOrders, AddOrders and ADD

respectively can update the function OrderState for existing ord


26/27

Conclusion

We have showed how the ASM method makes it possible to ca

informal requirements by constructing a consistent and unambi

simple and concise, abstract and complete ground model which

understood and checked by both domain experts and system

designers.During the formalization process we have shown how requirem

often incomplete and assumptions must be stated in order to co

the specification


27/27

abstract state machine

Documents