abstract state machine
Post on 03-Jun-2018
220 Views
Preview:
TRANSCRIPT
-
8/12/2019 Abstract State Machine
1/27
ABSTRACT STATE MACHIN(ASM)
SubmiMohit Mu
Kishore GSurendra K
Satish Chandra
-
8/12/2019 Abstract State Machine
2/27
CONTENTS
Introduction
Basic Concepts
Requirements capture and specification of case 1
Requirements capture and specification of case 2
Extending domainsSequentialisation and iteration
Conclusion
-
8/12/2019 Abstract State Machine
3/27
Introduction
ASM : a state machine operating on states which are arbitrary d
structure.
State Machine : a mathematical model of computation used to d
both computer programs and sequential logic circuits.
ASM method bridges the gap between the two ends of systemdevelopment.
the human understanding and formulation of real world prob
the deployment of their algorithmic solutions by code- execumachines on changing platforms.
-
8/12/2019 Abstract State Machine
4/27
Basic Concepts
The method mainly based on three basic concepts:
1. ASM ----- finite state machines to operate ovarbitrary data structures
2. Ground Model ----- a rigorous form of blueprints3. Refinement ----- most general scheme for stepwise
instantiations of model abstractions to concrete system elemenBecause of these three concepts ASM models can be analyzedusing verification or validation
-
8/12/2019 Abstract State Machine
5/27
Requirements capture and specification ofcase1 and case2
Identifying the agents
Identifying the states
Identifying static and dynamic parts of the states
Identifying the transitions
Identifying the initial and final statesExceptions handling and robustness
Identifying the desired properities
-
8/12/2019 Abstract State Machine
6/27
Extensions of ASM
Extending domains
Sequentialisation and Iteration
-
8/12/2019 Abstract State Machine
7/27
Requirements captuand specification o
case1
-
8/12/2019 Abstract State Machine
8/27
Identifying the agents
Q1. Who are the system agents and What are their relations? I
particular, what is the relation between the system and its
environment*?
R1 says the subject is to invoice orders.
Environment: The context in which an agent machine computesrepresented by an external agent called environment.
-
8/12/2019 Abstract State Machine
9/27
Identifying the states
State: defined as an algebraic structure, where data come as a
objects, i.e., as elements of sets.
Q2: What are the system states? What are the domains of obje
what are the functions, predicates and relations defined on them
R1 set ORDERSR2 function orderState ----- invoiced or pending
R3 referenced product (consists of two functions)
R4 not injective and not constant
R5 function stockQuantity
-
8/12/2019 Abstract State Machine
10/27
Identifying the static and dynamic parts of states
Separation is concerned with information hiding, data abstractio
modularization and stepwise refinement.
ASM method distinguishes basic and derived functions.
Basic functions static and dynamic
Q3. What are the static and the dynamic parts of states? Who cupdate dynamic functions?
R6a ORDERS is static
R2 & R5 orderstate is dynamic
R3 & R6a static
-
8/12/2019 Abstract State Machine
11/27
Sample Code
Asm orderSystemCase1
signature:static abstract domain Ordersenum domain OrderStatus = { INVOICED | PENDING }static abstract domain Products
static domain Quantity subsetof Naturalstatic referencedProduct: Orders->Productsdynamiccontrolled orderstate:Orders->OrderStatusstatic orderQuantity:Orders->Quantity
dynamic controlled stockQuantity:Product->Quantity
-
8/12/2019 Abstract State Machine
12/27
Identifying the transition
Basic ASMs are finite sets of so-called transition rules of the for
if Condition then UpdatesQ4. How and by which transitions (actions) do system evolve? which conditions (guards) do the state transitions of single agenhappen and what is their effect on the state? What is supposed
happen if those conditions are not satisfied?Ans. By R2 and R5 there is only one transition to change the storder.
-
8/12/2019 Abstract State Machine
13/27
cont...
Q5. Could the system actions be parallelized anyhow? Namely
case of invoicing orders, can the system invoice several orders
step?
To speed up invoicing of orders, parallelism can be exploited in
directions.a.) A first strategy consists of selecting a given product and th
simultaneously invoicing all the corresponding orders, if possiblb.) An alternative policy could be selecting, still non-determin
a set of orders to be invoiced in parallel.
-
8/12/2019 Abstract State Machine
14/27
Identifying the initial and final states
Q6. What is the initialization of the system and who provides it?
there termination conditions and, if so, how are they determined
is the relation between initialization/termination and input/outpu
Ans. No explicit initialization is specified, although one can assuall the orders are initially pending. No termination condition is geither. We can assume that the system keeps to invoice orders as there are orders which can be invoiced.
-
8/12/2019 Abstract State Machine
15/27
Exception handling and robustness
Q7. Which forms of erroneous use are to be foreseen and whic
exception handling mechanisms should be installed to catch the
What are the desired robustness features?
Ans. Since no exceptional computations are mentioned in the
requirements and no inconsistent updates are allowed by thespecification, we don not make use of the techniques supported
ASM method to the error handling purpose.
-
8/12/2019 Abstract State Machine
16/27
Identifying the desiredproperties(validation/verification)
Validation: This can be done by simulation and testing
Verification: This technique is used to prove ASM model proper
proof sketches over traditional or formalized mathematical proo
supported interactive or automatic theorem proving or model ch
Q8. Is the system description complete and consistent?Ans. Completeness with respect to the requirements can be ve
example by checking that every requirement can be analysed a
captured by our specification.
-
8/12/2019 Abstract State Machine
17/27
Cont...
Q9. What are the system assumptions and what are the desired
properties? What do the requirements say about the state of the
system?
Ans. No explicit assumptions or desired properties are given in
original specification. Through the requirements capture we havintroduced several assumptions to fill missing information. Assu
can be introduced by means of auxiliary aximos.
State of every order is either pending or invoiced but never und
-
8/12/2019 Abstract State Machine
18/27
Requirements capture aspecification of case2
-
8/12/2019 Abstract State Machine
19/27
Specification for case-2
In this case we have to formulate the same as in case-1, smore changes are included in case-2.
In this case we have to know what is system agents and s
states.
Agents does not specify dynamic manipulation of orders, s
and products, interact for shared data.
And for this project we consider only one agent which perf
the requested actions.
The main program executed by the agent will take care of
synchronization of actions to avoid inconsistencies.
-
8/12/2019 Abstract State Machine
20/27
SPECIIFICATIONS FOR CASE-2
System state introduce three monitored functions which are seq
of orders to add, orders to cancel and new quantities to add in s
monitored neworders: seq(prod(products, quantity)monitored orderstocancel: seq(orders)monitored newitems: seq(prod(products, quantity)
The value of these functions may be determined by the user, ansystem is considered system inputs.Coming to the domains and functions.These are classified as the set of orders is dynamic since new can be added and old orders can be deleted.
-
8/12/2019 Abstract State Machine
21/27
SPECIIFICATIONS FOR CASE-2
Some of the transitions system state evolve area) Cancelation of ordersb) Insertion of new ordersc) Addition of quantities of products in the stock
These operations are also driven my the monitored functions.Rule r_cancel orders =Forall $i in natural with $i < length (orderstocancel)doOrderstate(at(orderstocancel,$i)):=canceled.
If the sequence is empty the action has no effect.
-
8/12/2019 Abstract State Machine
22/27
Extending Domains
To construct new elements and to add them to domains, ASMs
introduces the extend notion:
extend D with v do R(v)
where D ---- name of the abstract type-domainv ---- logical variableR ---- transition rule executed after v is added to D
In general R performs initialization over v.
-
8/12/2019 Abstract State Machine
23/27
Cont...
Q14. Could the domains be extended by adding new items? Na
the case of invoicing orders, can new orders be inserted?
Ans. We answer this question by the following rule AddOrders wextends the domain Orders with new elements and sets all the on these locations:
Rule r_AddOrders=For all $i in Natural with $i
-
8/12/2019 Abstract State Machine
24/27
Sequentialisation and iteration
Basic ASMs lack support of practical composition and structurin
principles.
Turbo ASMs offer as building blocks sequential composition, ite
and parameterized sub-machines extending the macro notion w
ASMsSequential composition is denoted by two ASM rules by P seq
Iterate R iterates the sequential execution of a rule R encapsula
compositions with a finite number of iterated steps into one step
Two natural stop situations such as when update set becomesand when it becomes inconsistent.
-
8/12/2019 Abstract State Machine
25/27
Cont...
Q15.How can location updates be sequentialized in order to av
synchronous inconsistent updating?
Ans. The rule Additems performs the entry of quantities in the s
increasing the value of the function stockQuantity for the entere
products.Since the monitored sequence newitems contain same it could not be updated several times, the function stockQuantitbe updated in parallel for each product in the sequence, otherwinconsistent updates may appear.
The three new rules CancelOrders, AddOrders and ADD
respectively can update the function OrderState for existing ord
-
8/12/2019 Abstract State Machine
26/27
Conclusion
We have showed how the ASM method makes it possible to ca
informal requirements by constructing a consistent and unambi
simple and concise, abstract and complete ground model which
understood and checked by both domain experts and system
designers.During the formalization process we have shown how requirem
often incomplete and assumptions must be stated in order to co
the specification
-
8/12/2019 Abstract State Machine
27/27
top related