overview of the oasis research proofs of safety properties of distributed java applications
DESCRIPTION
Modocop in the OASIS project: Active Objects, Semantics, Internet and Security INRIA in Sophia-Antipolis http://www.inria.fr/oasis. Overview of the OASIS research Proofs of safety properties of distributed Java applications Platform for static analysis and verification of distributed Java. - PowerPoint PPT PresentationTRANSCRIPT
OASIS
Modocop in the OASIS project: Active Objects, Semantics, Internet and Security
INRIA in Sophia-Antipolishttp://www.inria.fr/oasis
• Overview of the OASIS research• Proofs of safety properties of distributed Java applications• Platform for static analysis and verification of distributed Java
Eric Madelaine, 13-02-2002
OASIS
Oasis at a glance
concurrence /distribution
security
Semantics and proofs
Static analysis / Model Checking
Java/XML Environment
Formal Models
Implementation & optimizations
Library
Specif
icatio
ns
Environments
Objec
tsDistributed
OASIS
Parallel, Distributed, Concurrent, Mobileprogramming
Sequential Multithreaded Distributed
• Transparent distribution, remote object creation• Method call -> asynchronous communication• Futures & wait-by-necessity• Mobility: Migration of active objects• XML descriptors for deployment
Sun Microsystems
OASIS
C3D: distributed-//-collaborative
OASIS
Ongoing Work
• Secure and efficient meta-computing– Security at application level (appli. VPN)
– Group communication
• Formal definition of the ProActive model– ASP: object model a la Abadi-Cardelli
• Equivalence proofs between Sequential and Parallel programs
• Deterministic subset of the model
– Behavioural semantics, and relation with the object model
– Property verification via model-checking
OASIS
A component generator for domain-specific languages
object-oriented & XML-centric
Microsoft
W3C
• Openness: conform to W3C standards (DTD, Schemas)
• Reuse: an homogeneous approach (exportable GUI)
• Integration: component-based architecture
• Adaptability: visitor design patterns & AOP
• Environments for Java (& Javacard), Bytecode.
OASIS
OASIS
Modocop in the OASIS project:
• Overview of the OASIS research
• Proofs of safety properties of distributed Java applications
• Platform for static analysis and verification of distributed Java
OASIS
Proofs of safety properties of concurrent/distributed Java applications• Context :
Multi-threaded Java JCSP (processes & channels a la CSP) ProActive (asynchronous messages, creation and migration of active objects) Specific frameworks: AAA, Voyager, Aglets, ...
• Criteria : High level primitives for distribution/communication, formal semantics Distributed implementation
ProActive
OASIS
ProActive: behavioural semantics
• Active objects = processes, parameterised, with dynamic creation.
• Distant method calls = asynchronous messages, stored in request queues.
• Object behaviour = each active object controls the activation of the requests in its queue.
• Return values = asynchronous messages, wait by necessity.
• Migration is transparent.
OASIS
ProActive : finite models
• Pragmatics : Model checkers deal with finite representations.
Hierarchical networks of finite transition systems (all analysis functions ought to be compositional).
Abstract and approximate finite structures (as in CADP or Bandera).
Finite representation of request queues.
OASIS
ProActive : academic example
(work done with Rabea Boulifa)
• Dining Philosophers :– Rewritten in ProActive, distributed style– Finite configuration– Proof of (absence of) deadlock– Proof of boundness of requests queues– Proof of liveness
OASIS
ProActive : academic example
(pictures)
OASIS
Proactive : a bigger example(work with Tomas Barros)
• Electronic tax services in Chile– Specification, and reference implementation in
ProActive
– Finite instantiation : already too big for brute force reachability analysis
– Properties (of specification) :• deadlock analysis, partial specifications (scenarios)
– Properties (of ref. implementation) :• equivalence with the corresponding component in the
specification
OASIS
Modocop in the OASIS project:
• Overview of the OASIS research
• Proofs of safety properties of distributed Java applications
• Platform for static analysis and verification of distributed Java
OASIS
Platform for verification
• Static analysis, verification and model-checking of Java and ProActive applications (source or bytecode)
• Generic : tools reusable for other OO languages
• Modular : external tools connected through standard formats or APIs, various functions combined for an application
• Practical : source level diagnoses
OASIS
Platform for verificationSchema
OASIS
Conclusion
Work in Modocop :
• Analysis platform for Java and ProActive (with Lande)
• Behavioural semantics (R. Boulifa)
• Connection with external verification tools and model-checker (E. Madelaine + stage DEA)
• Realistic case study