Title: Modocop in the OASIS project: Active Objects, Semantics, Internet and Security INRIA in SophiaAntipo
1Modocop in the OASIS project Active Objects,
Semantics, Internet and SecurityINRIA in
Sophia-Antipolishttp//www.inria.fr/oasis
- Overview of the OASIS research
- Proofs of safety properties of distributed Java
applications - Platform for static analysis and verification of
distributed Java
Eric Madelaine, 13-02-2002
2Oasis at a glance
Semantics and proofs Static analysis / Model
Checking Java/XML Environment
Environments
Specifications
concurrence /distribution security
Objects
Distributed
3Sun Microsystems
Parallel, Distributed, Concurrent,
Mobile programming
- Transparent distribution, remote object creation
- Method call -gt asynchronous communication
- Futures wait-by-necessity
- Mobility Migration of active objects
- XML descriptors for deployment
4C3D distributed-//-collaborative
5Ongoing Work
- Secure and efficient meta-computing
- Security at application level (appli. VPN)
- Group communication
- Formal definition of the ProActive model
- ASP object model a la Abadi-Cardelli
- Equivalence proofs between Sequential and
Parallel programs - Deterministic subset of the model
- Behavioural semantics, and relation with the
object model - Property verification via model-checking
6Microsoft W3C
A component generator for domain-specific
languages object-oriented XML-centric
- Openness conform to W3C standards (DTD,
Schemas) - Reuse an homogeneous approach (exportable GUI)
- Integration component-based architecture
- Adaptability visitor design patterns AOP
- Environments for Java ( Javacard), Bytecode.
7(No Transcript)
8Modocop in the OASIS project
- Overview of the OASIS research
- Proofs of safety properties of distributed Java
applications - Platform for static analysis and verification of
distributed Java
9Proofs of safety properties of concurrent/distribu
ted Java applications
- Context
- Multi-threaded Java
- JCSP (processes channels a la CSP)
- ProActive (asynchronous messages, creation and
migration of active objects) - Specific frameworks AAA, Voyager, Aglets, ...
- Criteria
- High level primitives for distribution/commun
ication, formal semantics - Distributed implementation
10ProActive behavioural semantics
- Active objects processes, parameterised, with
dynamic creation. - Distant method calls asynchronous messages,
stored in request queues. - Object behaviour each active object controls
the activation of the requests in its queue. - Return values asynchronous messages, wait by
necessity. - Migration is transparent.
11ProActive finite models
- Pragmatics
- Model checkers deal with finite representations.
- Hierarchical networks of finite transition
systems (all analysis functions ought to be
compositional). - Abstract and approximate finite structures (as in
CADP or Bandera). - Finite representation of request queues.
12ProActive academic example
- (work done with Rabea Boulifa)
- Dining Philosophers
- Rewritten in ProActive, distributed style
- Finite configuration
- Proof of (absence of) deadlock
- Proof of boundness of requests queues
- Proof of liveness
13ProActive academic example
14Proactive a bigger example
- (work with Tomas Barros)
- Electronic tax services in Chile
- Specification, and reference implementation in
ProActive - Finite instantiation already too big for brute
force reachability analysis - Properties (of specification)
- deadlock analysis, partial specifications
(scenarios) - Properties (of ref. implementation)
- equivalence with the corresponding component in
the specification
15Modocop in the OASIS project
- Overview of the OASIS research
- Proofs of safety properties of distributed Java
applications - Platform for static analysis and verification of
distributed Java
16Platform for verification
- Static analysis, verification and model-checking
of Java and ProActive applications (source or
bytecode) - Generic tools reusable for other OO languages
- Modular external tools connected through
standard formats or APIs, various functions
combined for an application - Practical source level diagnoses
17Platform for verification
18Conclusion
- Work in Modocop
- Analysis platform for Java and ProActive (with
Lande) - Behavioural semantics (R. Boulifa)
- Connection with external verification tools and
model-checker (E. Madelaine stage DEA) - Realistic case study