Title: A Static Approach to Consistency Verification of UML Models
1A Static Approach to Consistency Verification of
UML Models
MoDeV2a 2006 Workshop
- Andrea Baruzzo
- abaruzzo_at_computer.org
- Department of Computer Science
- University of Udine
2Agenda
- The context
- The problems to address
- The goals
- The method
- The method at work
- Future works
3The Context
- Model-Driven Development
- Model elaboration
- (possibly manual but typically automatic)
- Build the right model!
- early validation!
- Model-Driven Architecture development Mellor,
Warmer, OMG - UML alone is not enough precise to build software
and to verify it - The need of a formal specification embedded in
UML models (OCL) - Tools for model-based debugging and testing
- AICA05 Andrea Baruzzo, Executable Models
Formal Specifications Embedded in Software
Models, Congresso annuale AICA, Udine, 5-7
ottobre 2005
Code correctness
4Problems to address
- Due to the complexity of large software systems,
preserving model consistency is an issue - Model-based verification is often achieved by
means of dynamic checking of OCL constraints - but the generation of suitable code which checks
them - slows down performance
- can alter the behavior
- it does not ensure to reveal a bug
- generation of just a significative finite subset
of the possible runs is not so feasible too - Static Model-based verification (very difficult)
- Static Verification of UML model consistency (a
first step) - What is inconsistency all about?
- A discrepancy between the entire model and the
code (difficult) - A discrepancy between the specification and the
model views - (a first step)
5- Verify the dynamic view of the system against the
static view and its constraints (software
contracts) - Identify and refine specifications too strong
- Identify new constraints (specifications too
weak?) - Build precise UML models
- Class diagrams
- Sequence diagrams
- Statechart diagrams
- (OCL) specifications (the software contract)
- Independence from the specification language
(OCL, Promela, Alloy,)
6- Verification
- Verify the code of the system against the entire
model and its constraints (software contracts) - Specification synthesis
- From existing code
- Tool Integrations
- Integration between the static approach (it
cannot be complete) e the dynamic approach - Manipulation of the models hierarchy (MDA)
7Precise semantics of OCL and UML
GogollaRichter01
- Syntax of Object Models
- Set of classes (or types)
- Set of attributes for each class
- Set of associations with role names and
multiplicities - Generalization hierarchy over classes
- MCLASS, ATTc, OPc, ASSOC, associates, roles,
- multiplicities, lt
- Interpretation of Object Models
- System state objects, links and attribute values
constitute the state of a system at a particular
moment in time - s(M) (sCLASS, sATT, sASSOC)
- The semantics of an object model is the set of
all possible system states s(M)
GogollaRichter01 Martin Gogolla and Mark
Richter, OCL Syntax, Semantics, and Tools, LNCS
2263, Object Modeling with the OCL, 2001
8The notion of class correctness
- But what happens when this does not hold?
- Faulty Program or Inconsistent Specification?
- Due to the size of most systems, bugs in
assertions are not so unlikely!
Meyer92 Bertrand Meyer, Applying Design by
Contract, ACM Computer, Volume 25, Issue 10,
1992
9The method The process (BEDAV)
- Build the UML model of the system
- Build the structure view
- Build the dynamic (behavioral) view
- Enrich the model with the (OCL) specifications
- Decompose sequence diagrams in blocks
- Annotate each block with formulas to be imposed
and to be checked - Verify sequence diagrams against the formulas of
each block
10 11The method at work the (OCL) specifications
12The method at work - decomposition
13The method at work decomposition
14The method at work validation (equations
checked)
15 now the diagram becomes consistent!
16Work in progress, future works
- Work in progress
- Tool implementation
- Assistant to write OCL constraints (some will be
code independent, others not) - Development of the method for Static Model-based
verification (with code) - Future works
- Support for concurrency
- Support for temporal logic (in general, any
temporal constraint) - Support for class diagram consistency in itself
(i.e. consistency of cardinality constraints in
associations)
17THANK YOU! ?
18The method at work validation (equations
imposed)