Causal Message Sequence Charts* - PowerPoint PPT Presentation

About This Presentation

Title:

Causal Message Sequence Charts*

Description:

Partial order automaton : generates infinite set of. non ... A partial order automaton defined. over a finite set of Causal MSCs M. Path r=q0 M1 q1 M2 ... – PowerPoint PPT presentation

Number of Views:25

Avg rating:3.0/5.0

Slides: 38

Provided by: lhel

Category:

more less

Transcript and Presenter's Notes

Title: Causal Message Sequence Charts*

1
Causal Message Sequence Charts

Thomas Gazagnaire - ENS Cachan
Blaise Genest - CNRS
Loïc Hélouët - INRIA Rennes
P.S. Thiagarajan - National University of
Singapore
Shaofa Yang - INRIA Rennes

work supported by the INRIA-NUS associated
Team CASDS the ANR DOTS project
2
Motivations
Server
Log
Client

Scenarios restricted partial orders
Model asynchronous distributed systems
behaviors
Avoid (costly) interleaving representations
Verification/analysis without relying on global
states (model checking, diagnosis,)

question
store
log
An example MSC
3
High-level MSCs a very expressive model
q0
p
q
Partial order automaton generates infinite
set of non-interleaved behaviors (MSC
languages)
m
q1
p
p
p
q
q
q
m
m
m
n
n
v
u
n
u
v
u
v
q2
An example HMSC
4
But
p
q
p
q
u
m
Finitely generated MSC languages ONLY
v
u
v
u
u
v
m
n
u
Many protocols look rather like this sliding
windows
v
o
u
v

Can we model this kind
of behavior
with non-interleaved models
while keeping verification/analysis
decidable ?

m
n
5
Plan

HMSCs
Definitions
Decidability
CHMSCs
Definitions
Decidability
Causal HMSCs
Definitions
Decidability
Comparison with other scenario languages
Conclusion

6
MSCs

M(E,l,pp?P,ltlt)
Labelled partial order over a finite set of
events E
P set of processes
S alphabet Client ! Server (question),
Log ? Server (store),
l E ? S
p total ordering for each process p? P
ltlt message pairing
must be a partial order
Lin(M) linearizations of

Server
Log
Client
question
store
log
7
Concatenation
MSC M1
MSC M1 ? M2
Client
Server
Server
Log
Client
question
answer
question

?
answer
MSC M2
OK
Client
Server
Log
store
OK
logged
store
logged
8
High-level MSCs
q0
p
q
H(Q,?,M,q0,QFi) A partial order automaton
defined over a finite set of MSCs M Path rq0
M1 q1 M2 Mk qk r? M1 ? M2 ? Mk PH r
q0 M1 q1 M2 Mk qk qk ? QFi FH r? r
? PH LinH
m
q1
q2
An example HMSC H
9
Undecidable problems
Let H1, H2 be HMSCs FH1 ? FH2 ? ? LinH1 ?
LinH2 ? ? FH1 ? FH2 ? LinH1 ? LinH2 ? FH1
FH2 ? LinH1 LinH2 ? LinH1 Regular ?
Let R be a regular subset of S R ? LinH1
? LinH1 ? R ?
Not surprising HMSCs closely related to
Mazurkiewicz traces Muscholl et al 99
10
Communication graph
MSC M
An useful abstraction of the contents of MSCs
Server
Log
Client
question
Log
Client
answer
Server
OK
store
logged
Communication graph CG(M)
An example MSC M
11
Regular HMSCs Alur et al 99 Muscholl et al 99
Definition H is regular iff ? r q1 M1 q2 M2
Mk q1 cycle of H, CG(r?) is a strongly
connected graph Theorem H regular ? LinH
regular subset of S Consequences LinH1 ? LinH2
?, LinH1 ?LinH2 , LinH1 LinH2 R ? LinH1 ,
LinH1 ? R decidable
12
Globally cooperative HMSCs
Genest et al 02Morin02
Definition H is Globally Cooperative iff ?
rq1 M1 q2 M2 Mk q1 cycle of H, CG(r?) is a
connected graph Theorem Genest02 Let H1 be
a HMSC, H2 be a globally cooperative HMSC, then
FH1 ? FH2 ? ? , FH1 ? FH2 ? Decidable
13
However
p
q
m
v
u
MSC languages generated by HMSCs, GC-HMSCs,
regular HMSCs are all finitely generated
m
n
o
m
n
14
Compositional MSCsGunter et al01
Server
Client
Dangling Messages emissions/receptions
question
p
q
p
q
n
answer
n
m
m
OK
n
n

n
?
m
p
q
n
n
m
n
15
Compositional HMSCs
q0
p
q
H(Q,?,M,q0,QFi) A partial order automaton
defined over a set of cMSCs M PH rq0 M1 q1
M2 Mk qk qk ? QFi FH r? r ? PH and r?
is an MSC LinH
m
n
q1
p
q
m
n
n
p
q
n
An example C-HMSC
q2
16
q0
p
q
n
p
m
q
Generates
m
n
n
m
m
n
q1
m
p
q
n
m
n
n
p
q
n
Clearly not finitely generated !
q2
17
Undecidable problems

C-HMSCs embed
HMSCs
Communicating finite state machines (CFSM)
and all their undecidable problems
Q is there an MSC f ? FH that contains message
m ?
Q is FH empty ?

18
Subclasses of cHMSCs

Some paths of a cHMSC may not generate an MSC
A cHMSC H is safe is for every path r of PH , r?
is an MSC.
(safe CHMSCs do not embed the whole expressive
power of CFSMs)
Globally cooperative CHMSCs safe GC
Regular CHMSCs safe regular

19
Safe cHMSCs
q0
p
q
q0
cMSC M2
m
n
p
q
cMSC M1
p
q1
q
n
q2
q1
m
n
p
q
q3
m
n
n
p
q
Not safe
n
generated by qo e q1 e q2 M2 q2 e q3
safe
q2
20
unSafe cHMSCs
q
p
m
m
Really an implementable specification ? Ok if
implementation means by CFSMs with
deadlocks But from a more practical point of
view
n
m
n
m
n
n
21
Still some problems
N times
M times
N times
Is not a cHMSC language
Is not a safe cHMSC language
22
Causal MSCs

Labelled partial order over a set of events
M(E, l, p?P,ltlt)
P, S, l as usual,
ltlt message pairing as usual
partial order
( ? ltlt ) partial order
Lin(M) linearizations of

Server
Client
login
question
23
Visual extensions
MSC M
MSC M
CaMSC M
Server
Server
Client
Client
Server
Client
login
login
login
question
question
question
Vis(M) MSCs that are compatible with M
24
Concatenation

Independence relation Ip ? Sp x Sp for each p?P
(Symmetric and irreflexive)

CaMSC M1 ?I M2
CaMSC M1
CaMSC M2
p
q
p
q
p
q
m
m
oI
m
n
n
n
m
n
Ip (p!q(n),p!q(m)) , (p!q(m), p!q(n)) Iq
?
Note M1 or M2 need not respect Ip p?P
25
Causal HMSCs
q0
p
q
H(Q,?,M,q0,QFi) Ip p?P A partial order
automaton defined over a finite set of Causal
MSCs M Path rq0 M1 q1 M2 Mk qk r?I M1 ?I
M2 ?I Mk PH rq0 M1 q1 M2 Mk qk qk ?
QFi FH r?I r ? PH VisH LinH
m
q1
Lin(f)
Vis(f)
q2
26
Example
Iclient SClient2 \ (s,s)?SClient2 IServer ?
q0
Client
Server
Question
Client
Server
Answer
Question
? VisH
q1
Answer
A CaHMSC H
27
Regular Causal HMSCs

Definition H is a regular Causal HMSC iff
for every cycle r of H,
roI is FIFO
CG(roI) is strongly connected
for every process p? P, Sp is a connected
alphabet w.r.t Ip

Ex a,b,c,d with I (a,b),(b,a),(c,d),(d,
c)
28
Globally cooperative Causal HMSCs

H is a globally cooperative Causal HMSC iff
for any cycle r of H,
CG(roI) is connected
for every process p? P, Sp is a connected
alphabet w.r.t Ip

29
Decidable problems

Theorem
H regular ? Lin(H) regular language
LinH1 ? LinH2 ?, LinH1 ? LinH2 , LinH1 LinH2
R ? LinH1 , LinH1 ? R decidable
Theorem H1 CaHMSC, H2 globally cooperative
CaHMSC with same independence relations Ip p?P
FH1 ? FH2 ?, FH1 ? FH2 decidable

30
Windows and bounds
q
p
Wm Window of a message m from p to q messages
from q to p that cross m.
m1
n
o
Wm1
Usually, in sliding windows protocols scenarios,
these windows are of bounded size
m2
31
Windows bounds

Question Let H be a causal HMSC and Ip p?P
be its independence relations.
is there a bound B such that for every MSC
M?VisH and
every message m, Wm B ?
Theorem Decidable in O(SM?M M .H2.2S)
(build a CaMSC-labelled automaton that memorizes
windows compositions for each type of message)
Corollary
if such B exists, then it is lower than b.H.(S
1)
with b max M M?M .

32
Other Decidable problems

As for HMSCs and cHMSCs, for Regular and Globally
cooperative subclasses
Q is there a MSC generated by H that contains
message m ? (trivial)
Q FH ? , VisH ? ? (trivial)
Are causal HMSCs just a new subclass of cHMSCs ?

33
Comparison of MSC languages
CHMSCs
CaHMSCs
Safe CHMSCs
HMSCs
GC-CaHMSCs
GC-CHMSCs
GC-HMSCs
R-CHMSCs
R-CaHMSCs
R-HMSC
34
Implementation of Causal HMSCs

RCa-HMSC bounded CFMs ?

p
q
r
!n
!stop
m
!m
?o
p
n
?n
n
N times
!stop
o
?stop
!n
q
stop
?n
stop
?stop
?m
!o
r
35
Implementation of Causal HMSCs

A Regular CHMSC can be implemented by CFMs when
MSCs in VisH are FIFO Gazagnaire08
Moreover it corresponds to a mixed model
Asynchronous automata
That communicate via FIFO channel

36
Conclusion

A new scenario model that
Contains HMSCs,
Have counterparts for interesting subclasses of
(c)HMSCs (regular, globally cooperative)
Future work
Implementation model for CaHMSCs
Check when an MSC language generated by a CaHMSc
is finitely generated (i.e a HMSC language)
Exploit regularity of bounded windows
CaHMSCs production of rewriting systems/graph
grammars ?