p. 1 - PowerPoint PPT Presentation

About This Presentation
Title:

p. 1

Description:

Verification of the Chilean Electronic Invoices System. I. Attali,T. Barros, E. Madelaine ... pAG, H={pIi,Ki}, pT = KG,TT,t0,LT, global action alphabet pAg, ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 23
Provided by: some94
Category:
Tags: pag

less

Transcript and Presenter's Notes

Title: p. 1


1
Verification of the Chilean Electronic Invoices
System
  • I. Attali,T. Barros, E. Madelaine
  • Project OASIS, INRIA
  • CNRS, I3S, UNSA
  • Sophia Antipolis, France
  • October, 2004

2
Agenda
  • The electronic invoices system in Chile
    (Overview)
  • Electronic invoices formalisation
  • Properties verification
  • Conclusions and perspectives

3
Case StudyElectronic Invoices in Chile
  • Real distributed example
  • Large and complex structure
  • National wide application
  • Safety with a strong economical impact
  • Previous knowledge

4
Electronic Invoices System
September 2002
Normal Scenario
Vendor
Invoice
Buyer
5
System properties
  • A taxpayer can emit as many invoices as the
    number of stamps it posses
  • SII gives the right answer to invoice status
    requests
  • Every invoice refused by the buyer is eventually
    cancelled
  • An invoice Id can be used only once
  • Is not possible to cancel a not emitted invoice
  • (Others in the report/paper)

6
Parameterized Networks
  • Synchronisation Network (pNet)
  • ltpAG, HpIi,Ki, pT
    ltKG,TT,t0,LT, ? gtgt
  • global action alphabet pAg,
  • finite set of arguments, each with sort pIi and
    params Ki, corresponding to as many actual
    arguments as necessary in a given instantiation,
  • parameterized synchronisation vectors
  • pAg lt- , ,
    a3(k3), , a4(k4),
  • Instantiation for a finite abstraction of the
    parameters domains Dv

7
Modelling electronic invoicesSystems
assumptions
  • Reliable communication channels
  • Security aspects (authentication, integrity) are
    treated elsewhere
  • Two types of documents and seals
  • Invoices
  • Cancellations

8
Global System
9
Chilean Electronic Invoices
  • 15 parameterized automata
  • 4 levels of hierarchy

Properties
  • Reachability properties
  • CTL Formulas

10
Reachability properties
SII gives the right answer to invoice status
11
Other properties
Refused invoices by buyers are always cancelled
AG(refuseBuyer(v,b,id) -gt AF
sendCancellation(v,id))
12
Verifying PropertiesMethodology
Informal Requirements
13
Instantiations
  • Abstract the domains of unbounded variables to
    finite domains
  • Expand the automata and networks to all the
    possible values in these abstract domains
  • Tool FC2Parameterized
  • R. Milner Communication and Concurrency

14
Data Abstractions
  • Define a number of distinguish concrete values in
    the domains of variables (Data abstractions)
  • One or more extra values representing the
    remaining values in the domains
  • R. Cleaveland 1998 Testing-based abstractions
    for value passing systems
  • J. Riely 1999 Applications of Abstraction for
    Concurrent Programs

15
Electronic InvoicesData Abstractions
Max. Invoices Max. Cancellations Invoices Stamps Stock Cancellations Stamps Stock Purchase Processes Buyers Vendors
3 3 3 3 2 Buyer1, Buyer2 Vendor1, Vendor2
16
Verifications Tools
  • Reachability Properties FC2Tool
  • Given a property expressed as an abstraction
    automaton, it generates a product LTS with action
    in the acceptance states
  • Other Properties CADP Evaluator
  • Given a property expressed as a ?-calculus
    formula, it performs on-the-fly model checking

True/(False diagnostics)
17
Property Results
SII gives the right answer to invoice status
CTL Property
Refused invoices by buyers are always cancelled
True
18
Adjusting the model based in the properties
results
Reception of Documents At SII
19
Limiting the state explosion
  • Structural Hiding Minimisation
  • Grouping by shared parameters

20
Conclusions
  • Define a suitable model (friendly) with
    parameters
  • Model the electronic invoices system
  • Tool to obtain finite models
  • Use standard model checkers
  • Analysis and debugging
  • Techniques to limit the state explosion
  • Verify a set of properties

21
Perspectives
  • Refine the graphical language, extend to other
    ProActive features, formalize the abstractions.
  • (Direct) parameterized verification.
  • Behavioural specifications of components,
    correct compositions.
  • http//www-sop.inria.fr/oasis/Vercors

22
Thank you
  • The complete case study is described in the
    INRIAs research report 5217
  • The report and the SII files are available at the
    team site
  • http//www-sop.inria.fr/oasis/Vercors
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "p. 1" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!