GraphBased State Spaces Arend Rensink University of Twente
Graph-Based State Spaces Arend Rensink, University of Twente Cam. Pa. M 2012 April 2012 Graph-Based State Spaces 1
Graph Transformation § Formal language to capture dynamic system behaviour ú Graphs will capture state snapshots ú Transformation rules will capture program statements § Aim: Software model checking ú Behavioural model captured by graph production system ú Requirements captured by temporal properties § Why graph transformation? ú Very powerful, widely applicable paradigm ú Graphs are natural for the software domain ú In particular for object-oriented programs Graph-Based State Spaces April 2012 2
Graphs as Models § Example state graph ú Nodes represents objects ú Edges represent fields or relations between objects § Here: Circular buffer ú Objects inserted at the tail (last element) ú Objects removed from the head (first element) Graph-Based State Spaces April 2012 3
Type graphs as Metamodels § Compare with (UML) class diagrams § Nodes stand for object types ú Also supported: Node inheritance § Edges stand for field/relation types ú Not supported (in our approach): Multiplicities Graph-Based State Spaces April 2012 4
Graph formalism § Graphs in this presentation (simple graphs): ú Flat (i. e. , not hierarchical) ú Directed, edge-labelled, no parallel edges ú Self-edges depicted as node labels § Formally: G = (V, E) with ú Global set L of labels ú Fixed subsets of type labels and flags (= nodel labels) ú V finite set of nodes ú E V L V finite set of labelled edges § Partial morphisms ú Structure-preserving node mappings ú Isomorphism: bijective (total) morphism ú Used to abstract from node identities Graph-Based State Spaces April 2012 5
Example morphism State graph Type graph § Typing is a (weak) structuring mechanism ú Limits node and edge labels and their interconnection ú Does not enforce presence or absence of edges Graph-Based State Spaces April 2012 6
Graph Rewrite Rules Putting an element into a circular buffer: NAC LHS RHS § A rule embodies a particular change to a graph ú Left Hand Side (LHS): should be matched in the host (source) graph ú Difference of Right Hand Side (RHS) and LHS defines change ú Negative Application Condition (NAC): should not occur in host graph § Compare to string rewriting ú Graph rewrite rules are context sensitive § Graph Production System: Set of rewrite rules Graph-Based State Spaces April 2012 7
Single-graph representation black = reader: LHS and RHS to be matched and preserved blue = eraser: LHS, not RHS to be matched and deleted red = embargo: NAC, not LHS forbidden green = creator: RHS, not LHS to be added Graph-Based State Spaces April 2012 8
Graph Productions Rewrite rule NAC NACs forbidden LHS rule morphism RHS matching source graph morphism Graph transition (labelled by rule and underlying morphism Graph-Based State Spaces target graph pushout April 2012 9
Example production NAC LHS 1 RHS 2 3 1 4 2 3 Graph-Based State Spaces 1 4 2 3 April 2012 10
Graph Transition Systems put get Isomorphic state graphs are collapsed together get put Graph-Based State Spaces April 2012 11
Aim: software model checking § Construct graph production system from ú UML diagrams / other specifications ú Programs to be checked § Generate state space ú States = graphs ú Transitions = transformations § Formulate properties ú invariants/reachability (safety) ú liveness ú full temporal logic § Check properties on the model Graph-Based State Spaces April 2012 12
Personal Ca. MPa. M preview Questions I am asking myself § Is semantic preservation achievable? § How well does graph-based model checking fit into model transformation? When will I be happy? § Get answers for the above questions § Find nails for the GROOVE hammer § Meet new people, write papers Graph-Based State Spaces April 2012 13
- Slides: 13
