SlideShare a Scribd company logo

Ecmfa2013

G
gogolla

The document discusses employing the Object Constraint Language (OCL) in model-based engineering. It describes using the Unified Modeling Language (UML) and OCL for modeling system structure and behavior, including class diagrams, state machines, and operation specifications. It also discusses validating and verifying models through techniques like scenario generation, consistency checking, and analyzing properties such as independence and reachability.

TechnologyEducation
1 of 50
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
Employing the Object Constraint Language in Model-Based Engineering Martin Gogolla University of Bremen Database Systems Group
Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
Why do engineers build models? - To understand ... problems and solutions Models as "Means for Knowledge Acquisition" - To communicate ... understanding and design intent Models as "Means for Knowledge Transfer" - To predict ... the interesting characteristics of system under study Models as "Surrogates" - To specify ... the implementation of the system Models as "Blueprints" Building models is done by selecting statements through abstraction, i.e., reduction of information preserving properties relative to a given set of concerns [From: Bran Selic, UML2 Tutorial @ MoDELS 2012]
System under study Abstraction Statements (Models)
A model describes a Labelled Transition System
Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
Ecmfa2013
Model analysis ● Aim of model analysis: Check model for relevant and interesting properties; detect deficiencies on the modeling level before implementation ● Example properties – Is the set of states and transitions not empty? Which properties do the states have? – Which transition sequences are possible? – Are the transitions deterministic? Are there states with no outgoing transition? – ... ● General model properties: Consistency, Independence (Minimality), Detection of consequences, Exploration of reachability, ...
(Textual) Modeling with UML and OCL within USE (UML-based Specification Environment) ● Class diagrams (classes, associations, generalization, abstract classes, association clases, aggregation, composition, ...) ● Protocol State Machines (states and guarded transitions) ● Support for full OCL with all collection kinds (sets, bags, sequences, ordered sets) and operations (forAll, select, collect, iterate, closure, ...) ● Central assurance technique: Expressing scenarios (test cases); UML object and sequence diagrams ● Employing OCL for ad-hoc queries, class invariants, operation pre- and postconditions, operation definitions (for side-effect free operations), state invariants, transition pre- and postconditions ● Employing SOIL (Simple Ocl-like Imperative Language) for implementing operations manipulating the system state ● Validation: Are we building the right product? Verification: Are we building the product right?
Ecmfa2013
Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
Model understanding and analysis with positive examples ● Search for scenarios satisfying all constraints ● Prove consistency of structural model ● Provide valid object diagrams with meaningful objects and values to stakeholders not interested in technical details ● Systematically construct object diagrams in order to span up a particular search space consisting of a sequence of object diagrams ● Automatically construct object diagrams with the so-called model validator which realizes a transformation from UML and OCL into relational logic implemented in Alloy resp. Kodkod
Ecmfa2013
Ecmfa2013
Ecmfa2013
Ecmfa2013
All constraints valid: Consistency of invariants & inherent constraints
One constraint fails
context Person inv asymmetricFriendship: inviter->intersection(invitee)->isEmpty context Person inv listMembersMustBeFriends: friends()->includesAll(ownedList->collect(l|l.member)) context Access inv accessOnlyToFriends: accessed.poster.friends()->includesAll(accessor.pAccessor()) context Commenting inv commentOnlyByFriends: commented.poster.friends()->includes(commenter) context Commenting inv commentOnlyIfUndenied: commented.denied()->excludes(commenter) Person::friends():Set(Person)= invitee->union(inviter)->excluding(self) Person::pAccessor():Set(Person)=Set{self} List::pAccessor():Set(Person)=member Post::denied():Set(Person)= access->select(deny=true).accessor.pAccessor()->asSet()
Model analysis with negative examples ● Positive and negative scenarios (test cases) desireable ● Scenarios may also violate constraints ● Violating scenarios uncover interesting properties
Independence of invariants ● Configure the invariants before calling the search procedure by negating or disabling them ● Explore invariant indepence by negating exactly one invariant ● If successful, the found object diagram proves independence ● ∃ ObjDia ( INV1 ᴧ ¬ INV2 ᴧ INV3 ) ↔ ∃ ObjDia ( INV1 ᴧ INV3 ¬ᴧ INV2 ) ↔ ∃ ObjDia ¬ ¬ ( INV1 ᴧ INV3 ¬ᴧ INV2 ) ↔ ¬ ∀ ObjDia ( ¬ ( INV1 ᴧ INV3 ) ˅ INV2 ) ↔ ¬ ∀ ObjDia ( INV1 ᴧ INV3 ⇒ INV2 ) ● INV2 independentOf ( INV1 ᴧ INV3 ) ● Similar technique can be employed for checking consequences
Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
Modeling Behavior with SOIL and Statecharts ● Employ OCL pre- and postconditions for operations ● Employ SOIL statements for implementing operations manipulating the system state ● Employ UML statecharts (UML protocol state machines) for specifying complete object life cycles (in extension to the OCL pre- and postconditions which cover single state transitions with one pre and one post state) ● Employ UML sequence diagrams for capturing execution traces with object lifelines and exchanged messages
Life cycle restriction with state charts: 'accept' and 'decline' not always possible
class Person < Accessor operations invite(invitee:Person) begin SOIL [prescriptive] insert (self,invitee) into Pendship; invitee.invited(self); end pre inviteeNotSelf: invitee<>self OCL [descriptive] pre inviteeNotFriend: friends()->excludes(invitee) pre inviteeNotPending: pends()->excludes(invitee) post pInvited: self.pInvitee->includes(invitee) accept(inviter:Person) begin inviter.accepted(self); delete (inviter,self) from Pendship; insert (inviter,self) into Friendship; end pre pInvited: inviter.pInvitee->includes(self) post pendingCanceled: inviter.pInvitee->excludes(self) post invited: inviter.invitee->includes(self) decline(inviter:Person) ... invited(inviter:Person) ... accepted(invitee:Person) ... declined(invitee:Person) ... end
Ecmfa2013
Ecmfa2013
Ecmfa2013
Ecmfa2013
Ecmfa2013
Ecmfa2013
Result of scenario construction ● Structural model: Class diagram and invariants ● Behavioral model: Operation pre- and postconditions, SOIL operation realization, and statecharts including transition pre- and postconditions and state invariants ● All operations touched at least once in the scenario ● Invariants, operation pre- and postconditions, and transition pre- and post conditions are all valid ● Structural and behavioral model are consistent
Summary ● Software development concentrating on models as first class citizens ● Successfully applied approach in larger German project: XGenerator @ Deutschland online ● UML (Class and Statechart diagrams) in combination with OCL (not mentioned yet the darker side of the force, namely class diagram features like subsets, redefines, union, association inheritance and association class inheritance) ● SOIL (Simple Ocl-like Imperative Language) for operation implementation together model unit tests (Object and Sequence diagrams) ● Employ model validator for searching object diagram spaces ● Validation and verification ● Aim of modeling: Obtain trustworthy models
Perspectives ● Support for model transformation: From descriptive models to prescriptive models, from platform-indepedent models to platform- dependent ones, ... ● Technical extension in USE - statecharts features, e.g. adding change events and nested states - sequence diagram, e.g. states and object diagram on lifelines ● Filmstriping models, i.e. simulating system dynamics by encoding filmstrips (state sequences and operation calls) into a single state ● Temporal logic for dynamic properties! Deontic logic for obligations and permissions? ● Monitoring running applications (JVM, CRL, ...) with models ● THANKS: to Mark Richters, Jörn Bohling, Fabian Büttner, Mirco Kuhlmann and Lars Hamann for their work on USE!
Apologies for this long presentation. I did not find the time to prepare a short smart one. [B. Pascal] Thanks for your attention!
Relevant Properties ● Consistency: Are the model inherent constraints (e.g., multiplicities, agggregation, composition) and class invariants consistent? Is there at least one object diagram? Empty populations? Finite populations? Classes? Associations? Consistency also for other constraints, e.g. invariants and operation pre- and postconditions? ● Independence: Are the class invariants independent? Is there an invariant which is implied by the other invariants? Are the invariants implied by the operation pre- and postconditions? ● Consequences: Is a newly stated invariant a consequence of the stated ones? Must operationA always be followed by operationB? ● Reachability: Is a given object diagram reachable from another object diagram through a sequence of operation calls? Which operation calls lead from a start object diagram to an end object diagram? Are there operation call sequences leading to dead end object diagrams? ● Many further properties worth to be investigated!
Example property: Agggregation and composition context Person inv cannotBeMemberOfFriendsList: ownedList.member.ownedList.member->excludes(self) Object diagram violating diamonds and constraint
Pendship = Pending Friendship
Actual model a bit more complicated: internal operations needed 'on the other side' of the invitation: 'invited', 'accepted', and 'declined'
sys.String2ObjDia( Sequence{ Tuple{PERSON:'ada', INVITEES:Sequence{'bob','cyd'}, POSTS:Sequence{'ada_birthday','ada_marriage'}, COMMENTS:Sequence{'bob_promotion','well done'}, DENIES:Sequence{'ada_birthday','cyd'}}, Tuple{PERSON:'bob', INVITEES:Sequence{'cyd'}, POSTS:Sequence{'bob_birthday','bob_promotion'}, COMMENTS:Sequence{'ada_birthday','congrats', 'cyd_birthday','congrats'}, DENIES:Sequence{}}, Tuple{PERSON:'cyd', INVITEES:Sequence{}, POSTS:Sequence{'cyd_birthday'}, COMMENTS:Sequence{'bob_promotion','cheers'}, DENIES:Sequence{'cyd_birthday','ada'}}}) System::String2ObjDia(s: Sequence(Tuple(PERSON:String, INVITEES:Sequence(String), POSTS:Sequence(String), COMMENTS:Sequence(String), DENIES:Sequence(String))) )
Ecmfa2013
Ecmfa2013
Ecmfa2013
String2ObjDia(s:Seq(Tuple(PERSON:String, parameters & class/assoc INVITEES:Sequence(String), SOIL features POSTS:Sequence(String), COMMENTS:Sequence(String), DENIES:Sequence(String)))) begin declare ps:Person, po:Post, po_str:String, co_str:String, co:Commenting, ps_str:String, ac:Access; for x in s->collectNested(e|e.PERSON) do ps:=new Person(x); end; for x in s->collectNested(e|e.PERSON) do for y in s->any(e|e.PERSON=x).INVITEES do insert (Person.byUseId(x),Person.byUseId(y)) into Friendship; end; end; for x in s->collectNested(e|e.PERSON) do for y in s->any(e|e.PERSON=x).POSTS do po:=new Post(y); insert (Person.byUseId(x),Post.byUseId(y)) into Posting; end; end; for x in s->collectNested(e|e.PERSON) do for y in Set{0..(s->any(e|e.PERSON=x).COMMENTS->size() div 2)-1} do po_str:=s->any(e|e.PERSON=x).COMMENTS->at(y*2+1); co_str:=s->any(e|e.PERSON=x).COMMENTS->at(y*2+2); co:=new Commenting between (Person.byUseId(x),Post.byUseId(po_str)); co.comment:=co_str; end; end; for x in s->collectNested(e|e.PERSON) do for y in Set{0..(s->any(e|e.PERSON=x).DENIES->size() div 2)-1} do po_str:=s->any(e|e.PERSON=x).DENIES->at(y*2+1); ps_str:=s->any(e|e.PERSON=x).DENIES->at(y*2+2); ac:=new Access between(Post.byUseId(po_str),Person.byUseId(ps_str)); ac.deny:=true; end; end;
procedure societyComplete(numPerson:Integer, numFriendship:Integer, numList:Integer, numMember:Integer, numPost:Integer, numComment:Integer, numDeny:Integer) var persons:Sequence(Person), p1:Person, p2:Person, lists:Sequence(List), l:List, po:Post, posts:Sequence(Post), acc:Accessor, commentings:Sequence(Commenting), accesses:Sequence(Access) begin persons:=CreateN(Person,[numPerson]) for i:Integer in [Sequence{1..numFriendship}] begin p1:=Try([persons]) p2:=Try([persons]) if [p1.invitee->excludes(p2)] then begin Insert(Friendship,[p1],[p2]) end end lists:=CreateN(List,[numList]) for i:Integer in [Sequence{1..numList}] .. Insert(ListOwnership,[p1],[lists->at(i)]) .. ..ListMembership..Post..Posting.. for i:Integer in [Sequence{1..numComment}] .. Create(Commenting,[p1],[po]) .. .. for i:Integer in [Sequence{1..commentings->size}] .. [commentings->at(i)].comment:=[''] .. for i:Integer in [Sequence{1..numDeny}] .. acc:=Try([persons->union(lists)]) .. .. end
Ecmfa2013
Ecmfa2013
From B. Selic: MODELS 2012 Tutorial
Ecmfa2013
context Person inv noSelfInvitation: OCL collection operations invitee->excludes(self) context p1,p2:Person inv symmetricFriends: p1.friends()->includes(p2)=p2.friends()->includes(p1) context Person inv listMembersMustBeFriends: friends()->includesAll(ownedList->collect(l|l.member)) context Person inv asymmetricFriendship: inviter->intersection(invitee)->isEmpty() context Access inv accessOnlyToFriends: ... context Commenting inv commentOnlyByFriends: ... context Commenting inv commentOnlyIfUndenied: commented.denied()->excludes(commenter) Person::friends():Set(Person)= invitee->union(inviter)->excluding(self) Person::pAccessor():Set(Person)=Set{self} List::pAccessor():Set(Person)=member Post::denied():Set(Person)= access->select(deny=true).accessor.pAccessor()->asSet()

More Related Content

PPT
Object oriented analysis & Design- Overview
rmk_rrj
 
PPTX
fUML-Driven Design and Performance Analysis of Software Agents for Wireless S...
Luca Berardinelli
 
PPTX
Structured Vs, Object Oriented Analysis and Design
Motaz Saad
 
PPSX
MDE in Practice
Abdalmassih Yakeen
 
PPT
02 uml
Baskarkncet
 
PDF
CS8592-OOAD Lecture Notes Unit-3
Gobinath Subramaniam
 
PDF
CS8592-OOAD Question Bank
Gobinath Subramaniam
 
PDF
Seng 123 8-ooad
Atilla Elçi
 
Object oriented analysis & Design- Overview
rmk_rrj
 
fUML-Driven Design and Performance Analysis of Software Agents for Wireless S...
Luca Berardinelli
 
Structured Vs, Object Oriented Analysis and Design
Motaz Saad
 
MDE in Practice
Abdalmassih Yakeen
 
02 uml
Baskarkncet
 
CS8592-OOAD Lecture Notes Unit-3
Gobinath Subramaniam
 
CS8592-OOAD Question Bank
Gobinath Subramaniam
 
Seng 123 8-ooad
Atilla Elçi
 

What's hot (12)

PDF
[2016/2017] Architectural languages
Ivano Malavolta
 
PDF
Round - Trip Software Engineering using UML: From Architecture to Design and...
Aman Mishra
 
PDF
Case stydy cs701
Dinkar Mishra
 
PPT
UML (Hemant rajak)
hrajak5
 
PPTX
Ooad 3
Jitendra s Rathore
 
PPT
Object Oriented Methodology in Java (Lecture-1)
Md. Mujahid Islam
 
PPSX
UML and Case study
Mihika-QA
 
PDF
Arch06 1
nazn
 
PPTX
Unit 1- OOAD ppt
PRIANKA R
 
PPTX
Model-Driven Testing with UML 2.0
Ishara Amarasekera
 
PDF
Advanced Modeling of Industrial Optimization Problems
Alkis Vazacopoulos
 
PDF
Time Series Estimation of Gas Furnace Data in IMPL and CPLEX Industrial Model...
Alkis Vazacopoulos
 
[2016/2017] Architectural languages
Ivano Malavolta
 
Round - Trip Software Engineering using UML: From Architecture to Design and...
Aman Mishra
 
Case stydy cs701
Dinkar Mishra
 
UML (Hemant rajak)
hrajak5
 
Ooad 3
Jitendra s Rathore
 
Object Oriented Methodology in Java (Lecture-1)
Md. Mujahid Islam
 
UML and Case study
Mihika-QA
 
Arch06 1
nazn
 
Unit 1- OOAD ppt
PRIANKA R
 
Model-Driven Testing with UML 2.0
Ishara Amarasekera
 
Advanced Modeling of Industrial Optimization Problems
Alkis Vazacopoulos
 
Time Series Estimation of Gas Furnace Data in IMPL and CPLEX Industrial Model...
Alkis Vazacopoulos
 
Ad

Viewers also liked (18)

PPT
Pap2 3
Rosa Mitie
 
DOCX
Tarea 01 - Nuevos Ambientes de Aprendizaje
Luis Vidal
 
PDF
Tutorial de-busquedas-con-google
Ernestina Sandoval
 
PDF
DNV Satish
DIVVELA SATISH
 
PPT
Het Nieuwe Werken Sra (Nr)
Fou-Khan Tsang
 
PPT
Data handling
Siddharth Maurya
 
PDF
Física General
Luis Vidal
 
DOCX
Deber de informatica dayane caiza y danny cushpa
Däŋny Cữsĥpä
 
PDF
Portfolio_Pankaj Sharma
Pankaj Sharma
 
PDF
Countus tulp over 2 jaar te koop
Countus
 
ODP
Gu a tur_stica_alejandro (1)
Alex Pini Jimenez
 
PDF
Tap2013
gogolla
 
PDF
Cómo ayudar a su hijo a aprender ciencias
Vladimir Martinez
 
PPTX
An Dewaele, Veranderingsmanagement: do's and dont's voor archiefteams
Vlaamse Vereniging voor Bibliotheek, Archief & Documentatie vzw (VVBAD)
 
PDF
lecturas de primer ciclo
Yolanda González
 
PPT
Literatura en el Barroco ( S.XVII)
Letrasenelaula
 
PPTX
Parodoncijum
Vesna Danilovic
 
PPT
Inteligencia Verbal Lingüistica
Joel Acosta
 
Pap2 3
Rosa Mitie
 
Tarea 01 - Nuevos Ambientes de Aprendizaje
Luis Vidal
 
Tutorial de-busquedas-con-google
Ernestina Sandoval
 
DNV Satish
DIVVELA SATISH
 
Het Nieuwe Werken Sra (Nr)
Fou-Khan Tsang
 
Data handling
Siddharth Maurya
 
Física General
Luis Vidal
 
Deber de informatica dayane caiza y danny cushpa
Däŋny Cữsĥpä
 
Portfolio_Pankaj Sharma
Pankaj Sharma
 
Countus tulp over 2 jaar te koop
Countus
 
Gu a tur_stica_alejandro (1)
Alex Pini Jimenez
 
Tap2013
gogolla
 
Cómo ayudar a su hijo a aprender ciencias
Vladimir Martinez
 
An Dewaele, Veranderingsmanagement: do's and dont's voor archiefteams
Vlaamse Vereniging voor Bibliotheek, Archief & Documentatie vzw (VVBAD)
 
lecturas de primer ciclo
Yolanda González
 
Literatura en el Barroco ( S.XVII)
Letrasenelaula
 
Parodoncijum
Vesna Danilovic
 
Inteligencia Verbal Lingüistica
Joel Acosta
 
Ad

Similar to Ecmfa2013 (20)

PPTX
The secret life of rules in Software Engineering
Jordi Cabot
 
PDF
On the verification of UML/OCL class diagrams using constraint programming
UOC Universitat Oberta de Catalunya
 
PPT
IntroductionToUML.ppt
ssuser1028f8
 
PPTX
lecture 2.pptx
Tik Tok
 
PDF
Comparison of the Formal Specification Languages Based Upon Various Parameters
IOSR Journals
 
PPT
Visual Modelling and the Unified Modeling Language.ppt
girumdethio
 
PDF
Towards Domain Refinement for UML/OCL Bounded Verification
rclariso
 
PDF
5-Object Oriented Analysis (Object Oriented Software Engineering - BNU Spring...
Hafiz Ammar Siddiqui
 
PPT
Unified Modeling Language (UML)
ppd1961
 
PDF
Oopsla04.ppt
Yann-Gaël Guéhéneuc
 
PDF
SE_Lec 09_ UML Behaviour Diagrams
Amr E. Mohamed
 
PDF
Datalog+-Track Introduction & Reasoning on UML Class Diagrams via Datalog+-
RuleML
 
PPT
Object oriented programming in C++ programming language
SurindraKumar
 
PPT
Object oriented programming language in software engineering
SurindraKumar
 
PPT
Introduction to software engineering in data science.ppt
SurindraKumar
 
PPT
An Evolution of UML projects.and also what is project
RaviKumarRKKavitha
 
PPTX
Unit4 desiging classes
gopal10scs185
 
PPTX
Unit4 desiging classes
gopal10scs185
 
PDF
Beyond design principles and patterns (muCon 2019 edition)
Matthias Noback
 
PPTX
Software Engineering and Project Management - Introduction, Modeling Concepts...
Prakhyath Rai
 
The secret life of rules in Software Engineering
Jordi Cabot
 
On the verification of UML/OCL class diagrams using constraint programming
UOC Universitat Oberta de Catalunya
 
IntroductionToUML.ppt
ssuser1028f8
 
lecture 2.pptx
Tik Tok
 
Comparison of the Formal Specification Languages Based Upon Various Parameters
IOSR Journals
 
Visual Modelling and the Unified Modeling Language.ppt
girumdethio
 
Towards Domain Refinement for UML/OCL Bounded Verification
rclariso
 
5-Object Oriented Analysis (Object Oriented Software Engineering - BNU Spring...
Hafiz Ammar Siddiqui
 
Unified Modeling Language (UML)
ppd1961
 
Oopsla04.ppt
Yann-Gaël Guéhéneuc
 
SE_Lec 09_ UML Behaviour Diagrams
Amr E. Mohamed
 
Datalog+-Track Introduction & Reasoning on UML Class Diagrams via Datalog+-
RuleML
 
Object oriented programming in C++ programming language
SurindraKumar
 
Object oriented programming language in software engineering
SurindraKumar
 
Introduction to software engineering in data science.ppt
SurindraKumar
 
An Evolution of UML projects.and also what is project
RaviKumarRKKavitha
 
Unit4 desiging classes
gopal10scs185
 
Unit4 desiging classes
gopal10scs185
 
Beyond design principles and patterns (muCon 2019 edition)
Matthias Noback
 
Software Engineering and Project Management - Introduction, Modeling Concepts...
Prakhyath Rai
 

Recently uploaded (20)

PDF
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
PPTX
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
PDF
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 
A comparative analysis of optical character recognition models for extracting...
IAESIJAI
 
Machine Learning_overview_presentation.pptx
kondavamsidharreddy2
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
NewMind AI Weekly Chronicles - August'25-Week II
NewMind AI
 
A Presentation on Artificial Intelligence
memembruh336
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
Teaching material agriculture food technology
LiaRayya
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
gpt5_lecture_notes_comprehensive_20250812015547.pdf
Chinchu40
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Building Integrated photovoltaic BIPV_UPV.pdf
SandeepSingh286037
 

Ecmfa2013

  • 1. Employing the Object Constraint Language in Model-Based Engineering Martin Gogolla University of Bremen Database Systems Group
  • 2. Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
  • 3. Why do engineers build models? - To understand ... problems and solutions Models as "Means for Knowledge Acquisition" - To communicate ... understanding and design intent Models as "Means for Knowledge Transfer" - To predict ... the interesting characteristics of system under study Models as "Surrogates" - To specify ... the implementation of the system Models as "Blueprints" Building models is done by selecting statements through abstraction, i.e., reduction of information preserving properties relative to a given set of concerns [From: Bran Selic, UML2 Tutorial @ MoDELS 2012]
  • 4. System under study Abstraction Statements (Models)
  • 5. A model describes a Labelled Transition System
  • 6. Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
  • 8. Model analysis ● Aim of model analysis: Check model for relevant and interesting properties; detect deficiencies on the modeling level before implementation ● Example properties – Is the set of states and transitions not empty? Which properties do the states have? – Which transition sequences are possible? – Are the transitions deterministic? Are there states with no outgoing transition? – ... ● General model properties: Consistency, Independence (Minimality), Detection of consequences, Exploration of reachability, ...
  • 9. (Textual) Modeling with UML and OCL within USE (UML-based Specification Environment) ● Class diagrams (classes, associations, generalization, abstract classes, association clases, aggregation, composition, ...) ● Protocol State Machines (states and guarded transitions) ● Support for full OCL with all collection kinds (sets, bags, sequences, ordered sets) and operations (forAll, select, collect, iterate, closure, ...) ● Central assurance technique: Expressing scenarios (test cases); UML object and sequence diagrams ● Employing OCL for ad-hoc queries, class invariants, operation pre- and postconditions, operation definitions (for side-effect free operations), state invariants, transition pre- and postconditions ● Employing SOIL (Simple Ocl-like Imperative Language) for implementing operations manipulating the system state ● Validation: Are we building the right product? Verification: Are we building the product right?
  • 11. Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
  • 12. Model understanding and analysis with positive examples ● Search for scenarios satisfying all constraints ● Prove consistency of structural model ● Provide valid object diagrams with meaningful objects and values to stakeholders not interested in technical details ● Systematically construct object diagrams in order to span up a particular search space consisting of a sequence of object diagrams ● Automatically construct object diagrams with the so-called model validator which realizes a transformation from UML and OCL into relational logic implemented in Alloy resp. Kodkod
  • 17. All constraints valid: Consistency of invariants & inherent constraints
  • 19. context Person inv asymmetricFriendship: inviter->intersection(invitee)->isEmpty context Person inv listMembersMustBeFriends: friends()->includesAll(ownedList->collect(l|l.member)) context Access inv accessOnlyToFriends: accessed.poster.friends()->includesAll(accessor.pAccessor()) context Commenting inv commentOnlyByFriends: commented.poster.friends()->includes(commenter) context Commenting inv commentOnlyIfUndenied: commented.denied()->excludes(commenter) Person::friends():Set(Person)= invitee->union(inviter)->excluding(self) Person::pAccessor():Set(Person)=Set{self} List::pAccessor():Set(Person)=member Post::denied():Set(Person)= access->select(deny=true).accessor.pAccessor()->asSet()
  • 20. Model analysis with negative examples ● Positive and negative scenarios (test cases) desireable ● Scenarios may also violate constraints ● Violating scenarios uncover interesting properties
  • 21. Independence of invariants ● Configure the invariants before calling the search procedure by negating or disabling them ● Explore invariant indepence by negating exactly one invariant ● If successful, the found object diagram proves independence ● ∃ ObjDia ( INV1 ᴧ ¬ INV2 ᴧ INV3 ) ↔ ∃ ObjDia ( INV1 ᴧ INV3 ¬ᴧ INV2 ) ↔ ∃ ObjDia ¬ ¬ ( INV1 ᴧ INV3 ¬ᴧ INV2 ) ↔ ¬ ∀ ObjDia ( ¬ ( INV1 ᴧ INV3 ) ˅ INV2 ) ↔ ¬ ∀ ObjDia ( INV1 ᴧ INV3 ⇒ INV2 ) ● INV2 independentOf ( INV1 ᴧ INV3 ) ● Similar technique can be employed for checking consequences
  • 22. Outline ● Motivation: About modeling ● Modeling with UML and OCL ● Validation and verification of structure ● Validation and verification of behavior
  • 23. Modeling Behavior with SOIL and Statecharts ● Employ OCL pre- and postconditions for operations ● Employ SOIL statements for implementing operations manipulating the system state ● Employ UML statecharts (UML protocol state machines) for specifying complete object life cycles (in extension to the OCL pre- and postconditions which cover single state transitions with one pre and one post state) ● Employ UML sequence diagrams for capturing execution traces with object lifelines and exchanged messages
  • 24. Life cycle restriction with state charts: 'accept' and 'decline' not always possible
  • 25. class Person < Accessor operations invite(invitee:Person) begin SOIL [prescriptive] insert (self,invitee) into Pendship; invitee.invited(self); end pre inviteeNotSelf: invitee<>self OCL [descriptive] pre inviteeNotFriend: friends()->excludes(invitee) pre inviteeNotPending: pends()->excludes(invitee) post pInvited: self.pInvitee->includes(invitee) accept(inviter:Person) begin inviter.accepted(self); delete (inviter,self) from Pendship; insert (inviter,self) into Friendship; end pre pInvited: inviter.pInvitee->includes(self) post pendingCanceled: inviter.pInvitee->excludes(self) post invited: inviter.invitee->includes(self) decline(inviter:Person) ... invited(inviter:Person) ... accepted(invitee:Person) ... declined(invitee:Person) ... end
  • 32. Result of scenario construction ● Structural model: Class diagram and invariants ● Behavioral model: Operation pre- and postconditions, SOIL operation realization, and statecharts including transition pre- and postconditions and state invariants ● All operations touched at least once in the scenario ● Invariants, operation pre- and postconditions, and transition pre- and post conditions are all valid ● Structural and behavioral model are consistent
  • 33. Summary ● Software development concentrating on models as first class citizens ● Successfully applied approach in larger German project: XGenerator @ Deutschland online ● UML (Class and Statechart diagrams) in combination with OCL (not mentioned yet the darker side of the force, namely class diagram features like subsets, redefines, union, association inheritance and association class inheritance) ● SOIL (Simple Ocl-like Imperative Language) for operation implementation together model unit tests (Object and Sequence diagrams) ● Employ model validator for searching object diagram spaces ● Validation and verification ● Aim of modeling: Obtain trustworthy models
  • 34. Perspectives ● Support for model transformation: From descriptive models to prescriptive models, from platform-indepedent models to platform- dependent ones, ... ● Technical extension in USE - statecharts features, e.g. adding change events and nested states - sequence diagram, e.g. states and object diagram on lifelines ● Filmstriping models, i.e. simulating system dynamics by encoding filmstrips (state sequences and operation calls) into a single state ● Temporal logic for dynamic properties! Deontic logic for obligations and permissions? ● Monitoring running applications (JVM, CRL, ...) with models ● THANKS: to Mark Richters, Jörn Bohling, Fabian Büttner, Mirco Kuhlmann and Lars Hamann for their work on USE!
  • 35. Apologies for this long presentation. I did not find the time to prepare a short smart one. [B. Pascal] Thanks for your attention!
  • 36. Relevant Properties ● Consistency: Are the model inherent constraints (e.g., multiplicities, agggregation, composition) and class invariants consistent? Is there at least one object diagram? Empty populations? Finite populations? Classes? Associations? Consistency also for other constraints, e.g. invariants and operation pre- and postconditions? ● Independence: Are the class invariants independent? Is there an invariant which is implied by the other invariants? Are the invariants implied by the operation pre- and postconditions? ● Consequences: Is a newly stated invariant a consequence of the stated ones? Must operationA always be followed by operationB? ● Reachability: Is a given object diagram reachable from another object diagram through a sequence of operation calls? Which operation calls lead from a start object diagram to an end object diagram? Are there operation call sequences leading to dead end object diagrams? ● Many further properties worth to be investigated!
  • 37. Example property: Agggregation and composition context Person inv cannotBeMemberOfFriendsList: ownedList.member.ownedList.member->excludes(self) Object diagram violating diamonds and constraint
  • 38. Pendship = Pending Friendship
  • 39. Actual model a bit more complicated: internal operations needed 'on the other side' of the invitation: 'invited', 'accepted', and 'declined'
  • 44. String2ObjDia(s:Seq(Tuple(PERSON:String, parameters & class/assoc INVITEES:Sequence(String), SOIL features POSTS:Sequence(String), COMMENTS:Sequence(String), DENIES:Sequence(String)))) begin declare ps:Person, po:Post, po_str:String, co_str:String, co:Commenting, ps_str:String, ac:Access; for x in s->collectNested(e|e.PERSON) do ps:=new Person(x); end; for x in s->collectNested(e|e.PERSON) do for y in s->any(e|e.PERSON=x).INVITEES do insert (Person.byUseId(x),Person.byUseId(y)) into Friendship; end; end; for x in s->collectNested(e|e.PERSON) do for y in s->any(e|e.PERSON=x).POSTS do po:=new Post(y); insert (Person.byUseId(x),Post.byUseId(y)) into Posting; end; end; for x in s->collectNested(e|e.PERSON) do for y in Set{0..(s->any(e|e.PERSON=x).COMMENTS->size() div 2)-1} do po_str:=s->any(e|e.PERSON=x).COMMENTS->at(y*2+1); co_str:=s->any(e|e.PERSON=x).COMMENTS->at(y*2+2); co:=new Commenting between (Person.byUseId(x),Post.byUseId(po_str)); co.comment:=co_str; end; end; for x in s->collectNested(e|e.PERSON) do for y in Set{0..(s->any(e|e.PERSON=x).DENIES->size() div 2)-1} do po_str:=s->any(e|e.PERSON=x).DENIES->at(y*2+1); ps_str:=s->any(e|e.PERSON=x).DENIES->at(y*2+2); ac:=new Access between(Post.byUseId(po_str),Person.byUseId(ps_str)); ac.deny:=true; end; end;
  • 45. procedure societyComplete(numPerson:Integer, numFriendship:Integer, numList:Integer, numMember:Integer, numPost:Integer, numComment:Integer, numDeny:Integer) var persons:Sequence(Person), p1:Person, p2:Person, lists:Sequence(List), l:List, po:Post, posts:Sequence(Post), acc:Accessor, commentings:Sequence(Commenting), accesses:Sequence(Access) begin persons:=CreateN(Person,[numPerson]) for i:Integer in [Sequence{1..numFriendship}] begin p1:=Try([persons]) p2:=Try([persons]) if [p1.invitee->excludes(p2)] then begin Insert(Friendship,[p1],[p2]) end end lists:=CreateN(List,[numList]) for i:Integer in [Sequence{1..numList}] .. Insert(ListOwnership,[p1],[lists->at(i)]) .. ..ListMembership..Post..Posting.. for i:Integer in [Sequence{1..numComment}] .. Create(Commenting,[p1],[po]) .. .. for i:Integer in [Sequence{1..commentings->size}] .. [commentings->at(i)].comment:=[''] .. for i:Integer in [Sequence{1..numDeny}] .. acc:=Try([persons->union(lists)]) .. .. end
  • 48. From B. Selic: MODELS 2012 Tutorial
  • 50. context Person inv noSelfInvitation: OCL collection operations invitee->excludes(self) context p1,p2:Person inv symmetricFriends: p1.friends()->includes(p2)=p2.friends()->includes(p1) context Person inv listMembersMustBeFriends: friends()->includesAll(ownedList->collect(l|l.member)) context Person inv asymmetricFriendship: inviter->intersection(invitee)->isEmpty() context Access inv accessOnlyToFriends: ... context Commenting inv commentOnlyByFriends: ... context Commenting inv commentOnlyIfUndenied: commented.denied()->excludes(commenter) Person::friends():Set(Person)= invitee->union(inviter)->excluding(self) Person::pAccessor():Set(Person)=Set{self} List::pAccessor():Set(Person)=member Post::denied():Set(Person)= access->select(deny=true).accessor.pAccessor()->asSet()