SlideShare a Scribd company logo

Runtime Monitoring of Functional Component Changes with Behavior Models

Download as KEY, PDF
Mario Sangiorgio, profile picture
Mario Sangiorgio

The document discusses runtime monitoring of functional component changes using behavioral models, highlighting the lack of formal services that may alter specifications. It outlines goals for recovering specifications and detecting changes at runtime, along with an approach for specification updates and change detection. Behavioral equivalence models are presented as a means to capture and monitor component behavior through execution traces, emphasizing the need for precise behavior descriptions while acknowledging the limitations of observed traces.

Technology
1 of 56
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
Runtime Monitoring of Functional Component Changes with Behavior Models Carlo Ghezzi Andrea Mocci Mario Sangiorgio
OPEN ENVIRONMENT Application Service 2
ISSUES Lack of formal Services may change specifications behavior 3
GOALS Recover specifications Detect changes and keep them updated 4
GOALS Recover specifications Detect changes and keep them updated AT RUNTIME 4
APPROACH DESIGN TIME RUN TIME Specification Update Specification Monitoring Change Detection Inference 5
pop() pu pop() sh ) (2 p( Stack ) po size() = 0 Stack() top() push(2) push(1) po =Exception ) p( (1 ) sh push(2) SPECIFICATIONS pu pop() pop() Stack Stack size() = 1 size() ≥ 2 top() = 2 top() = 2 push(2) pop(), push(2) Figure 2: Outline of the Synthesis Algorithm pop() push(2) Stack Stack Stack pop push size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push push(1) pop() pop() S0 S1 Stack push(1) pop Stack size() = 0 pop Stack() top() pop() =Exception State push pop size top Observer Abstraction push(2) S0 — EmptyStackException — EmptyStackException pop() pop() pop() S1 — — — — Stack Stack Stack Modifier Behavior Abstraction size() = 2 size() = 1 size() = 2 S0 Variant Invariant Invariant Invariant top() = 1 top() = 2 top() = 2 S1 Variant Variant Invariant Invariant push(1) push(2) Figure 3: Outline of the Synthesis Algorithm Behavioral Protocol Behavior Equivalence Models Models 6
BEHAVIORAL EQUIVALENCE MODELS Based on behavioral equivalence Two objects x and y are behaviorally equivalent if and only if for every possible sequence s made of modifiers and ending with an observer s(x) = s(y) Built exploring exhaustively a small scope Hypothesis: A small but Precise Finite-State Model captures “by example” all the relevant behavior of a component 7
BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Stack() top() pop() =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) 8
BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Stack() top() pop() =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Exhaustive Stack() pop() top() search =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Up to a bound Stack size() = 0 Exhaustive Stack() pop() top() search =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
BEHAVIORAL EQUIVALENCE MODELS PROs CONs Precise description of the Limited to the observed component behavior (small) scope 9
BEHAVIORAL EQUIVALENCE MODELS PROs CONs Precise description of the Limited to the observed component behavior (small) scope NEED FOR MORE GENERAL MODELS! 9
PROTOCOL BEHAVIOR MODELS Abstraction of the information in the Behavioral Equivalence Models Normal or exceptional result Effects on component’s state 10
PROTOCOL BEHAVIOR MODELS pop push push Stack S0 S1 pop pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop Result type pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop Result type pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant Effects on state 11
A MORE COMPLEX EXAMPLE void putNextEntry(Entry entry); void write(String data); void close(); StorageService Exception thrown on not allowed operations Set-like behavior and complex interaction protocol 12
INITIAL MODEL* c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
INITIAL MODEL* c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Two valid entries inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c No more valid S S0 S1 pE S4 S5 entries pE pE w, pE available? w c w S3 First entry inserted Two valid entries inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
EXAMPLE Let’s use the model and update it at runtime! 14
MONITORING Behavior Models Execution traces are checked against the models 15
MONITORING ISSUES Observed traces may not be enough Observations may affect component’s state 16
ASSUMPTIONS Behavior Models Clones available to the monitor 17
VIOLATION DETECTION Execution Protocol Trace Behavior Model 18
CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE It depends on the w w S3 c outcome of next Legend: State close S:StorageService, w:write, c:close, pE:putNextEntry putN extEntry write operations S0 ZipException Observer Abstraction — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — Check on the clone S4 S5 — — ZipException IOException Modifier Behavior Abstraction ZipException IOException results of a S0 S1 Invariant Variant Variant Variant Invariant Invariant discriminating operation S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant with known instances S5 Invariant Invariant Invariant 19
PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — As seen before the test S2 S3 S4 — — — [−, ZipException] ZipException ZipException — ZipException ZipException scope was too small, but S5 — IOException Modifier Behavior Abstraction IOException we can fix the model! S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry ZipException expected! State close putN extEntry Observer Abstraction write S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException Special values are S3 S4 S5 — — — ZipException ZipException IOException — ZipException IOException unknown in advance S0 Invariant Modifier Behavior Abstraction Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
VIOLATION INTERPRETATION Protocol Behavior Model Behavioral Equivalence Model 22
IS THE VIOLATION A CHANGE? We can tell it replaying the traces contained in the Behavioral Equivalence Model Everything still works: Different results: previously unobserved behavior change detected 23
MODEL UPDATES Old Behavior Equivalence Model 24
MODEL UPDATES Old Behavior Equivalence Model Trace exposing new behavior 24
MODEL UPDATES Old Behavior Equivalence Model Extended scopes for existing models Trace exposing new behavior 24
MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Equivalence for existing models Models Trace exposing new behavior 24
MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Equivalence for existing models Models Trace exposing new behavior Incremental Add only new information 24
MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Updated Protocol Equivalence for existing models Behavior Model Models Trace exposing new behavior Incremental Add only new information 24
UPDATED MODEL c, w pE, w c pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
UPDATED MODEL c, w pE, w c pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
UPDATED MODEL c c, w pE, w Duplicate entry pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
UPDATED MODEL c c, w pE, w Duplicate entry pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Scope effects Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
CHANGE DETECTION Effectiveness of change detection proved injecting faults in the component Always working and always exceptional implementation for each method 26
CONCLUSIONS ✓Behavioral Models at run time ✓Specification of a software component ✓Functional change detection 27
FUTURE WORK •Relax assumptions •Tackle scope effects •Minimization of the scope size •Model interacting objects 28

More Related Content

PDF
Rcpp: Seemless R and C++
Romain Francois
 
PDF
Software Testing: Models, Patterns, Tools
Bob Binder
 
PPTX
Coding In Public
Alan Stevens
 
KEY
Runtime Monitoring of Component Changes with Spy@Runtime
Mario Sangiorgio
 
PDF
Programming by imitation
Mario Sangiorgio
 
PDF
A data driven journey through research on software engineering
Mario Sangiorgio
 
PDF
Current Approaches in Search Result Diversification
Mario Sangiorgio
 
PDF
Best coding practices to follow - to write a code, like a boss
Avil Porwal
 
Rcpp: Seemless R and C++
Romain Francois
 
Software Testing: Models, Patterns, Tools
Bob Binder
 
Coding In Public
Alan Stevens
 
Runtime Monitoring of Component Changes with Spy@Runtime
Mario Sangiorgio
 
Programming by imitation
Mario Sangiorgio
 
A data driven journey through research on software engineering
Mario Sangiorgio
 
Current Approaches in Search Result Diversification
Mario Sangiorgio
 
Best coding practices to follow - to write a code, like a boss
Avil Porwal
 

Viewers also liked (12)

PPTX
Coding standards for java
maheshm1206
 
PPS
Coding Best Practices
mh_azad
 
PPTX
Coding standards
Mimoh Ojha
 
KEY
Clean code and Code Smells
Mario Sangiorgio
 
PPTX
Clean Code - Design Patterns and Best Practices at Silicon Valley Code Camp
Theo Jungeblut
 
PPTX
Coding standards and guidelines
brijraj_singh
 
PPTX
C# coding standards, good programming principles & refactoring
Eyob Lube
 
PPTX
Clean Code I - Best Practices
Theo Jungeblut
 
PDF
Clean code
Arturo Herrero
 
PPTX
Programming languages
Akash Varaiya
 
PPTX
Computer Languages.
Aditya Sheoran
 
PDF
How to Teach Yourself to Code
Mattan Griffel
 
Coding standards for java
maheshm1206
 
Coding Best Practices
mh_azad
 
Coding standards
Mimoh Ojha
 
Clean code and Code Smells
Mario Sangiorgio
 
Clean Code - Design Patterns and Best Practices at Silicon Valley Code Camp
Theo Jungeblut
 
Coding standards and guidelines
brijraj_singh
 
C# coding standards, good programming principles & refactoring
Eyob Lube
 
Clean Code I - Best Practices
Theo Jungeblut
 
Clean code
Arturo Herrero
 
Programming languages
Akash Varaiya
 
Computer Languages.
Aditya Sheoran
 
How to Teach Yourself to Code
Mattan Griffel
 
Ad

Recently uploaded (20)

PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
KodekX | Application Modernization Development
KodekX
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
KodekX | Application Modernization Development
KodekX
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
MIND Revenue Release Quarter 2 2025 Press Release
MIND CTI
 
Ad

Runtime Monitoring of Functional Component Changes with Behavior Models

  • 1. Runtime Monitoring of Functional Component Changes with Behavior Models Carlo Ghezzi Andrea Mocci Mario Sangiorgio
  • 3. ISSUES Lack of formal Services may change specifications behavior 3
  • 4. GOALS Recover specifications Detect changes and keep them updated 4
  • 5. GOALS Recover specifications Detect changes and keep them updated AT RUNTIME 4
  • 6. APPROACH DESIGN TIME RUN TIME Specification Update Specification Monitoring Change Detection Inference 5
  • 7. pop() pu pop() sh ) (2 p( Stack ) po size() = 0 Stack() top() push(2) push(1) po =Exception ) p( (1 ) sh push(2) SPECIFICATIONS pu pop() pop() Stack Stack size() = 1 size() ≥ 2 top() = 2 top() = 2 push(2) pop(), push(2) Figure 2: Outline of the Synthesis Algorithm pop() push(2) Stack Stack Stack pop push size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push push(1) pop() pop() S0 S1 Stack push(1) pop Stack size() = 0 pop Stack() top() pop() =Exception State push pop size top Observer Abstraction push(2) S0 — EmptyStackException — EmptyStackException pop() pop() pop() S1 — — — — Stack Stack Stack Modifier Behavior Abstraction size() = 2 size() = 1 size() = 2 S0 Variant Invariant Invariant Invariant top() = 1 top() = 2 top() = 2 S1 Variant Variant Invariant Invariant push(1) push(2) Figure 3: Outline of the Synthesis Algorithm Behavioral Protocol Behavior Equivalence Models Models 6
  • 8. BEHAVIORAL EQUIVALENCE MODELS Based on behavioral equivalence Two objects x and y are behaviorally equivalent if and only if for every possible sequence s made of modifiers and ending with an observer s(x) = s(y) Built exploring exhaustively a small scope Hypothesis: A small but Precise Finite-State Model captures “by example” all the relevant behavior of a component 7
  • 9. BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Stack() top() pop() =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) 8
  • 10. BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Stack() top() pop() =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
  • 11. BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Stack size() = 0 Exhaustive Stack() pop() top() search =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
  • 12. BEHAVIORAL EQUIVALENCE MODELS pop() push(2) Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 1 top() = 2 push(1) pop() pop() push(1) Up to a bound Stack size() = 0 Exhaustive Stack() pop() top() search =Exception push(2) pop() pop() pop() Stack Stack Stack size() = 2 size() = 1 size() = 2 top() = 1 top() = 2 top() = 2 push(1) push(2) Small scope 8
  • 13. BEHAVIORAL EQUIVALENCE MODELS PROs CONs Precise description of the Limited to the observed component behavior (small) scope 9
  • 14. BEHAVIORAL EQUIVALENCE MODELS PROs CONs Precise description of the Limited to the observed component behavior (small) scope NEED FOR MORE GENERAL MODELS! 9
  • 15. PROTOCOL BEHAVIOR MODELS Abstraction of the information in the Behavioral Equivalence Models Normal or exceptional result Effects on component’s state 10
  • 16. PROTOCOL BEHAVIOR MODELS pop push push Stack S0 S1 pop pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
  • 17. PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
  • 18. PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop Result type pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant 11
  • 19. PROTOCOL BEHAVIOR MODELS No parameters pop push push Stack S0 S1 pop Result type pop State push pop size top Observer Abstraction S0 — EmptyStackException — EmptyStackException S1 — — — — Modifier Behavior Abstraction S0 Variant Invariant Invariant Invariant S1 Variant Variant Invariant Invariant Effects on state 11
  • 20. A MORE COMPLEX EXAMPLE void putNextEntry(Entry entry); void write(String data); void close(); StorageService Exception thrown on not allowed operations Set-like behavior and complex interaction protocol 12
  • 21. INITIAL MODEL* c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
  • 22. INITIAL MODEL* c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
  • 23. INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
  • 24. INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 First entry inserted Two valid entries inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
  • 25. INITIAL MODEL* blocks write Duplicate entry c, w w, pE S2 c c, w, pE pE c pE c No more valid S S0 S1 pE S4 S5 entries pE pE w, pE available? w c w S3 First entry inserted Two valid entries inserted Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException *derived from Modifier Behavior Abstraction test cases S0 Invariant Variant Invariant containing S1 Variant Variant Invariant S2 Variant Invariant Invariant entries e, f S3 Variant Variant Invariant and writing S4 Variant Invariant Invariant “0” 13 S5 Invariant Invariant Invariant
  • 26. EXAMPLE Let’s use the model and update it at runtime! 14
  • 27. MONITORING Behavior Models Execution traces are checked against the models 15
  • 28. MONITORING ISSUES Observed traces may not be enough Observations may affect component’s state 16
  • 29. ASSUMPTIONS Behavior Models Clones available to the monitor 17
  • 30. VIOLATION DETECTION Execution Protocol Trace Behavior Model 18
  • 31. CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
  • 32. CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
  • 33. CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 19
  • 34. CHECKING THE PROTOCOL OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.putNextEntry(a) - S1 c pE c s.putNextEntry(a) - ? S S0 S1 pE S4 S5 pE pE w, pE It depends on the w w S3 c outcome of next Legend: State close S:StorageService, w:write, c:close, pE:putNextEntry putN extEntry write operations S0 ZipException Observer Abstraction — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — Check on the clone S4 S5 — — ZipException IOException Modifier Behavior Abstraction ZipException IOException results of a S0 S1 Invariant Variant Variant Variant Invariant Invariant discriminating operation S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant with known instances S5 Invariant Invariant Invariant 19
  • 35. PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
  • 36. PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
  • 37. PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
  • 38. PROTOCOL VIOLATION (1) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE S1 pE s.putNextEntry(a) - c pE c s.putNextEntry(a) - S2 S S0 S1 pE S4 S5 pE pE w, pE s.putNextEntry(b) - S2 w c w S3 s.write(data) - ? Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — As seen before the test S2 S3 S4 — — — [−, ZipException] ZipException ZipException — ZipException ZipException scope was too small, but S5 — IOException Modifier Behavior Abstraction IOException we can fix the model! S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 20
  • 39. PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
  • 40. PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
  • 41. PROTOCOL VIOLATION (2) OPERATION OUTCOME STATE s = StorageService(); - S0 c, w w, pE S2 c c, w, pE pE s.write(“”) - ? c pE c S S0 S1 pE S4 S5 pE pE w, pE w c w S3 Legend: S:StorageService, w:write, c:close, pE:putNextEntry ZipException expected! State close putN extEntry Observer Abstraction write S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException Special values are S3 S4 S5 — — — ZipException ZipException IOException — ZipException IOException unknown in advance S0 Invariant Modifier Behavior Abstraction Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 21
  • 42. VIOLATION INTERPRETATION Protocol Behavior Model Behavioral Equivalence Model 22
  • 43. IS THE VIOLATION A CHANGE? We can tell it replaying the traces contained in the Behavioral Equivalence Model Everything still works: Different results: previously unobserved behavior change detected 23
  • 44. MODEL UPDATES Old Behavior Equivalence Model 24
  • 45. MODEL UPDATES Old Behavior Equivalence Model Trace exposing new behavior 24
  • 46. MODEL UPDATES Old Behavior Equivalence Model Extended scopes for existing models Trace exposing new behavior 24
  • 47. MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Equivalence for existing models Models Trace exposing new behavior 24
  • 48. MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Equivalence for existing models Models Trace exposing new behavior Incremental Add only new information 24
  • 49. MODEL UPDATES Old Behavior Equivalence Model Set of Behavior Extended scopes Updated Protocol Equivalence for existing models Behavior Model Models Trace exposing new behavior Incremental Add only new information 24
  • 50. UPDATED MODEL c, w pE, w c pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
  • 51. UPDATED MODEL c, w pE, w c pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
  • 52. UPDATED MODEL c c, w pE, w Duplicate entry pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
  • 53. UPDATED MODEL c c, w pE, w Duplicate entry pE w, pE pE c S S0 S1 pE S2 c S5 pE pE c First entry inserted pE c, w, pE S3 S4 w w, pE Scope effects Legend: S:StorageService, w:write, c:close, pE:putNextEntry State close putN extEntry write Observer Abstraction S0 ZipException — ZipException S1 — [−, ZipException] — S2 — [−, ZipException] ZipException S3 — ZipException — S4 — ZipException ZipException S5 — IOException IOException Modifier Behavior Abstraction S0 Invariant Variant Invariant S1 Variant Variant Invariant S2 Variant Invariant Invariant S3 Variant Variant Invariant S4 Variant Invariant Invariant S5 Invariant Invariant Invariant 25
  • 54. CHANGE DETECTION Effectiveness of change detection proved injecting faults in the component Always working and always exceptional implementation for each method 26
  • 55. CONCLUSIONS ✓Behavioral Models at run time ✓Specification of a software component ✓Functional change detection 27
  • 56. FUTURE WORK •Relax assumptions •Tackle scope effects •Minimization of the scope size •Model interacting objects 28

Editor's Notes