Putting Formal Description of Software Architecture in Practice:

Good News, Bad News.

Paola Inverardi

UNIVERSITA’ DEGLI STUDI DELL’AQUILA

Area Informatica, Facolta’ di SSMMNN

Brief history of our work in SA

• Formal description of SA via CHAM

• Behavioral Analysis of the SA

• algebraic analysis and finite state modeling

• validation and quantitative analysis based on FSTM

Our experience

• Modelling SA for three telecommunication companies

• UML as ADL

• Poor dynamics descriptions

DYNAMICS

• A model of all possible system behaviours

• state diagrams for “manageable” processes

• implicit parallel notation for composite processes-. P1||P2||…||Pn

• No explicit representation due to state explosion

• Sequence diagrams/MSCs

STM-4/16

ADMADM

ADMADM

STM-1/4

ADMADM

ADMADM ADMADM

SXC4/1

SXC4/1

City level

SXASXA

STM-1/4

ADMADM

ADMADM ADMADM

ADMADM

STM-4/16

ADMADM

ADMADM

Regional level

STM-1/4

ADMADM

ADMADM

ADMADM ADMADM

SXASXA

ITALIAN TELECOM NETWORK ARCHITECTURE

WDM

STM-4/16

ADMADM

ADMADM

SXASXA

WLWL

STM-16 Ring

National level

ADMADMADMADM

ADMADM

ADMADMADMADM

ADMADM

ADMADMADMADM

ADMADM WLWL ADMADMADMADM

ADMADM

ADMADMADMADM

ADMADM

ADMADMADMADM

ADMADM

STM-16 Ring

GOALS

• Study of the SXA Cross Connettor.

• Development of a SA description (formal / semi-formal) to allow quantitative analysis

Try different description techniques. (UML, ADL, Process Algebras)

The identification and structuring of the information necessary to produce a performance model.

Reverse Engineering. Process

LOCAL TERMINAL

SYSTEM FUNCTION

OSISTACK

OSISTACK COMMAND

HANDLER

XCONN

DATABASEMANAGER

TLECOMM. PROVIDER

SXA SYSTEM – SOFTWARE CONFIGURATION

Database MIB

ET-MUX

ET-MUX

ES-COREworking

ES-COREprotection

C-CORE

T-MUX

T-MUXT-MUX

T-MUX

RackIO

RackIO

RackIO

RackCENTRAl

SXA SYSTEM – HARDWARE CONFIGURATION

External Interfaces

FM

System Base

Hardware unit

SOFTWARE LAYERS

LPSDR XCONNTMTIMCM PMDN

Unit Handler

EPS

Global Functions

Periferal Functions

Shelf Functions

ES-CORE Protection

ES-CORE Working.

Timing

8 ETMSU PSCU

C-CORE

LAN HUB

2 TSU PSCU

ASUPhisical

ports

DPSTDU

T-MUX# 1

T-MUX# n < 30

PSCU

ASUPhisical

ports

DPSTDU

ET-MUX# 1

ET-MUX# n < 16

PSCU

TDU

ASUPhisical ports

T-MUX16# 1

T-MUX16# n < 8

C-LAN

2 TSU 2 TSU

HARDWARE LAYERS

MSCUMSCU

GLOBAL

SHELF

PERIFERAL

SSXCCXC

GXC

TXCBXC

PSXCPTXC

STXCSAXC

Global

Periferal

Shelf

XCONN LAYERS

System Domain Study

System Function XCONNDomain Study

Architectural Description

Functional Partition

REVERSE ENGINEERING PROCESS

Domain SystemStudy

XCONNDomainStudy

Architectural

Description

Functional Partition

DomainSystemStudy

InterviewsInterviews

High-LevelSequence Diagrams

(UML)

High-LevelSequence Diagrams

(UML)

DOMAIN SYSTEM STUDY

Components High-Level

Documentation

XCONN DOMAIN STUDY

DomainSystem

Study

XCONN DomainStudy

Architectural

Description

Functional Partition

Components detailed

description XCONNDomain

Study

Exchanched Messages listsExchanched

Messages lists

Deployment Diagram (UML)Deployment

Diagram (UML)

Stereotyped class diagrams (UML)

Stereotyped class diagrams (UML)

Previous phasesPrevious phases

CM

<<SYSTEM FUNCTION>>

CMDHLPS

<<SYSTEM FUNCTION>>

EPS

<<SYSTEM FUNCTION>>

ELEMENT MANAGER

XCONN

<<SYSTEM FUNCTION>>

FM

<<SYSTEM FUNCTION>>

STEREOTYPED CLASS DIAGRAM (UML)

SYSTEM

PSXC<<XCONN component>>

PTXC<<XCONN component>>

LPS<<component>> 1..1

1..*

1..1

1..*

BXC<<XCONN component>>

SSXC<<XCONN component>> 1..*

1..1

1..*

1..1

TXC<<XCONN component>>

STXC<<XCONN component>>

1..1

1..1

1..1

1..1

1..1

1..2

1..1

1..2

1..*

1..1

1..*

1..1

CM<<component>>

1..1

1..*

1..1

1..*

FM<<component>>

CXC<<XCONN component>> 1..11..1 1..11..1

1..1

1..1

1..1

1..11..1

1..*

1..1

1..*

EPS<<component>>

GXC<<XCONN component>> 1..1

1..1

1..1

1..11..11..1 1..11..1

1..21..1

1..21..1

1..1

1..1

1..1

1..1

CMDH<<component>>

1..11..1

1..11..1

Element Manager<<component>>

1..11..1 1..11..1

STEREOTYPED CLASS DIAGRAM (UML)

SYSTEM FUNCTION XCONN

ARCHITECTURAL DESCRIPTION

System Domain

study

XCONNdomain study

Architectural description

Functional partition

architectural description

Static description of components with DARWIN

Static description of components with DARWIN

Components Behavioral

description by the FSP process

algebra

Components Behavioral

description by the FSP process

algebra

SDL Code and Diagrams

SDL Code and Diagrams

Components Detailed

Description

Components Detailed

Description

Previous activities results

Previous activities results

MSG abstractionMSG abstraction

Feedback on previous activities results

Feedback on previous activities results

STATIC DESCRIPTION WITH DARWIN

Components hierarchy

Graphic Description of the SAXC component

STATIC DESCRIPTION WITH DARWIN

SAXC

cxc[0] cxc[1]

bxc[1] bxc[0]

txc[1] txc[2] txc[n]

SDL STATE INPUT MESSAGES

OUTPUT MESSAGES

GRAPHIC SDL

Sub-structure of the BXC process

FSP Description of the BXC process

ComponentsSpace state

# states # transitions

# statesminimizedautomata

GXC 15649 15649 29633 184SSXC 19968 19968 51712 30PSXC 4 4 9 4STXC 336 333 774 84PTXC 40 40 87 18CXC 7952 4221 6990 2525BXC 24 24 48 21TXC 99 99 262 52

Composed Components Space state|| SAXC =( cxc[i:0..1]: CXC || bxc[i:0..1]: BXC || txc[i:1..2]: TXC) 3,569814221783e+14

|| XCONN = saxc:SAXC || gxc:GXC || stxc[i:0..1][j:1..Maxtmux]:STXC || ptxc[i:0..1][j:1..Maxtmux]:PTXC || ssxc[i:0..1]:SSXC ||psxc[i:0..1][j:1..Etmsu]:PSXC)

9,290070305824e+50

FINITE STATE AUTOMATA

|| SAXC =( cxc[i:0..1]: CXC || bxc[i:0..1]: BXC ||txc[i:1..2]: TXC) /{cxc[c:C].cb_stato_indirizzo[statobxc:Stato] /bxc[c].cb_stato_indirizzo[statobxc],cxc[c:C].cb_richiesta_allineamento_sb[allineamento:Tipoallineamento] /bxc[c].cb_richiesta_allineamento_sb[allineamento:Tipoallineamento],………………………………………………

cxc[c:C].ct_inizio_configurazione[t:T] /txc[t].ct_inizio_configurazione[c],cxc[c:C].ct_lista_connessioni[t:T] /txc[t].ct_lista_connessioni[c],……………………………………………….

bxc[0].bb_richiesta_allineamento_sb[1] /bxc[1].bb_richiesta_allineamento_sb,bxc[0].bb_trasferimento_dati[1] /bxc[1].bb_trasferimento_dati,……………………………………………….}.

SAXC FSP DESCRIPTION

RELABELLING

|| XCONN = (saxc:SAXC || gxc:GXC ||stxc[i:0..1][j:1..Maxtmux]: STXC ||ptxc[i:0..1][j:1..Maxtmux]:PTXC || ssxc[i:0..1]:SSXC ||psxc[i:0..1][j:1..Etmsu]:PSXC) /{gxc.gc_stato_matrice[c:C] / saxc.cxc[c].gc_stato_matrice,gxc.gc_stato_shelf[c:C][escore1:Statop][escore2:Statop][tmux1:Statop][tmux2:Statop] /saxc.cxc[c].gc_stato_shelf[escore1][escore2][tmux1][tmux2],………………………………………………………gxc.st_ack[t:T][st:St] / stxc[t][st].gst_ack,gxc.stg_stati_switch_pgroup[t:T][st:St] /stxc[t][st].stg_stati_switch_pgroup,

saxc.cxc[c:C].ssc_richiesta_configurazione/ssxc[c].ssc_richiesta_configurazione,saxc.cxc[c:C].ssc_report_permessi /ssxc[c].ssc_report_permessi,………………………………………………………

saxc.txc[t:T].tst_tabella_matrice[st :St] [statostxc:Stato] /stxc[t][st].tst_tabella_matrice[statostxc],saxc.txc[t:T].tst_inizio_configurazione[st :St] /stxc[t][st].tst_inizio_configurazione,……………………………………………………….ssxc[ss:Ss].psss_ssxcack[ps:Ps] / psxc[ss][ps].psss_ssxcack,ssxc[ss:Ss].psss_richiesta_configurazione[ps:Ps] /psxc[ss][ps].psss_richiesta_configurazione,………………………………………………………..}.

System DomainStudy

XCONN DomainStudy

Architectural Description

Functional Partition

Functional Partition

Messagge Sequence Chart

(MSC)

Messagge Sequence Chart

(MSC)

Activity diagrams (UML)

Activity diagrams (UML)

SDL Diagrams and

code

SDL Diagrams and

code

FUNCTIONAL PARTITION

Previous activities results

Previous activities

results

automata transition.

FSP process state after performing the action

FSP processes state before performing the action

Components istances CXC attivo :

CXCGXC : GXC

gc_nuovexc

GXC_READY

CXC_READY_ACT

GXC_W_ACK_CONF

CXC_CALCOLO_PATH_LISTA_XC

MESSAGE SEQUENCE CHART (MSC)

CXC ACT : CXC BXC ACT : BXC TXC(n) : TXC SSXC ACT : SSXC

GXC : GXCEM : ELEMENT MANAGER

GXC_READY

CMDH : CMDH

ech_nuovexc

chg_nuovexc( )

GXC_W_ACK_CONF

CXC_READY_ACT

gc_nuovexc

cg_report_xc_stabil i te( )

ct_l ista_connessioni( )

n messaggi per ogni TXC coinvolto.

gch_report_xc_stabil i te( )

Per ogni connessione presente nel messaggio applica l 'algoritmo di path IPOTESI a) L'algoritmo ha successo

css_leggi_xc_2_stadio( )

cb_richiesta_all ineamento_sb( )

CXC_WAIT_TOTAL_ACK

tc_report_configurazione( )

ssc_report_configurazione( )

bc_report_allineamento( )

cg_report_configurazione13( )

cg_report_configurazione2( )

cg_allineamento( )

che_report_xc_stabil i te

Lo riceve da tutti i TXC coinvolti.

CXC_CALCOLO_PATH_LISTA_XC

CXC_CONNESSIONI_TXC1

CXC_CONNESSIONI_TXC(n)

CXC_READY_ACT

GXC_READY

CXC ACT : CXC

BXC ACT : BXC

TXC(n) : TXC

EM : ELEMENT MANAGER

CMDH : CMDH

GXC : GXC

SSXC ACT : SSXC

7: ct_lista_connessioni( )

10: tc_report_configurazione( )

8: css_leggi_xc_2_stadio( )

12: ssc_report_configurazione( )

9: cb_richiesta_allineamento_sb( )

14: bc_report_allineamento( )

1: ech_nuovexc

6: che_report_xc_stabilite

2: chg_nuovexc( )

5: gch_report_xc_stabilite( )

3: gc_nuovexc

4: cg_report_xc_stabilite( )11: cg_report_configurazione13( )13: cg_report_configurazione2( )

15: cg_allineamento( )

COLLABORATION DIAGRAMS (UML)

Summarizing

• Issue of complexity: Have clear in mind what the SA has to be for

• Domain specific ADL, complementing standard notations with ad hoc notations, e.g. FSP

• Predictive analysis and evaluation of the architectural choices