department of mathematics and computer science April 07, 2006 UNSW / NICTA, Sydney1 mCRL2 and...

April 07, 2006 UNSW / NICTA, Sydney 1

/department of mathematics and computer science

mCRL2 and Visualization ofState Spaces

Bas [email protected]



mCRL2 and Visualization of

State Spaces

Bas [email protected]



Behavioral modelsof software

Manual analysistechniques

Tool based analysistechniques



mCRL2• Based on CRL: has been used in many case

studies for verification of protocols and distributed systems

• Language: process algebra (ACP) extended with data

• Tool set: supports analysis of real-life systems and protocols



mCRL2: Process algebra

1) Processes2) Actions: a, b, c,...3) Operators: +, ·, , ||, |, C, V,…

act a, b, c, error ;proc P = a·(b + c)·P + error · ;Q = a·Q ;init P || Q ;



mCRL2: Data types

sort Tree = struct leaf(value:ℤ)?isLeaf | node(left:Tree,right:Tree)?isNode;

map square: ℕℕ;eqn square = x:ℕ . x * x;

1) Bool, ℕ, ℤ, sets, bags, lists2) Functions, structs3) Lambda-expressions4) Operators: ⋀,⋁,∀,∃,+,-,div,mod,∈,⋂,⋃,⊆,⊇,++,⊳,⊲, …



Example

proc C(n:ℕ) = up · C(n+1) + n>0 down · C(n-1) + display(n) · C(n) +

m:ℕ . set(m) · C(m)

up down

displayset



Parallel processes

P Q R

P || Q || R

P=r1·s2·PQ=r2·s3·QR=r3·s4·R

r1

r2s2 s3 r3

s4

{s2|r2c2, s3|r3c3}(P || Q || R)

{r1,c2,c3,s4}{s2|r2c2, s3|r3c3}(P || Q || R))

c2 c3



Parallel processes

P Q R

P || Q || R

P=r1·s2·PQ=r2·s3·QR=r3·s4·R

r1 s4

{s2|r2c2, s2|r2c2}(P || Q || R)

{r1,c2,c3,s4}{s2|r2c2, s3|r3c3}(P || Q || R))

{c2,c3}({r1,c2,c3,s4}{s2|r2c2, s3|r3c3}(P || Q || R)))

Hide to action



mCRL2 tool set philosophy

mCRL2

LPE

LTS

Linear Process Equation

P(d:D)=iIei:Ei

ci(d,ei) ai(fi(d,ei)) · P(gi(d,ei))

current state

condition action effect

list of



A simple buffer

proc B =n:ℕ r(n) · s(n) · B

Br s

b=trueb=false

b:Bool

proc P(b:Bool,n:ℕ) =

m:ℕ b r(m) · P(true,m) +b s(n) · P(false,n)



mCRL2 tool set• Linearizer: mCRL2 spec → LPE• LPE modifiers and simulators• LTS generator, converter and minimizer• GUI tool interface (under construction)• LTS visualizer (under construction)• Model-checking tools (under construction)

Freely available (Boost license) for Unix, Linux, Windows and Mac OSX



Large applications• Philips Consumer Electronics• Philips Medical• ASML (Wafer steppers)• Dutch railway company (Prorail, Holland

Railconsult)• Océ (copiers)• Chess (ES)• Thales • Java distributed memory (free university)• Dutch Ministry of defense• Add-controls• VVSL• Nedcar • Nyquist• NBG• Firewire protocol• CVSS• Security protocol• Imtech

100% rule



Visualization of state spaces

proc Phil(n:ℕ) = get(n,n)·get(n,(n+1) mod 7)·eat(n)·put(n,n)·

put(n,(n+1) mod 7)·Phil(n);

proc Fork(n:ℕ) = m:ℕ up(m,n)·down(m,n)·Fork(n);

init ∇{lock,free,eat}({get|up→lock, put|down→free} (Fork(0) || Phil(0) || … || Fork(6) || Phil(6) ));

Consider 7 dining philosophers:

State space has 4,286 states and 19,159 transitions…



What’s wrong?• Too much detail: all states and transitions are

shown in one picture

So:• Give the user a structure of the state space• A backbone on which the states and

transitions can be visualized• FSMView by Frank van Ham (2000)



What did we do?

• Rank states• Cluster states• Position and visualize the clusters



Iterative

0

1

2

3

Rank states

Back pointer

Initial state

Cluster states

Ph

D o

f Fran

k van

Ham



Resulting structure

Draw ‘leaf-clusters’ as spheres.

Draw knotted cones between clusters

Rotate clusters outward.

Dra

w t

ree a

s 3

D o

bje

ct



Functionalities

• Find the deadlock…



Case study: a modular lift system

startstop

startstop

startstop

startstop

Relay



The lift system with 3 lifts



VLTS Benchmark suite

CWI/SEN2 in Amsterdam (NL)INRIA/VASY in Grenoble (F)



Visualization based on state vectors• View N state parameters as a vector in

N-dimensional space• StateVis and NoodleView by Hannes

Pretorius



StateVis



Scheduling wafers at ASML

RobotStore

Robot

Robot

VacuumLocks




RobotStore

Robot

Robot

VacuumLocks



Robot


Store

Robot

Robot

VacuumLocks



RobotStore

Robot

Robot

VacuumLocks

Deadlock can occur …



RobotStore

Robot

Robot

VacuumLocks

4

6

Add global constraints



NoodleView



Questions?



Contact• Bas Ploeger: [email protected]• Hannes Pretorius: [email protected]

department of mathematics and computer science April 07, 2006 UNSW / NICTA, Sydney1 mCRL2 and...

Documents

Transcript of department of mathematics and computer science April 07, 2006 UNSW / NICTA, Sydney1 mCRL2 and...