GRAPHIT. Graphical Support and Integration of Formal and. Semi{Formal. Methods for Software Speci cation and Development. October, 1997. 1 Objectives.
GRAPHIT Graphical Support and Integration of Formal and Semi{Formal Methods for Software Speci cation and Development October, 1997
1 Objectives The overall aim of this project is to bridge the gap between formal speci cation techniques developed in research projects and semi{formal or informal speci cations used in industrial practice. The main idea to overcome these problems is to develop graphical support for formal methods in order to increase acceptance by practitioners and to provide means for the integration of formal and semi{formal methods. More speci cally suitable concepts are being developed to combine algebraic speci cations, Petri-nets, and graph grammars with each other and with distinguished graphical components to be used by industrial partners.
2 Partner's Names and Addresses a) Germany: Technische Universitat Berlin Prof. Dr. H. Ehrig FB 13 / Sekr. FR 6-1 Franklinstr. 28/29 D-10587 Berlin, F.R. Germany Tel: +49-30-314-73510 Fax: +49-30-314-23516
MSB
Microcomputer System Beratung B. Bardohl Weserstr. 28 D-12045 Berlin Tel: +49-30-6247861 Fax: +49-30-6245555
Universitat Stuttgart Prof. Dr. Gunzenhauser Institut fur Informatik Breitwiesenstr. 20/22 D-70565 Stuttgart Tel: +49-711-7816-366 Fax: +49-711-7816-370
b) Brazil: Universidade Federal do Rio Grande do Sul Nutec Informatica S/A Prof. Dr. D. Nunes Instituto de Informatica Av.Bento Gonto Goncalves 9500 - Bloco IV Caixa Postal 15064 91501-970 Porto Alegre - RS - BRAZIL Tel: +55-51-3368399/2281633 Fax: +55-51-3365576
P. Castro 91501-970 Porto Alegre RS - BRAZIL Tel: +55-51-2257311 Fax: +55-51-2258383
3 Project Description Techniques for the speci cation and development of software in industry must combine both an intuitive appearance and a formal basis in order to provide easy access, clarity in standard and marginal cases, and the possibility for formal analysis whenever this is required. Unfortunately, most of the speci cation and development techniques which are used in practice today lack a formal basis. But such a basis is necessary for a clear problem description covering not only the standard but in particular also the marginal cases where errors are most likely to occur. Moreover, a formal analysis or correctness proofs for critical parts of software strongly require a formal basis of the description. On the other hand there is a clear need in practice for development techniques being intuitive and suggestive. E�orts should be directed to cope with the speci ed problem rather than with the speci cation formalism. As already mentioned before, the aim of this project is to bridge the gap between formal speci cation techniques developed in research projects and the semi{formal or mostly informal speci cations used in industrial practice. To solve these problems we divided the project into the following three research topics:
�
�
�
Integration and adaption of formal and semi{formal methods
This topic includes the analysis of intuitive and semi{formal methods with graphical components which are used by industrial partners, and their integration with formal speci cation techniques.
Concepts and tools for the graphical layout of algebraic speci cations
To increase the readability of speci cations and make them (at least partially) understandable even for non specialists, graphical layout is of great importance. Graph grammars and Petri-nets have a natural graphical representation, and for algebraic speci cations a corresponding extension was provided by [Bar96]. However, these representations are still sometimes to complex to be used in the practice. The development of the case studies has shown that (graphical) shorthands are needed in many situations. That is, to bring formal methods closer to real applications, we must allow more exibility in the representation. New software tools shall be developed based on the extended graphical facilities of modern computer soft{ and hardware and already existing tools dealing with algebraic speci cations, graph grammars and Petri-nets should be integrated into the ACT{ [CEW93] and PROSOFT{ [Nun93] environments.
Combination of algebraic with graphical speci cation techniques
Combining algebraic speci cations with Petri-nets [LKW93] and/or graph transformations [LKW93] results in high{level speci cation formalisms with graphical components for the informal and formal speci cation of di�erent aspects of software like data type and process parts in an integrated framework. The graphical components should provide increased comprehensibility leading to more reliable software.
The work on these topics is again divided into two parts. One part is concerned with the application of formal speci cation techniques to real problems occuring within the companies MSB, Berlin, and NUTEC, Porto Alegre. The other part is concerned with the foundations of formal and semi-formal speci cations and concepts. Due to its character as a working group, the project supports the cooperation of the partners. That means, research on integration of semi-formal and formal methods was intensi ed and partly veri ed by several bilateral visits of the partners.
4 Achieved Results Research of the project has followed the outlines which were described previous proposals for GRAPHIT. The progress with respect to the research topics and the results obtained up to now are described below. That means, according to our workplan the work has been concentrated on the following topics:1 1 An overview about the results achieved until 1996 can be found in [BBC+ 96].
1. Modularization techniques for graph grammars and Petri-nets. 2. Development of well-founded concepts in order to integrate di�erent techniques and formalisms. 3. Development of re nement/abstraction concepts for graph grammars and Petri-nets. 4. Adaption of these formalisms to practical applications using new graphical notations in order to extend, optimize and ease the application of such formalisms. 5. Analysis of the case studies in view of the requirements from industrial partners. These topics have been worked out giving raise to new results of the project and publications, respectively talks, at workshops: �
� �
�
� �
De nition of morphisms between graph grammars that may be seen as re nements (or specializations) relationships. Also structuring concepts for graph grammars were de ned based on these relationships ([HCEL96, Rib96a]). These results correspond to the topics 1. and 3. above. Di�erent classes of Petri nets can be integrated in a general way with di�erent kinds of data types ([Pad96]). This result corresponds to topic 2. above. Graph grammars were extended with means to control the transformation process. This extension is based mainly on consistency and application conditions and also on temporal logic concepts ([HCEL96]). This result corresponds to topic 4. A speci cation and implementation of some parts of the case study of the Shipping software (together with the company MSB) were done within a student's project at the TU-Berlin. The simulation can be seen as a veri cation of the system through tests. A corresponding technical report is being written. These results correspond to topic 4. A prototype of the telephone system, a case study proposed by the company NUTEC, is being currently implemented. This result corresponds to the topic 4. An analysis of the case studies with respect to the requirements of the industrial partners led to the result that a methodology for applying formal methods to practical applications is still missing ([Rib96b]). Moreover, introductory texts in graph grammars at a level that may be understood by the programmers working for our industrial partners, that would allow them to write the speci cations of their systems by themselves (without help of the university partners), are not available. These results correpond to topic 5. above.
�
An object-oriented methodology for the design of attributed graph grammars, using the Object Modeling Technique methodology and the Uni ed Modeling Language notation, has been developed in [Wag97]. It is based on class and object diagrams and incorporates also integrity constraints and their veri cation.
5 Workplan for 1998 and 1999 Usually during software development many di�erent kinds of methods/tools are applied not only at di�erent stages of the software life cycle, but also on di�erent aspects of the system that is being speci ed/implemented. One of the aims of GRAPHIT is to integrate di�erent software development methods so that they become closer to the needs of practical applications. Such applications need also a computer environment in which many methods may be used within the development of a software system and that aids the software development process. The PROSOFT system [Nun93] is one step in this direction. The main goal of PROSOFT is to create a prototype of a generic computer environment supporting formal development of programs. This system includes already concepts of distributed environments according to the client/server model. In this year we plan to increase the software productivity of this system by incorporating distributed real time groupware and add security features. Moreover we will consider the construction of new PROSOFT tools (called ATOs) for some formal methods used in our project GRAPHIT (like Petri-nets and graph grammars). In 1996 re nement and structuring mechanisms for graph grammars are developed. Some of these concepts have been used in the case study about the telephone system [Rib96b] and have shown to be adequate for this kind of application. As there is a close relationship between graph grammars and Petri-nets, we will investigate which are the corresponding notions for Petri nets and whether these notions, as they were de ned for graph grammars, may also be useful for Petri-nets. Moreover, we plan to extend these concepts to deal also with data types (attributes) as they are very needed by practical applications. Based on [Wag97] we start to develop concepts for the automatic generation of graphical editors (see selected publications) and which seems to be very useful for our industrial partners. Such graphical editors work on visual languages describing certain diagramatic techniques used for software development. Summarizing, we will work on the topics listed below: �
Inclusion of cooperation issues in the PROSOFT environment, like concurrency control of the access of shared PROSOFT objects, and security and access control interfaces for groupware ATOs. Improvement of the software development process and reusability facilities of PROSOFT.
�
�
�
� �
Re nement and structuring techniques for graph grammars and Petri-nets shall be extended by assuming an open (i.e., incompletely speci ed) behaviour of components. This supports compositionality of the speci cation and the veri cation of properties. Structuring techniques shall also take into account control conditions and behavioural speci cations. Adaption of the developed formalisms for the object based speci cation of communication based systems. This includes, for example, the development of new graphical notations, tools as the automatically generation of graphical editors, and the integration of existing methods and techniques. Development of veri cation techniques and application to the case studies. In particular, development of model checking and proof calculi for temporal logic speci cations for graph grammars. Start of a new case study concerning a graph- and rule-based speci cation of a rewall providing restricted access to local company networks from the Internet/WWW. Iterated check of the case studies wrt. the requirements of the industrial partners.
6 Short Biography of Project Leaders Hartmut Ehrig is full professor of Theoretical Computer Science/Formal Speci cation at the Technical University of Berlin, Germany. He is leader of several national and international research projects in Theoretical Computer Science and Formal Software Development: THE ESPRIT-projects SEDOS, LOTOSPHERE, ESPRIT-Basic Research WG's ASMICS, COMPASS, COMPUGRAPH, APPLIGRAPH, the German BMFT, BMBF and DFG-projects KORSO, ESPRESS, ACT, DAO, Graph-Transformations, and Petri Net Technology and the TMR-network GETGRATS. He has produced approximately 200 publications in international conference proceedings and journals. He had various research stays at the IBM Thomas J. Watson Research Center, Yorktown Heights, NY, University of Catalunya, Barcelona, and at the University of Southern California, Los Angeles, University of Leiden, University of Rome, and University of Pisa. Daltro Jose Nunes is a full-time professor at UFRGS. He was responsible for the creation of the Post-Graduation program in Informatics at UFRGS in 1972. During many years, he was coordinator of the Post-Graduation courses, chief of the Informatics department and nowadays he is the president of the commission responsible for the Post-Graduation courses. He is also secretary of the Brazilian Society of Informatics with the task of proposing the education and research policies in Informatics for the country. A central aim of his research activity has been to introduce mechanisms for increasing the quality from software through the use of formal proofs for soundness and correctness. This has been one of the main topics of the project PROSOFT, which has been leaded by him since its
beginning in 1987. He published around 50 papers, was chairman in software engineering conferences and presented many talks in Brazil and abroad.
7 Selected Publications � �
� � �
H. Ehrig, R. Bardohl. Speci cation Techniques using Dynamic Abstract Data Types and Application to Shipping Software, Proc. Advanced Technology, Hamburg, 1994. R. Bardohl, G. Taentzer. De ning Visual Languages by Algebraic Speci cations Tecnhiques and Graph Transformations, IEEE Workshop on Theory of Visual Languages, 1997. L. Ribeiro. Parallel Composition of Graph Grammars, Dagstuhl Seminar on Graph Transformations in Computer Science, 1996. L. Ribeiro, M. Kor�. Graph Transformations for the Speci cation of Concurrent Systems, SBES'97. L. Ribeiro, M. Kor�. True Concurrency Model for Read/Write Access Systems, Workshop on Logic and Computation, Fortaleza, Brasil, 1997.
References [Bar96]
R. Bardohl. Visualization for an Algebraic Speci cation of Shipping Software. To appear, Technical University Berlin, 1996. [BBC+96] B. Bardohl, R. Bardohl, P. Castro, H. Ehrig, R. Heckel, R. Ribeiro, D. Nunes, and A. Martini. GRAPHIT: Graphical Support and Integration of Formal and Semiformal Methods for Software Speci cation and Development. In C. Lucena S. Jahnichen, editor, Proc. of the 3rd German-Brazilian Workshop on Information Technology, Berlin, December, 14th-15th 1995. Forschungszentrum Julich GmbH, Bilateral Seminars of the International Bureau, Volume 26, 1996. [CEW93] I. Cla�en, H. Ehrig, and D. Wolz. Algebraic Speci cation Techniques and Tools for Software Development - The ACT Approach. AMAST Series in Computing Vol. 1. World Scienti c, 1993. [HCEL96] R. Heckel, A. Corradini, H. Ehrig, and M. Lowe. Horizontal and vertical structuring of typed graph transformation systems. Mathematical Structures in Computer Science, 6(6):613{648, December 1996.
[LKW93] M. Lowe, M. Kor�, and A. Wagner. An algebraic framework for the transformation of attributed graphs. In M.R. Sleep, M.J. Plasmeijer, and M.C. van Eekelen, editors, Term Graph Rewriting: Theory and Practice, chapter 14, pages 185{199. John Wiley & Sons Ltd, 1993. [Nun93] D. Nunes. Verbesserung der Software-Qualitat durch Veri kation der Korrektheit der Implemetierung im Projekt PROSOFT. Technical Report 1993/2, Universitat Stuttgart { Fakultat Informatik, 1993. [Pad96] J. Padberg. Abstract Petri Nets: A Uniform Approach and Rule-Based Re nement. PhD thesis, Technical UIniversity Berlin, 1996. [Rib96a] L. Ribeiro. Parallel Composition and Unfolding Semantics of Graph Grammars. PhD thesis, TU Berlin, 1996. [Rib96b] L. Ribeiro. A telephone system's speci cation using graph grammars. Technical Report 96-23, Technical University of Berlin, 1996. [Wag97] A. Wagner. A Formal Object Speci cation Technique Using Rule-Based Transformation of Partial Algebras. PhD thesis, TU Berlin, 1997.
