Upload
phamthien
View
216
Download
0
Embed Size (px)
Citation preview
Lecture 1: Objectives and CPN IntroductionDepartment of Informatics, Tallinn University of Technology
Alex Norta, PhD.
Agenda Objectives:
Course Context and Aims Intended Learning Outcomes Teaching and Assessment Methods
Introduction
Modelling and System Development Coloured Petri Nets Abstraction and Visualisation Formal Modelling and Verification CPN Tools Industrial Applications
Objectives: Course Context and Aims
The course has 2 parts, each 7 weeks5 ECTS pointsAims of the 1st part:
– obtain detailed knowledge of CP-nets– gain experience in modelling & validation small concurrent systems
Aims of the 2nd part:– gain practical experience with – modelling and validation of larger concurrent systems– plan and complete projects– communicate professional issues
Objectives: Teaching and Assessment Method
Mini-projects are conducted with teams of 2/3 studentsMust be documented in short 5-10 pages group reports
– http://www.sussex.ac.uk/ei/internal/forstudents/engineeringdesign/studyguides/techreportwriting
First mini-project:– extending the figure depicted below and simulate
Objectives: Teaching and Assessment Method
Second mini-project:– conduct state-space analysis of your Project 1 model– verify the correctness of the model– the second project reveals overlooked errors from Project 1
Third mini-project:– analysing the performance– use the simulation functionalities we will learn about– each group must perform presentations about their progress
All three project parts are mandatory & the exam– the exam is paper based and lasts 90 minutes
Assment metrics comprise– the technical report(s)– the exam where less than 50% score means failed
Objectives: Teaching and Assessment Method
Maintain an time-budget log– you receive an Excel file where you each maintain what you spend
your time on– each time-budget log must be signed off by all other mini-project
partners– if signatures don't exist then I have an indication that there a group-
dynamics issue exists– group-dynamics issues results in lower grading, maybe even failure
Introduction
System development is a comprehensive discipline– activities such as requirements enginering, design, specification,
implementation, testing, integration, deployment systems spread
– systems– computing– (SOA)– devices– technology
Application domains– telecommunication, Internet, embedded systems, etc.
Introduction: Modelling and System Development
Concurrent system modelling is challenging– Concurrency and non-determinism– Execution proceeds in many different ways– Astronomic execution variations– E.g., message gets lost
Easy for humans to miss a design mistake– Missing an interaction pattern– Concequences are gaps or malfunction of the system
Concurrent systems are– Complex and difficult to test and debug– E.g., for nuclear power plants systems must work correctly
Crucial to provide methods that enable testing and debugging prior to implementation and deployment!!
Introduction: Modelling and System Development
System model building a feasible approach– is a well-known example – Structure and behavior of a system– However, no simulation
Modelling in early system development stage– Correct design errors before construction
Beneficial modelling reasons– Insight: in the design and operation of a system– Completeness: detection of missing parts for simulation and a better
understanding of the system requirements– Correctness: errors and flaws are usually detected, problematic
scenarios can be reproduced, systematic error investigationMore effort in early system design
Introduction: (CPN)
CPN is a graphical language for concurrent system design and analysis
CPN is a modelling language– capabilities– high-level programming language (CPN ML) included
Petri nets provide – graphical notation – modelling concurrency, communication, synchronisation
language– derived– data types, -manipulation primitives– for compact & paramterisable model creation
CPN is a general-purpose modelling environment
Introduction: (CPN)
CPN application domains that are typical– communication protocols, data networks, distributed algorithms,
embedded systemsBroader CPN applications for concurrent systems
– business processes and workflows, manufacturing systems, multi-agent systems
CPN is a high-level Petri net– combination of Petri nets and programming language
Low-level Petri nets (place/transition nets)
Introduction: (CPN) CPN models are
– executable and used to model and specify the behaviour of concurrent systems
– both state- and action oriented– events (transitions) cause the system to change states – simulations of the model to investigate different scenarios and
explore the behaviour– simulations is to debug and investigate the system design– CP-nets that can be simulated interactively or automatically– interactive for the simulation with single-step debugging
• similar to program execution • investigating different scenarios in detail• checking whether the model works as expected• observe the effects of the individual steps directly
– Automatic simulations with breakpoint setting• testing and performance analysis
Introduction: (CPN)
Time plays an important role in CPN– performance of a system may depend on how long activities take– delays, throughput, and queue lengths
CPN is – theoretically well founded– also applicable for industrial projects– not designed to replace other modelling languages such as UML– a supplement to existing modelling languages & methods– used in combination, or integrated with other languages & methods
Introduction: Abstraction and Visualization
A model is an abstraction from reality – some details are omitted
Ask questions about the model– What is the purpose?– What do we want to learn about the system with the model?– What kinds of properties are we investigating?
Decide– What should be included in the model?– What can be abstracted away without compromising the model
correctness? Finding the appropriate abstraction level
– one of the arts of modelling
Introduction: Abstraction and Visualization
The CPN language has few, but powerful primitives– few constructs must be mastered to construct models– model systems and concepts at different levels of abstraction– important for CPN models of large systems
• modules interact with each other through well-defined interfaces similar to programming languages
The concept of CPN modules– based on a hierarchical structuring mechanism– allows a module to have sub-modules– allows module-composition into a new module– reuse of sub-modules in different model parts– allows modeller to work bottom-up & top-down
Introduction: Abstraction and Visualization
Visualization in CPN modules is important for– presentation of design ideas & aalysis results– discussion with people unfamilair to CPN– abstractly visualizing a CPN module execution for an application
context– e.g., message sequence charts
Introduction: Formal Modelling and Verification
CPN models are formal– mathematical defintitions for syntax and semantics– a computer tool can be used to verify system properties
Formal representation is foundation for defining behavior properties & analysis methods
– mathematical representation important for CPN language Verification involves
– a mathematical formulation of a property– a computer-assisted proof that a model satisfies a property– verified properties must be those a system should possess– informal justification always accompanies formal verification
Introduction: Formal Modelling and Verification
The state-space method supports CPN model verification– compute all reachable states & state changes automatically– represent as directed graph– nodes represent states and arcs occurring events– answer verification questions about system behavior
• absence of deadlock• reachability of a given state• guaranteed service delivery
– state spaces give counter examples with debugging info– user must not worry about deeper underlying mathematics– disadvatage of state-space explosion
• many state-space reduction methods have been developedCombination of methods for CPN system validation
– interactive- and automatic simulation, visulization, state-space analysis, performance analysis
Introduction: CPN Tools
CPN Tools performs – syntax- and type checking (like interpreter environment)– contextual error-message provision to users– partial CPN model execution
Two types of simulation in CPN Tools– interactive simulation:
• user is in complete control• user determines individual simulation steps• execution events are GUI visible
– automatic simulation:• user specifies number of execution steps in the GUI• and/or user sets a number of stop criteria and breakpoints• simulator makes random choices without user interaction• only the resuoting state is shown via the GUI• a simulation report contains results
Introduction: CPN Tools Full state spaces
– advanced methods aleviate state-space explosionCreate a state-space report
– answers initial behavioral properties– e.g., deadlocks, bottlenecks– early-design phase errors evident in state-space reports– user can draw interactively selected parts to inspect individual states
& events– contained information such as size of queues, delays of packetsload
of investigated componentsMonitors collect data
– write into log for post-processing• averages, standard deviations, confidence intervals
CPN Tools has open architecture for GUI integration– protoyping of novel analysis algorithms