Upload
kelton-augur
View
219
Download
1
Tags:
Embed Size (px)
Citation preview
C.
Compositional Design and Verification of
Component-Based Information Systems
Jan Martijn van der Werf
Organizations cooperate
BobCharley
Alice
“Who-knows-who” not transitiv
e!
Dave
Organizations deliver services
BobCharley
Alice
Dave
Component-based information system
Process
Data
Process
Data
Process
Data
Process
Data
Process
Data
Process
Data
Verification vs. design
• Verification:• Go and do what you want,
check when finished
• Correctness by design:• Follow my rules,
and it is correct
vs.
Compositional verification of soundness
• Components form a service tree• Components only know their direct neighbors
B
C
E
D
= soundness of component
= condition on communicating pair of components
A
F
Compositional verification of soundness
Compositional verification of soundness
Soundness not sufficient fo
r pairw
ise verification!
Compositional design: refinement rules!
• Stepwise refinement• Each step preserves soundness• Refinement rules:
• Within component• Outsourcing• Over components
Process + Data = Prototype
+ +
Compositional design and verification of Component-based information systems
• Framework for component-based information systems• Compositional verification of interaction• Compositional design of interaction
• Petri nets extended with data• Message passing• Data transactions
• Process + data prototype• Re-engineering by process mining
C
Compositional Design and Verification of
Component-Based Information Systems
Jan Martijn van der Werf
• Soundness: always possible to finish properly(disregarding interfaces)
Components and their composition
a
b
c
d
e
a
b
c
d
e
H
IG G
Correctness by design
• Refinement within a component
Correctness by design
• Refinement over components
)=( p q
A
B
Gp
q
C
D
H
iC
fC
iD
fDx
v u
t
w
y
z
w
v
t
u
x
y
z
Correctness by design
• Outsource refinement
Sufficient conditions for
Sufficient conditions for soundness
B B+C B B+C B B+C
• Identical communication:• B+C behaves like B on interface with A
• Alternating communication block:• B+C has same communication blocks as B
• Elastic communication:• B+C may send earlier and receive later than B