Visual Formal Methods R J Walters. Introduction Motivation The Language The tools An example Conclusion.

Visual Formal Methods

R J Walters

Introduction

Motivation The Language The tools An example Conclusion

Issues in large systems

Connecting the parts

Getting the result to make sense

RDT

Draw your processes (components) Draw how they are connected Run the model in the execution tool Use a model checker on it - SPIN * Limitations are accepted in exchange

for ease of use

RDT: Processes

Process has state Displayed as a picture Built using system of dialogue boxes 3 types of event

– Receive– Send– Create

RDT: Events, Receive

State 1

State 2

ReceiveEvent Value Channel

RDT: Events, Send

State 1

State 2

SendEvent Value Channel

RDT: Events, Create

State 1

State 2

CreateEvent NewValue Channel

An example process

An example process

RDT: Models

Add instances of processes to your model

Describe how these instances are (initially) connected

Models: Process Instances

Inst1: ProcTypeCh2

Ch1

Inst2: ProcTypeCh2

Ch1

Models: Connections

Inst1: ProcTypeCh2

Ch1

Inst2: ProcTypeCh2

Ch1

Example model

Example model

What next?

Execute the model

Use a model checker on it

Channels:

Communication in RDT is founded on the pi-calculus

Similar identity between values and channels

RDT also permits asynchronous communication

– Need channels in the execution tool

Executing the model

Each Process instance has a window which shows:– Name and type– State– List of available actions– List of local channel names mapping these

to instances of channels

Executing the model

Each Channel (instance) has a window which shows:– Name– List of values held in the channel

The Execution tool

The Execution tool

RDT: Conclusion

Language, model construction tool, execution tool, translation tool

Builds formal models using “informal” methods