Header Page of 113 VIETNAM NATIONAL UNIVERSITY, HANOI UNIVERSITY OF ENGINEERING AND TECHNOLOGY LÊ HỒNG ANH METHODS FOR MODELING AND VERIFYING EVENT-DRIVEN SYSTEMS DOTORAL THESIS IN INFORMATION TECHNOLOGY Hà Nội – 2015 Footer Page of 113 Header Page of 113 VIETNAM NATIONAL UNIVERSITY, HANOI UNIVERSITY OF ENGINEERING AND TECHNOLOGY Lê Hồng Anh METHODS FOR MODELING AND VERIFYING EVENT-DRIVEN SYSTEMS Major: Software Engineering Mã số: 62.48.01.03 DOCTORAL THESIS IN INFORMATION TECHNOLOGY SUPERVISORS: Assoc Prof Dr Trương Ninh Thuận Assoc Prof Dr Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 ĐẠI HỌC QUỐC GIA HÀ NỘI TRƯỜNG ĐẠI HỌC CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MƠ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG DẪN KHOA HỌC: PGS TS Trương Ninh Thuận PGS TS Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 Declaration of Authorship I declare that this thesis titled, ‘Methods for modeling and verifying event-driven systems’ and the work presented in it are my own I confirm that: I have acknowledged all main sources of help Where I have quoted from the work of others, the source is always given With the exception of such quotations, this thesis is entirely my own work Where the thesis is based on work done by myself jointly with others, I have made clear exactly what was done by others and what I have contributed myself This work was done wholly while in studying for a PhD degree Signed: Date: i Footer Page of 113 Header Page of 113 VIETNAM NATIONAL UNIVERSITY, HANOI UNIVERSITY OF ENGINEERING AND TECHNOLOGY Lê Hồng Anh METHODS FOR MODELING AND VERIFYING EVENT-DRIVEN SYSTEMS Major: Software Engineering Mã số: 62.48.01.03 DOCTORAL THESIS IN INFORMATION TECHNOLOGY SUPERVISORS: Assoc Prof Dr Trương Ninh Thuận Assoc Prof Dr Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 ĐẠI HỌC QUỐC GIA HÀ NỘI TRƯỜNG ĐẠI HỌC CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MƠ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG DẪN KHOA HỌC: PGS TS Trương Ninh Thuận PGS TS Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 VIETNAM NATIONAL UNIVERSITY, HANOI UNIVERSITY OF ENGINEERING AND TECHNOLOGY Lê Hồng Anh METHODS FOR MODELING AND VERIFYING EVENT-DRIVEN SYSTEMS Major: Software Engineering Mã số: 62.48.01.03 DOCTORAL THESIS IN INFORMATION TECHNOLOGY SUPERVISORS: Assoc Prof Dr Trương Ninh Thuận Assoc Prof Dr Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 ĐẠI HỌC QUỐC GIA HÀ NỘI TRƯỜNG ĐẠI HỌC CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MƠ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG DẪN KHOA HỌC: PGS TS Trương Ninh Thuận PGS TS Phạm Bảo Sơn Hà Nội – 2015 Footer Page of 113 Header Page of 113 Abstract Modeling and verification plays an important role in software engineering because it improves the reliability of software systems Software development technologies introduce a variety of methods or architectural styles Each system based on a different architecture is often proposed with different suitable approaches to verify its correctness Among these architectures, the field of event-driven architecture is broad in both academia and industry resulting the amount of work on modeling and verification of event-driven systems The goals of this thesis are to propose effective methods for modeling and verification of event-driven systems that react to emitted events using Event-Condition-Action (ECA) rules and Fuzzy If-Then rules This thesis considers the particular characteristics and the special issues attaching with specific types such as database and context-aware systems, then uses Event-B and its supporting tools to analyze these systems First, we introduce a new method to formalize a database system including triggers by proposing a set of rules for translating database elements to Event-B constructs After the modeling, we can formally check the data constraint preservation property and detect the infinite loops of the system Second, the thesis proposes a method which employs Event-B refinement for incrementally modeling and verifying context-aware systems which also use ECA rules to adapt the context situation changes Context constraints preservation are proved automatically with the Rodin tool Third, the thesis works further on modeling event-driven systems whose behavior is specified by Fuzzy If-Then rules We present a refinement-based approach to modeling both discrete and timed systems described with imprecise requirements Finally, we make use of Event-B refinement and existing reasoning methods to verify both safety and eventuality properties of imprecise systems requirements Footer Page of 113 Header Page 10 of 113 Acknowledgements First of all, I would like to express my sincere gratitude to my first supervisor Assoc Prof Dr Truong Ninh Thuan and my second supervisor Assoc Prof Pham Bao Son for their support and guidance They not only teach me how to conduct research work but also show me how to find passion on science Besides my supervisors, I also would like to thank Assoc Prof Dr Nguyen Viet Ha and lecturers at Software Engineering department for their valuable comments about my research work in each seminar I would like to thank Professor Shin Nakajima for his support and guidance during my internship research at National Institute of Informatics, Japan My sincere thanks also goes to Hanoi University of Mining and Geology and my colleges there for their support during my PhD study Last but not least, I would like to thank my family: my parents, my wife, my children for their unconditional support in every aspect I would not complete the thesis without their encouragement iii Footer Page 10 of 113 Header Page 160 of 113 Appendix C Event-B specifications and proof obligations of Crane Controller 143 when grd1 : dist = {precise → above} grd2 : ¬ d = deg DIS(above) grd3 : d = deg DIS(above) then act1 : speed := {precise → zero} act2 : dist := {precise → start} act3 : d := d − (deg DIS(above) − deg DIS(start)) end END C.5 Proof obligations for checking the safety property In this section, we list all proof obligations of each event in machine Crane M that need to be proved to show the correctness of safety properties Table C.1: INV PO of event evt1 ran(dis) = {close} ⇒ ¬ran(speed ) = {fast} dis = {precise → start} evt1/inv 4/INV ran ({precise → far }) = {close} ⇒ ¬ran ({precise → fast}) = {fast} Table C.2: INV PO of event evt2 ran(dis) = {close} ⇒ ¬ran(speed ) = {fast} dis = {precise → far } evt2/inv 4/INV ran ({precise → medium}) = {close} ⇒ ¬ran ({quite → fast}) = {fast} Table C.3: INV PO of event evt3 ran(dis) = {close} ⇒ ¬ran(speed ) = {fast} dis = {precise → medium} ran ({precise → close}) = {close} ⇒ ¬ran ({precise → slow }) = {fast} Footer Page 160 of 113 evt3/inv 4/INV Header Page 161 of 113 Appendix C Event-B specifications and proof obligations of Crane Controller 144 Table C.4: INV PO of event evt5 ran(dis) = {close} ⇒ ¬ran(speed ) = {fast} dis = {precise → above} evt5/inv 4/INV ran ({precise → start}) = {close} ⇒ ¬ran ({precise → zero}) = {fast} C.6 Proof obligations for checking convergence properties In this section, we list all proof obligations of each convergent event in machine Crane M that need to be proved to show the variant decreases after its execution (VARPO) and has type of Natural number (NATPO) Table C.5: VAR PO of event evt1 dis = {precise → start} d = deg DIS (start) ¬d = deg DIS (above) evt1/VAR deg DIS (far ) < d Table C.6: NAT PO of event evt1 deg DIS ∈ F DISTANCE → N dis = {precise → start} d = deg DIS (start) ¬d = deg DIS (above) evt1/NAT d ∈N Table C.7: VAR PO of event evt2 dis = {precise → far } d = deg DIS (far ) ¬d = deg DIS (above) d − (deg DIS (far ) − deg DIS (medium)) < d Footer Page 161 of 113 evt2/VAR Header Page 162 of 113 Appendix C Event-B specifications and proof obligations of Crane Controller Table C.8: NAT PO of event evt2 deg DIS ∈ F DISTANCE → N dis = {precise → far } d = deg DIS (far ) ¬d = deg DIS (above) evt2/NAT d ∈N Table C.9: VAR PO of event evt3 dis = {precise → medium} ¬d = deg DIS (close) d = deg DIS (medium) evt3/VAR d − (deg DIS (medium) − deg DIS (close)) < d Table C.10: NAT PO of event evt3 deg DIS ∈ F DISTANCE → N dis = {precise → medium} ¬d = deg DIS (close) d = deg DIS (medium) evt3/NAT d ∈N Table C.11: VAR PO of event evt5 dis = {precise → above} ¬d = deg DIS (above) d = deg DIS (above) evt5/VAR d − (deg DIS (above) − deg DIS (start)) < d Table C.12: NAT PO of event evt5 deg DIS ∈ F DISTANCE → N dis = {precise → above} ¬d = deg DIS (above) d = deg DIS (above) d ∈N Footer Page 162 of 113 evt5/NAT 145 Header Page 163 of 113 VIETNAM NATIONAL UNIVERSITY, HANOI UNIVERSITY OF ENGINEERING AND TECHNOLOGY LÊ HỒNG ANH METHODS FOR MODELING AND VERIFYING EVENT-DRIVEN SYSTEMS DOTORAL THESIS IN INFORMATION TECHNOLOGY Hà Nội – 2015 Footer Page 163 of 113 GIA I]A NQI D.1,I FIQC QUOC Header PageTRUONG 164 of HQC CONG NGHE D4,I113 ^l BANG KE NHAN TIEN NQi dung: Tht chuy6n ngdnh *0, Iao cho Ti6u ban cl6nh gi6 hd so chuy6n K! STT ,iu thi sinh ildo t4o ti6n dal1/2015 thuQt Vi6n thOng vi Hg t6n Dcrn vi , sii tiitn Nguy6n Qui5c Tu6n '.4 Iruongueu Dinh TriAu Ducrng Thu (i 150.000 J Cht Dtlc Trinh Uj'vi0n 100.000 D{ng Th6 Ngec Uj'vi6n 100.000 Nguy6n Nam Hodng U! vi€n r00.000 / b\D"aCI} sd tion bnng NGrIdl Ky nhfln 200.000 Dan cQng: r6ng si cnn: .JcJJ :ltrtm nira .awci DUYET rurT rnAcu DoN nghtn dCy crfu , vl ( Hd Ni.i, ngdy li-thdng $ ndm 2015 NGtId LAP BItu 1/il& s?t Footer Page 164 of 113 6kwl uiy Header Page 165 of 113 SI]T' Eoa vi I{o vir t6n A .L -5 r { Khautii-trI k flrlVf\i [hcn tll.r,i- k CNAld ,t{0 nL.: l]#.j I (U Hd vl ll&YM %"{2 4n rrti i/tt,t Llil €,t" ruq rndcu Dor{ n\' Not, nh4n ,Lk,thtrli 4n,) 07it r"[rv/.Vrv Cdrag: NGUO] DUY]17 rn;tl ,/)-r) ,40r Kf tlan kfutrut l-I.s'ilIN.A [:iur-r "-'""'" j - so5 p[,b )k: n,i ,l ,goy 1,!'rlrang ,.#, ,au, zO,l NGuT r,T :iu, l\y'f;ilttt /0's J -)., Lytfr,LJ Footer Page 165 of 113 i Header Page 166 of 113 BANGxT csuNc TtICHTMUC: Nhfln x6t cria thdnh vi6n ti6u ban vC hO so chuy6n m6n l a J m0m NhAn x6t cria tir5u ban chuy6n ngdnh HQ th6ng thdng tin Nhfln x6t cria tirSu ban chuy€n ngdnh K! thuat vi6n th6ng Nhfln x6t cta ti6u ban chuy6n ngdnh Vat Hgu vd linh ki6n nano SO tien Nhfln x6t cta ti6u ban chuy6n ngdnh K! thuat phdn (Vi6t blng chtr: B6n triQu d6ng chdn) Kdm theo chimg ti g6c Phu trr{ch don vi Ngudi rld nghi W Nguy6n Phuong Footer Page 166 of 113 Thfi Ducrng Dinh ThiQu 500.000 d 1.500.000 d 500.000 d 1.500.000 d 4.000.000 d Header Page 167 of 113 EAI HQC QUOC GIA HANQI TRTJONG DAI HQC CONG NGHE nAxc ru NHAN TIEN NQi dung chi: Thir lao dgc hO so chuy0n m6n cria thi sinh dU thi Ti6n si, chuy6n ngdnh PhAn m0m s't"l Don vi Hg vh tOn PGS.TS Truong Anh Hoing TS T6 J PGS.TS Truong Ninh Thufln TS Pham Nggc TS D[ng Vin Kh6nh Hing Vin Hung Khoa CNTT, Trudng DHCN Chtfrc trich HD Tru&ng ti6u ban K! thu{t ^r uen so Kf 100,000 { Khoa CNTT, Truhng DHCN Uy vi6n thu ky 100,000 Khoa CNTT, Trudng DHCN Uy vi6n 100,000 Khoa CNTT, Trudng DHCN uy vren 100,000 Khoa CNTT, Trudng DHCN uy vlen 100,000 nh$n & nU "2- fr _- (/ \PW 10 SDU.ooo TONG CONG Bdng chtr: NIdv)1 t^,6,Y) NGI/OI DUYET q* ry crd; PHU TRACH DON VI Hd Ni.i, ngdyl$ thdng * ndm 2015 NGI.IOI LAP /r>Truons Ninh Thu6n Footer Page 167 of 113 Manh Phucrns Anh Header Page 168 of 113 DAI HQC QUOC GIA HA NQI rRrIdNG EAr HQC CoNC NGHE gANc rt NuAN TrEN NQi dung chi: Thir lao dgc hO so chuy0n m6n cria thi sinh dU thi Tii5n si, chuy6n ngdnh HQ th6ng th6ng tin S'I"I Hg vir tOn Chric Eon vi trich HE Khoa CNTT, Trudng DHCN Trucrng ti6u s6 tidn I IS Nguy6n Nggc H6a PGS.TS Nguy6n Tri Thinh Khoa CNTT, Trudng DHCN Uy vi6n thu kv 300,000 J PGS.TS Nguy6n Hdi Chdu Khoa CNTT, Trudng DHCN uy vlen 300,000 PGS.TS Nguy6n Hd Nam Khoa CNTT, Trudng DHCN Uy vi6n 300,000 PGS.TS Hd Quang Thpy Khoa CNTT, Truhng DHCN Uy vi6n 300,000 ban 300,000 Kf nh$n \}L IM ,ily' I b// hfl& l0 TONG CONG g lsDo,o0o chii: ttt6t t\rqur nd.r"' tr,uv," q,,* Hd N|| ngdflLthdng\ ndm 2015 Ncr-for DUYT.T rnq rnAcH DoN vl IU Truo'ng Ninh Thuin Footer Page 168 of 113 NGIJO] LAP I /ry-Manh Phuo'ns Anh DAI HQC QU6C GIA HA NQI Header Page 169 of D4,I113 HQC CONG NGHE TRTIONG , ^l BANG KE NHAN TIEN NQi dung: NhQn x6t cta c6c thdnh vi€n dqt U2Ol5 chuy6n ngdnh K! TiiSu ban d6nh gi6 hO so chuy6n mdn ctra thi sinh tldo t4o ti6n si thuflt Vi6n th6ng Nguy6n Qu6c Tu6n Tru&ng ti6u ban Dinh Tridu Duong Drlc Trinh Uj'vi€n Nguy6n Nam Hodng 100.000 Hd NGU,fl DUYET {ug rnAcH DoN vI N1.i, ngdy clJthdnffi ndm 2015 NGtTd LAP BIEU )frw'!si Footer Page 169 of 113 {iktdt 'fj'V GlA 11A NQl EAI HQC QUOC Header PageTIIUOI\G 170 ofEAI113 I{OC COI']G I'IGHE, BAI\{G rrA HQI "u- :::.:_i-" clru ucrfia vE:r NAM -" ll; :_::': ' GIAY rBrfiN NHAN IId Noi, I{gtroi giao tiAn Xic nhfln chi ngay?.4ltang.lndm 20/ hlguoi nh$n tiiin Pln'^'^*- "n i rfi; dqfiuAW cQNG FIoA xA HqI cF{u Ncuia vIET NAM D$c t$P - T'E - II4mh Phtftc o o - GIAV B[fiN NH&N ronr6i ,u, .0r*\, Dlachi: drit If*i rffi dr; @ : .".' " '.'- " ' Dign thoai: TOi de nhfln cria: s5 ticn: )nP.,,.nm funrch{i: ."'.'.' ' """"""" """ ) &.r hrk oq/,,i t5;; /r;:rttlr r/a'"5n olsp :;;,"': ii;t;, ;- ;li ;i:,.,i *6t v ut nsdtu Xic nhfn chi hlgudri giao tidm IXd N1li, ngdy??thdngfi ndm ZO/ I'{guoi m[rfin ti0n t' ,/ Footer Page 174 of 113 { il)1,N^: fl'd ffi M'tz'; ... CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MÔ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG... CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MƠ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG... CÔNG NGHỆ Lê Hồng Anh PHƯƠNG PHÁP MƠ HÌNH HĨA VÀ KIỂM CHỨNG CÁC HỆ THỐNG HƯỚNG SỰ KIỆN Chuyên ngành: Kỹ thuật phần mềm Mã số: 62.48.01.03 LUẬN ÁN TIẾN SĨ NGÀNH CÔNG NGHỆ THÔNG TIN NGƯỜI HƯỚNG