120 likes | 234 Views
Workflow Verification Project. BY: Toomas K ü tt Fraz Tabassam Jens K aae Christensen. Check Order. a1_ch. a2_ch. Get Products. a3_ch. AND. OR. a2_ch. Save Order Information in Archive. a7_ch. a5_ch. Test Computer. a4_ch. a11_ch. Assemble Bundle. a10_ch. a9_ch. OR.
E N D
Workflow Verification Project BY: Toomas Kütt Fraz Tabassam Jens Kaae Christensen
Check Order a1_ch a2_ch Get Products a3_ch AND OR a2_ch Save Order Information in Archive a7_ch a5_ch Test Computer a4_ch a11_ch Assemble Bundle a10_ch a9_ch OR AND Test Monitor a5_ch a8_ch
a2_ch a1_ch a3_ch Check Order Get Products a2_ch Save Order Information in Archive a7_ch a5_ch Test Computer a4_ch a11_ch Assemble Bundle a10_ch a9_ch Test Monitor a5_ch a8_ch
Variable declarations: Number of running activity nodes int running; Resources: int r1, r2, r3, r4, r5, r6; Global declaration of channels: urgent chan letsstart, a1_channel, a2_channel, a3_channel, a4_channel, a5_channel, a7_channel, a8_channel, a9_channel, a10_channel, a11_channel; Clocks (local, one for each activity): clock clock1, clock2, clock3, clock4, clock5, clock6;
Node declarations (Communicating Finite Automatas) Figure 2: Activity Parameters: - clock &processclock, - const int mintime, - const int maxtime, - int &resource, - urgent chan &in_channel, - urgent chan &out_channel
System declarations: • CheckOrder = Activity(clock1,1,2,r1, letsstart, a1_channel); • Split1 = ANDsplit(a1_channel, a2_channel); • GetProducts = Activity(clock2,1,2,r2, a2_channel, a3_channel); • SaveOrderInformInArchive = Activity(clock3,1,2, r3, a2_channel, a4_channel); • Split2 = ORsplit(a3_channel, a5_channel); • TestComputer = Activity(clock4,1,2, r4, a5_channel,a7_channel); • TestMonitor = Activity(clock5,1,2, r5, a5_channel, a8_channel); • Join1 = ORjoin(a7_channel, a8_channel, a9_channel); • Join2 = ANDjoin(a4_channel, a9_channel, a10_channel); • AssembleBundle = Activity(clock6, 1, 2, r6, a10_channel, a11_channel); • end = EndNode(a11_channel);
System definition: StartNode, CheckOrder, GetProducts, SaveOrderInformInArchive, TestComputer, TestMonitor, AssembleBundle, end, Split1, Split2, Join1, Join2;
Answers to questions: • • Use UPPAAL to verify that: • 1) The end node will always be reached • - A<> p: p holds in some state along every path • - Query: A<> end.finished • 2) When the end node is reached no activities are waiting to get finished • - A[] p: p holds in every reachable state • - Query: A[] end.finished imply running == 0 • 3) The workflow is structurally incorrect if the implicit join is modeled as a merge • Query: A<> end.finished (deadlock)
4) Assemble bundle and get products may share a resource without conflict - A[] p: p holds in every reachable state - Query: A[] r6<2 : (property is satisfied) 5) There is a conflict if “get products” and “save order information” share a resource - Query:A[] r2<2 :(property is not satisfied) 6) With time intervals [1,2] the entire workflow can be completed in 8 units - E<> p: p holds in some reachable state. - Query:E<> end.finished and clock1<=8 - Query: A<> end.finished and clock1<=8
7) This still holds even if “save order information” gets interval [2,3] (explain why) - Same queries, “save order” set to [2,3]: - Query:E<> end.finished and clock1<=8 8) Show that “get products” is always executed before “assemble bundle” - A[] AssembleBundle.working imply GetProducts.finished