Rebecca Modeling
Language
Mahdieh Ahmadi
Verification of Reactive Systems
March 2014
Outline
• Motivation
• Actor-based Language Rebeca
• Syntax
• Semantics
• Compositional Verification of Rebeca
• Supporting Tools
2
March 2014
Rebeca Modeling Language
Motivation
Establishing a
• Formal verification method,
• Easy to use for software engineers
For developing reliable systems in concurrent and distributed
applications.
Formal verification method:
Modeling language + Verification mechanism
Motivation
3
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Motivation :: Idea
• Popularity of Object Oriented Design Between Practitioners
• Actor-based modeling language
• Abstraction and Modular Verification
• Plus component notation
• Asynchronous message passing
• No shared variables
• Formal Verification Support
• Tools for direct verification
Motivation
4
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Actor-based Language Rebeca :: Actor
• A reference model for concurrent computation
• Consisting of concurrent, distributed active objects
Proposed by Hewitt as an agent-based language
(MIT, 1971)
Developed by Agha as a concurrent object-based language
(Illinois, since 1984)
Motivation
5
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Actor-based Language Rebeca :: Rebeca
• Reactive object language
• Bridge the gap between formal verification approaches and real
applications
Introduced by Sirjani and Movaghar, 2001
Motivation
6
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Actor-based Language Rebeca :: Rebeca:: Key
Features
• Independent active objects
• Asynchronous message passing
• Unbounded buffers for messages
• Dynamically changing topology
• Dynamic creation of active objects
Motivation
7
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Actor-based Language Rebeca :: Rebeca:: Added
Features
• Add class declarations to the syntax : Rebecs
• Encapsulation of data and process, no shared variable
• Grouping a set of reactive objects as an open component
• Allow a set of more tightly coupled objects to be grouped as a
component
• A higher level of abstraction in software design
• Tool supported
• Model checking Rebeca code using back-end model checkers
• Direct Verification capability using RMC
Motivation
8
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Syntax
• Actor-based computational model
• Units of concurrency and distribution: Reactive objects
• Simple and natural
• Objects are threads.
Motivation
9
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Syntax
• Communication:
• Asynchronous message passing
• Unbounded message queue for each rebec
• No explicit receive
• Computation:
• Take a message from top of the queue and execute it
• Event-driven
Motivation
10
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Syntax
Motivation
11
March 2014
Rebeca Modeling Language
Initial
Set of
Reactive
Configuration
Classes
Actor-based
Language
Rebeca
Upper bound on the Length of the
Message Queue
Initial Communication Topology of
the System
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Syntax :: Example
Motivation
12
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Semantics
• Formal semantics
• Labeled transition system
• A solid basis for verification
• The state of a rebec, is the valuation of
• state variables, and
• the unbounded buffer (queue) for incoming messages.
• The state of the system, is the product of
• local object states
• A state transition:
• an atomic execution of a method off the top of the rebec’s queue.
Motivation
13
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Compositional Verification of Rebeca :: Inherent
Modularity in Rebeca
• Only consider LTL and ACTL properties
• State explosion problem
• Solution:
• Modularity
• Abstraction
• Rebecs are inherently
• Independent, decoupled, encapsulated
=> Leads to natural modularity and abstraction techniques
Motivation
14
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Compositional Verification of Rebeca ::
Components
• What we had:
• Decomposing a model for verification purposes
• In a top-down manner.
• What we added:
• Notion of components
• Re-usable parts
• Fixed proven specifications
• Build a system in bottom-up fashion
Motivation
15
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Compositional Verification of Rebeca
• Decompose a model into components,
• Verify some specific properties for these components, and
then deduce the system’s property from the properties of its
components.
• Components are sets of reactive objects
• Components interact
• via broadcasting
• asynchronous
• anonymous messages
Motivation
16
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
Supporting Tools
• Enter a model in Rebeca,
• Translate it into SMV (or Promela),
• Specify properties at Rebeca source code level (based on state
Direct model Checking of Rebeca
variables),
• Translate the properties to NuSMV (or Spin) format,
• Model check using NuSMV (or Spin).
• Direct model Checking of Rebeca
Motivation
17
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools
References
• Marjan Sirjani, Ali Movaghar, Amin Shali, and Frank S. de Boer. 2004.
Modeling and Verification of Reactive Systems using Rebeca. Fundam.
Inf. 63, 4 (June 2004), 385-410.
• Marjan Sirjani and Mohammad Mahdi Jaghoori. 2011. Ten years of
analyzing actors: Rebeca experience. In Formal modeling, Gul Agha, José
Meseguer, and Olivier Danvy (Eds.). Springer-Verlag, Berlin, Heidelberg
20-56.
Motivation
18
March 2014
Rebeca Modeling Language
Actor-based
Language
Rebeca
Syntax
Semantics
Compositional
Verification of
Rebeca
Supporting
Tools