This presentation shows how to reduce diagnostic information returned by general purpose model checkers (counter example paths) to essential parts that help understanding the error. The presentation has been given at the 12th International Conference on Business Process Management (BPM'14), September 2014 in Eindhoven.
Call Girls Hsr Layout Just Call 👗 7737669865 👗 Top Class Call Girl Service Ba...
Where did I go wrong? Explaining errors in process models
1. Where did I go wrong?
Explaining errors in process models
Niels Lohmann @nlohmann
Dirk Fahland @dfahland
2. Verification of processes and services
2
process model
property
verification technique
diagnostic information
3. Verification of processes and services
3
verification technique
diagnostic information
BPMN
Soundness
domain-specific
high-quality
4. Verification of processes and services
4
CMMN
Declare
WS-BPEL
WS-Policy
EPC
BPMN
YAWL
Object Life-Cycles
GSM
Rules
Soundness
Security
Compliance
Conformance to …
diagnostic information
verification technique
domain-specific
high-quality
-moving target
-domain-specific approaches too specific to follow
5. Verification of processes and services
5
CMMN
Declare
WS-BPEL
WS-Policy
EPC
BPMN
YAWL
Object Life-Cycles
GSM
Rules
Soundness
Security
Compliance
Conformance to …
diagnostic information
verification technique
high-quality
general purpose
6. Model checking
general purpose verification approach:
1. formalize model and specification*
2. push a button
6
*can be hidden from the user
7. Effectiveness and efficiency
-model checking works in reality
-successful applications in many domains
-very fast: “verify while you model”
7
8. Diagnosis
-in case of error: outputs target state and produce a witness path
-describes how target state can be reached
-operational semantics: can be simulated
8
witness path
target state
17. Reduction: spurious decisions
-can be found by model checking
-results: 50%-80% spurious, occasionally no reduction (timeout)
17
p1
p3
p2
p4
p5
p6
p1
p3
p5
p6
genuine decision
spurious decision = irrelevant for outcome
18. Reasons for useless paths
18
detours depth-first search
indisputable parts bootstrapping
interleavings
concurrency
19. Reduction: unorder steps
-idea: show independence of steps ( partially ordered runs)
-makes synchronization points (milestones) explicit
19
independent steps
many paths to same goal state order of steps irrelevant
25. Summary
-general purpose verification more user friendly
-paths partial order of important decisions
-applicable to any verification goal
-keep reference points to aid diagnosis Next steps
-error localization vs. explanation
-detect useless cycles
-How should a good diagnosis for $problem look like?
25
26. Where did I go wrong?
Explaining errors in process models
Niels Lohmann