Abstract
We propose a formal semantics for UML-RT, a UML profile for real-time and embedded systems. The formal semantics is given by mapping UML-RT models into a language called kiltera, a real-time extension of the \(\pi \)-calculus. Previous attempts to formalize the semantics of UML-RT have fallen short by considering only a very small subset of the language and providing fundamentally incomplete semantics based on incorrect assumptions, such as a one-to-one correspondence between “capsules” and threads. Our semantics is novel in several ways: (1) it deals with both state machine diagrams and capsule diagrams; (2) it deals with aspects of UML-RT that have not been formalized before, such as thread allocation, service provision points, and service access points; (3) it supports an action language; and (4) the translation has been implemented in the form of a transformation from UML-RT models created with IBM’s RSA-RTE tool, into kiltera code. To our knowledge, this is the most comprehensive formal semantics for UML-RT to date.
Similar content being viewed by others
Notes
In the \(\pi \)-calculus literature, this is known as scope extrusion as the lexical scope of the private name is effectively extended beyond its original scope.
Note that since we assume unique names for all connection points, the source and target of a transition are well defined.
If the state has no parent, i.e., it is the top-most state on the state machine, the role of the parent will be taken by a special process called \( Sink \), described in Definition 8.
If the state has no parent, i.e., it is the top-most state on the state machine, the role of the parent will be taken by a special process called \( Sink \), described in Definition 8.
Note that the processes \(Q_{i}\) and \(Q'_{i}\) are very similar but differ in the parameters passed to the target state: \(Q'_{i}\) deals with incoming transitions, so the primed channels \( inp' ,\, acc' ,\, rej' ,\, exit' ,\, exack' ,\, sh' \), and \( kill' \) are passed to the target sub-state so that it may interact with state \(n_{k}\)’s \( Handler \). On the other hand, \(Q_{i}\) deals with both incoming and sibling transitions, and therefore, in the sibling transition case, it passes on the non-primed channels \( inp ,\, acc ,\, rej ,\, exit ,\, exack ,\, sh \), and \( kill \) so that the target state becomes the currently active sub-state of its parent and thus can communicate with the parent’s \( Handler \).
In kiltera, channels are bidirectional, allowing both input and output on the same port. Nevertheless, we represent each UML-RT port (respectively, connector) by a pair of kiltera ports (respectively, channels) to differentiate between input and output on a port.
References
Benghazi Akhlaki, K., Capel Tuñón, M.I., Holgado Terriza, J.A., Mendoza Morales, L.E.: A methodological approach to the formal specification of real-time systems by transformation of UML-RT design models. Sci. Comput. Program. 65, 41–56 (2007)
Bergstra, J.A., Klop, J.W.: Process algebra for synchronous communication. Inf. Control 60(1–3), 109–137 (1984)
Bertolino, A., De Angelis, G., Bartolini, C., Lipari, G.: A UML Profile and a Methodology for Real-Time Systems Design. Technical Report, Istituto di Scienza e Tecnologie dell’Informazione “A. Faedo” (2005)
de Melo Bezerra, J., Hirata, C.M.: A Semantics for UML-RT Using \(\pi \)-Calculus. In: Proceedings of International Workshop on Rapid System Prototyping (RSP’07) (2007)
de Melo Bezerra, J., Hirata, C.M.: A polyadic pi-calculus approach for the formal specification of UML-RT. Adv. Softw. Eng. 2009, (2009). doi:10.1155/2009/656810
Boudol, G.: Asynchrony and the \(\pi \)-Calculus (Note). Technical Report 1702, INRIA-Sophia Antipolis (1992)
Capel, M.I., Mendoza, L.E., Akhlaki, K.B., Holgado, J.A.: A semantic formalization of UML-RT models with CSP+T processes applicable to real-time systems verification. In: Proceedings of Jornadas de Ingeniería del Software y Bases de Datos (JISBD’06), pp. 283–292 (2006)
Cho, S.M., Kim, H.-H., Cha, S.D., Bae, D.-H.: A semantics of sequence diagrams. Inf. Process. Lett. 84(3), 125–130 (2002)
Damm, W., Josko, B., Pnueli, A., Votintseva, A.: Understanding UML: a formal semantics of concurrency and communication in real-time UML. In: Proceedings of FMCO’02. LNCS, pp. 71–98. Springer, Berlin (2002)
Dingel, J., Paen, E., Posse, E., Rahman, R., Zurowska, K.: Definition and implementation of a semantic mapping for UML-RT using a timed pi-calculus. In: Proceedings of the Second International Workshop on Behaviour Modelling: Foundation and Applications, BM-FA ’10, pp. 1:1–1:8. ACM, New York, NY (2010)
Douglass, B.P.: Real-time UML. Formal Techniques in Real-Time and Fault-Tolerant Systems, Volume 2469 of LNCS, pp. 53–70. Springer, Berlin (2002)
Engels, G., Heckel, R., Küster, J.M., Groenewegen, L.: Consistency-preserving model evolution through transformations. In: Proceedings of the Fifth International Conference on the Unified Modeling Language—The Language and its Applications, pp. 212–227. Springer, Berlin (2002)
Eshuis, R., Wieringa, R.: A Formal Semantics for UML Activity Diagrams—Formalising Workflow Models. Technical Report. University of Twente (2001)
Fecher, H., Kyas, M., De Roever, W.-P., De Boer, F.S.: Compositional operational semantics of a UML-Kernel-model language. Electron. Notes Theor. Comput. Sci. 156, 79–96 (2006)
Ferreira, P., Sampaio, A., Mota, A.: Viewing CSP specifications with UML-RT diagrams. Electron. Notes Theor. Comput. Sci. 195(0), 57–74 (2008). Proceedings of the Brazilian Symposium on Formal Methods (SBMF 2006)
Fischer, C., Olderog, E.-R., Wehrheim, H.: A CSP view on UML-RT structure diagrams. In: Proceedings Fundamental Approaches to Software Engineering (FASE’01), Volume 2029 of LNCS, pp. 91–108. Springer, Berlin (2001)
Garlan, D., Monroe, R.T., Wile, D.: Acme: architectural description of component-based systems. In: Leavens, G.T., Sitaraman, M. (eds.) Foundations of Component-Based Systems, Chapter 3, pp. 47–67. Cambridge University Press, New York, NY (2000)
Grosu, R., Broy, M., Selic, B., Stefanescu, G.: Behavioral Specifications of Businesses and Systems, Chapter 6: What is Behind UML-RT?, pp. 73–88. Kluwer, Dordrecht (1999)
Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978)
Honda, K., Tokoro, M.: An object calculus for asynchronous communication. In: Proceedings of ECOOP ’91, Volume 512 of LNCS, pp. 133–147. Springer, Berlin (1991)
IBM: General Description Language. IBM, 9 March (2005)
IBM: IBM Rational Rose Technical Developer, Version 7.0. IBM, (2010) http://www-01.ibm.com/software/awdtools/developer/technical
IBM: IBM Rational Software Architect, RealTime Edition, Version 7.5.2. IBM (2010) http://publib.boulder.ibm.com/infocenter/rsarthlp/v7r5m1/index.jsp
IEEE Computer Society: IEEE Standard \(\text{ Verilog }^{\textregistered }\) Hardware Description Language, IEEE Standard \(1364^{{\rm TM}}\)-2001, 28 September (2001)
IEEE Computer Society: IEEE Standard VHDL Language Reference Manual, IEEE Standard \(1076^{{\rm TM}}\)-2008, 26 January (2009)
IEEE Computer Society: IEEE Standard for the SystemC Language, IEEE Standard \(1666^{\rm TM}\)-2011, January (2012)
IEEE Computer Society: IEEE Standard for SystemVerilog—Unified Hardware Design, Specification, and Verification Language, IEEE Standard \(1800^{\rm TM}\)-2012, 21 February (2013)
International Telecommunications Union: Specification and description language (SDL). ITU-T Recommendation Z.100., November (1999)
Jefferson, D.R.: Virtual time. ACM-TOPLAS 7(3), 404–425 (1985)
Lano, K., Clark, D.: UML 2 Semantics and Applications. Chapter Ch. 8—Axiomatic Semantics of State Machines, pp. 179–204. Wiley, New York (2009)
Leue, S., Stefanescu, A., Wei, W.: An AsmL semantics for dynamic structures and run time schedulability in UML-RT. In: Paige, R.F., Meyer, B. (eds.) Proceedings of Objects, Components, Models and Patterns (TOOLS EUROPE 2008), Volume 11 of Lecture Notes in Business Information Processing, pp. 238–257. Springer, Berlin (2008)
Li, X., Liu, Z., Jifeng, H.: A formal semantics of UML sequence diagrams. In: Proceedings of the 2004 Australian Software Engineering Conference, pp. 168–177 (2004)
Merseguer, J., Bernardi, S., Campos, J., Donatelli, S.: A compositional semantics for UML state machines aimed at performance evaluation. In: Proceedings of the 6th International Workshop on Discrete Event Systems, pp. 295–302. IEEE Computer Society Press (2002)
Milner, R.: A Calculus of Communicating Systems. Springer, Berlin (1980)
Milner, R., Parrow, J., Walker, D.: A Calculus of Mobile Processes, Parts I and II. Reports ECS-LFCS-89-85 and ECS-LFCS-89-86 86. Computer Science Dept., University of Edinburgh (1989)
Möller, M.O., David, A., Yi, W.: Verification of UML statechart with real-time extensions. In: Fundamental Approaches to Software Engineering (FASE’2002), Volume 2306 of LNCS, pp. 218–232. Springer, Berlin (2003)
Mrowka, R., Szmuc, T.: UML Statecharts Compositional Semantics in LOTOS. In: 2008 International Symposium on Parallel and Distributed Computing, pp. 459–463. IEEE Computer Society Press (2008)
Muthiayen, D.: Real-Time Reactive System Development: A Formal Approach Based on UML and PVS. PhD thesis. Concordia University (2000)
Ng, M.Y., Butler, M.: Towards formalizing UML state diagrams in CSP. In: Proceedings of SEFM’03, pp. 138–147. IEEE Computer Society (2003)
Object Management Group: UML Profile For Schedulability, Performance, And Time v1.1. http://www.omg.org/spec/SPTP/, January (2005)
Object Management Group: UML Profile For MARTE: Modeling And Analysis Of Real-Time Embedded Systems v1.1. http://www.omg.org/spec/MARTE/, June (2011)
Object Management Group: UML Superstructure Specification v2.4.1. http://www.omg.org/spec/UML/2.4.1/, August (2011)
Object Management Group: OMG Systems Modeling Language (OMG \(\text{ SysML }^{\rm TM}\)). http://www.omg.org/spec/SysML/1.3/ June (2012)
Object Management Group: UML Superstructure Specification v2.5. http://www.omg.org/spec/UML/2.5/ September (2012)
Paltor, I.: The Semantics of UML State Machines. Technical report (1999)
Posse, E.: Modelling and Simulation of Dynamic Structure, Discrete-Event Systems. Ph.D. Thesis. School of Computer Science, McGill University (2008)
Posse, E.: A Real-Time Extension to the \(\pi \)-calculus. Technical Report 2009-557. School of Computing, Queen’s University, http://www.cs.queensu.ca (2009)
Posse, E.: The \(\pi _{klt}\)-Calculus: Formal Definition. Technical Report 2012-591, School of Computing, Queen’s University, http://www.cs.queensu.ca, July (2012)
Posse, E., Dingel, J.: kiltera: a language for timed, event-driven, mobile and distributed simulation. In: Proceedings of the 14th IEEE/ACM International Symposium on Distributed Simulation and Real Time Applications (DS-RT 2010) (2010)
Posse, E., Dingel, J.: Theory and implementation of a real-time extension to the \(\pi \)-calculus. In: Proceedings of the International Conference on Formal Techniques for Distributed Systems (FMOODS & FORTE’10), LNCS (2010)
Posse, E., Vangheluwe, H.: kiltera: a simulation language for timed, dynamic structure systems. In: Proceedings of the 40th Annual Simulation Symposium (ANSS’07) (2007)
Ramos, R., Sampaio, A., Mota, A.: A semantics for UML-RT active classes via mapping into Circus. In: Proceedings of the International Conference on Formal Methods for Open Object-Based Distributed Systems FMOODS’05, Volume 3535 of LNCS, pp. 99–114. Springer, Berlin (2005)
SAE International: Architecture Analysis & Design Language (AADL). SAE Standard AS5506b, 10 September (2012)
Selic, B.: Using UML for modeling complex real-time systems. In: Mueller, F., Bestavros, A. (eds.) Languages, Compilers, and Tools for Embedded Systems (LCTES’98), Volume 1474 of LNCS, pp. 250–260. Springer, Berlin (1998)
Selic, B.: Personal Communication, 1 February (2012)
Selic, B., Gullekson, G., Ward, P.T.: Real-Time Object Oriented Modeling. Wiley, New York (1994)
Selic, B., Rumbaugh, J.: Using UML for Modeling Complex Real-Time Systems. Whitepaper, Rational Software Corp (1998)
Shankar, S., Asa, S.: Formal semantics of UML with real-time constructs. In: UML, Volume 2863 of LNCS, pp. 60–75. Springer, Berlin (2003)
Störrle, H., Hausmann, J.H.: Towards a formal semantics of UML 2.0 activities. In: Proceedings German Software Engineering Conference, Volume 65 of LNI, pp. 117–128 (2005)
von der Beeck, M.: A structured operational semantics for UML-statecharts. SoSyM 1(2), 130–141 (2002)
von der Beeck, M.: A formal semantics of UML-RT. In: Proceedings of MoDELS’06, pp. 768–782 (2006)
Yeung, W.L., Leung, K.R.P.H., Wang, J., Dong, W.: Improvements towards formalizing UML state diagrams in CSP. In: Proceedings of APSEC-’05, pp. 176–184. IEEE Computer Society (2005)
Zeigler, B.P., Praehofer, H., Kim, T.G.: Theory of Modeling and Simulation, 1st edn. Academic Press, New York (1976)
Zeigler, B.P., Praehofer, H., Kim, T.G.: Theory of Modeling and Simulation, 2nd edn. Academic Press, New York (2000)
Zhang, T., Huang, S., Huang, H.: An operational semantics for UML RT-statechart in model checking context. In: Proceedings of the 4th International Conference on Internet Computing for Science and Engineering (ICICSE), pp. 12–18 (2009)
Acknowledgments
We are indebted to Bran Selic for his support and his insights into the semantics of UML-RT. We also thank Malina Software, IBM Canada, and the Natural Sciences and Engineering Research Council of Canada (NSERC) and the Ontario Centres for Excellence (OCE), which provided financial support. We would also like to thank Eyrak Paen for his implementation of the transformation, which was instrumental in the proper definition of the mapping. Finally, Karolina Zurowska and Eric Rapos also provided very useful input on RoseRT and RSA-RTE.
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Dr. Kevin Lano.
Appendix: Semantic variation points
Appendix: Semantic variation points
-
1.
Alternative semantics could include giving priority to the states higher in the hierarchy, or to leave the choice as non-deterministic.
-
2.
In UML 2, alternative semantics include (1) shallow history, remembering only the immediate sub-state; (2) allowing both deep and shallow history; (3) no history.
-
3.
The action language is a major semantic variation point, but it should include at least an action to send messages. Other common actions concern operations on capsules such as accessing/modifying attributes, incarnating/destroying optional sub-capsules, or rewiring ports. IBM RSA-RTE supports three action languages: C++, Java, and UAL (UML Action Language), a Java-like language closely related to the OMG ALF standard.
-
4.
This may be treated in a different way and handle the event in the same way regardless of whether the state was previously visited.
-
5.
The forwarding of events down to the active sub-state is done in order to account for the priority of inner enabled transitions over outer transitions. A different priority scheme would be changed here. For example, giving outer transitions priority would attempt the \( Choice \) process first and if no alternative was there, the \( Forward \) process would be tried instead. Allowing non-deterministic choice between transitions at different levels of nesting would require a different approach with no forwarding involved.
-
6.
There are many possible implementations of the event pool, of which the most natural would be a priority queue, where the priority is an attribute of the event itself.
-
7.
Alternatively, this could be changed to initializing the top first and then the sub-capsules, or a more general approach allowing initialization in any order.
-
8.
In this definition, we allow only binary connection, i.e., each connector links only two ports, and ports have multiplicity 1. To support \(n\)-ary multiplicity, the definition of the service handler should be adapted accordingly.