Difference between pages "Refactoring Framework" and "Refinement of Statemachines"

From Event-B
(Difference between pages)
Jump to navigationJump to search
imported>Renato
 
imported>Colin
 
Line 1: Line 1:
{| align="right"
+
Return to [[UML-B]]
| __TOC__
 
|}
 
  
==News ==
+
This example of an ATM (automated teller machine) shows the techniques used to make a refinement of a state machine. The example uses a machine-level state machine (i.e. not in a class). The state machines use the state-sets translation which, since there are no class instances, results in each state being represented by a boolean variable.
* ''25th February 2010'': [[#Version_0.0.6|Version 0.0.6]] released. It is based on Rodin 1.2.x.
 
* ''13th January 2010'': [[#Version_0.0.5|Version 0.0.5]] released. It is based on Rodin 1.1.0.
 
* ''5th November 2009'': [[#Version_0.0.4|Version 0.0.4]] released. It is based on Rodin 1.1.0.
 
* ''2nd November 2009'': [[#Version_0.0.4|Version 0.0.4]] released. It is based on Rodin 1.1.0.
 
* ''3rd July 2009'': [[#Version_0.0.2|Version 0.0.2]] released. It is based on Rodin 1.0.
 
* ''1st July 2009'': [[#Version_0.0.1|Version 0.0.1]] released. It is based on Rodin 1.0.0 RC1.
 
  
==The Rename Refactoring Plug-in ==
+
a) Create a new UML-B project using the New-UML-B Project Wizard
 +
b) Create a machine called ATM_A using the package diagram palette Machine tool
 +
c) Open its class diagram by selecting the machine and then clicking the button in the properties view (or using the pop-up menu).
 +
d) Add a statemachine called atm_sm to the canvas using the diagram palette Statemachine tool.
 +
c) Open the state machine and draw the state machine model shown in the diagram below using the statemachine diagram palette.
  
[[User:Renato]] at [[Southampton]] is in charge of the [[Refactoring Framework]].
+
The statemachine models an ATM which has 2 states, ''idle'' (not in use) and ''active''.
 +
The ATM starts off in the state ''idle''. When a card is inserted, represented by the transition ''insertCard'', it becomes ''active''. While it is ''active''  transactions can occur (transition ''Transaction''). At some time (after 0 or more transactions) the ATM will return to the ''idle'' state, ejecting the card as it does so (transition ''ejectCard''). The model is accurate but it leaves out many details.
  
One of the most recurring requirement from users of the Rodin platform is to have simple means for renaming modeling elements.  Users want to have a unique operation that will rename an element both at its declaration and all its occurrences. Moreover, they require that renaming an element doesn't modify their existing proof state (no loss of proof).
 
  
This requirement falls in the more general context of ''refactoring''. In software engineering, "refactoring" source code means improving it without changing its overall results, and is sometimes informally referred to as "cleaning it up". In the case of the Rodin platform, the refactoring framework is related to the first option, where refactoring should not change the overall behaviour of the files/elements, nor loosing proofs.
+
[[Image:Atm1.jpg]]
  
The following diagram shows the architecture of the refactoring framework.
 
  
[[Image:Architecture_refactoring_framework.jpg]]
+
Return to the package diagram, select the machine, ATM_M, and click on "Make a refinement of this Machine..."
 +
Name the refinement ATM_R.
  
==The Rename Refactoring Framework Architecture ==
 
  
Currently, it is being developed the application of such framework to event-b files (context, machines, proofs obligations, etc) and elements (constants, variables, carrier sets, etc). There are still some tests to be run for the different elements of contexts and machines. The next goal would be to apply and use this framework on Rodin (together with file editors or perspectives).
+
[[Image:Atm2.jpg]]
  
[[Image:RefTree.jpg‎]]
 
  
==== Refactoring Trees after processing the extension points ====
+
Open the class diagram of ATM_R and you will find a 'refined state machine' which is a clone of ''atm_sm''. Open the state machine. Notice that the transitions refine their counterparts in the abstract level.
 +
At the moment the refinement is valid because it is an exact copy, but it doesn't make any progress. We will make the refinement more interesting by modifying the state machine and introducing more detail. The detail that we will introduce is that an ATM ''active'' session can result in ejecting the card with cash or without cash. We will also introduce some details of the process involved in a transaction. Firstly, we need to split the transition, ''ejectCard'' into two transitions representing the two outcomes.
  
Since there are proof obligations associated with Event-B files, while renaming the goal would be to cause the less effort as possible on re-proving and if possible re-using the proofs that are already discharged. The refactoring should not change the semantic of any of the elements/files. Instead, it should just change names or labels, so the proofs should not have to be re-generated (nor re-discharged). That is one of final goals while applying of this framework to Event-B.
+
a) Change the name of the transition ''ejectCard'' to ''ejectCardWithCash'' by selecting the transition and editing its name in the properties view.
 +
b) Draw a new transition from state ''active'' to state ''idle''.
 +
c) With the new transition still selected, enter ''ejectCardWithoutCash'' as its name in the properties view.
 +
d) Using the 'Add Refined Event/Transition' button in the 'Refines' tab of the properties view, add ''ejectCard'' as a refined transition.
  
==Initial Work ==
 
  
Initial work towards implementation of this framework is described in [http://www.stups.uni-duesseldorf.de/thesis_detail.php?id=9 Sonja Holl's Bachelor thesis]
+
The refined state machine should now look something like the one below. This screen-shot shows step d) where the event refinement relationship is being set.
  
==Installing/Updating ==
 
  
The installation or update for the renaming/refactoring plug-in is available under the main Rodin Update site (http://rodin-b-sharp.sourceforge.net/updates). Like always, after the installation, restarting the application is recommended.
+
[[Image:Atm3.jpg]]
  
==Usage ==
 
  
The Renaming/Refactory plug-in allows the renaming of:
+
Now we need to add some detail to show when each of these two eject card options are taken. We do this by  adding a nested statemachine in the next step.
  
* Variables
+
a) Using the 'State Features-Statemachine' palette option, add a nested state machine called ''active_sm'' to the state, ''active''.
* Parameters
+
b) In the properties view for the new state machine, set the translation kind to ''state sets''.
* Carrier Sets
+
c) Open the new state machine's diagram by right-clicking on it and selecting 'open diagram'.
* Constants
+
d) Draw the state machine states, initial state and final states shown in the model below. (The transitions are discussed in the next step)
* Events
 
* Other labelled elements (invariants, axioms, guards, etc)
 
  
====Requirements before using ====
 
  
Before using the renaming/refactory, all the files in the project should be saved ( it will be asked to save in there are any unsaved files). There should be no errors in the project, otherwise it could lead to even more errors after applying the renaming.
+
[[Image:Atm4.jpg]]
  
==== Steps of usage ====
 
  
# User selects element to be renamed at the Event-B Explorer
 
# By right clicking in the element, there should appear an option 'Refactory...'. Selecting that option should open a wizard [[Image:refactory menu.png]]
 
# User introduces new element name in the first page of the wizard. Then click in 'Next'. [[Image:new_name_wizard.png]]
 
# A list of related files is created and the plug-in check for possible clashes and returns a report
 
# User decides if he wants to execute renaming (by clicking in 'Finish')
 
  
 +
Notice that many of the transitions have the same name as transitions in the parent state machine. These transitions do not represent new events. Instead, they contribute more information about the transitions that have already been introduced to this refinement by the parent state machine. This is specified in the state machine  model by an 'elaborates' property on the transition. The elaborates property forces the name of the elaborating transition to match that of the transition it elaborates. The transition must match the entry/exit characteristics of the parent transition it elaborates. For example, a transition that enters the parent state can only be elaborated by a transition from an initial state, an exit transition can only be elaborated by a transition to a final state and a self-loop transition can only be elaborated by a transition between states that are neither initial nor final. These well-formedness criteria are enforced by validation chacks built into the drawing tool.
  
 
+
a) Draw a transition from the initial state to state ''awaitingPin''.
       
+
b) Do not name it but instead select the transition called ''insertCard'' from the combo box on its properties view. Its name should automatically become the same as the transition it elaborates.
[[Image:refactory_report_wizard.png]]
+
c) Repeat this process for the transitions ''ejectCardWithoutCash'', ''Transaction'' and ''ejectCardWithCash'', making sure they elaborate the transition with the same name from the parent. (Notice that each parent transition can only be elaborated once).
 
+
d) The transition ''pinEntered'' is a new transition and does not elaborate anything. Instead, enter its name using the name property text box.
 
 
== Bugs, Features and Comments ==
 
 
 
''Any reports of bugs, features or comments are welcome. You can add any of them here.''
 
 
 
====Bugs ====
 
* Renaming does not work when renamed element is in variant (fixed in v0.0.5)
 
* Renaming proofs did not propagate over related files (fixed in v0.0.5)
 
 
 
====Features Request====
 
* Implement UNDO for renaming
 
 
 
====Comments ====
 
* Renaming proofs ensures that all the discharged proof obligations remain discharged after the renaming (fixed in v0.0.6)
 
 
 
== Releases ==
 
 
 
=====Version 0.0.6 =====
 
 
 
''25th February 2010''
 
 
 
A release of renaming/refactory (v0.0.6) compatible with Rodin v1.2.x is available in the main Rodin update site.
 
 
 
Features
 
 
 
Renaming of all proofs after the element renaming. If rebuilding a proof does not work, a new proofTree is created based on the initial proofTree and on the renamed element. By applying the ancient rule, if a proof is discharged before the renamed, it remains discharged after the renaming.
 
 
 
=====Version 0.0.5 =====
 
 
 
''13th January 2010''
 
 
 
A release of renaming/refactory (v0.0.5) fixing a few bugs found is already available.
 
 
 
=====Version 0.0.4 =====
 
 
 
''5th November 2009''
 
 
 
A release of renaming/refactory (v0.0.4) compatible with Rodin v1.1.0 is available in the main Rodin update site (bug fix from 0.0.3). Before starting the renaming, it is recommended to clean and build the project in order to have the indexer tables updated (IMPORTANT).
 
 
 
*Bug fix
 
** Renaming of proofs would not save the proof files after renaming
 
** Renaming of labelled elements would not update the proofs.
 
 
 
*Possible Problem
 
** If you try to rename and the operation runs successfully without any errors but does not have any effect, you should:
 
*** First, try to fix the renaming manually on the respective file (or using the renaming framework, revert to the original name)
 
*** Try to make a CLEAN and BUILD to ensure that the Rodin indexer is updated before the renaming.
 
*** Run the renaming again and should be working fine.
 
 
 
=====Version 0.0.3 =====
 
 
 
''2nd November 2009''
 
 
 
A release of renaming/refactory (v0.0.3) compatible with Rodin v1.1.0 is already available in the main Rodin update site. Before starting the renaming, it is recommended to clean and build the project in order to have the indexer tables updated.
 
 
 
*Features
 
** Renaming of machines and contexts is possible using the indexers. After the renaming of a machine/context, the change is propagated over the related files
 
** Renaming of proofs: after the renaming, the proof obligations are also updated to reflect the renaming. It might be necessary to manually refresh the status of some proof obligations (although the proof is already discharged). This renaming is not fully-functional at the moment and some discharged proof obligations may have to be discharged again. We intend to fix this problem in the future.
 
 
 
=====Version 0.0.2 =====
 
 
 
''3rd July 2009''
 
 
 
*Bugs
 
** Validate if new name is in the list of reserved words of Event-B (dom,ran, card, etc)
 
 
 
=====Version 0.0.1 =====
 
 
 
''1st July 2009''
 
 
 
A release of renaming/refactory (v0.0.1) compatible with Rodin v1.0.0 is already available in the main Rodin update site.
 
 
 
Note that this version is still a prototype so prone to errors. So it is suggested to back up the projects before starting to use the renaming plug-in. The plug-in uses the most recent version of Rodin Indexer. Before starting the renaming, it is recommended to clean and build the project in order to have the indexer tables updated.
 
 
 
Although one of the goals is to the rename the respective proof obligations, this feature is not available in this version. It should be available in the next release. If you find bugs or errors, please let me know by updating this wiki-page or [mailto:ras07r@ecs.soton.ac.uk email].
 
 
 
[[Category:Design]]
 

Revision as of 18:42, 18 June 2009

Return to UML-B

This example of an ATM (automated teller machine) shows the techniques used to make a refinement of a state machine. The example uses a machine-level state machine (i.e. not in a class). The state machines use the state-sets translation which, since there are no class instances, results in each state being represented by a boolean variable. 

a) Create a new UML-B project using the New-UML-B Project Wizard
b) Create a machine called ATM_A using the package diagram palette Machine tool
c) Open its class diagram by selecting the machine and then clicking the button in the properties view (or using the pop-up menu).
d) Add a statemachine called atm_sm to the canvas using the diagram palette Statemachine tool. 
c) Open the state machine and draw the state machine model shown in the diagram below using the statemachine diagram palette.

The statemachine models an ATM which has 2 states, idle (not in use) and active. The ATM starts off in the state idle. When a card is inserted, represented by the transition insertCard, it becomes active. While it is active transactions can occur (transition Transaction). At some time (after 0 or more transactions) the ATM will return to the idle state, ejecting the card as it does so (transition ejectCard). The model is accurate but it leaves out many details.


Atm1.jpg


Return to the package diagram, select the machine, ATM_M, and click on "Make a refinement of this Machine..." Name the refinement ATM_R.


Atm2.jpg


Open the class diagram of ATM_R and you will find a 'refined state machine' which is a clone of atm_sm. Open the state machine. Notice that the transitions refine their counterparts in the abstract level. At the moment the refinement is valid because it is an exact copy, but it doesn't make any progress. We will make the refinement more interesting by modifying the state machine and introducing more detail. The detail that we will introduce is that an ATM active session can result in ejecting the card with cash or without cash. We will also introduce some details of the process involved in a transaction. Firstly, we need to split the transition, ejectCard into two transitions representing the two outcomes. 

a) Change the name of the transition ejectCard to ejectCardWithCash by selecting the transition and editing its name in the properties view.
b) Draw a new transition from state active to state idle.
c) With the new transition still selected, enter ejectCardWithoutCash as its name in the properties view.
d) Using the 'Add Refined Event/Transition' button in the 'Refines' tab of the properties view, add ejectCard as a refined transition.


The refined state machine should now look something like the one below. This screen-shot shows step d) where the event refinement relationship is being set.


Atm3.jpg


Now we need to add some detail to show when each of these two eject card options are taken. We do this by adding a nested statemachine in the next step. 

a) Using the 'State Features-Statemachine' palette option, add a nested state machine called active_sm to the state, active. 
b) In the properties view for the new state machine, set the translation kind to state sets.
c) Open the new state machine's diagram by right-clicking on it and selecting 'open diagram'.
d) Draw the state machine states, initial state and final states shown in the model below. (The transitions are discussed in the next step)


Atm4.jpg


Notice that many of the transitions have the same name as transitions in the parent state machine. These transitions do not represent new events. Instead, they contribute more information about the transitions that have already been introduced to this refinement by the parent state machine. This is specified in the state machine model by an 'elaborates' property on the transition. The elaborates property forces the name of the elaborating transition to match that of the transition it elaborates. The transition must match the entry/exit characteristics of the parent transition it elaborates. For example, a transition that enters the parent state can only be elaborated by a transition from an initial state, an exit transition can only be elaborated by a transition to a final state and a self-loop transition can only be elaborated by a transition between states that are neither initial nor final. These well-formedness criteria are enforced by validation chacks built into the drawing tool. 

a) Draw a transition from the initial state to state awaitingPin.
b) Do not name it but instead select the transition called insertCard from the combo box on its properties view. Its name should automatically become the same as the transition it elaborates.
c) Repeat this process for the transitions ejectCardWithoutCash, Transaction and ejectCardWithCash, making sure they elaborate the transition with the same name from the parent. (Notice that each parent transition can only be elaborated once).
d) The transition pinEntered is a new transition and does not elaborate anything. Instead, enter its name using the name property text box.
Retrieved from ‘https://wiki.event-b.org/index.php?title=Refactoring_Framework&oldid=6791