D45 Scalability: Difference between revisions

From Event-B
Jump to navigationJump to search
imported>Tommy
imported>Tommy
 
(87 intermediate revisions by 3 users not shown)
Line 1: Line 1:
= Overview =
= Overview =
* '''Improved Performance''' According to the refocus mentionned in the [[D45_General_Platform_Maintenance#Motivations| General Platform Maintenance]] chapter, much of the reworking efforts performed on the core plateform basically aimed to overcome Rodin scalability weaknesses, and the continuous need of seamless proving experience. The whole performance was enhanced by core implementation and user interface refactorings. Improvements made to the proving experience will be detailed in a separate chapter.
Three main domains concerned the scalability task during the last year of the project:<br>
* {{TODO}} An overview of the contribution about the design pattern management / Generic Instantiation (Thai Son Hoang)
'''Improved Performance'''. According to the refocus mentioned in the General Platform Maintenance chapter, much of the reworking efforts performed on the core platform basically aimed to overcome Rodin scalability weaknesses, and the continuous need of seamless proving experience. The whole performance was enhanced by core implementation and user interface refactorings. Improvements made to the proving experience will be detailed in a separate chapter.<br>
* '''Edition''' It appeard along DEPLOY, the models defined by pilots becoming industrial sized due to the level of complexity reached, that the edition became a central concern.  
'''Design pattern management / Generic Instantiation'''. Formal methods are applicable to various domains for constructing models of complex systems.  However, often they lack some systematic methodological approaches, in particular in reusing existing models, for helping the development process.  The objective in introducing design patterns within formal methods in general, and in Event-B in particular, is to overcome this limitation.<br>
:*The legacy structured editor based on a form edition specific achitecture reach its limits in responsivness and hence in usability when being constrained to display a huge amount of graphical elements. Industrial partners found this issue significant regarding the adoption of the rodin platform in industry and that is why providing a new editor that would solve them has been a main task during this last year of the DEPLOY project.
'''Editors'''. Along DEPLOY, edition became a central concern. Indeed, many usability issues appeard the models involved in pilots became "industrial" sized: 
:*Camille textual editor had to tackle challenges related to ressources mapping and management for projects of industrial size mentionned above or even the design of extension capabilities, that became a major concern since the grammar could be extended with theories.
:*The legacy structured editor based on a form edition specific architecture reached its limits in editing such complex models. Industrial partners found this issue significant regarding the adoption of the Rodin platform in industry and providing a new structured editor correcting this issue became an important task during this last year of the DEPLOY project.
:*Camille textual editor had to tackle challenges related to resources mapping and management for projects of industrial size mentioned above or even the design of extension capabilities. Extension capabilities became a major concern since the grammar could be extended with theories.


= Motivations =
= Motivations =


== Improved Performance ==
== Improved Performance ==
It appeared that the various DEPLOY partners encountered several major issues while editing large models. Some were related to the core code of the Rodin platform, causing crashes, loss of data, corruption in models. Some other were related to the UI causing platform hanging, and sometimes leading to its freezing which required sometimes to kill the Rodin process, thus also leading to potential loss of data and corruption in models. Hence, it appeared necessary to solve such issues before the end of DEPLOY.
Many issues concerning stability and performance were related to the core code of the Rodin platform, causing crashes, loss of data, corruption in models. Other issues were related to the UI causing platform hanging, and sometimes leading to its freezing which required sometimes to kill the Rodin process, thus also leading to potential loss of data and corruption in models. Addressing these issues before the end of DEPLOY was mandatory.


== Design Pattern Management / Generic Instantiation  ==
== Design Pattern Management / Generic Instantiation  ==
{{TODO}} ''To be completed by Thai Son Hoang''
The idea of design patterns in software engineering is to have a general and reusable solution to commonly occurring problems. In general, a design pattern is not necessarily a finished product, but rather a template on how to solve a problem which can be used in many different situations. The idea is to have some predefined solutions, and incorporate them into the development with some modification and/or instantiation. With the design pattern tool we provide a semi-automatical way of reusing developed models in Event-B. Moreover, the typical elements that we are able to reuse are not only the models themselves, but also (more importantly) their correctness in terms of proofs associated with the models.
== Edition ==
* The motivations behind the creation of the new textual structured editor mainly concern performance but not only. From the growing size of complexity reached in models inducing a growing of their physical size lead the platform to its limits. Two major kinds of failures were faced when developing such models:
:* failures occuring on windows platforms, the mostly used system, when reaching the operating system limit number of graphical elements in memory allowed to be displayed at once. This bug used to crash the Rodin platform, and it appeared necessary to control the number of graphical elements needed to display the model elements. Architectures sparing these graphical elements should be thus favoured.
:* failures due to the high consumption of memory by the heavy graphical elements used by the forms of legacy editor.
:Moreover, it appeared important to visualize some elements that are not part of the current level of modelling, but are linked to it, for exemple, the actions in an abastract event, or its guards. Such elements are called the "inherited" elements, or "implicit children". The legacy structured editor being directly interfaced with the underlying Event-B models in database, it was difficult and tricky to modify it in order to display inherited elements. This was one more argument to go for a new editor based on a intermediary representation of the models.
:Another motivation to go for another editor was to get a more modest and ergonomic way to visualize and edit the models. The models being presented through styled text pretty printing and the edition thightly derived from a textual edition.


* The motivations about Camille evolution {{TODO}} Ingo Weigelt.
== Editors ==
 
This section concerns the actual editors that user work with to view and modify models.
 
''' Editor of the core platform '''<br>
 
Two major kinds of failures were faced when developing industrial sized models:
:* Failures occurring on Windows platforms, the mostly used system, when reaching the operating system limit number of graphical elements in memory allowed to be displayed at once. This situation used to crash the Rodin platform, and it appeared necessary to control the number of graphical elements needed to display the model elements. Architectures sparing these graphical elements were thus favoured.
:* Failures due to the high consumption of memory by the heavy graphical elements used by the forms of legacy editor.
:Moreover, it appeared important to visualize some elements that are not part of the current level of modelling, but are linked to it, for example, the actions in an abstract event, or its guards. Such elements are called the "inherited" elements, or "implicit children". The legacy structured editor being directly interfaced with the underlying Event-B models in database, it was difficult and tricky to modify it in order to display inherited elements. This was one more argument to go for a new editor based on a intermediary representation of the models.
:Another motivation to go for another editor was to get a more modest and ergonomic way to visualize and edit the models. The models being presented through styled text pretty printing and the edition tightly derived from a textual edition.
 
''' Camille '''<br>
 
Camille was developed as an alternative editor in 2009.  In contrast to the existing editor, this was a pure textual editor that supported standard features like copy and paste, auto-completion, color highlighting and many more.  In addition, it performed better than the existing structural editor.
 
While successful, Camille offered only limited support for models with extended elements contributed by plug-ins.  Also, the underlying EMF Compare framework was problematic due to bugs and performance issues.


= Choices / Decisions =
= Choices / Decisions =
== Improved Performance ==
== Improved Performance ==
SYSTEREL lead a two phase investigation to have a better idea of the work to be done. Each phase being followed by some refactoring of the code. Out of the early investigation, a cause and effect relationship has been found between perfomance loss and the various reported bugs, such as "platform hanging" bugs or even "no more handle" bugs related to the high consumption of graphical elements on Windows platforms. Indeed, it appeared that solving the performance issues sometimes solved induced bugs as well which made the scalability improvement tasks emcompass the maintenance goals.<br>
SYSTEREL lead a two phase investigation to have a better idea of the work to be done. Each phase being followed by some refactoring of the code. Out of the early investigation, a cause and effect relationship has been found between performance loss and the various reported bugs, such as "platform hanging" bugs. Indeed, it appeared that solving the performance issues sometimes solved induced bugs as well, making the scalability improvement tasks encompass the maintenance goals.<br>
Later, a deeper investigation was performed, to indentify and tackle the remaining performance issues. Profiling and code review were the two techniques used. The profiling strategy allowed to get a better localisation of the performance loss in both UI and core code while the code review helped to understand the intrinsic misuses or drawbacks of particular components and/or architectures.
Later, a deeper investigation was performed where profiling and code review were the two techniques used to tackle the issues left. The profiling strategy allowed to get a better localisation of the performance loss in both UI and core code while the code review helped to understand the intrinsic misuses or drawbacks of particular components and/or architectures. The proving UI was refactored in order to use a light textual representation.
A good example, was the Event-B built-in editor based on form editors with a high use of greedy graphical components. Such architecture appeard to be weak when it was needed to display industrial size models. This affected the modelling experience with some long, and really annoying to the user, reaction lags. To solve such issue, it has been chosen to refactor the editors using a textual representation which was a light-weight graphical alternative to lower the number of needed components.


== Design Pattern Management / Generic Instantiation  ==
== Design Pattern Management / Generic Instantiation  ==
{{TODO}} ''To be completed by Thai Son Hoang''
In our notion of design patterns, a pattern is just a development in Event-B including an abstract model called specification and a refinement. During development there might be the possibility of applying a pattern that was already developed to the current development.  The steps of using the tool are as follows.<br>
== Edition ==
:'''Matching''' The developer the starts the design pattern plug-in and manually matches the specification of the pattern with the current development. In this linking of pattern and problem the developer has to define the which variable in the current development corresponds to each variable in the pattern specification.  Furthermore the developer has to ensure the consistency of the variable matching by matching the events of the pattern specification with events in the development.<br>
* Rodin Editor
:'''Renaming''' Once the matching is done, the developer has the possibility to adapt the pattern refinement such as renaming the variables and events or merging events of the pattern refinement with uninvolved events of the development. Renaming can become mandatory there are name clashes, meaning the pattern refinement includes variable or events having the same name as existing elements in the development.<br>
As previously said, the legacy editor drawbacks mainly come from its greedy components and structure. However, a structured way to edit the models (based on a database storage) seams still particularly appropriate. This mainly explains why the Rodin Editor has been build to keep a structured edition of the model contents on the basis of the improvements made to the Proving UI. In fact, the textual component, the SWT StyledText, used in this latter UI element significantly improved the modelling experience. Hence, every element modelled in the Rodin editor is described as text. Not only this lightened the presentation, but also side stepped the use of a significant amount of greedy graphical components. Although using this technique makes models look like plain text, it is just a sort of pretty printing and they remain edited and stored by the database. The edition is then possible through the use of a unique additional graphical component that overlays the presentation of the element to edit. This drastically reduces the memory consumption as well as the number of needed graphical components because at most two of them are needed!
 
* Camille  
After adaptation of the pattern refinement the tool generates automatically a new Event-B machine as a refinement of the machine where the developer started the design pattern tool. The correctness of the generated machine being a refinement is guaranteed by the generation process of the tool.
{{TODO}} Ingo Weigelt
 
Design Patterns in Event-B are nothing else than ordinary Event-B models and are not restricted with respect to their size. Due to the fact that pattern and development have to be matched manually by the
developer, the size of a pattern effects the usability. Furthermore, if the pattern is too specific either the pattern cannot be used in most situations or the developer is forced to tune its development
such that a further appliance of the pattern is possible. A pattern-driven development could thus lead to models including needless elements that would have been avoided when developing without patterns.
 
== Editors ==
''' Rodin Editor '''<br>
 
The Rodin Editor has been built on the basis of enhancements brought to the Proving UI. In fact, by using the same kind of textual component, every model element is presented as text, as would a pretty print do. The edition is made possible through the use of a unique additional graphical component that overlays the presentation of the element (to be edited). It lighten the presentation, but also side steps the use of a significant amount of greedy graphical elements. Only two graphical elements are needed for presentation and edition: the model viewer and its overlay editor!<br>
The first public version (0.5.0) of the Rodin Editor has been released on the 13/07/2011 as a plug-in of the Rodin platform. This decision has been made in order to let the plug-in incubation for the time it is being tested and stated that no regression is introduced. The Rodin Editor since its version 0.6.1 is part of the Rodin core platform.
 
''' Camille '''<br>
 
Camille was quite successful, but due to the limited suitability for editing models using plug-ins, an architectural overhaul has been planned.  The course of action was not obvious, however, as there are a number of possible architectures with varying advantages and disadvantages.  Therefore, Ingo Weigelt at the University of Düsseldorf created a technical report<ref name="camille-arch-tech-report">http://cobra.cs.uni-duesseldorf.de/w/Special:Publication/Weigelt2012</ref> that analyzes the needs of the users and suggests a number of possible solutions.  In the FP7 project ADVANCE, a solution will be decided upon and implemented.


= Available Documentation =
= Available Documentation =
* {{TODO}} Links for Improved Performance
Links for Improved Performance
* {{TODO}} Links for Design Pattern Management / Generic Instantiation
:* There is a wiki page concerning the Rodin Performance<ref>http://wiki.event-b.org/index.php/Rodin_Performances</ref>.
* {{TODO}} Links for Edition
Links for Design Pattern Management / Generic Instantiation
:* Rodin Editor
:* A paper concerning the generic instantiation is available<ref name="genInst1">Silva, Renato and Butler, Michael (2009) "Supporting reuse of Event-B developments through generic instantiation". In, International Conference on Formal Engineering Methods (ICFEM 09), Rio de Janeiro, Brazil, 09 - 12 Dec 2009. 19pp. (Submitted) http://eprints.soton.ac.uk/68737/</ref>
:*An article about Pattern Management is published on the wiki<ref>http://wiki.event-b.org/index.php/Pattern</ref>.
:*The article about Generic Instantiation on the wiki<ref>http://wiki.event-b.org/index.php/Generic_Instantiation</ref>
Links for Edition
:Two documentation pages have been created for the Rodin Editor:
:* A general page describing the editor and how it works <ref name="RodinEditorPage">http://wiki.event-b.org/index.php/Rodin_Editor</ref>.
:* A user guide page <ref name="RodinEditorUserManual">http://wiki.event-b.org/index.php/Rodin_Editor_User_Guide</ref>.
: Moreover, a special category has been created on both SourceForge feature request<ref name="featTracker">https://sourceforge.net/tracker/?group_id=108850&atid=651672</ref> and bug<ref name="bugTracker">https://sourceforge.net/tracker/?group_id=108850&atid=651669</ref> trackers.


:* Camille
Camille Documentation
* As the Camille text editor is based on the standard Eclipse editor, that documentation applies fully as well<ref>http://help.eclipse.org/indigo/topic/org.eclipse.platform.doc.user/concepts/concepts-6.htm Eclipse</ref>.
* Additional information is available in the Text Editor<ref>http://wiki.event-b.org/index.php/Text_Editor</ref> section on the wiki.
* The Rodin Handbook<ref>http://handbook.event-b.org/</ref> provides some basic usage information in a few places.
* The technical report<ref name="camille-arch-tech-report">http://cobra.cs.uni-duesseldorf.de/w/Special:Publication/Weigelt2012</ref> describes analysis of user's needs and possible solutions.


= Status =
= Status =
== Improved Performance ==
== Improved Performance ==
The refactoring made on both core code and UI code allowed to gain up to 25 times speed-up on the UI, and almost a 2 times speed-up in the core code, making the platform usable in an industrial sized context.<br>
The refactoring made on both core code and UI code allowed to gain up to 25 times speed-up on the UI (as described below),<br>
[[Image:800px-Rodin_Performances_Core_perf_simple3_nos.png|700px|link=Rodin Performances|General Platform Performances]]<br>
and almost a 2 times speed-up in the core code, making the platform usable in an industrial sized context.<br>
[[Image:Rodin_Performances_Editor_perf_simplev2_nos.png|850px|Rodin Proof Editor Performances]]


== Design Pattern Management / Generic Instantiation  ==
== Design Pattern Management / Generic Instantiation  ==
{{TODO}} ''To be completed by Thai Son Hoang''
The Generic Instantiation plug-in is available in version 0.2.1 for Rodin 2.4 and above from the main Rodin Update Site in the ''Composition and Decomposition'' category.
== Edition ==
 
{{TODO}} ''To be completed by Thomas Muller, Ingo Weigelt''
== Editors ==
 
''' Rodin Editor '''
 
The Rodin Editor is part of the Rodin platform since Rodin 2.4 released by end of January 2012.
 
''' Camille '''


Camille has been quite successful, and besides a number of bug fixes and some performance profiling and tuning, the code base has not changed much.


= References =
= References =

Latest revision as of 20:57, 20 April 2012

Overview

Three main domains concerned the scalability task during the last year of the project:
Improved Performance. According to the refocus mentioned in the General Platform Maintenance chapter, much of the reworking efforts performed on the core platform basically aimed to overcome Rodin scalability weaknesses, and the continuous need of seamless proving experience. The whole performance was enhanced by core implementation and user interface refactorings. Improvements made to the proving experience will be detailed in a separate chapter.
Design pattern management / Generic Instantiation. Formal methods are applicable to various domains for constructing models of complex systems. However, often they lack some systematic methodological approaches, in particular in reusing existing models, for helping the development process. The objective in introducing design patterns within formal methods in general, and in Event-B in particular, is to overcome this limitation.
Editors. Along DEPLOY, edition became a central concern. Indeed, many usability issues appeard the models involved in pilots became "industrial" sized:

  • The legacy structured editor based on a form edition specific architecture reached its limits in editing such complex models. Industrial partners found this issue significant regarding the adoption of the Rodin platform in industry and providing a new structured editor correcting this issue became an important task during this last year of the DEPLOY project.
  • Camille textual editor had to tackle challenges related to resources mapping and management for projects of industrial size mentioned above or even the design of extension capabilities. Extension capabilities became a major concern since the grammar could be extended with theories.

Motivations

Improved Performance

Many issues concerning stability and performance were related to the core code of the Rodin platform, causing crashes, loss of data, corruption in models. Other issues were related to the UI causing platform hanging, and sometimes leading to its freezing which required sometimes to kill the Rodin process, thus also leading to potential loss of data and corruption in models. Addressing these issues before the end of DEPLOY was mandatory.

Design Pattern Management / Generic Instantiation

The idea of design patterns in software engineering is to have a general and reusable solution to commonly occurring problems. In general, a design pattern is not necessarily a finished product, but rather a template on how to solve a problem which can be used in many different situations. The idea is to have some predefined solutions, and incorporate them into the development with some modification and/or instantiation. With the design pattern tool we provide a semi-automatical way of reusing developed models in Event-B. Moreover, the typical elements that we are able to reuse are not only the models themselves, but also (more importantly) their correctness in terms of proofs associated with the models.

Editors

This section concerns the actual editors that user work with to view and modify models.

Editor of the core platform

Two major kinds of failures were faced when developing industrial sized models:

  • Failures occurring on Windows platforms, the mostly used system, when reaching the operating system limit number of graphical elements in memory allowed to be displayed at once. This situation used to crash the Rodin platform, and it appeared necessary to control the number of graphical elements needed to display the model elements. Architectures sparing these graphical elements were thus favoured.
  • Failures due to the high consumption of memory by the heavy graphical elements used by the forms of legacy editor.
Moreover, it appeared important to visualize some elements that are not part of the current level of modelling, but are linked to it, for example, the actions in an abstract event, or its guards. Such elements are called the "inherited" elements, or "implicit children". The legacy structured editor being directly interfaced with the underlying Event-B models in database, it was difficult and tricky to modify it in order to display inherited elements. This was one more argument to go for a new editor based on a intermediary representation of the models.
Another motivation to go for another editor was to get a more modest and ergonomic way to visualize and edit the models. The models being presented through styled text pretty printing and the edition tightly derived from a textual edition.

Camille

Camille was developed as an alternative editor in 2009. In contrast to the existing editor, this was a pure textual editor that supported standard features like copy and paste, auto-completion, color highlighting and many more. In addition, it performed better than the existing structural editor.

While successful, Camille offered only limited support for models with extended elements contributed by plug-ins. Also, the underlying EMF Compare framework was problematic due to bugs and performance issues.

Choices / Decisions

Improved Performance

SYSTEREL lead a two phase investigation to have a better idea of the work to be done. Each phase being followed by some refactoring of the code. Out of the early investigation, a cause and effect relationship has been found between performance loss and the various reported bugs, such as "platform hanging" bugs. Indeed, it appeared that solving the performance issues sometimes solved induced bugs as well, making the scalability improvement tasks encompass the maintenance goals.
Later, a deeper investigation was performed where profiling and code review were the two techniques used to tackle the issues left. The profiling strategy allowed to get a better localisation of the performance loss in both UI and core code while the code review helped to understand the intrinsic misuses or drawbacks of particular components and/or architectures. The proving UI was refactored in order to use a light textual representation.

Design Pattern Management / Generic Instantiation

In our notion of design patterns, a pattern is just a development in Event-B including an abstract model called specification and a refinement. During development there might be the possibility of applying a pattern that was already developed to the current development. The steps of using the tool are as follows.

Matching The developer the starts the design pattern plug-in and manually matches the specification of the pattern with the current development. In this linking of pattern and problem the developer has to define the which variable in the current development corresponds to each variable in the pattern specification. Furthermore the developer has to ensure the consistency of the variable matching by matching the events of the pattern specification with events in the development.
Renaming Once the matching is done, the developer has the possibility to adapt the pattern refinement such as renaming the variables and events or merging events of the pattern refinement with uninvolved events of the development. Renaming can become mandatory there are name clashes, meaning the pattern refinement includes variable or events having the same name as existing elements in the development.

After adaptation of the pattern refinement the tool generates automatically a new Event-B machine as a refinement of the machine where the developer started the design pattern tool. The correctness of the generated machine being a refinement is guaranteed by the generation process of the tool.

Design Patterns in Event-B are nothing else than ordinary Event-B models and are not restricted with respect to their size. Due to the fact that pattern and development have to be matched manually by the developer, the size of a pattern effects the usability. Furthermore, if the pattern is too specific either the pattern cannot be used in most situations or the developer is forced to tune its development such that a further appliance of the pattern is possible. A pattern-driven development could thus lead to models including needless elements that would have been avoided when developing without patterns.

Editors

Rodin Editor

The Rodin Editor has been built on the basis of enhancements brought to the Proving UI. In fact, by using the same kind of textual component, every model element is presented as text, as would a pretty print do. The edition is made possible through the use of a unique additional graphical component that overlays the presentation of the element (to be edited). It lighten the presentation, but also side steps the use of a significant amount of greedy graphical elements. Only two graphical elements are needed for presentation and edition: the model viewer and its overlay editor!
The first public version (0.5.0) of the Rodin Editor has been released on the 13/07/2011 as a plug-in of the Rodin platform. This decision has been made in order to let the plug-in incubation for the time it is being tested and stated that no regression is introduced. The Rodin Editor since its version 0.6.1 is part of the Rodin core platform.

Camille

Camille was quite successful, but due to the limited suitability for editing models using plug-ins, an architectural overhaul has been planned. The course of action was not obvious, however, as there are a number of possible architectures with varying advantages and disadvantages. Therefore, Ingo Weigelt at the University of Düsseldorf created a technical report[1] that analyzes the needs of the users and suggests a number of possible solutions. In the FP7 project ADVANCE, a solution will be decided upon and implemented.

Available Documentation

Links for Improved Performance

  • There is a wiki page concerning the Rodin Performance[2].

Links for Design Pattern Management / Generic Instantiation

  • A paper concerning the generic instantiation is available[3]
  • An article about Pattern Management is published on the wiki[4].
  • The article about Generic Instantiation on the wiki[5]

Links for Edition

Two documentation pages have been created for the Rodin Editor:
  • A general page describing the editor and how it works [6].
  • A user guide page [7].
Moreover, a special category has been created on both SourceForge feature request[8] and bug[9] trackers.

Camille Documentation

  • As the Camille text editor is based on the standard Eclipse editor, that documentation applies fully as well[10].
  • Additional information is available in the Text Editor[11] section on the wiki.
  • The Rodin Handbook[12] provides some basic usage information in a few places.
  • The technical report[1] describes analysis of user's needs and possible solutions.

Status

Improved Performance

The refactoring made on both core code and UI code allowed to gain up to 25 times speed-up on the UI (as described below),
General Platform Performances
and almost a 2 times speed-up in the core code, making the platform usable in an industrial sized context.
Rodin Proof Editor Performances

Design Pattern Management / Generic Instantiation

The Generic Instantiation plug-in is available in version 0.2.1 for Rodin 2.4 and above from the main Rodin Update Site in the Composition and Decomposition category.

Editors

Rodin Editor

The Rodin Editor is part of the Rodin platform since Rodin 2.4 released by end of January 2012.

Camille

Camille has been quite successful, and besides a number of bug fixes and some performance profiling and tuning, the code base has not changed much.

References