Deriving protocol specifications from service specifications written as Predicate/Transition-nets
Introduction
Synthesis methods have been used to derive the specification of a set of application components running in a distributed system of networked computers (hereafter called protocol specification) automatically from a given specification of services to be provided by the distributed application to its users (called service specification). The service specification is written in the form of a centralized model, and does not contain any message exchanges between different physical locations. However, the definition of the behavior of the application components, called protocol entities (PEs), includes the message exchanges between these entities. Protocol synthesis methods have been used to specify and derive such complex message exchanges automatically in order to reduce the design costs and errors that may occur when manual methods are used.
Many synthesis methods have been proposed in the literature. The methods use different computational models as service definition languages. For example, the methods presented in [1], [2], [3] use CCS/LOTOS models, the methods in [4], [5], [6], [7], [8] use FSM/EFSM models and the methods in [9], [10], [11], [12], [13], [14], [15], [16] use Petri net models. Similar methods may also be used for deriving distributed testers for distributed applications [17] and for deriving specifications of real-time systems [18], [19], [20]. In this paper we consider service and protocol specifications written in high-level Petri nets. These are extended Petri nets where tokens have values and the firability of transitions may depend on those values. Popular versions of high-level Petri nets are predicate/transition nets (Pr/T-nets) [21], [22] and coloured Petri nets (CPN) [23]. These models have enough modeling power, analytical power and tool support (such as CPN Tools [24]) to specify, verify and analyze large and practical software systems [25], communication protocols [26], [27], control systems and so on [23], [28].
In this paper, we propose a new algorithm for the derivation of a protocol specification in Pr/T-nets, which is the specification of N communicating entities (N is given), from a given service specification in Pr/T-nets and an allocation of the places of the service specification to the N entities. Our algorithm decomposes each transition of the service specification into a set of communicating Pr/T-subnets running on the N entities. Moreover, in order to improve the efficiency of controlling the conflict between different transitions over shared resources, we present a timestamp-based contention control algorithm and incorporate it into the derivation algorithm. A tool has been developed that includes our derivation algorithm and works together with other existing tools for the representation of the service and the derived protocol specifications. As application examples we discuss the application of our synthesis method to a distributed media transcoding service on overlay networks and to a distributed software development process [29].
Our approach is very powerful in the sense that general Pr/T-nets are allowed to be used for specifying services. Such Pr/T-nets may include complex conflict structures between transitions that require read and/or write access to shared resources in the form of tokens with values stored at shared places. Since these resources may reside on different sites and the transitions should be initiated when all required resources are available, we have to deal with this complex problem of distributed synchronization for the different transitions involving the protocol entities on the different sites. We first present a basic transition execution protocol where a transition is initiated by its “primary site” without having full knowledge about the available resources; the transition is then canceled whenever there appears to be some conflict or deadlock possibility.
Some existing synthesis methods also allow to treat variables (parameters) in their modeling languages as for instance a CCS-based model with I/O parameters [1] and Petri nets with external variables [9], [15]. However, since these existing methods mainly focus on value exchanges between entities, only simple control flows are allowed; the combination of choices and synchronization involving parameters, which often represents resource conflict, is not treated by those methods. Therefore, the class of acceptable service specifications has been considerably extended by the approach described in this paper. As far as we know, no previous paper has presented synthesis approaches for general Pr/T-nets.
We note that the basic idea of this paper was presented in [30]. Here we extend that work in several ways. First, we enhance the derivation algorithm by including a new derivation policy. Using a few additional messages, this policy prevents large size resources from being exchanged between entities. Second, we include a detailed timestamp-based contention control algorithm for efficiently controlling conflict for shared resources. Third, we developed a tool that includes our derivation algorithm and can interwork with other Petri net tools. Fourth, we provide arguments for the validity of our method and discuss the application of the method to two realistic examples.
This paper is organized as follows. Section 2 includes the definition of Pr/T-nets and provides examples of service and protocol specifications written in this notation. In Section 3 we present our derivation algorithm and in Section 4 we enhance this algorithm by incorporating a timestamp-based contention control algorithm. In Section 5 we describe two application examples and in Section 6 we conclude the paper.
Section snippets
Predicate/transition-nets
We use Predicate/Transition-nets (Pr/T-nets) [21] for representing service and protocol specifications of target systems. In Petri nets, a place (denoted as a circle) represents a state or data of a system, and a transition (denoted as a rectangle) represents a task (or job) of the system. A place and a transition may be connected by a directed edge called an arc (denoted by an arrow). Tokens (denoted as black dots) in places represent the current state of the system, and execution (“firing” in
Overview
Given a service specification Sspec written in the form of a Pr/T-net, the number N of sites, and an allocation of each place of the service specification to one of the N sites, our derivation algorithm derives a protocol specification Pspec, which consists of a set of specifications for the N sites. The derivation algorithm is presented in Section 3.3, and in Appendix B we comment on its validity.
The derivation of the protocol specification proceeds for each transition of the service
Motivation and outline
For a given service specification, our derivation algorithm derives a protocol specification that is deadlock free. This is due to the fact that each transition of a service specification can be executed only when it acquires tokens from its input places. In our transition execution algorithm, the primary site of a transition sends requests, for executing the transition, to all other reading sites that have input places of the transition. If all the required tokens are acquired by these sites
Tool support and application examples
Synthesis methods have been applied to many applications such as communication protocols [26], [27], factory manufacturing systems [33], distributed cooperative work management [15] and so on [25], [28].
In the following subsections we apply our synthesis method to a distributed Media Transcoding (MT) service on service overlay networks and to a distributed software development process called ISPW-6 [29].
Conclusion and current research work
We have proposed a protocol synthesis technique for systems modeled as Pr/T-nets (predicate/transition-nets), a first-order extension of Petri nets. Our technique is based on a top-down approach where a service requirement is defined in the form of a Pr/T-net with a centralized view, and then it is decomposed into communicating components located on different sites which together provide the required service. The originality of our approach is the fact that non-restricted Petri nets with
Acknowledgement
The authors would like to thank Dr. Juan Quemada and the anonymous referees for their useful comments.
Hirozumi Yamaguchi received his B.E., M.E. and Ph.D. degrees in Information and Computer Sciences from Osaka University, Japan, in 1994, 1996 and 1998, respectively. He is currently an assistant professor at Osaka University. His research interests are design and implementation of distributed systems and wired and wireless communication protocols.
References (36)
- et al.
Two formal methods for the synthesis of discrete event systems
Comput. Networks ISDN Syst.
(1997) - et al.
Deriving protocol specifications from service specifications including parameters
ACM Trans. Comput. Syst.
(1990) - H. Erdogmus, R. Johnston, On the specification and synthesis of communicating processes, IEEE Trans. Software Eng....
- et al.
Deriving protocol specifications from service specifications written in LOTOS
Distrib. Comput.
(1996) - P.-Y.M. Chu, M.T. Liu, Protocol synthesis in a state-transition model, in: Proceedings of COMPSAC ’88, 1988, pp....
- T. Higashino, K. Okano, H. Imajo, K. Taniguchi, Deriving protocol specifications from service specifications in...
- et al.
Distributing automata for asynchronous networks of processors
Eur. J. Autom. Syst. (JESA)
(1997) - J.C. Park, R.E. Miller, Synthesizing protocol specifications from service specifications in timed extended finite state...
- H. Kahlouche, J. Girardot, A stepwise requirement based approach for synthesizing protocol specifications in an...
- H. Yamaguchi, K. Okano, T. Higashino, K. Taniguchi, Protocol synthesis from time Petri net based service...
Protocol synthesis and re-synthesis with optimal allocation of resources based on extended Petri nets
Distrib. Comput.
Cited by (0)
Hirozumi Yamaguchi received his B.E., M.E. and Ph.D. degrees in Information and Computer Sciences from Osaka University, Japan, in 1994, 1996 and 1998, respectively. He is currently an assistant professor at Osaka University. His research interests are design and implementation of distributed systems and wired and wireless communication protocols.
Khaled El-Fakih received his B.S. and M.S. degrees in Computer Science from the Lebanese American University and his Ph.D. in Computer Science from the University of Ottawa in 2002. He worked as a graduate fellow at the IBM Toronto Laboratory in 1997 and as a verification engineer at Cambrian Systems Corporation (a Nortel Company) in 1998. He is currently an assistant professor at the American University of Sharjah. His current research interests are in automating the design of distributed systems, test development from formal specifications, and fault diagnosis of distributed systems.
Gregor von Bochmann is professor at the School of Information Technology and Engineering at the University of Ottawa since January 1998. Previously he was professor at the University of Montreal for 25 years. He is a fellow of the IEEE and ACM and a member of the Royal Society of Canada. He has worked in the area of programming languages, compiler design, communication protocols, and software engineering and has published many papers in these areas. He has also been actively involved in the standardization of formal description techniques for communication protocols and services. His present work is aimed at methodologies for the design, implementation and testing of communication protocols and distributed systems. Ongoing projects include quality of service management for distributed multimedia applications and agile optical networks.
Teruo Higashino received the B.E., M.E., and Ph.D. degrees in Information and Computer Sciences from Osaka University, Osaka, Japan, in 1979, 1981 and 1984, respectively. He joined the faculty of Osaka University in 1984. Since 1999 he has been a Professor, and currently he belongs to Graduate School of Information Science and Technology, Osaka University. His current research interests include distributed systems, mobile computing, communication protocols and intelligent transportation systems. He is a senior member of IEEE, a fellow of Information Processing Society of Japan and a member of IFIP TC6/WG 6.1.
- 1
Tel.: +971 06 5152556; fax: +971 06 5152979.