Reasoning about UML/OCL class diagrams using constraint logic programming and formula
Introduction
Model Driven Engineering (MDE) [1] promotes models as cornerstone components in software development. Verification and validation of models become important activities to ensure the quality of a system. Effective model verification and validation methods can reduce time to market and decrease development costs. In the context of MDE, the Unified Modeling Language (UML) and the Object Constraint Language (OCL) constitute two of the most commonly used modeling languages. UML [2] has been widely accepted as the de-facto standard object-oriented software modeling language. OCL [3] is an integral part of UML which has been introduced into UML as a declarative language to express integrity constraints that UML diagrams cannot convey by themselves.
Software models, as any other software artifact, may contain defects. Unfortunately, in some occasions, possible design flaws are not detected until the later implementation stages, thus increasing the cost of development [4], [5]. This situation requires a wide adoption of formal methods as well as verification and validation approaches. In this line, there have been remarkable efforts to formalize UML semantics, and to address and solve ambiguity, uncertainty, and underspecification issues detected in UML semantics. In particular, the formalization and analysis of specific UML artifacts can be done by carrying out a translation to another language that preserves the semantics [4], [5], [6], [7], [8], [9]. The resulting translation can be used for several purposes, such as to reason about implicit properties in UML models and about particular model instances.
In this paper we propose an overall framework to reason about specific UML Class Diagram (CDs) based on the Constraint Logic programming (CLP) paradigm. More specifically, we focus on UML Class Diagrams, annotated with OCL constraints, which are considered to be the mainstay of object-oriented analysis and design representing the static structure of a system, and whose formalization and analysis have motivated a significant number of proposals [4], [10], [11]. As reasoning tool, we use a model-finding and design space exploration tool called Formula [12], which presents distinctive strength properties compared to other similar tools, including more expressivity [13], [14]. More specifically, Formula is based on algebraic data types and CLP, and relies on the Formula solver Z3 as underlying engine to reason about models where proof goals are encoded as CLP satisfiability problem. Formula utilizes a bounded verification approach by means of which the reasoning process is carried out by establishing finite bounds for the number of instances of the model to be considered during the verification process. In the case that Z3 finds a solution that satisfies all encoded constraints, Formula will reconstruct a complete model from this information derived of known facts.
Our approach can be used for several different purposes. It can be used to rigorously reason about a UML design, by checking predefined correctness properties about the original model, such as satisfiability or the lack of redundant constraints [5]. Additionally, our proposal can be used to inspect models of complex system development contexts, to search for conforming object models and to choose those that better fit domain needs. Overall, our proposal can contribute to software design validation and verification.
The results presented in this paper are based on the work published by the authors of this paper in [15], [16]. In this paper we provide a revised and extended version of those works, focusing mainly on the conceptual definition of our framework, constituting the first paper that includes a complete description of our proposal. Additionally, in this paper we provide extra material regarding the reasoning process to follow when using our approach and a more detailed explanation about the comparison among our proposal and others.
The paper is structured as follows. Next, we motivate and present an overview of our approach, introducing the case study we use throughout the paper. Section 3 provides a brief introduction to Formula. Section 4 presents the translation of a UML class diagram to Formula, while Section 5 describes the OCL fragment we consider in our proposal and its representation into Formula. Section 6 describes the CD2Formula tool we have developed to implement our Class diagram to Formula translation proposal, and illustrates the usefulness of our overall approach by applying it to the case study. Section 7 summarizes the strengths and weaknesses of our approach and discusses related work. Finally, Section 8 contains our main conclusions.
Section snippets
The need for class diagram verification and validation
In order to motivate our proposal, we build upon the case study shown in Fig. 1 to identify inconsistent modeling features. This class diagram has been designed for explanation purposes and covers a representative number of UML Class Diagrams elements from those our approach supports. More specifically, it describes part of the organizational and functional structure of companies regarding their employees, departments, and the projects undertaken by the companies. The whole/part strong
A brief overview of Formula
Formula distinguishes three different units to represent a system: domains, models, and partial models. Modeling in Formula always starts with specifying the problem domain and formalizing an abstraction of the problem that can be used by Formula to reason about the design [12]. A Formula domain (FD) is the basic specification unit for an abstraction and allows specifying algebraic data types and a logic program describing properties of the abstraction. As an example, line 3 in Fig. 3 shows the
Translation of class diagram structural elements
This section presents a brief introduction of the rules we have defined to transform a CD, conforming with the UML metamodel [2], into Formula. First, we explain the translation of a set of basic structural UML Class Diagram features frequently used for modeling structural aspects of systems (UML class, property, bidirectional association, and generalization, considering also the different types of generalization set constraints). We finish the section with the translation of other elements,
Translation of class diagram constraints
Among the different constraints that can be applied to a CD, we can distinguish those predefined in UML and defined on the metamodel, from those user-defined that are defined on the specific CD [2]. On one hand, the first are used in the UML semantics description to define the well-formedness rules for UML models, which ensure that the UML model is consistent with the UML metamodel. The user-defined constraints, on the other hand, are used to impose the otherwise unrestricted particularities
Tool support and reasoning process of the case study
In this section, we describe the development aspects of the CD2Formula Eclipse plug-in, which allows us to automatically perform the transformation from class diagrams to Formula. Also, in order to illustrate the usefulness of our approach, we apply it to our case study.
Discussion and related work
The formalization and analysis of UML Class Diagrams has motivated a significant number of proposals. As described previously, most of these proposals tackle the verification process by the translation of the model to other languages that preserve its semantics, and the resulting translation is used to reason about the design by checking a predefined set of correctness properties. We evaluate our proposal by comparing it to relevant related work regarding the following dimensions: (1) main tool
Conclusion and future work
In this paper we present a framework to reason about UML/OCL models based on the Constraint Logic Programming paradigm. The main contribution of our work is the translation of a UML model into a Constraint Satisfaction Problem following a multilevel Meta-Object Facility (MOF) like framework. Model reasoning can be automated using the model-finding tool Formula. We have also identified a fragment of OCL, which can be checked for finite satisfiability, while being considerably expressive. We also
Acknowledgments
This work has been partially supported by the Spanish Ministry of Economy and Competitiveness (project EDU2016-79838-P) and by the Academy of Finland (project VAMOLA). This work has also been partially supported by the Electronic Component Systems for European Leadership Joint Undertaking under grant agreement No 737494. This Joint Undertaking receives support from the European Unions Horizon 2020 research and innovation programme and Sweden, France, Spain, Italy, Finland and Czech Republic.
References (56)
- et al.
OCL-Lite: Finite reasoning on UML/OCL conceptual schemas
Data Knowl. Eng.
(2012) - et al.
The semantics of constraint logic programs
J. Log. Program.
(1998) - et al.
Transformation techniques for OCL constraints
Sci. Comput. Program.
(2007) - et al.
Authoring and verification of clinical guidelines: a model driven approach
J. Biomed. Inform.
(2010) - et al.
On the verification of UML/OCL class diagrams using constraint programming
J. Syst. Softw.
(2014) - et al.
USE: A UML-based specification environment for validating UML and OCL
Sci, Comput. Programm.
(2007) Model driven engineering: an emerging technical space
- OMG, UML 2.4.1 Superstructure Specification, August, 2012. Available at: http://www.omg.org/. Last visited on July...
- OCL, Version 2.3.1, http://www.omg.org/spec/OCL/2.3.1/PDF. Last visited on July...
- et al.
A formal framework for reasoning on UML class diagrams