Showing papers by "David Garlan published in 1998"
28 Mar 1998
TL;DR: This paper argues that it is possible and valuable to provide a modeling approach that accounts for the interactions between architectural reconfiguration and non-reconfiguration system functionality, while maintaining a separation of concerns between these two aspects of a system.
Abstract: A critical issue for complex component-based systems design is the modeling and analysis of architecture. One of the complicating factors in developing architectural models is accounting for systems whose architecture changes dynamically (during run time). This is because dynamic changes to architectural structure may interact in subtle ways with on-going computations of the system. In this paper we argue that it is possible and valuable to provide a modeling approach that accounts for the interactions between architectural reconfiguration and non-reconfiguration system functionality, while maintaining a separation of concerns between these two aspects of a system. The key to the approach is to use a uniform notation and semantic base for both reconfiguration and steady-state behavior, while at the same time providing syntactic separation between the two. As we will show, this permits us to view the architecture in terms of a set of possible architectural snapshots, each with its own steady-state behavior. Transitions between these snapshots are accounted for by special reconfiguration-triggering events.
427 citations
01 Jan 1998
TL;DR: This paper shows how queueing network modeling can be adapted to support performance analysis of software architectures and describes a tool for transforming a software architecture in a particular style into a queueingnetwork and analyzing its performance.
Abstract: A software architecture should expose important system properties for consideration and analysis. Performance- related properties are frequently of interest in determining the acceptability of a given software design. In this paper we show how queueing network modeling can be adapted to support performance analysis of software architectures. We also describe a tool for transforming a software architecture in a particular style into a queueing network and analyzing its performance.
119 citations
01 Nov 1998
TL;DR: This paper uses the experience in modeling the High Level Architecture for Distributed Simulation to show how one can capture the structured protocol inherent in an integration standard as a formal architectural model that can be analyzed to detect anomalies, race conditions, and deadlocks.
Abstract: An increasingly important trend in the engineering of complex systems is the design of component integration standards. Such standards define rules of interaction and shared communication infrastructure that permit composition of systems out of independently-developed parts. A problem with these standards is that it is often difficult to understand exactly what they require and provide, and to analyze them in order to understand their deeper properties. In this paper we use our experience in modeling the High Level Architecture (HLA) for Distributed Simulation to show how one can capture the structured protocol inherent in an integration standard as a formal architectural model that can be analyzed to detect anomalies, race conditions, and deadlocks.
69 citations
01 Nov 1998
TL;DR: A formal computational model for implicit invocation is defined based on standard notions from process algebra and trace semantics and a verification methodology is presented that supports linear time temporal logic and compositional reasoning.
Abstract: Implicit invocation [SN92, GN91] has become an important architectural style for large-scale system design and evolution. This paper addresses the lack of specification and verification formalisms for such systems. Based on standard notions from process algebra and trace semantics, we define a formal computational model for implicit invocation. A verification methodology is presented that supports linear time temporal logic and compositional reasoning. First, the entire system is partioned into groups of components (methods) that behave independently. Then, local properties are proved for each of the groups. A precise description of the cause and the effect of an event supports this step. Using local correctness, independence of groups, and properties of the delivery of events, we infer the desired property of the overall system. Two detailed examples illustrate the use of our framework.
56 citations
01 Jan 1998
TL;DR: This paper argues that the use of \higher order connectors" is one way to achieve this goal and argues that such operations would permit one to produce new connectors out of old ones, adapt existing connectors to new contexts of use, and factor out common properties of connectors so they can be reused.
Abstract: A critical issue for architectural design is the nature of the glue, or connectors, with which a system's parts are combined. Thus an important rst step toward improving our ability to compose parts is to make to make connectors explicit semantic enties, where they can be documented, analyzed, and (sometimes) used to generate code. A number of notations for software architecture do precisely this. However, a key second step is to understand operations over connectors. In principle, such operations would permit one to produce new connectors out of old ones, adapt existing connectors to new contexts of use, and factor out common properties of connectors so they can be reused. In this paper we argue that the use of \higher order connectors" is one way to achieve this goal.
46 citations
TL;DR: A verification framework for implicit invocation is developed based on Jones' rely/guarantee reasoning for concurrent systems [Jon83, Stø91], and the application of the framework is illustrated with several examples.
Abstract: Implicit invocation [SuN92, GaN91] has become an important architectural style for large-scale system design and evolution. This paper addresses the lack of specification and verification formalisms for such systems. A formal computational model for implicit invocation is presented. We develop a verification framework for implicit invocation that is based on Jones' rely/guarantee reasoning for concurrent systems [Jon83, StO91]. The application of the framework is illustrated with several examples. The merits and limitations of the rely/guarantee paradigm in the context of implicit invocation systems are also discussed.
23 citations
10 citations
TL;DR: Corrections are presented to a previously published article which appeared in ACM Transaction on Software Engineering and Methodology 6, 3 (July 1997), pp. 213–249.
Abstract: We present corrections to a previously published article which appeared in ACM Transaction on Software Engineering and Methodology 6, 3 (July 1997), pp. 213–249
4 citations
01 Jan 1998
TL;DR: The problems of modeling and reasoning about highly concurrent systems at an architectural level are explored, and two approaches are identified that help make such reasoning tractable.
Abstract: Software systems that integrate a set of concurrent and possibly distributed components are becoming increasingly common. One architectural style that is often used in such systems is implicit invocation[1, 2]. In this style, a component communicates and passes control by announcing events, and these events are multicast to a set of consuming components that perform actions in response to events. At first glance, it would seem that the inherent concurrency associated with this style would make systems intractable: the concurrency and independence of components coupled with event multicast typically leads to a highly complex concurrent system with considerable non-determinism. We are currently exploring the problems of modeling and reasoning about highly concurrent systems at an architectural level. In particular, we have identified two approaches that help make such reasoning tractable:
1 citations