Add simulation controls from the environment

In this exercise we show how to introduce environment controls into the model to provide more meaningful simulations. The goal of adding environment controls is to make the model deterministic. When we do this, we do not use the Path Selection dialog. Instead, we explicitly tell the model what to do by sending signals from the environment.

Setup

All source MSC PR files, Telelogic Tau diagrams, and the synthesized SDL model can be found in the following directory:

<KLOCwork MSC to SDL installation directory>/doc/examples/InfoServer_step3

As we observed before, the InfoServer model is non-deterministic because the input scenarios do not contain information about the decision made between the Request and Done messages done by the User actor. The KLOCwork MSC to SDL Synthesizer propagates the non-deterministic choice into the synthesized SDL model.

1. Update the input MSCs as shown in the following figures.

Note, that the signal from the environment and the timeout signals arrive in the so-called MSC coregion (see the first two of the figures that follow). We use the coregion symbol to emphasize that the timeout (introduced in order to fix the failure problem) and the environment control (introduced in order to provide more control over the execution of the model) are independent.

The Telelogic Validator handled the non-determinism gracefully. It produces MSC traces for various combinations of actions by the User process. However, the manual exploration of the behavior of the Server mode through the Simulator UI used the Path Selection dialog. With the insertion of the environment controls, the model becomes deterministic. The logic of selecting between Request and Done signals now resides with the environment. The model only reacts to the incoming signals. By sending these signals, we control the behavior of the model.







2. Save the model and, from the MSC to SDL menu, choose Simulate MSC. Note that the Simulator UI now shows additional buttons that correspond to the new environment controls go, finish and boo. This provides a more friendly way to interact with the model.



3. Click the MSC button in the Trace group. Start the simulation by clicking the Go button in the Execute group, then click the Send go button in the Synthesized_Model group.
4. The Simulator prompts you for the name of the process to which to send the message.



5. Select the User process. The Simulator shows the following trace.



6. The simulation waits for more input from the environment. Now click the Send boo button in the SynthesizedModel panel to fail the Server.
7. Select the Server process.



Simulation performs more events and then stops.



8. Restart the simulation. Click the MSC trace button. Click the Go button from the Execute group to start the simulation.



Observe that the Simulator is waiting for the events from the environment. Note, however, that the Simulator is using the event-driven simulation. The timeout from the timer T occurred immediately after the timer was set. In the event-driven simulation this happens because the timeout is always the next scheduled event. This prevents us from exploring the failure behavior in which we need to inject the fail signal before the timeout.

Summary

In this exercise, we showed how to introduce environment controls into the model to provide more meaningful simulations.

In the next exercise we will demonstrate how to run the a real-time simulation in which the events will be handled in exactly the same order as they occur. As the result, timeouts will be delayed for the exactly the amount of time for which the timer was set.