Java Team2 Benchmark1

From CRV
Revision as of 11:54, 19 July 2016 by Larva (Talk | contribs) (Demonstration Traces)

Jump to: navigation, search

FiTS (A Financial Transaction System) is a bare-bones system mocking the behaviour of a financial transaction system. It emulates a virtual banking system in which users may open accounts from which they may perform money transfers. For more information read the manual at [1]

Categories: Financial

Benchmark Data

The Trace Part

The relevant files can be found on the server at: home/larva/Benchmark1

The script will run a scenario that violates the property defined in the rest of this page.

Instrumentation Information

We have defined the following pointcuts to capture the relevant events for this benchmark (see the next section for their use):

   pointcut greylistUser(Integer uid) : 
       call(public void Interface.ADMIN_greylistUser(Integer)) && args(uid);
   pointcut whitelistUser(Integer uid) : 
       call(public void Interface.ADMIN_whitelistUser(Integer)) && args(uid);
   pointcut depositTo(UserInfo user) : 
       call(public void UserInfo.depositTo(..)) && target(user);

Trace Statistics

Event Occurrences
greylistUser 10001
whitelistUser 10001
depositTo 40002

The Property Part

Informal Description

FiTS contains an object UserInfo that corresponds to a user. A user can be greylisted, blacklisted, or whitelisted.

Once greylisted, a user must perform at least three incoming transfers before being whitelisted.

Demonstration Traces

Assume that userInfo.uid = uid, and userInfo'.uid = uid' in the following traces

Satisfying Traces

  • greylist(uid); depositTo(uid); depositTo(userInfo); depositTo(userInfo); whitelist(uid);
  • greylist(uid'); depositTo(userInfo); depositTo(userInfo);
  • depositTo(userInfo); depositTo(userInfo); greylist(uid)

Note how the satisfying traces either whitelist a greylisted user after three deposits (the first one), or do not attempt whitelisting at all (avoiding a possible violation of the property).

Violating Traces

  • greylist(uid); depositTo(userInfo'); depositTo(userInfo'); depositTo(userInfo'); whitelist(uid)
  • greylist(uid); depositTo(userInfo); depositTo(userInfo); depositTo(userInfo); greylist(uid'); whitelist(uid')
  • depositTo(userInfo); depositTo(userInfo); greylist(uid); depositTo(userInfo); depositTo(userInfo); whitelist(uid)

On the other hand these violating traces all attempt to whitelist a greylisted user before three deposits to their account.

Formal Specification

As a formal specification we use regular expressions over traces, defining both an expression for a satisfying and a violating trace. Each of these events are defined with respect to an object u of type UserInfo (e.g. such that the event greylist refers to u being greylisted).

Regular Expression for satisfying traces:

    property foreach target (UserInfo u) matching{
       ((!greylist)* ; greylist ; ((!whitelist)* ; depositTo ; (!whitelist)* ; depositTo ;
       (!whitelist)* ; depositTo ; (!whitelist)*) ; whitelist )*
    }


Regular Expression for violating traces:

    property foreach target (UserInfo u) not matching{
        (?)* ; greylist ; ((!depositTo)* + (!depositTo)* ; depositTo ;
        (!depositTo)* + (!depositTo)* ; depositTo ; (!depositTo)*; depositTo; 
        (!depositTo)*) ; whitelist
    }

A FO-LTL Specification

Clarification Requests

This is a space where other teams can ask for clarifications and the submitting team can answer. When a team requests a clarification, the team should be mentioned in the request and the request timestamped. The team submitting the benchmark should ensure they watch this page so that they get notifications of questions.

  • The pointcut depositTo is never called with the provided definition. The args condition contains uid which is never declared. Furthermore, to match the given traces the pointcut should be parameterized with uid and not with account_number and amount. --Malte, Mufin, 2016-07-05T18
    • Sorry missed these; see the corrected pointcut. You can get the relevant uid from the user parameter. -- Shaun, Larva, 2016-07-19
  • Is the lack of breaks in the switch in the Main.main intended? In case of the CLI argument "1" all three scenarios Scenarios.runViolatingScenarioForProperty(6), Scenarios.runNonViolatingScenarioForProperty(8), and Scenarios.runViolatingScenarioForProperty(10) are executed. --Malte, Mufin, 2016-07-05T18
    • This was corrected. -- Shaun, Larva, 2016-07-19
  • The length of the benchmark means that performance monitoring will tell us very little. I suggest two solutions (i) we only score this benchmark for correctness, (ii) you loop some of the behaviour to give a non-trivial workload -- Giles, 2016-07-06
  • The clarity of the benchmark would be improved by (i) explaining the demonstration traces and (ii) explaining the relation between the two regular expression properties and what matching means i.e. are the regular expressions 'prefix-closed'.