The thesis comprises two main parts, and each part contains two chapters: (Part I) Consistency ensuring techniques for software models and (Part II) consistency ensur- ing techniques for model transformations. The remainder of this thesis is structured as follows:
• Chapter 2 presents the basic background information needed throughout the thesis. EMF models, EMF constraints, graphs, transformation rules, and OCL are presented. They form the basis for both parts. Additionally, graph constraints and conditions are defined, OCL translation rules are outlined, and the calculation of application conditions is presented. All form the basis of the second part.
Part I composes the following two chapters presenting consistency ensuring tech- niques for software models:
• Chapter 3 introduces rule-based model repair. The work is introduced and motivated by example, the developed rule-based algorithm, the catalog of the different kinds of repair rules and their meta-patterns are outlined, the approach is formalized, presented as Hoare triple and as graph automaton, and the correctness proof of the algorithm and its features are shown, the ready-to-use tool with its functionaries is outlined and systematically tested, the scalability is shown, the discussion of the approach in general settings (e.g., supporting a set of OCL constraints) is provided, and the related work is discussed as well.
• Chapter 4 presents rule-based model generator. The work is motivated and the approach of generating consistent EMF models is presented, four particu- larization strategies and their meta-specifications are presented using examples, a ready-to-use tool is developed to generate consistent models starting with or without seed models, and the scalability experiment for generating consistent models of varying size up to half a million elements elements are presented using 8 modeling languages taken from different domains, a comparison with the state-of-the-art solver-based tool is carried out, and diversity experiments for generating diverse sets of consistent models are provided, the state-of-the-art of the related work is explored and classified.
Part II composes the following two chapters presenting consistency ensuring techniques for model transformations:
• Chapter 5 presents an automated construction of guaranteeing application
conditions from OCL constraints. The work is introduced and motivated
by example, the solution design of realizing and automating the theoretical foundations is presented, the ready-to-use tool and its functionalities are shown, the restriction of the technique is studied by considering the OCL constraints of UML, the complexity and the performance of both tool supports are presented using a realistic application case, and the related work is discussed. • Chapter 6 presents an automated construction of optimized consistency-
preserving application conditions. The approach for constructing optimized
consistency-preserving application conditions is introduced by example, two theorems are formalized to show the correctness of our approach, the tool is implemented and discussed, the complexity and the performance of our approach are studied using a realistic application case, namely the MagicDraw Statechart meta-model with 11 OCL constraints and 84 editing rules, a performance comparison of a-priori consistency approach implemented using our techniques with a-posteriori consistency approach realized using validators are carried out, and the related work is presented as well.
• Chapter 7 summarizes this thesis and gives an outline on possible future work. • Chapters A and B provide comprehensive details used in this thesis.
2
Background
In this chapter, we introduce the main required concepts for the subsequent chap- ters. We first introduce the basic foundation needed to understand the first two contributions and then present the ones additionally needed to follow the last two contributions. Further helpful information is provided within the chapters to ease the readability.
A suitable formal framework and foundation for this work is the theory of algebraic graph transformation introduced by Ehrig et al. [39]. To use the theory of alge- braic graph transformation, we consider EMF models and meta-models as graphs. A meta-model can be regarded as a graph with additional structural information like containment, inheritance, and opposite edges. Besides, a meta-model may con- tain multiplicities and further constraints. When formalizing meta-modeling by this means, graphs occur at two levels: the type level (meta-models) and the instance level (models). This is reflected by the concept of typed graphs, where a fixed graph T G serves as an abstract representation of the type structure of a meta-model. Correct typing of instances is formalized by structure-preserving mappings of instance graphs to type graphs.
In the following, we present EMF models, EMF constraints, and model transfor- mations (Henshin), and introduce their formalization. This formalization has been established in Biermann et al. [14]. Then, we introduce a short introduction to the Object Constraint Language (OCL).
After that, we present the notions from the theory of algebraic graph transformation needed to understand the second part of our work additionally: We recall nested
graph constraints and conditions as a means to express properties of graphs and of
morphisms in between, we roughly sketch the translation of OCL to nested graph constraints. The formal translation of OCL constraints to graph constraints that we are using is presented in Radke et al. [114]. Since many OCL translation rules are defined w.r.t the OCL expressions, we present here the generic ones. Then, we recall the calculus of an application condition of a rule as presented in Habel and
Pennemann [55]. For more comprehensive details, please consider the works presented in [55, 114] since they mainly form the theoretical background of the second part.
2.1
EMF Models, Constraints and Hierarchy
The Eclipse Modeling Framework (EMF) has evolved into a de-facto standard tech- nology for defining models and modeling languages [135]. It facilities the modeling process by providing tool supports for editing, viewing, and code generation as well as for building tool supports (e.g., Eclipse plug-ins).
The Eclipse Modeling Framework provides an Ecore meta-metamodel to specify do- mains (meta-models). The structure of the Ecore meta-metamodel is similar to the structure of the UML class diagram. It supports the classification of objects and their attributes, the relationships between the objects and constraints on those ob- jects. In the following, we describe the main subset of the Ecore meta-metamodel for representing meta-models as shown in Figure 2.1:
EPackage name:String nsURI:String EClassifier name:String EClass abstract:boolean EDataType EStructuralFeature name:String lowerBound:int upperBound:int EReference containment:boolean EAttribute 0..* eStructuralFeatures 0..* eClassifiers 0..* eSuperTypes 1..1 eReferenceType 0..1 eOpposite eOpposite 0..1 1..1 eAtttributeType
Figure 2.1: Excerpt of the Ecore meta-metamodel
• EClass: This type models classes which are represented as nodes of a graph. A class has a name and can contain attributes and references. A class can be
abstract or interface, i.e., an instance of it cannot be created. A class can refer
inheritance relation is depicted as an arrow with an empty triangle from a class called a subclass to another class called a superclass.
• EReference: It models an association between two classes (nodes). An associ- ation has a name and a type. Multiplicities are specified as lower and upper bounds at the end of the reference. EReference can specify three kinds of asso- ciations:
– non-containment: It is a direct association between two classes (nodes), depicted as a regular arrow, which allows navigating from the source node to the target node.
– containment: It is a stronger type of association representing an ownership relation between classes (nodes) and depicted as a regular arrow with a black diamond as a tail. It represents a part-of relationship between a container class representing the whole and a contained class representing the part. If an instance of a container class is deleted, all its contents have to be eliminated as well.
– opposite: It is a bidirectional association specified by pairing an association with its opposite and depicted as an edge without arrowheads. Instanti- ating an opposite association means an instance of each paired association must exist together.
• EAttribute: It models attributes for classes. An attribute has a name and a type. Note, once a node is created in an EMF instance model, the node attributes with their default values are created as well.
• EDataType: It models simple types that are primitive or object types defined in Java, and they are most commonly used as attribute types.
A comprehensive description of the Ecore can be found at [34]. An EMF model unifies three important technologies: Java, XML, and UML, i.e., an EMF model can be created from a UML model, an XML scheme, or annotated Java interfaces. EMF can read and write EMF models in a format that conforms to the standard XML Metadata Interchange (XMI) serialization of the Essential Meta Object Facility (EMOF).
2.1.1
EMF Constraints
The Eclipse Modeling Framework provides several constraints to constitute, manipu- late, and persist valid (consistent) state for objects modeled in EMF. The constraints needed in practice [14] are listed as follows:
• At-most-one-container: Each model node must not have more than one container. • No-containment-cycles: Cycles of containment edges must not occur.
• No-parallel-edges: There are no two edges of the same type from the same source to the same target node.
• All-opposite-edges: If edge types t1 and t2 are opposite to each other: For each edge of type t1, there has to be an edge of type t2 linking the same nodes in the opposite direction.
• No-lower-bound-violation: For each edge type e, the number of target model nodes being connected to a source node via edges of type e is equal or higher than its lower bound.
• No-upper-bound-violation: For each edge type e, the number of target model nodes being connected to a source node via edges of type e is equal or smaller than its upper bound.
• Rootedness: There is a node, called the root node, such that all other model nodes are directly or transitively contained in it.
• Dangling condition: All adjacent edges of a node to be deleted have to be deleted as well.
2.1.2
EMF Modeling Hierarchy
(i.e., Ecore meta-model)(e.g., Webpage domain)
(e.g. a home page of a bank) Ecore Meta-metamodel Domain Meta-models Domain Instance Models ins tanc eO f instanceOf ins tanc eO f instanceOf instanceOf instanceOf instanceOf
Figure 2.2: EMF modeling hierarchy: An example
The modeling hierarchy in EMF is categorized into meta-layers representing models for describing a system w.r.t different abstraction levels. Figure 2.2 illustrates and describes the layers using an example as follows:
• Meta-metamodel: It is the highest level of abstraction represented by Ecore. The Ecore meta-metamodel is also called the Ecore meta-model because it can describe itself.
• Meta-model: It describes a particular domain, e.g., a webpage meta-model describing a general structure of web pages. Ecore describes the webpage meta-model, i.e., the webpage meta-model is an instance of the Ecore meta- metamodel.
• Instance model: It represents a concrete instance, e.g., an instance model de- scribing the home web page of a bank or a university, or the address web page of a hospital.
Similar examples are already mentioned in several works of literature, e.g., in [16]. Briefly, the main idea is that one can define meta-models addressing different domains such as a web page domain by instantiating the Ecore meta-metamodel. Likewise, by instantiating the domain meta-model, one can specify instance models describing concrete aspects of the domain, e.g., specifying web pages for a bank or a university.