Protocol Engineering

Lecture 15 SDL
Bayu Erfianto
Laboratory of Computer System and Network Faculty of Informatics TELKOM Institute of Technology 2009

Contents of this lecture

What's SDL? How to write sequential processes in SDL. How to specify entire systems in SDL. How to get all this running. SDL 2000

Domain of use SDL and MSC

Specification to Implementation - broad spectrum
Products - procurement, design, interface description Standards - behaviour, conformance models

Real Time Systems - discrete, reactive

Not specifically telecommunications Protocols and Services

Formal high quality descriptions produced

Better - Quicker - Cheaper

History of SDL
1968 ITU study of stored program control systems 1972 Specification, programming and HMI studies started 1976 Orange Book SDL Basic graphical language 1980 Yellow Book SDL Process semantics defined 1984 Red Book SDL Structure, data added. Definition more rigorous. Start of tools. User guide. 1988 Blue Book SDL (SDL-88) Effective tools. Syntax well defined formal definition. Language much as 1984.

SDL in Q.703 in 1980

4

History of SDL and MSC

1992 White Book SDL-92, MSC Object SDL. Types for blocks, processes, services with inheritance and parameterisation. Methodology guidelines. 1995 SDL with ASN.1 (Z.105) 1996 Addendum 1 SDL-92, MSC-96 SDL-92 Language stable. Some relaxation of rules. SDL+ Methodology. Tools offer SDL-92 features. 1999 SDL-2000, MSC-2000 Object modelling support. Improved implementation support. Data models revised.
MSC example sender recvr ask reply

By 1999 SDL was being used in a wide variety of applications outside the telecommunicati ons industry from medical equipment to the European Space Agency.

Use of SDL and MSC

Specification
Ideas
mo Int erp de lle ret db ed used to y as create

Customer

Design
Engineers

modelled by Design Interpreted as used to produce Software

de a m as

SDL-2000 MSC-2000

transformed by

Tools

Implementation Engineers

executes as

C++ etc.

Product
6

Using the SDL and MSC standards

ITU-T Recommendation publications for SDL-2000: Z.100 (SDL) (11/99) Specification and description language

including III. issue in 2000; Z.105 Z.107 Z.109 Z.120 (11/99) (11/99) (11/99) (11/99) Annexes A and D, and Appendices I, I and Supplement 1 (04/96) SDL+ methodology. Annex F (formal definition) - scheduled for SDL combined with ASN.1 modules; SDL with embedded ASN.1; SDL combined with UML. Message Sequence Chart (MSC).
7

ITU-T Recommendation publication for MSC-2000:

What is SDL?
The Specification and Description Language. An ITU standard since about 1988, extended 92, 96, 2000. Tailored to telecommunications applications. Has found acceptance in the industrial sector,

revisions are mainly industry (tool-vendor) driven. Has lost a little its clean formal basis. Part of the semantics is tool dependent these days. Comes as a textual/graphical specification formalism. Tool-vendors are embracing (each other and) the UML world.

SDL Symbol
a start symbol (not a state) a transition a state an enabling condition or a continuous signal? a comment a successor state a text extension

two transition alternatives

an input stimulus

process

a?

a STOP

an output a task

a text (for declarations)

9

The simplest SDL process.

process A

does nothing at all.

A still simple one.

says

hello,

not more

process B
in textual SDL:

hello

PROCESS B; START; OUTPUT hello; STOP; ENDPROCESS

10

A Regenerating Process
process C AGAIN

hello

hello

AGAIN

AGAIN

SDL and FSA/FSM

process D S1 a c S2 NONE d S1 a c S1 S2 /d S1 a/c S2 b/
11

S2 b

FSM/FSA?

a/c

Three ways to send 'a'.

process A1 process A2 process A3 S1 NONE S1 NONE true a S1 a S1 a S1 S1 true

And some notation.

start symbol (not a state), cannot wait for input state, waits for inputs, or 'waits' for NONE, or is enabled by a continuous signal.
12

A data dependent process.

process D DCL i Integer;
does

this
otherwise

if

i equals 0,

i=0 this

i!=0 that

that.

A nondeterministic one.
process D

true this

true that

may do this, may do who knows.

that,

13

Putting things together.

process F DCL x:=8 Integer; HUH something remark HUH true this x>5 /this that
STOP

reads something first, which stimulates a remark, until either saying this, or if x>5 saying that.
something/remark

HUH

/that

14

What may be in a transition body

X
one input

d) xt e te us ex ist (m a
at most

s io en

n
SDLs rough design rationale: allow as much as possible to happen inside a single transition body, but avoid by all means to get stuck

an enabling condition/ a continuous signal one output or more! a few tasks

referring to the process data in the state X i.e. before the input

om

t en

modifying the process data, should better terminate ...

The execution policy of a transition: check the enabling condition (!). If true: check whether you can do the input. if so, do so, and do all the rest. if not, stay where you are.

X
15

Lets assume that we now know enough to represent single sequential processes as SDL processes.
To get a proper, compile-able specification requires wrapping in some structure.

One or more SDL processes must be grouped in an SDL block. An SDL block is either a collection of blocks or of processes. An SDL system is a collection of blocks.
sys tem bloc k bloc k pro ces ses s

View it as a tree structure: the root is the system, the leaves are processes, everything in the middle is a block.
16

How do processes and blocks cooperate?

Recall for FSM/CFSM that multiple processes may synchronize on an action. In SDL, processes send output signals and consume input signals In SDL, signal transmission is not immediate, transmission proceeds via signal routes (on block level), and via channels (on system level), and is buffered at the receiving process side.
17

A simple, compile-able SDL process.

system HELLOSYS helloblock block helloblock B hello process B

SIGNAL hello;

helloRoute

helloChan

[hello]

a ch

e l nn

e a o th ed ct d t helloChan nn e ent cte e m co em on n iron c n) yst v rs en Cha o e llo lock o th l he t b this should be it. ne cing ha n a c mbr , at e em yst s the (to

l na g si

te u ro

[hello]

18

A more involved example.

system ...
SIGNAL W,Y,Z;

block K P

process B

C [Y]

D [W,Z]
SIGNAL X;

B X

[X]
J

process Q

*
W

W WAIT Y

[Y] C
block P Q

process J

Z Z

D [W,Z]

[Y] C

19

The FSM seen from the environment.

system ...
SIGNAL W,Y,Z;

block K

process B

C [Y]

D [W,Z]
SIGNAL X;

B X

Z/ /W Z/ /W
process J

[X]
J

W/

W/

process Q * W WAIT

[Y] C
block P Q X Y

/Z

W/ Z/ Z/ /Z W/ /Z Z/ W/ Z/ W/

Z/

Y Z Z

D [W,Z]

[Y] C

(I did this on paper, so I challenge you to find mistakes)

20

On signal routes and channels: communication and interaction in SDL

(Process level: no communication, just an LTS) Block level: signal routes are non-delaying 'implemented' by synchronisation B B but the inputs are still buffered at the receiver side. System level: channels can be K P non-delaying 'implemented' by synchronisation but eventually the inputs are buffered at the receiver side! K P delaying 'implemented' by synchronization with another unbounded FIFO buffer in the middle (makes the duration of delay unpredictable). additionally, the inputs are buffered at the receiver side.
Keep in mind that channels and signal routes may be unidirectional or bidirectional.
21

Implement a delayed channel using two coupled nondelayed channel.

system X
SIGNAL X,Y;

process COUPLE T P Y VIA SL Y Y VIA SR Y X VIA SL XX X VIA SR X Y VIA SR Y Y VIA SL Y

C [Y] [X,Y]

block Couple

[Y] Cleft

[X,Y] SL

COUPLE

[Y] [X,Y] SR Cright

VIA:to identify
system Xprime
SIGNAL X,Y;

Cleft [Y] [X,Y]

Couple

Cright [Y] [X,Y]

the signal route FROM or TO to identify source/target process

22

Drawings compared with text

system convert; system convert;

system s c_in

convert B signal s,t;

1(1)

signal s,t; signal s,t;

The system and block define Structure.

t c_out

channel c_out nodelay from B to env with channel c_out nodelay from B to env with t; t;

endchannel c_in; channel c_in nodelay from env to B with s;

block B referenced; channel c_in nodelay from env to B with s; endchannelc_out;

endchannel c_in;

endchannelc_out;

block B referenced;

block s c_in rin process

B P

1(1)

endsystem convert; block B;

endsystem convert;

t rout
1(1)
The process defines Behaviour.

c_out

block B; channel rin nodelay from env to P with s; channel rin nodelay from env to P with s; endchannel rin;
channel routendchannel rin;to env with t; nodelay from P endchannel rout; channel rout nodelay from P to env with t; process P referenced; endchannel rout; connect P referenced; process c_out and rout; connect c_in and rin; endblock B; process P; start;

idle s

connect c_out and rout; connect c_in and rin; endblock B;

idle

t idle
SDL/GR G

SDL/PR

textual

hrase nextstate idle; Representation

state idle;
23

raphical

Representation

only used for interchange input s;

output t;

SDL 2000 Drawing elements

Page Heading consists of page identifier followed by number of pages in parentheses Drawing kind and identity

system sysname

1(3) Frame

[ c1

(s1) ]
y c2

(s2) ]
Text symbol

/**/

for textual definitions

24

Key SDL-2000 feature: Structure page diagram heading 3(3) number system example
system example
system c1 c3
(s3)
Systems and blocks can contain blocks and/or processes.

block b1 block b1
b1
(s1)

3(3) 2(3)
1(2) b11 b11 r2
(s12)

2(3)
1(2) b1 c1 r1 c2
(s2)

example
(s1)

block

ps1
(s2)

r3

c2

p2
Processes contain behaviour and cannot contain blocks.

process p2
process p2 initial pr initial pr s1 a

2(21)
1(21) procedure pr 1(1) pr1 p2 pr1
25

s2

Key SDL-2000 feature: Behaviour

Extended finite state machine:EFSM
process signal_unit_error_rate_monitor
dcl c, /*SUERM count*/ n Natural;/* Correct SU count*/ Start (symbol) followed by initialisation going to
00_idle

1(1)

dcl t Natural :=suerm_threshold;

Start_ _suerm 01_in_ _service

State (symbol) where the machine waits until an

Stop_ _suerm

SU_in_ _error

Correct_ _SU

c:=c+1;

c=0 false

true

c=t

n:=n+1; false n=256 true

Input stimulus (a Signal) Signal of the state as defined by the attached Input Symbols is available in the input queue. Symbol

true Link_ _failure

false

00_idle

c:=c -1; n:=0;

26

Key SDL-2000 feature: Behaviour

process signal_unit_error_rate_monitor
dcl c, /*SUERM count*/ n Natural;/* Correct SU count*/
00_idle

1(1)

dcl t Natural :=suerm_threshold;

the Transition, to the next State Transition consumes the first such signal and interprets its actions such as each

Start_ _suerm 01_in_ _service Stop_ _suerm SU_in_ _error Correct_ _SU

Task (symbol) or
c:=c+1; c=0 false c=t true Link_ _failure false n=256 true 00_idle c:=c -1; n:=0;
27

true

Decision (symbol) or Output (symbol) sending a signal

n:=n+1;

leading to the NextState or a Stop (symbol) terminating the process

false

Key SDL-2000 feature: Data

Used in Variables (owned by processes) Parameters (for example in signals) Built-in with defined operations Boolean, Character, Charstring, Integer, Natural, Real, Duration, Time, Bit, Bitstring, Octet, Octetstring, Pid (agent references) Build-in parameterised with operations Strings (lists) of any type (not just characters) indexed by Naturals Arrays of any type indexed by any type Structures (records) with optional (and default) fields Choice Structure with all fields optional Powerset, Bag (maths. set and bag) User defined sorts of data with operations Object type - elements are references Value type - elements are values Syntype - check on range of values

object type Linkedlist <type Elementsort> struct prev, next this Linkedlist; data Elementsort; operators "in" (Elementsort, Linkedlist) ->Boolean; methods delete (Elementsort); operator "in" referenced; method delete referenced; endobject type Linkedlist; object type Natlist
28

Key SDL-2000 feature: Interfaces

Names set of stimuli (input signals, remote procedures and variables) and exceptions of an agent. An implicit interface with the agents name has all the agents signals etc. One interface can inherit from one or more other interfaces.

Interface

block b
interface i1; signal name(Natural,Charstring); procedure add (in Octet) Boolean; dcl vmap Powerset<Octet>; c12 s6 endinterface i1; i1,(sL)

Communication path between agents, or between an agent and the enclosing scope environment. One or two directional, using an interface for each direction. Explicit or derived implicitly.

Channel

b1

b2

signal s3(Octet),s6(Octet); signallist sL = name,s3;

state machine block b2 of agent b2

s6 (sL)

b2

s4,s6

s3,s5

b22:bt22 /*have i1*/

i1

bt22

signal s4, s5; dcl b2num Natural;

29

Key SDL-2000 feature: Interfaces

block b
interface i1; signal name(Natural,Charstring);

Names a list of stimuli, but does not include definitions.

Signallist

procedure add (in Octet) Boolean; dcl vmap Powerset<Octet>; c12 s6 endinterface i1; i1,(sL)

b1

b2

signal s3(Octet),s6(Octet);

Connection point to/from an agent (type) for interfaces and channels

s6 (sL) b2

Gate

signallist sL = name,s3;
state machine block b2 of agent b2

s4,s6

s3,s5

b22:bt22 /*have i1*/

i1

bt22

signal s4, s5; dcl b2num Natural;

30

Key SDL-2000 feature: Types

types
define the properties of a generic package agent (system, block, process), service, (composite) state, object or value type, or procedure or signal or interface (note: these last 3 are types). Types can be reused.

term_to_nw abstract handler

1 (2)

the definition of the type showing some of its attribute and behaviour properties.

Class symbols can be used to refer to

user

>1

link

network

block type user

1 (3)

inherits handler adding

Associations can exist between types.

user_agent: Agent<maxuser> redefined pdu2lower

31

Key SDL-2000 feature: Types

inherits specializes a type to a sub- package term_to_nw
type: - by actuals for parameters of the type;
- or, adding properties in the sub-type; - or, redefining a virtual type or transition, and can be shown by a relation symbol.

1 (2)

abstract handler

user or redefined types or transitions in a type can be redefined in sub-types. for redefinition.

>1

virtual

link

network

block type user

1 (3)

atleast can constrain parameters used inherits handler adding

user_agent: Agent<maxuser> redefined pdu2lower

must be specialized before use.

abstract and parameterized types

agents etc. can be based on types.

32

Other features of SDL-2000

process type Agent
open Clear opened opened release failure idle busy retry No Yes

2 (2)

SDL-2000 has support for object modelling and implementation with: Interfaces, classes, associations Agents
same as UML notations mixed blocks/processes block creation data at block level sub-states within a state

open via retry

state open retry init

req(ch) waitch waitch ok cong announ cong

1 (4)
*

busy

Composite states

tidy
busy

package term_to_nw user User_ agent

2 (2)

33

Other features of SDL-2000

process type Agent
open

2 (2)

Object/value data model

methods/operators algorithmically defined inherited objects - like references
opened opened

Clear failure release idle

busy retry No Yes

open via retry

Interfaces as pid sorts of agents Textual algorithms

loops, code in diagrams

state open retry init

req(ch) waitch waitch ok cong announ cong

1 (4)
*

busy

tidy
busy

Exceptions
catch unusual cases remote procedure timeouts

package term_to_nw user User_ agent

2 (2)

Nested packages

34

gratitude
I would like to thank to my former FMT teacher Prof. Holger Hermans and my colleague Reza Pulungan from Dependable System Group, Dept. of CS, Uniersitaat Saarbrucken, for providing Formal Methods materials I would like to thank to SDL 2000 and SDL forum

35

ITU

Main sectors
Radiocommunications Telecommunications Standardization Development

Classes of Members
National governments Sector members Associate members Regulatory agencies

36