Meta-Model Mechanism

The UML is based on the four-level meta-modeling architecture. Each successive level is labeled from M3 to M0 and are usually named meta-metamodel, metamodel, class diagram, and object diagram respectively. A diagram at the Mi level is an instance of a diagram at the Mi+1 level. Therefore, an object diagram (an M0-level diagram) is an instance of some class diagram (an M1-level diagram), and this class diagram is an instance of a metamodel (an M2-level diagram). The M3-level diagram is used to define the structure of a metamodel, and the Meta Object Facility (MOF) belongs to this level. The UML metamodel belongs to the M2-level.

four-level metamodel architecture

We define model instantiation checking to be the process in which an Mi-level diagram is checked to see if it is a correct instance of the corresponding Mi+1-level diagram that we claim it is an instance of. We have developed a tool that can check a user-defined model against a UML metamodel and also an object diagram against a user-defined class diagram. We label the Mi-level diagram as the instance diagram and the Mi+1-level diagram as the specification diagram.

We have developed a tool that translates a UML model (consisting of the specification diagram, OCL constraints, and the instance diagram) into an executable specification in order to perform model instantiation checking. The tool checks a user-defined model against a UML metamodel by converting the user-defined model into an object diagram based on the metamodel and checking to see if it is a valid object diagram with respect to the metamodel. The tool also checks an object diagram against a user-defined model. Model instantiation checking is done by checking graphical and OCL constraints provided in the specification class diagram to ensure that the instance diagram is valid.

The tool converts UML models into Abstract State Machines (ASMs), which was first presented by Dr Yuri Gurevich more than ten years ago. An Abstract State Machine is a state machine that computes a set of updates of its own variables by firing all possible updates based on the current state. The computation of a set of updates occurs at the same time and results in the generation of a new state. ASMs can be formally defined and can be used to define precise models of software.

We use the high-level language AsmL, which is an executable specification language based on the concept of abstract state machines that is developed by the Foundations of Software Engineering (FSE) group at Microsoft Research. It is a high-level specification language running on Microsoft's .NET framework and has language constructs such as sets and sequences and high-level operations that let the programmer specify what the program should do but not how it should be done. AsmL is also object-oriented so it is easy to translate UML classes and their features into AsmL.

Tool Architecture

tool architecture

The tool consists of four major modules:

  1. a UML specification diagram parser
  2. a UML instance diagram parser
  3. an OCL parser
  4. a library of OCL operations written in AsmL

The specification diagram parser module takes as input a UML specification diagram from a UML model that is given in an Extensible Markup Language (XML) file that is written in the XML Metadata Interchange (XMI) format. XMI is a widely used interchange format for sharing objects using XML and is developed by the OMG. The XML file containing the UML model should be valid based on a Data Type Definition (DTD) for UML 1.3, which was released by the OMG. The OCL parser extracts OCL constraints in the specification diagram and translates them into AsmL code that call OCL operations in the library of OCL operations written in AsmL. The UML instance diagram parser module reads a UML instance diagram from the same file containing the UML model.

Once read in, each parser module will extract portions of the model that it is responsible for and converts that part into an AsmL specification. The combined AsmL specification from each of the three modules will then be passed to the external AsmL compiler together with the fourth module, which is a library for OCL operations that is written in AsmL. These items are compiled and the resulting executable file can be run to perform constraint checking on the UML model. The compiled AsmL program will display model checking results to the user. The model checking tool also performs a few other consistency checks after reading in the UML model but prior to generating the AsmL specification.

UML Model Notation