Une Approche Incrémentale pour Adapter des Blocs SysML

International audienceLe développement des systèmes complexes et hétérogènes revêt un intérêt grandissant dans le milieu industriel. Pour améliorer la qualité de développement de tels systèmes, il faut s'appuyer sur une véritable approche qui non seulement combine des langages de spécification de haut niveau et des langages formels permettant la vérification, mais aussi, elle doit permettre une décomposition du système en un ensemble de composants. Ceci implique la définition de méthodes pour assembler et adapter ces composants. Des travaux existants dans font référence au problème d'adaptation de composants. D'une part, nous nous appuyons sur le langage SysML pour modéliser l'architecture et le comportement des composants, et d'autre part, nous faisons appel au formalisme des automates d'interface pour modéliser les interactions entre les blocs réutilisés et générer les protocoles d'interaction des blocs adaptateurs

Automated conflict resolution between multiple clinical pathways:A technology report

Background The number of people in the UK with three or more long-term conditions continues to grow and the management of patients with co-morbidities is complex. In treating patients with multimorbidities, a fundamental problem is understanding and detecting points of conflict between different guidelines which to date has relied on individual clinicians collating disparate information. Objective We will develop a framework for modelling a diverse set of care pathways, and investigate how conflicts can be detected and resolved automatically. We will use this knowledge to develop a software tool for use by clinicians that can map guidelines, highlight root causes of conflict between these guidelines and suggest ways they might be resolved. Method Our work consists of three phases. First, we will accurately model clinical pathways for six of the most common chronic diseases; second, we will automatically identify and detect sources of conflict across the pathways and how they might be resolved. Third, we will present a case study to prove the validity of our approach using a team of clinicians to detect and resolve the conflicts in the treatment of a fictional patient with multiple common morbidities and compare their findings and recommendations with those derived automatically using our novel software. Discussion This paper describes the development of an important software-based method for identifying a conflict between clinical guidelines. Our findings will support clinicians treating patients with multimorbidity in both primary and secondary care settings

SysML Model-Driven Approach to Verify Blocks Compatibility

International audienceIn the component paradigm, the system is seen as an assembly of heterogeneous components, where the system reliability depends on these components compatibility. In our approach, we focus on verifying compatibility of components modelled with SysML diagrams. Thus, we model component interactions with sequence diagrams (SDs) and components with SysML blocks. The SDs constitute a good start point for compatibility verification. However, this verification is still inapplicable directly on SDs, because they are expressed in informal language. Thus, to apply a verification method, it is necessary to translate the SDs into formal models, and then verify the wanted properties. In this paper, we propose a high-level model-driven approach which consists of an ATL grammar that automates the transformation of SDs into interface automata. Also, to allow an easy use of Ptolemy tool to verify properties on automata, we have proposed some Acceleo templates, which generate the Ptolemy entry specification

Verifying safety and persistence in hybrid systems using flowpipes and continuous invariants

We describe a method for verifying the temporal property of persistence in non-linear hybrid systems. Given some system and an initial set of states, the method establishes that system trajectories always eventually evolve into some specified target subset of the states of one of the discrete modes of the system, and always remain within this target region. The method also computes a time-bound within which the target region is always reached. The approach combines flowpipe computation with deductive reasoning about invariants and is more general than each technique alone. We illustrate the method with a case study showing that potentially destructive stick-slip oscillations of an oil-well drill eventually die away for a certain choice of drill control parameters. The case study demonstrates how just using flowpipes or just reasoning about invariants alone can be insufficient and shows the richness of systems that one can handle with the proposed method, since the systems features modes with non-polynomial ODEs. We also propose an alternative method for proving persistence that relies solely on flowpipe computation

Co-Design and Verification of an Available File System

International audienceDistributed file systems play a vital role in large-scale enterprise services. However, the designer of a distributed file system faces a vexing choice between strong consistency and asynchronous replica-tion. The former supports a standard sequential model by synchronising operations, but is slow and fragile. The latter is highly available and responsive, but exposes users to concurrency anomalies. In this paper, we describe a rigorous and general approach to navigating this trade-off by leveraging static verification tools that allow to verify different file system designs. We show that common file system operations can run concurrently without synchronisation, while still retaining a semantics reasonably similar to Posix hierarchical structure. The one exception is the move operation, for which we prove that, unless synchronised, it will have an anomalous behaviour

Minimal Schedule with Minimal Number of Agents in Attack-Defence Trees

Expressing attack-defence trees in a multi-agent setting allows for studying a new aspect of security scenarios, namely how the number of agents and their task assignment impact the performance, e.g. attack time, of strategies executed by opposing coalitions. Optimal scheduling of agents' actions, a non-trivial problem, is thus vital. We discuss associated caveats and propose an algorithm that synthesises such an assignment, targeting minimal attack time and using minimal number of agents for a given attack-defence tree