85,552 research outputs found
IUPC: Identification and Unification of Process Constraints
Business Process Compliance (BPC) has gained significant momentum in research
and practice during the last years. Although many approaches address BPC, they
mostly assume the existence of some kind of unified base of process constraints
and focus on their verification over the business processes. However, it
remains unclear how such an inte- grated process constraint base can be built
up, even though this con- stitutes the essential prerequisite for all further
compliance checks. In addition, the heterogeneity of process constraints has
been neglected so far. Without identification and separation of process
constraints from domain rules as well as unification of process constraints,
the success- ful IT support of BPC will not be possible. In this technical
report we introduce a unified representation framework that enables the
identifica- tion of process constraints from domain rules and their later
unification within a process constraint base. Separating process constraints
from domain rules can lead to significant reduction of compliance checking
effort. Unification enables consistency checks and optimizations as well as
maintenance and evolution of the constraint base on the other side.Comment: 13 pages, 4 figures, technical repor
A Survey of Symbolic Execution Techniques
Many security and software testing applications require checking whether
certain properties of a program hold for any possible usage scenario. For
instance, a tool for identifying software vulnerabilities may need to rule out
the existence of any backdoor to bypass a program's authentication. One
approach would be to test the program using different, possibly random inputs.
As the backdoor may only be hit for very specific program workloads, automated
exploration of the space of possible inputs is of the essence. Symbolic
execution provides an elegant solution to the problem, by systematically
exploring many possible execution paths at the same time without necessarily
requiring concrete inputs. Rather than taking on fully specified input values,
the technique abstractly represents them as symbols, resorting to constraint
solvers to construct actual instances that would cause property violations.
Symbolic execution has been incubated in dozens of tools developed over the
last four decades, leading to major practical breakthroughs in a number of
prominent software reliability applications. The goal of this survey is to
provide an overview of the main ideas, challenges, and solutions developed in
the area, distilling them for a broad audience.
The present survey has been accepted for publication at ACM Computing
Surveys. If you are considering citing this survey, we would appreciate if you
could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing
this survey, we would appreciate if you could use the following BibTeX entry:
http://goo.gl/Hf5Fv
Timing verification of dynamically reconfigurable logic for Xilinx Virtex FPGA series
This paper reports on a method for extending existing VHDL design and verification software available for the Xilinx Virtex series of FPGAs. It allows the designer to apply standard hardware design and verification tools to the design of dynamically reconfigurable logic (DRL). The technique involves the conversion of a dynamic design into multiple static designs, suitable for input to standard synthesis and APR tools. For timing and functional verification after APR, the sections of the design can then be recombined into a single dynamic system. The technique has been automated by extending an existing DRL design tool named DCSTech, which is part of the Dynamic Circuit Switching (DCS) CAD framework. The principles behind the tools are generic and should be readily extensible to other architectures and CAD toolsets. Implementation of the dynamic system involves the production of partial configuration bitstreams to load sections of circuitry. The process of creating such bitstreams, the final stage of our design flow, is summarized
Collaborative Verification-Driven Engineering of Hybrid Systems
Hybrid systems with both discrete and continuous dynamics are an important
model for real-world cyber-physical systems. The key challenge is to ensure
their correct functioning w.r.t. safety requirements. Promising techniques to
ensure safety seem to be model-driven engineering to develop hybrid systems in
a well-defined and traceable manner, and formal verification to prove their
correctness. Their combination forms the vision of verification-driven
engineering. Often, hybrid systems are rather complex in that they require
expertise from many domains (e.g., robotics, control systems, computer science,
software engineering, and mechanical engineering). Moreover, despite the
remarkable progress in automating formal verification of hybrid systems, the
construction of proofs of complex systems often requires nontrivial human
guidance, since hybrid systems verification tools solve undecidable problems.
It is, thus, not uncommon for development and verification teams to consist of
many players with diverse expertise. This paper introduces a
verification-driven engineering toolset that extends our previous work on
hybrid and arithmetic verification with tools for (i) graphical (UML) and
textual modeling of hybrid systems, (ii) exchanging and comparing models and
proofs, and (iii) managing verification tasks. This toolset makes it easier to
tackle large-scale verification tasks
Specification and Verification of Context-dependent Services
Current approaches for the discovery, specification, and provision of
services ignore the relationship between the service contract and the
conditions in which the service can guarantee its contract. Moreover, they do
not use formal methods for specifying services, contracts, and compositions.
Without a formal basis it is not possible to justify through formal
verification the correctness conditions for service compositions and the
satisfaction of contractual obligations in service provisions. We remedy this
situation in this paper. We present a formal definition of services with
context-dependent contracts. We define a composition theory of services with
context-dependent contracts taking into consideration functional,
nonfunctional, legal and contextual information. Finally, we present a formal
verification approach that transforms the formal specification of service
composition into extended timed automata that can be verified using the model
checking tool UPPAAL.Comment: In Proceedings WWV 2011, arXiv:1108.208
Context modeling and constraints binding in web service business processes
Context awareness is a principle used in pervasive services
applications to enhance their exibility and adaptability to
changing conditions and dynamic environments. Ontologies
provide a suitable framework for context modeling and reasoning. We develop a context model for executable business processes { captured as an ontology for the web services domain. A web service description is attached to a service context profile, which is bound to the context ontology. Context instances can be generated dynamically at services runtime and are bound to context constraint services. Constraint services facilitate both setting up constraint properties and constraint checkers, which determine the dynamic validity of context instances. Data collectors focus on capturing context instances. Runtime integration of both constraint services and data collectors permit the business process to achieve dynamic business goals
Domain-Type-Guided Refinement Selection Based on Sliced Path Prefixes
Abstraction is a successful technique in software verification, and
interpolation on infeasible error paths is a successful approach to
automatically detect the right level of abstraction in counterexample-guided
abstraction refinement. Because the interpolants have a significant influence
on the quality of the abstraction, and thus, the effectiveness of the
verification, an algorithm for deriving the best possible interpolants is
desirable. We present an analysis-independent technique that makes it possible
to extract several alternative sequences of interpolants from one given
infeasible error path, if there are several reasons for infeasibility in the
error path. We take as input the given infeasible error path and apply a
slicing technique to obtain a set of error paths that are more abstract than
the original error path but still infeasible, each for a different reason. The
(more abstract) constraints of the new paths can be passed to a standard
interpolation engine, in order to obtain a set of interpolant sequences, one
for each new path. The analysis can then choose from this set of interpolant
sequences and select the most appropriate, instead of being bound to the single
interpolant sequence that the interpolation engine would normally return. For
example, we can select based on domain types of variables in the interpolants,
prefer to avoid loop counters, or compare with templates for potential loop
invariants, and thus control what kind of information occurs in the abstraction
of the program. We implemented the new algorithm in the open-source
verification framework CPAchecker and show that our proof-technique-independent
approach yields a significant improvement of the effectiveness and efficiency
of the verification process.Comment: 10 pages, 5 figures, 1 table, 4 algorithm
- âŠ