Functional Testing Using Object WorkFlow Nets

The main purpose of this paper is to present a new formal definition that can be used for modeling functional test. Initially, WorkFlow nets are used to represent the main functional requirement of the software. Next, Object WorkFlow nets derived from WorkFlow nets and object Petri nets are used to formally specify the test models of object oriented software functionalities to be used. In particular, the proposed models allow for the addition of complex data structure specifications as well as complex control specifications. The dynamic execution of functional testing models, when considering a specific software architecture, is given by the instantiation of a testing class associated with the tested functionality. An example of execution of functional testing corresponding to the "Withdrawal Operation" of a bank ATM machine is presented, as well as a comparative study based on a more traditional UML modeling approach

COntinuuM, a CO-modelling Methodology for the Integration of Real-time Architecture Models

International audienceThe design of Distributed Real-time Embedded (DRE) architecture models for complex and critical systems with safety, liveness, timeliness, dependability concerns, forces the use of formal languages. Because of the high level of criticity, proof techniques are required instead of model-checking with limitations relatively to the state space explosion problems. Proofs of these non-functional properties can only be established on the basis of formal languages with high verification capabilities (theorem provers).Therefore, we have concentrated our efforts on the development of a methodology that would better integrate formal aspects into the design of DRE architectures, which is usually based upon the use of (semi-formal) Architecture Design Languages (ADLs). This methodology has both to support the traceability of non-functional property proofs (from the requirements to the deployment of a DRE system) and the integration of formal and non formal modelling languages.The approach is bottom-up when the method states that each realization artifact, even hidden, has to be detected from the capture requirement stage (each possible realization artifact has to be identified during a prototype coding stage) As a consequence, language translations are not based on the MDA process that supposes some projections. These projections would be responsible for the gap between abstractions used to understand and describe the problem and those used for implementation. To bridge those gaps is the major aim of the methodology, so we called it “Continuum” as it would help to restore the development process continuity. The new aspects of this methodology (and its difficulties) are essentially the introduction of low level concepts (needed for the implementation stages) into the modeling language structures, usually more generic. The methodology application is the development of an algorithmic language translator that enable the generation of a safe code

Semantics of trace relations in requirements models for consistency checking and inferencing

Requirements traceability is the ability to relate requirements back to stakeholders and forward to corresponding design artifacts, code, and test cases. Although considerable research has been devoted to relating requirements in both forward and backward directions, less attention has been paid to relating requirements with other requirements. Relations between requirements influence a number of activities during software development such as consistency checking and change management. In most approaches and tools, there is a lack of precise definition of requirements relations. In this respect, deficient results may be produced. In this paper, we aim at formal definitions of the relation types in order to enable reasoning about requirements relations. We give a requirements metamodel with commonly used relation types. The semantics of the relations is provided with a formalization in first-order logic. We use the formalization for consistency checking of relations and for inferring new relations. A tool has been built to support both reasoning activities. We illustrate our approach in an example which shows that the formal semantics of relation types enables new relations to be inferred and contradicting relations in requirements documents to be determined. The application of requirements reasoning based on formal semantics resolves many of the deficiencies observed in other approaches. Our tool supports better understanding of dependencies between requirements

Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems

We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment aimed at fostering the collaboration between system designers and security experts at all methodological stages of the development of an embedded system. A central issue in the design of an embedded system is the definition of the hardware/software partitioning of the architecture of the system, which should take place as early as possible. SysML-Sec aims to extend the relevance of this analysis through the integration of security requirements and threats. In particular, we propose an agile methodology whose aim is to assess early on the impact of the security requirements and of the security mechanisms designed to satisfy them over the safety of the system. Security concerns are captured in a component-centric manner through existing SysML diagrams with only minimal extensions. After the requirements captured are derived into security and cryptographic mechanisms, security properties can be formally verified over this design. To perform the latter, model transformation techniques are implemented in the SysML-Sec toolchain in order to derive a ProVerif specification from the SysML models. An automotive firmware flashing procedure serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163

A Requirement-centric Approach to Web Service Modeling, Discovery, and Selection

Service-Oriented Computing (SOC) has gained considerable popularity for implementing Service-Based Applications (SBAs) in a flexible\ud and effective manner. The basic idea of SOC is to understand users'\ud requirements for SBAs first, and then discover and select relevant\ud services (i.e., that fit closely functional requirements) and offer\ud a high Quality of Service (QoS). Understanding users’ requirements\ud is already achieved by existing requirement engineering approaches\ud (e.g., TROPOS, KAOS, and MAP) which model SBAs in a requirement-driven\ud manner. However, discovering and selecting relevant and high QoS\ud services are still challenging tasks that require time and effort\ud due to the increasing number of available Web services. In this paper,\ud we propose a requirement-centric approach which allows: (i) modeling\ud users’ requirements for SBAs with the MAP formalism and specifying\ud required services using an Intentional Service Model (ISM); (ii)\ud discovering services by querying the Web service search engine Service-Finder\ud and using keywords extracted from the specifications provided by\ud the ISM; and(iii) selecting automatically relevant and high QoS services\ud by applying Formal Concept Analysis (FCA). We validate our approach\ud by performing experiments on an e-books application. The experimental\ud results show that our approach allows the selection of relevant and\ud high QoS services with a high accuracy (the average precision is\ud 89.41%) and efficiency (the average recall is 95.43%)