19 research outputs found
Structured Communication-Centered Programming for Web Services
This article relates two different paradigms of descriptions of communication behavior, one focusing on global message flows and another on end-point behaviors, using formal calculi based on session types. The global calculus, which originates from a Web service description language (W3C WS-CDL), describes an interaction scenario from a vantage viewpoint; the end-point calculus, an applied typed
π
-calculus, precisely identifies a local behavior of each participant. We explore a theory of end-point projection, by which we can map a global description to its end-point counterparts preserving types and dynamics. Three principles of well-structured description and the type structures play a fundamental role in the theory.
</jats:p
Specification and refinement of software connectors
Tese de doutoramento em Informática (área de conhecimento de Fundamentos da Computação)Modern computer based systems are essentially based on the cooperation of
distributed, heterogeneous component organized into open software architectures
that, moreover, can survive in loosely-coupled environments and be easily adapted
to changing application requirements. Such is the case, for example, of applications
designed to take advantage of the increased computational power provided
by massively parallel systems or of the whole business of Internet-based software
development.
In order to develop such systems in a systematic way, the focus in development
method has switched, along the last decade, from functional to structural issues:
both data and processes are encapsulated into software units which are connected
into large systems resorting, to a number of techniques intended to support reusability
and modifiability.
Actually, the complexity and ubiquity achieved by software in present times
makes it imperative, more than ever, the availability of both technologies and sound
methods to drive its development. Programming ‘in–the–large’, component–based
programming and software architecture become popular expressions which embody
this sort of concerns and correspond to driving forces in current software engineering.
In such a context this thesis aims at introducing formal models for software connectors
as well as the corresponding notions of equivalence and refinement upon
which calculation principles for reasoning and transforming connector-based software
architectures can be developed. This research adopts an exogenous coordination
point of view in order to deal with components’ temporal and spatial decoupling
and, therefore, to provide support for looser levels of inter-component dependency.
The thesis also characterises a notion of behavioural interface for components and services. Interfaces and connectors are put together to form configurations, an
abstraction for representing software architectures.
A prototype implementation of a subset of the proposed models is provided, in
the form of a HASKELL library, as a proof of concept. Furthermore, the thesis reports
on a case study in which exogenous coordination is applied to the specification of
interactive systems.Um número crescente de sistemas computacionais é baseado na cooperação de
componentes interdependentes e heterogêneas, organizadas em arquiteturas abertas
capazes de sobreviverem em ambientes altamente distribuídos e facilmente adaptáveis
a alterações nos requisitos das aplicações que os suportam. Tal é o caso, por
exemplo, de aplicações que exploram o poder computacional de sistemas massivamente
paralelos ou de sistemas desenvolvidos sobre a Internet.
Para desenvolver este tipo de sistemas de forma sistemática, o foco nos métodos
de desenvolvimento alterou-se, ao longo da última década, dos aspectos funcionais
para os aspectos estruturais dos sistemas: ambos, estruturas de dados e processos
são encapsulados em unidades computacionais que são conectadas em grandes sistemas
utilizando-se de diversas técnicas que se pretendem capazes de suportar a
reutilização e a adaptabilidade do software.
Na realidade, a complexidade e ubiqüidade atingidas pelo software nos dias
correntes tornam imperativo, mais do que nunca, a disponibilidade de tecnologias
e sólidos métodos para conduzir este processo de desenvolvimento. Programação
’em-grande-escala’, programação baseada em componentes e arquiteturas de software
são expressões populares que englobam esta preocupação e correspondem aos
esforços direcionados pela engenharia de software.
Em tal contexto, esta tese tem por objetivo introduzir modelos formais para
conectores de software bem como as correspondentes noções de equivalência e refinamento
que suportem cálculos para raciocinar e transformar arquiteturas de software
baseada em conectores. Esta pesquisa adota um ponto de vista de coordenação
exógena para lidar com a separação espacial e temporal das componentes e suportar
níveis elevados de independência entre componentes.
A tese caracteriza, ainda, uma noção de interface comportamental para componentes e serviços. Interfaces e conectores agregam-se para formar configurações,
uma abstração introduzida para representar arquiteturas de software.
A implementação, em protótipo, de parte dos modelos propostos, sob a forma
de uma biblioteca em HASKELL, é fornecida como prova de conceito. Finalmente, a
tese percorre um estudo de caso em que coordenação exôgena é utilizada na especificação
de sistemas interactivos.Fundação para a Ciência e a Tecnologia (FCT), SFRH/BD/11083/200
Formal Methods Specification and Analysis Guidebook for the Verification of Software and Computer Systems
This guidebook, the second of a two-volume series, is intended to facilitate the transfer of formal methods to the avionics and aerospace community. The 1st volume concentrates on administrative and planning issues [NASA-95a], and the second volume focuses on the technical issues involved in applying formal methods to avionics and aerospace software systems. Hereafter, the term "guidebook" refers exclusively to the second volume of the series. The title of this second volume, A Practitioner's Companion, conveys its intent. The guidebook is written primarily for the nonexpert and requires little or no prior experience with formal methods techniques and tools. However, it does attempt to distill some of the more subtle ingredients in the productive application of formal methods. To the extent that it succeeds, those conversant with formal methods will also nd the guidebook useful. The discussion is illustrated through the development of a realistic example, relevant fragments of which appear in each chapter. The guidebook focuses primarily on the use of formal methods for analysis of requirements and high-level design, the stages at which formal methods have been most productively applied. Although much of the discussion applies to low-level design and implementation, the guidebook does not discuss issues involved in the later life cycle application of formal methods
Foundations and techniques for software reconfigurability
Programa de doutoramento em Informática das Universidades do Minho, de Aveiro e do PortoThe qualifier reconfigurable is used for software systems which behave differently
in different modes of operation (often called configurations) and commute between
them along their lifetime. Such systems, which evolve in response to external or internal
stimulus, are everywhere: from e-Health or e-Government integrated services
to sensor networks, from domestic appliances to complex systems distributed and
collaborating over the web, from safety or mission-critical applications to massive
parallel software.
There are two basic approaches to formally capture requirements of this sort of
systems: one emphasizes behaviour and its evolution; the other focus on data and
their transformations. Within the first paradigm, reconfigurable systems are regarded
as (some variant of) state-machines whose states correspond to the different configurations
they may assume. On the other hand, in data-oriented approaches the
system’s functionality is specified in terms of input-output relations modelling operations
on data. A specification presents a theory in a suitable logic, expressed over
a signature which captures its syntactic interface. Its semantics is a class of concrete
algebras or relational structures, acting as models for the specified theory.
The observation that whatever services a reconfigurable system may offer, at each
moment, may depend on the stage of its evolution, suggests that both dimensions
(data and behaviour) are interconnected and should be combined. In particular, each
node in the transition system which describes a reconfiguration space, may be endowed
with a local structure modelling the functionality of the respective configuration.
This is the basic insight of a configurations-as-local-models specification style.
These specifications are modeled by structured state-machines, states denoting complex
structures, rather than sets.
A specification for this sort of system should be able to make assertions both about
the transition dynamics and, locally, about each particular configuration. This leads
to the adoption of hybrid logic, which adds to the modal description of transition
structures the ability to refer to specific states, as the lingua franca for a suitable
specification method.
On the other hand, specific applications may require specific logics to describe
their configurations. For example, requirements expressed equationally lead to a
configurations-as-algebras perspective. But depending on their nature one could also
naturally end up in configurations-as-relational-structutres, or probabilistic spaces
or even in configurations-as-Kripke-structutres, if first-order, fuzzy or modal logic is
locally used.
The aim of this thesis is to develop the foundations for a specification method
based on these principles. To subsume all the possibilities above our approach builds
on very general grounds. Therefore, instead of committing to a particular version
of hybrid logic, we start by choosing a specific logic for expressing requirements at
the configuration (static) level. This is later taken as the base logic on top of which
the characteristic features of hybrid logic, both at the level of syntax (i.e. modalities,
nominals, etc.) and of the semantics (i.e. possible worlds), are developed. This
process is called hybridisation and is one of the main technical contributions of this thesis. To be completely general, it is framed in the context of the theory of institutions
of J. Goguen and R. Burstall, each logic (base and hybridised) being treated
abstractly as an institution.
In this setting the thesis’ contributions are the following:
A method to hybridise arbitrary institutions; this can be understood as a
source of logics to support arbitrary configurations-as-local-models specifications.
A method to lift encodings (technically, comorphisms) from an institution to
a presentation in first-order logic, into encodings from its hybridisation to a
presentation in first-order logic; this result paves the way to the introduction
of suitable automatised proof support for a wide range of hybridised logics.
Suitable characterisations of bisimulation and refinement for models of (generic)
hybridisations, which provide canonical, satisfaction preserving relations to
identify and relate models.
A two-stage specification method for reconfigurable systems based on a global
transition structure to capture the system’s reconfiguration space, and a local
specification of configurations in whatever logic is found expressive enough
for the requirements at hands.
A set of additional technics to assist the process of specifying and verifying
requirements for reconfigurable systems, with partial tool support.O termo reconfigurável é usado para sistemas de software que se comportam
de forma diferente em diferentes modos de operação (frequentemente
chamados de configurações) comutando entre eles, ao longo do seu ciclo de
vida. Estes sistemas, que evoluem em resposta a estímulos externos e internos,
estão por toda a parte, desde sistemas de e-Health ou sistemas integrados
de e-Governement, às redes de sensores, das aplicações domésticas aos complexos
sistemas distribuidos, dos sistemas críticos de missão ao software de
computação paralela.
Existem duas abordagens formais para captar requisitos deste tipo de sistemas:
uma focada no comportamento e evolução; e outra focada nos dados
e respectivas transformações. Segundo o primeiro paradigma, os sistemas reconfiguráveis
são abordados por (alguma variante) de máquinas-de-estados,
correspondendo, cada um dos seus estados, a uma configuração que o sistema
possa assumir. A outra abordagem, orientada aos dados, especifica as funcionalidades
do sistema em função de relações de input-output, que modelam
operações nos dados. Uma especificação apresenta uma teoria numa lógica
adequada, expressa sobre uma assinatura que capta a sua interface sintática.
A sua semântica consiste na classe de álgebras, ou estruturas de primeira ordem,
que modelam a teoria especificada.
A observação de que, a cada momento, os serviços oferecidos por um sistema
reconfigurável possam depender do estado da sua evolução, sugere-nos
que ambas as dimensões (dados e comportamento) estejam interligados e devam
ser combinados. Em particular, cada nó do sistema de transição, que
descreve o espaço de reconfigurabilidade, pode ser dotado de uma estrutura
local onde as funcionalidades do sistema, na respectiva configuração, são
modeladas. Esta é a ideia base da especificação configurações-como-modeloslocais.
Tecnicamente, as especificações são modeladas por máquinas de estados
estruturadas, onde cada estado denota uma estrutura complexa, ao invés
de um conjunto.
Uma especificação para este tipo de sistemas deve ser adequada à expressão
de asserções acerca da dinâmica de transições, assim como, ao nível local de
cada configuração particular. Isto leva-nos à adopção de lógica híbrida, que
adiciona, mecanismos para referir estados específicos à expressividade modal
dos sistemas de transição, como lingua franca para um método adequado de
especificação.
Por outro lado, aplicações podem requerer lógicas específicas para descrever
as suas configurações. Por exemplo, requisitos expressos por equações devem
ser modelados numa perspectiva configurações-como-álgebras. Dependendo
da sua natureza, podemos considerar configurações-como-estruturas
de primeira ordem, ou configurações-como-espaços probabilísticos ou mesmo configurações-como-estruturas de Kripke quando usadas, localmente, lógica
de primeira ordem, lógica fuzzy, ou lógica modal respectivamente.
O objectivo da tese é desenvolver os fundamentos para um método de especificação
baseado nestes princípios. Por forma a acomodar todas estas possibilidades,
a abordagem é desenvolvida sob fundamentos muito genéricos.
Ao invés de comprometer a abordagem com uma lógica híbrida particular,
partimos da escolha da lógica específica para especificar requisitos ao nível
(estáctico) local. Esta lógica é então tomada como lógica de base, sobre a
qual os mecanismos da lógica híbrida, tanto ao nível sintáctico (i.e., modalidades,
nominais, etc.) como ao semântico (i.e., mundos possíveis), são desenvolvidos.
Este processo, que chamamos de hibridização, é uma das principais
contribuições técnicas da tese. A generalidade do método resulta do
seu desenvolvimento no contexto da teoria das instituições de J. Goguen e
R. Burstall. As peincipais contribuições da tese são:
• um método para hibridizar instituições arbitrárias; o que pode ser entendido
como uma fonte de lógicas para suportar especificações configurações-
como-modelos-locais arbitrárias
• um método para transportar codificações de uma instituição nas apresentações
de primeira ordem (tecnicamente comorfismos), em codificações
da sua hibridização em apresentações em primeira ordem; este
resultado abre o caminho para a introdução do suporte de prova automático
para uma ampla classe de lógicas híbridas;
• caracterização de relações de bissimulação e de refinamento para modelos
de hibridizações genéricas. Isto oferece relações canónicas, que
preservam satisfação, para identificar e relacionar modelos;
• um método de especificação para sistemas reconfiguráveis com dois
estágios, baseado numa estrutura de transição global, onde o espaço
de reconfigurações do sistema é modelado; e numa especificação local
das configurações expressa numa lógica escolhida como adequada,
aos requisitos a tratar;
• um conjunto de técnicas adicionais para assistir o processo de especificação
e de verificação de requisitos de sistemas reconfiguráveis com
suporte parcial de ferramentas.Fundação para a Ciência e Tecnologia
(FCT) and Critical Software S.A., under BDE grant under
the contract SFRH/BDE/33650/2009 and by the MONDRIAN Project
(FCT) under the contract PTDC/EIA-CCO/108302/2008
Component-based software engineering: a quantitative approach
Dissertação apresentada para a obtenção do Grau de Doutor em Informática pela Universidade Nova de Lisboa, Faculdade de Ciências e TecnologiaBackground: Often, claims in Component-Based Development (CBD) are only supported by qualitative expert opinion, rather than by quantitative data. This contrasts with the normal practice in other sciences, where a sound experimental validation of claims is standard practice. Experimental Software Engineering (ESE) aims to bridge this gap. Unfortunately, it is common to find experimental validation efforts that are
hard to replicate and compare, to build up the body of knowledge in CBD.
Objectives: In this dissertation our goals are (i) to contribute to evolution of ESE, in
what concerns the replicability and comparability of experimental work, and (ii) to apply our proposals to CBD, thus contributing to its deeper and sounder understanding.
Techniques: We propose a process model for ESE, aligned with current experimental
best practices, and combine this model with a measurement technique called
Ontology-Driven Measurement (ODM). ODM is aimed at improving the state of practice
in metrics definition and collection, by making metrics definitions formal and executable,without sacrificing their usability. ODM uses standard technologies that can be well adapted to current integrated development environments.
Results: Our contributions include the definition and preliminary validation of a process model for ESE and the proposal of ODM for supporting metrics definition and
collection in the context of CBD. We use both the process model and ODM to perform
a series experimental works in CBD, including the cross-validation of a component
metrics set for JavaBeans, a case study on the influence of practitioners expertise in
a sub-process of component development (component code inspections), and an observational study on reusability patterns of pluggable components (Eclipse plug-ins).
These experimental works implied proposing, adapting, or selecting adequate ontologies,
as well as the formal definition of metrics upon each of those ontologies.
Limitations: Although our experimental work covers a variety of component models and, orthogonally, both process and product, the plethora of opportunities for using our quantitative approach to CBD is far from exhausted.
Conclusions: The main contribution of this dissertation is the illustration, through
practical examples, of how we can combine our experimental process model with ODM to support the experimental validation of claims in the context of CBD, in a repeatable and comparable way. In addition, the techniques proposed in this dissertation
are generic and can be applied to other software development paradigms.Departamento de Informática of the Faculdade de Ciências e Tecnologia, Universidade Nova de Lisboa (FCT/UNL); Centro de Informática e Tecnologias da Informação of the FCT/UNL; Fundação para a Ciência e Tecnologia through the STACOS project(POSI/CHS/48875/2002); The Experimental Software Engineering Network (ESERNET);Association Internationale pour les Technologies Objets (AITO); Association forComputing Machinery (ACM
Automatic synthesis of component & connector software architectures with bounded combinatory logic
Combinatory logic synthesis is a new type-based approach towards automatic synthesis of software from components in a repository. In this thesis we show how the type-based approach can naturally be used to exploit taxonomic conceptual structures in software architectures and component repositories to enable automatic composition and configuration of components, and also code generation, by associating taxonomic concepts to architectural building blocks such as, in particular, software connectors. Components of a repository are exposed for synthesis as typed combinators, where intersection types are used to represent concepts that specify intended usage and functionality of a component. An algorithm for solving the type inhabitation problem in combinatory logic - does there exist a composition of combinators with a given type? - is then used to automate the retrieval, composition, and configuration of suitable building blocks with respect to a goal specification.
Since type inhabitation has high computational complexity, heuristic optimizations for the inhabitation algorithm are essential for making the approach practical. We discuss particularly important (theoretical and pragmatic) optimization strategies and evaluate them by experiments. Furthermore, we apply this synthesis approach to define a method for software connector synthesis for realistic software architectures based on a type theoretic model. We conduct experiments with a rapid prototyping tool that employs this method on complex concrete ERP- and e-Commerce-systems and discuss the results
How To Touch a Running System
The increasing importance of distributed and decentralized software architectures entails more and more attention for adaptive software. Obtaining adaptiveness, however, is a difficult task as the software design needs to foresee and cope with a variety of situations. Using reconfiguration of components facilitates this task, as the adaptivity is conducted on an architecture level instead of directly in the code. This results in a separation of concerns; the appropriate reconfiguration can be devised on a coarse level, while the implementation of the components can remain largely unaware of reconfiguration scenarios.
We study reconfiguration in component frameworks based on formal theory. We first discuss programming with components, exemplified with the development of the cmc model checker. This highly efficient model checker is made of C++ components and serves as an example for component-based software development practice in general, and also provides insights into the principles of adaptivity. However, the component model focuses on high performance and is not geared towards using the structuring principle of components for controlled reconfiguration. We thus complement this highly optimized model by a message passing-based component model which takes reconfigurability to be its central principle.
Supporting reconfiguration in a framework is about alleviating the programmer from caring about the peculiarities as much as possible. We utilize the formal description of the component model to provide an algorithm for reconfiguration that retains as much flexibility as possible, while avoiding most problems that arise due to concurrency. This algorithm is embedded in a general four-stage adaptivity model inspired by physical control loops. The reconfiguration is devised to work with stateful components, retaining their data and unprocessed messages. Reconfiguration plans, which are provided with a formal semantics, form the input of the reconfiguration algorithm. We show that the algorithm achieves perceived atomicity of the reconfiguration process for an important class of plans, i.e., the whole process of reconfiguration is perceived as one atomic step, while minimizing the use of blocking of components. We illustrate the applicability of our approach to reconfiguration by providing several examples like fault-tolerance and automated resource control
Dynamische Modelle für Reaktive Systeme mit Daten
Reaktive Systeme sind Systeme, die waehrend Ihrer Laufzeit fortlaufend mit ihrer Umgebung interagieren und auf externe Ereignisse reagieren. Aufgrund ihrer hohen Komplexitaet wurden Spezifikationssprachen zur formalen Beschreibung reaktiver Systeme entwickelt. Diese Formalismen beschreiben sowohl Struktur und Verhalten von Systemen, abstrahieren aber i. allg. von der Beschreibung der Daten und den auf ihnen durchgefuehrten Datentransformationen. In dieser Arbeit werden zwei Spezifikationssprachen zur Beschreibung reaktiver Systeme vorgestellt, die eine funktionale Spezifikation der Daten beinhalten. Der erste Formalismus basiert auf der Theorie der Prozessalgebren, der zweite ist eine Variante von Interaktionsdiagrammen. Beide Formalismen erlauben die Integration beliebiger funktionaler Sprachen zur Datenbeschreibung und werden jeweils durch eine formale Semantik definiert, die sowohl die Verhaltens- als auch die Datenaspekte beinhaltet. Beide Formalismen erlauben zudem die Beschreibung dynamischer Systeme, in denen sich die Struktur zur Laufzeit aendern kann.Reactive systems are systems which interact continuously with their environment and which react on external events. Due to the high complexity of these systems, specification languages for a formal description of reactive systems have been developed. These formalisms describe both structure and behaviour of systems, but usually they abstract from the specification of data and the corresponding data transformations. In this thesis, we introduce two specification languages for modelling reactive systems which include a functional description of data. The first formalism is based on the theory of process algebras, the second is a type of interaction diagrams. Both formalisms allow for the integration of arbitrary functional languages for data description. Moreover, both languages are defined via a formal semantics, which defines both behaviour and data aspects. Furthermore, both languages allow for the description of dynamic systems, in which the system structure may change during runtime
Deductive Verification of Concurrent Programs and its Application to Secure Information Flow for Java
Formal verification of concurrent programs still poses a major challenge in computer science. Our approach is an adaptation of the modular rely/guarantee methodology in dynamic logic. Besides functional properties, we investigate language-based security. Our verification approach extends naturally to multi-threaded Java and we present an implementation in the KeY verification system. We propose natural extensions to JML regarding both confidentiality properties and multi-threaded programs
Domain-specific languages for modeling and simulation
Simulation models and simulation experiments are increasingly complex. One way to handle this complexity is developing software languages tailored to specific application domains, so-called domain-specific languages (DSLs). This thesis explores the potential of employing DSLs in modeling and simulation. We study different DSL design and implementation techniques and illustrate their benefits for expressing simulation models as well as simulation experiments with several examples.Simulationsmodelle und -experimente werden immer komplexer. Eine Möglichkeit, dieser Komplexität zu begegnen, ist, auf bestimmte Anwendungsgebiete spezialisierte Softwaresprachen, sogenannte domänenspezifische Sprachen (\emph{DSLs, domain-specific languages}), zu entwickeln. Die vorliegende Arbeit untersucht, wie DSLs in der Modellierung und Simulation eingesetzt werden können. Wir betrachten verschiedene Techniken für Entwicklung und Implementierung von DSLs und illustrieren ihren Nutzen für das Ausdrücken von Simulationsmodellen und -experimenten anhand einiger Beispiele