What makes industries believe in formal methods

The introduction of formal methods in the design and development departments of an industrial company has far reaching and long lasting consequences. In fact it changes the whole environment of methods, tools and skills that determine the design culture of that company. A decision to replace current design practice by formal methods, therefore, appears a vital one and is not lightly taken. The past has shown that efforts to introduce formal methods in industry has faced a lot of controversy and opposition at various hierarchical levels in companies, resulting in a marginal spread of such methods. This paper revisits the requirements for formal description techniques and identifies some critical success and inhibiting factors associated with the introduction of formal methods in the industrial practice. One of the inhibiting factors is the often encountered lack of appropriateness of the formal model to express and manipulate the design concerns that determine the world of the engineer. This factor motivated our research in the area of architectural and implementation design concepts. The last two sections of this paper report on some results of this research

Mapping RT-LOTOS specifications into Time Petri Nets

RT-LOTOS is a timed process algebra which enables compact and abstract specification of real-time systems. This paper proposes and illustrates a structural translation of RT-LOTOS terms into behaviorally equivalent (timed bisimilar) finite Time Petri nets. It is therefore possible to apply Time Petri nets verification techniques to the profit of RT-LOTOS. Our approach has been implemented in RTL2TPN, a prototype tool which takes as input an RT-LOTOS specification and outputs a TPN. The latter is verified using TINA, a TPN analyzer developed by LAAS-CNRS. The toolkit made of RTL2TPN and TINA has been positively benchmarked against previously developed RT-LOTOS verification tool

A design model for Open Distributed Processing systems

This paper proposes design concepts that allow the conception, understanding and development of complex technical structures for open distributed systems. The proposed concepts are related to, and partially motivated by, the present work on Open Distributed Processing (ODP). As opposed to the current ODP approach, the concepts are aimed at supporting a design trajectory with several, related abstraction levels. Simple examples are used to illustrate the proposed concepts

IIVFDT: Ignorance Functions based Interval-Valued Fuzzy Decision Tree with Genetic Tuning

The choice of membership functions plays an essential role in the success of fuzzy systems. This is a complex problem due to the possible lack of knowledge when assigning punctual values as membership degrees. To face this handicap, we propose a methodology called Ignorance functions based Interval-Valued Fuzzy Decision Tree with genetic tuning, IIVFDT for short, which allows to improve the performance of fuzzy decision trees by taking into account the ignorance degree. This ignorance degree is the result of a weak ignorance function applied to the punctual value set as membership degree. Our IIVFDT proposal is composed of four steps: (1) the base fuzzy decision tree is generated using the fuzzy ID3 algorithm; (2) the linguistic labels are modeled with Interval-Valued Fuzzy Sets. To do so, a new parametrized construction method of Interval-Valued Fuzzy Sets is defined, whose length represents such ignorance degree; (3) the fuzzy reasoning method is extended to work with this representation of the linguistic terms; (4) an evolutionary tuning step is applied for computing the optimal ignorance degree for each Interval-Valued Fuzzy Set. The experimental study shows that the IIVFDT method allows the results provided by the initial fuzzy ID3 with and without Interval-Valued Fuzzy Sets to be outperformed. The suitability of the proposed methodology is shown with respect to both several state-of-the-art fuzzy decision trees and C4.5. Furthermore, we analyze the quality of our approach versus two methods that learn the fuzzy decision tree using genetic algorithms. Finally, we show that a superior performance can be achieved by means of the positive synergy obtained when applying the well known genetic tuning of the lateral position after the application of the IIVFDT method.Spanish Government TIN2011-28488 TIN2010-1505

Design and development of a technological demonstrator for the study of high dynamics GNSS receivers

[ES] En el marco de esta tesis se van a estudiar, principalmente, los efectos del movimiento de alta dinámica en receptores de Sistemas Globales de Navegación por Satélite (GNSS). El término alta dinámica es un término utilizado para referirse al movimiento de los vehículos en los que van embarcados receptores GNSS, los cuales se mueven lo suficientemente rápido como para causar un gran desplazamiento en frecuencia de la portadora debido al efecto Doppler. Se identificarán los problemas inherentes a este tipo de entornos y se estudiarán y propondrán soluciones. Para poder efectuar el estudio de estos fenómenos, se diseñará un demostrador tecnológico (conjunto de hardware y software para prueba y prototipado de tecnologías) en el que desarrollar el estudio de los casos de interés. Con el fin de trabajar en un entorno repetible, se utilizará un generador de señal GNSS. La señal generada se traslada a un receptor de radiofrecuencia definido por software, Software Defined Radio (SDR). Este tipo de receptor únicamente se encarga de digitalizar la señal de entrada y de llevar las muestras digitales a un ordenador, de modo que todo el procesado de señal se implementa en dicho ordenador. Este esquema de trabajo es ideal habida cuenta de su simplicidad y flexibilidad. Dicha flexibilidad conlleva la posibilidad de sintonizar el demostrador para poder estudiar una amplia gama de arquitecturas de receptor GNSS. Una vez se haya ensamblado el demostrador, se comprobará su correcto funcionamiento en escenarios conocidos usando los algoritmos más utilizados a día de hoy en receptores GNSS. Asegurado el correcto funcionamiento, se comparará el rendimiento de algoritmos de referencia con los algoritmos a estudiar y se extraerán conclusiones.[CA] En aquest treball s'estudiaran, principalment, els efectes del moviment d'alta dinámica en receptors de Navegació per Satèl.lit GNSS (Global Navigation Satellite System). La denominació alta dinámica, s'utilitza per a descriure el moviment dels vehicles dins dels quals hi han receptors GNSS. El moviment d'aquests vehicles és suficientment ràpid com per a causar un gran desplaçament en freqüència de la freqüència portadora. Aquest desplaçament és consqüència de l'efecte Doppler. S'identificaran els problemes inherents d'aquest tipus de entorns GNSS i es propsararàn solucions. Per a estudiar l'efecte de l'alta dinàmica, es dissenyarà un demostrador tecnològic (conjunt de maquinari i software per a proves i prototipat de tecnologies) en que es pot desenvolupar l'estudi dels casos d'interès. Amb l'objectiu d'aconseguir treballar en un entorn repetible s'utilitzarà un generador de senyal GNSS. El senyal es processarà mitjançant un receptor SDR (Software Defined Radio). Aquest tipus de receptor s'encarrega del processat que fa un receptor GNSS en un PC. Aquesta filosofia de treball és idónia per la seua flexibilitat i simplicitat. Quan s'haja ensamblat el demostrador, és comprovarà el seu correct funcionament en escenaris de prova utilitzant els algoritmes implementats en receptors GNSS comercials. En aquest moment, el demostrador estarà preparat per a estudiar el casos d'alta dinàmica, que és l'objectiu fonamental d'aquest treball.[EN] The study of the effects of the high dynamics on Global Navigation Satellite System (GNSS) receivers constitute the main matter of study in this work. The term high dynamics refers to the movement of vehicles that carry GNSS embedded receivers, which move fast enough to generate a large carrier frequency drift caused by the Doppler effect. The problems linked to these environments will be characterized and solutions to counteract possible signal impairments will be discussed. In order to correctly characterize these problems, a technological demonstrator (set of hardware components interacting with software tools enabling fast prototyping) will be designed and constructed. Using this technological demonstrator, different case studies will be developed. With the aim of achieving experimental repeatability, a GNSS signal generator will be used. The generated GNSS signal is fed to a Software Defined Radio (SDR) GNSS receiver. This receiver type is in charge of digitizing the analog RF signal and carrying the resulting samples to a computer in which signal processing tasks implementing the functions of GNSS receivers, take place. The main advantage linked to the usage of this work scheme is that by changing the software part, different receiver architectures can be implemented in a simple manner. Furthermore, by taking advantage of the flexible architecture it is possible to tune the detector in such a manner that it is possible to implement many different architecture types. Once the technological demonstrator is assembled, tests to assure its correct operation will be conducted by performing comparisons with the behaviour of well-known GNSS receivers in known scenarios. Later on, comparative tests using signals from high dynamics scenarios will take place. Insight and analysis of comparative performance will be given.Alcaide Guillén, C. (2019). Design and development of a technological demonstrator for the study of high dynamics GNSS receivers [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/131697TESI

A conformance test framework for the DeviceNet fieldbus

The DeviceNet fieldbus technology is introduced and discussed. DeviceNet is an open standard fieldbus which uses the proven Controller Area Network technology. As an open standard fieldbus, the device conformance is extremely important to ensure smooth operation. The error management in DeviceNet protocol is highlighted and an error injection technique is devised to test the implementation under test for the correct error-recovery conformance. The designed Error Frame Generator prototype allows the error management and recovery of DeviceNet implementations to be conformance tested. The Error Frame Generator can also be used in other Controller Area Network based protocols. In addition, an automated Conformance Test Engine framework has been defined for realising the conformance testing of DeviceNet implementations. Automated conformance test is used to achieve consistent and reliable test results, apart from the benefits in time and personnel savings. This involves the investigations and feasibility studies in adapting the ISO 9646 conformance test standards for use in DeviceNet fieldbus. The Unique Input/Output sequences method is used for the generation of DeviceNet conformance tests. The Unique Input/Output method does not require a fully specified protocol specification and gives shorter test sequences, since only specific state information is needed. As conformance testing addresses only the protocol verification, it is foreseen that formal method validation of the DeviceNet protocol must be performed at some stage to validate the DeviceNet specification