3 research outputs found
An assurance level sensitive UML profile for supporting DO-178C
Several model-based approaches have been proposed to ease the process of developing certifiable safety-critical software. In this thesis, we are interested in airborne software which must comply with DO-178C standard. However, existing approaches do not provide complete support for all the activities of the software life cycle as defined by DO-178C.
In this thesis, we propose an UML profile that captures the concepts of DO-178C and its supplements in order to model the evidence required for certification. This profile provides modeling constructs for the definition of a DO-178C compliant software life cycle, the specification of the software requirements, the specification of verification data and finally the specification of the traceability that is requested by DO-178C. Furthermore, this profile has the unique feature of providing means to specify the objectives and activities to be performed throughout the software life cycle depending on the targeted assurance level and applied DO-178C supplements.
We implemented the proposed profile within Papyrus, an UML modeling environment. We used the profile to model a realistic example of airborne software. Specifically, we illustrated the usefulness of the profile through four use cases
A Comprehensive Study of Declarative Modelling Languages
Declarative behavioural modelling is a powerful modelling paradigm
that enables users to model system functionality abstractly and
formally. An abstract model is a concise and compact representation
of key characteristics of a system, and enables the stakeholders to
reason about the correctness of the system in the early stages of
development.
There are many different declarative languages and they have greatly
varying constructs for representing a transition system, and they
sometimes differ in rather subtle ways. In this thesis, we compare
seven formal declarative modelling languages B, Event-B, Alloy, Dash,
TLA+, PlusCal, and AsmetaL on several criteria. We classify these
criteria under three main categories: structuring transition systems
(control modelling), data descriptions in transition systems (data
modelling), and modularity aspects of modelling. We developed this
comparison by completing a set of case studies across the data-
vs. control-oriented spectrum in all of the above languages.
Structurally, a transition system is comprised of a snapshot
declaration and snapshot space, initialization, and a transition
relation, which is potentially composed of individual transitions. We
meticulously outline the differences between the languages with
respect to how the modeller would express each of the above components
of a transition system in each language, and include discussions
regarding stuttering and inconsistencies in the transition relation.
Data-related aspects of a formal model include use of basic and
composite datatypes, well-formedness and typechecking, and separation
of name spaces with respect to global and local variables. Modularity
criteria includes subtransition systems and data decomposition. We
employ a series of small and concise exemplars we have devised to
highlight these differences in each language. To help modellers
answer the important question of which declarative modelling language
may be most suited for modelling their system, we present
recommendations based on our observations about the differentiating
characteristics of each of these languages
Event-B モデルの詳細化構造の計画とリファクタリングの支援手法
学位の種別: 課程博士審査委員会委員 : (主査)東京大学准教授 蓮尾 一郎, 東京大学教授 萩谷 昌己, 東京大学教授 小林 直樹, 東京大学教授 高野 明彦, 東京大学教授 千葉 滋University of Tokyo(東京大学