2,752 research outputs found
Clafer: Lightweight Modeling of Structure, Behaviour, and Variability
Embedded software is growing fast in size and complexity, leading to intimate
mixture of complex architectures and complex control. Consequently, software
specification requires modeling both structures and behaviour of systems.
Unfortunately, existing languages do not integrate these aspects well, usually
prioritizing one of them. It is common to develop a separate language for each
of these facets. In this paper, we contribute Clafer: a small language that
attempts to tackle this challenge. It combines rich structural modeling with
state of the art behavioural formalisms. We are not aware of any other modeling
language that seamlessly combines these facets common to system and software
modeling. We show how Clafer, in a single unified syntax and semantics, allows
capturing feature models (variability), component models, discrete control
models (automata) and variability encompassing all these aspects. The language
is built on top of first order logic with quantifiers over basic entities (for
modeling structures) combined with linear temporal logic (for modeling
behaviour). On top of this semantic foundation we build a simple but expressive
syntax, enriched with carefully selected syntactic expansions that cover
hierarchical modeling, associations, automata, scenarios, and Dwyer's property
patterns. We evaluate Clafer using a power window case study, and comparing it
against other notations that substantially overlap with its scope (SysML, AADL,
Temporal OCL and Live Sequence Charts), discussing benefits and perils of using
a single notation for the purpose
Translating alloy apecifications to UML class diagrams annotated with OCL
Proceedings of the 9th International Conference on Software Engineering and Formal MethodsModel-Driven Engineering (MDE) is a Software Engineering approach based on model transformations at different abstraction levels. It prescribes the development of software by successively transforming models from abstract (specifications) to more concrete ones (code). Alloy is an increasingly popular lightweight formal specification language that supports automatic verification. Unfortunately, its widespread industrial adoption is hampered by the lack of an ecosystem of MDE tools, namely code generators. This paper presents a model transformation between Alloy and UML Class Diagrams annotated with OCL. The proposed transformation enables current UML-based tools to also be applied to Alloy specifications, thus unleashing its potential for MDE
A UML/OCL framework for the analysis of fraph transformation rules
In this paper we present an approach for the analysis of graph transformation rules based on an intermediate OCL representation. We translate different rule semantics into OCL, together with the properties of interest (like rule applicability, conflicts or independence). The intermediate representation serves three purposes: (i) it allows the seamless integration of graph transformation rules with the MOF and OCL standards, and enables taking the meta-model and its OCL constraints (i.e. well-formedness rules) into account when verifying the correctness of the rules; (ii) it permits the interoperability of graph transformation concepts with a number of standards-based model-driven development tools; and (iii) it makes available a plethora of OCL tools to actually perform the rule analysis. This approach is especially useful to analyse the operational semantics of Domain Specific Visual Languages. We have automated these ideas by providing designers with tools for the graphical specification and analysis of graph transformation rules, including a backannotation mechanism that presents the analysis results in terms of the original language notation
Modeling and Testing a Family of Surgical Robots: An Experience Report
Safety-critical applications often use dependability cases to validate that specified properties are invariant, or to demonstrate a counter example showing how that property might be violated. However, most dependability cases are written with a single product in mind. At the same time, software product lines (families of related software products) have been studied with the goal of modeling variability and commonality, and building family based techniques for both analysis and testing. However, there has been little work on building an end to end dependability case for a software product line (where a property is modeled, a counter example is found and then validated as a true positive via testing), and none that we know of in an emerging safety-critical domain, that of robotic surgery. In this paper, we study a family of surgical robots, that combine hardware and software, and are highly configurable, representing over 1300 unique robots. At the same time, they are considered safety-critical and should have associated dependability cases. We perform a case study to understand how we can bring together lightweight formal analysis, feature modeling, and testing to provide an end to end pipeline to find potential violations of important safety properties. In the process, we learned that there are some interesting and open challenges for the research community, which if solved will lead towards more dependable safety-critical cyber-physical systems
TriCheck: Memory Model Verification at the Trisection of Software, Hardware, and ISA
Memory consistency models (MCMs) which govern inter-module interactions in a
shared memory system, are a significant, yet often under-appreciated, aspect of
system design. MCMs are defined at the various layers of the hardware-software
stack, requiring thoroughly verified specifications, compilers, and
implementations at the interfaces between layers. Current verification
techniques evaluate segments of the system stack in isolation, such as proving
compiler mappings from a high-level language (HLL) to an ISA or proving
validity of a microarchitectural implementation of an ISA.
This paper makes a case for full-stack MCM verification and provides a
toolflow, TriCheck, capable of verifying that the HLL, compiler, ISA, and
implementation collectively uphold MCM requirements. The work showcases
TriCheck's ability to evaluate a proposed ISA MCM in order to ensure that each
layer and each mapping is correct and complete. Specifically, we apply TriCheck
to the open source RISC-V ISA, seeking to verify accurate, efficient, and legal
compilations from C11. We uncover under-specifications and potential
inefficiencies in the current RISC-V ISA documentation and identify possible
solutions for each. As an example, we find that a RISC-V-compliant
microarchitecture allows 144 outcomes forbidden by C11 to be observed out of
1,701 litmus tests examined. Overall, this paper demonstrates the necessity of
full-stack verification for detecting MCM-related bugs in the hardware-software
stack.Comment: Proceedings of the Twenty-Second International Conference on
Architectural Support for Programming Languages and Operating System
Behavior models for software architecture
Monterey Phoenix (MP) is an approach to formal software system architecture specification based on behavior models. Architecture modeling focuses not only on the activities and interactions within the system, but also on the interactions between the system and its environment, providing an abstraction for interaction specification. The behavior of the system is defined as a set of events (event trace) with two basic relations: precedence and inclusion. The structure of possible event traces is specified using event grammars and other constraints organized into schemas. The separation of the interaction description from the components behavior is an essential MP feature. The schema framework is amenable to stepwise architecture refinement, reuse, composition, visualization, and multiple view extraction. The approach yields a basis for executable architecture specification supporting early testing and verification, systematic use case generation, and performance estimates with automated tools.Consortium for Robotics and Unmanned Systems Education and Research (CRUSER)Consortium for Robotics and Unmanned Systems Education and Research (CRUSER)Approved for public release; distribution is unlimited.Approved for public release; distribution is unlimited
- …