OCSEGen: Open Components and Systems Environment Generator

To analyze a large system, one often needs to break it into smaller components.To analyze a component or unit under analysis, one needs to model its context of execution, called environment, which represents the components with which the unit interacts. Environment generation is a challenging problem, because the environment needs to be general enough to uncover unit errors, yet precise enough to make the analysis tractable. In this paper, we present a tool for automated environment generation for open components and systems. The tool, called OCSEGen, is implemented on top of the Soot framework. We present the tool's current support and discuss its possible future extensions

Generation of Library Models for Verification of Android Applications

Android applications are difficult to verify and test since they have many external dependencies. To overcome this problem, environment generation can be used to create a model of the environment to simulate the behavior of these external dependencies. Creating this environment model manually is a tedious process and although there are many techniques available to generate models, the key lies in identifying how these techniques can be applied to a specific domain. In this paper we discuss two static analysis tools OCSEGen and Modgen and how they can be applied to the Android domain to generate models for specific parts of the environment

Analysing Reverse Engineering Techniques for Interactive Systems

Reverse engineering is the process of discovering a model of a software system by analyzing its structure and functions. Reverse engineering techniques applied to interactive software applications (e.g. applications with user interfaces (UIs)) are very important and significant, as they can help engineers to detect defects in the software and then improve or complete them. There are several approaches, and many different tools, which are able to reverse-engineer software applications into formal models. These can be classified into two main types: dynamic tools and static tools. Dynamic tools interact with the application to find out the run-time behaviours of the software, simulating the actions of a user to explore the system’s state space, whereas static tools focus on static structure and architecture by analysing the code and documents. Reverse engineering techniques are not common for interactive software systems, but nowadays more and more organizations recognize the importance of interactive systems, as the trend in software used in computers is for applications with graphical user interfaces. This has in turn led to a developing interest in reverse engineering tools for such systems. Many reverse engineering tools generate very big models which make analysis slow and resource intensive. The reason for this is the large amount of information that is generated by the existing reverse engineering techniques. Slicing is one possible technique which helps with reducing un-necessary information for building models of software systems. This project focuses on static analysis and slicing, and considers how they can aid reverse engineering techniques for interactive systems, particularly with respect to the generation of a particular set of models, Presentation Models (PModels) and Presentation Interaction Models (PIMs)

Model-Based Usability Analysis of Safety-Critical Systems: A Formal Methods Framework

Complex, safety-critical systems are designed with a broad range of automated and configurable components, and usability problems often emerge for the end user during setup, operation, and troubleshooting procedures. Usability evaluations should consider the entire human-device interface including displays, controls, hardware configurations, and user documentation/procedures. To support the analyst, human factors researchers have developed a set of methods and measures for evaluating human-system interface usability, while formal methods researchers have developed a set of model-based technologies that enable mathematical verification of desired system behaviors. At the intersection of these disciplines, an evolving set of model-based frameworks enable highly automated verification of usability early in the design cycle. Models can be abstracted to enable broad coverage of possible problems, while measures can be formally verified to "prove" that the system is usable. Currently, frameworks cover a subset of the target system and user behaviors that must be modeled to ensure usability: procedures, visual displays, user controls, automation, and possible interactions among them. Similarly, verification methodologies focus on a subset of potential usability problems with respect to modeled interactions. This work provides an integrated formal methods framework enabling the holistic modeling and verification of safety-critical system usability. Building toward the framework, a set of five, novel approaches extend the capabilities of extant frameworks in different ways. Each approach is demonstrated in a medical device case study to show how the methods can be employed to identify potential usability problems in existing systems. A formal approach to documentation navigation models an end user navigating through a printed or electronic document and verifies page reachability. A formal approach to procedures in documentation models an end user executing steps as written and aids in identifying problems involving what device components are identified in task descriptions, what system configurations are addressed, and what temporal orderings of procedural steps could be improved. A formal approach to hardware configurability models end-user motor capabilities, relationships among the user and device components in the spatial environment, and opportunities for the user to physically manipulate components. An encoding tool facilitates the modeling process, while a verification methodology aids in ensuring that configurable hardware supports correct end- user actions and prevents incorrect ones. A formal approach to interface understandability models what information is provided to the end user through visual, audible, and haptic sensory channels, including explanations provided in accompanying documentation. An encoding tools facilitates the development of models and specifications, while the verification methodology aids in ensuring that what is displayed on the device is consistent; and, if needed, an explanation of what is displayed is provided in documentation. A formal approach to controlled actuators leverages an existing modeling technique and data collected from other engineering activities to model actuator dynamics mapping to referent data. An encoding tool facilitates model development, and a verification methodology aids in validating the model with respect to source data. Finally, new methodologies are combined within the integrated framework. A model architecture supports the analyst in representing a broad range of interactions among constituent framework models, and a set of ten specifications is developed to enable holistic usability verification. An implementation of the framework is demonstrated within a case study based on a medical device under development. This application shows how the framework could be utilized early in the design of a safety-critical system, without the need for a fully implemented device or a team of human evaluators.Ph.D., Biomedical Science -- Drexel University, 201

Analyzing interaction orderings with model checking

Human-Computer Interaction (HCI) systems control an ongoing interaction between end-users and computer-based systems. For software-intensive systems, a Graphic User Interface (GUI) is often employed for enhanced usability. Traditional approaches to validation of GUI aspects in HCI systems involve prototyping and live-subject testing. These approaches are limited in their ability to cover the set of possible human-computer interactions that a system may allow, since patterns of interaction may be long running and have large numbers of alternatives. In this paper, we propose a static analysis that is capable of reasoning about user-interaction properties of GUI portions of HCI applications written in Java using modern GUI Frameworks, such as Swing TM. Our approach consists of partitioning an HCI application into three parts: the Swing library, the GUI implementation, i.e., code that interacts directly with Swing, and the underlying application. We develop models of each of these parts that preserves behavior relevant to interaction ordering. We describe how these models are generated and how we have customized a model checking framework to efficiently analyze their combination.

Analyzing Interaction Orderings with Model Checking

Human-Computer Interaction (HCI) systems control an ongoing interaction between end-users and computer-based systems. For software-intensive systems, a Graphic User Interface (GUI) is often employed for enhanced usability. Traditional approaches to validation of GUI aspects in HCI systems involve prototyping and live-subject testing. These approaches are limited in their ability to cover the set of possible human-computer interactions that a system may allow, since patterns of interaction may be long running and have large numbers of alternatives