Generating natural language descriptions of Z test cases

Critical software most often requires an independent validation and verification (IVV). IVV is usually performed by domain experts, who are not familiar with specific, many times formal, development technologies. In addition, model-based testing (MBT) is a promising testing technique for the verification of critical software. Test cases generated by MBT tools are logical descriptions. The problem is, then, to provide natural language (NL) descriptions of these test cases, making them accessible to domain experts. In this paper, we present ongoing research aimed at finding a suitable method for generating NL descriptions from test cases in a formal specification language. A first prototype has been developed and applied to a real-world project in the aerospace sector

Applying SMT Solvers to the Test Template Framework

The Test Template Framework (TTF) is a model-based testing method for the Z notation. In the TTF, test cases are generated from test specifications, which are predicates written in Z. In turn, the Z notation is based on first-order logic with equality and Zermelo-Fraenkel set theory. In this way, a test case is a witness satisfying a formula in that theory. Satisfiability Modulo Theory (SMT) solvers are software tools that decide the satisfiability of arbitrary formulas in a large number of built-in logical theories and their combination. In this paper, we present the first results of applying two SMT solvers, Yices and CVC3, as the engines to find test cases from TTF's test specifications. In doing so, shallow embeddings of a significant portion of the Z notation into the input languages of Yices and CVC3 are provided, given that they do not directly support Zermelo-Fraenkel set theory as defined in Z. Finally, the results of applying these embeddings to a number of test specifications of eight cases studies are analysed.Comment: In Proceedings MBT 2012, arXiv:1202.582

FREPA: An Automated and Formal Approach to Requirement Modeling and Analysis in Aircraft Control Domain

Formal methods are promising for modeling and analyzing system requirements. However, applying formal methods to large-scale industrial projects is a remaining challenge. The industrial engineers are suffering from the lack of automated engineering methodologies to effectively conduct precise requirement models, and rigorously validate and verify (V&V) the generated models. To tackle this challenge, in this paper, we present a systematic engineering approach, named Formal Requirement Engineering Platform in Aircraft (FREPA), for formal requirement modeling and V\&V in the aerospace and aviation control domains. FREPA is an outcome of the seamless collaboration between the academy and industry over the last eight years. The main contributions of this paper include 1) an automated and systematic engineering approach FREPA to construct requirement models, validate and verify systems in the aerospace and aviation control domain, 2) a domain-specific modeling language AASRDL to describe the formal specification, and 3) a practical FREPA-based tool AeroReq which has been used by our industry partners. We have successfully adopted FREPA to seven real aerospace gesture control and two aviation engine control systems. The experimental results show that FREPA and the corresponding tool AeroReq significantly facilitate formal modeling and V&V in the industry. Moreover, we also discuss the experiences and lessons gained from using FREPA in aerospace and aviation projects.Comment: 12 pages, Published by FSE 202

Automatic retrieval of crop characteristics: an example for hyperspectral AHS data from the AgriSAR campaign.

This paper presents the results of automated extraction of crop characteristics from hyperspectral earth observation data. The data was acquired with an airborne AHS imaging spectrometer in the framework of the joint European AgriSAR 2006 campaign. The AgriSAR campaign was directed by the ESA and took place at the DEMMIN test site in northeast Germany, an agricultural area dominated by large monocultures. An important objective of this campaign was to establish to what degree novel radar and optical technologies are able to provide accurate agro-meteorological parameters for precision farming purposes. Parameter retrieval in this study was performed with the CRASh approach, a software module based on the inversion of radiative transfer models. CRASh was developed at DLR as part of an automated operative processing chain for future hyperspectral missions. Validation of the model inversion results was performed with field measurements of leaf area index and leaf chlorophyll content which were carried out for winter wheat, winter barley, winter rape, maize, and sugar beet at two time steps during the 2006 growing season. Although spatial patterns of the model results generally coincide with the trends observed in the field, absolute accuracy of the fully automatically extracted variables appeared insufficient for precision agriculture purposes. The unsatisfying results are ascribed to a combination of causes, including angular anisotropy across the swath-width of the flight lines, the configuration of the applied bands, and the large number of model inversion solutions inherent to an automated environment in which little additional information on the observed canopy is present. Employing the airborne version of CRASh and incorporating a priori information on land cover and variable distributions is expected to drastically increase the retrieval performance

Improved accuracy in the determination of flexural rigidity of textile fabrics by the Peirce cantilever test (ASTM D1388)

Within the field of composite manufacturing simulations, it is well known that the bending behavior of fabrics and prepregs has a significant influence on the drapeability and final geometry of a composite part. Due to sliding between reinforcements within a fabric, the bending properties cannot be determined from in-plane properties and a separate test is required. The Peirce cantilever test represents a popular way of determining the flexural rigidity for these materials, and is the preferred method in the ASTM D1388 standard. This work illustrates the severe inaccuracies (up to 72% error) in the current ASTM D1388 standard as well as the original formulation by Peirce, caused by ignoring higher-order effects. A modified approach accounting for higher-order effects and yielding significantly improved accuracy is presented. The method is validated using finite element simulations and experimental testing. Since no independent tests other than the ASTM D1388 standard are available to determine the bending stiffness of fabric materials, experimental validation is performed on an isotropic, homogeneous Upilex-50S foil for which the flexural rigidity and tensile stiffness are related. The flexural rigidity and elastic modulus are determined through both the cantilever test (ASTM D1388) and tensile testing. The results show that the proposed method measures an elastic modulus close to that determined through tensile testing (within 1%), while both the Peirce formulation (+18%) and ASTM standard (+72%) over-estimate the elastic modulus. The proposed methodology allows for a more accurate determination of flexural rigidity, and enables the more accurate simulation of composite forming processes

SISO Space Reference FOM - Tools and Testing

The Simulation Interoperability Standards Organization (SISO) Space Reference Federation Object Model (SpaceFOM) version 1.0 is nearing completion. Earlier papers have described the use of the High Level Architecture (HLA) in Space simulation as well as technical aspects of the SpaceFOM. This paper takes a look at different SpaceFOM tools and how they were used during the development and testing of the standard.The first organizations to develop SpaceFOM-compliant federates for SpaceFOM development and testing were NASA's Johnson Space Center (JSC), the University of Calabria (UNICAL), and Pitch Technologies.JSC is one of NASA's lead centers for human space flight. Much of the core distributed simulation technology development, specifically associated with the SpaceFOM, is done by the NASA Exploration Systems Simulations (NExSyS) team. One of NASA's principal simulation development tools is the Trick Simulation Environment. NASA's NExSyS team has been modifying and using Trick and TrickHLA to help develop and test the SpaceFOM.The System Modeling And Simulation Hub Laboratory (SMASH-Lab) at UNICAL has developed the Simulation Exploration Experience (SEE) HLA Starter kit, that has been used by most SEE teams involved in the distributed simulation of a Moon base. It is particularly useful for the development of federates that are compatible with the SpaceFOM. The HLA Starter Kit is a Java based tool that provides a well-structured framework to simplify the formulation, generation, and execution of SpaceFOM-compliant federates.Pitch Technologies, a company specializing in distributed simulation, is utilizing a number of their existing HLA tools to support development and testing of the SpaceFOM. In addition to the existing tools, Pitch has developed a few SpaceFOM specific federates: Space Master for managing the initialization, execution and pacing of any SpaceFOM federation; EarthEnvironment, a simple Root Reference Publisher; and Space Monitor, a graphical tool for monitoring reference frames and physical entities.Early testing of the SpaceFOM was carried out in the SEE university outreach program, initiated in SISO. Students were given a subset of the FOM, that was later extended. Sample federates were developed and frameworks were developed or adapted to the early FOM versions.As drafts of the standard matured, testing was performed using federates from government, industry, and academia. By mixing federates developed by different teams the standard could be tested with respect to functional correctness, robustness and clarity.These frameworks and federates have been useful when testing and verifying the design of the standard. In addition to this, they have since formed a starting point for developing SpaceFOM-compliant federations in several projects, for example for NASA, ESA as well as SEE

A survey of simulation techniques in commerce and defence

Despite the developments in Modelling and Simulation (M&S) tools and techniques over the past years, there has been a gap in the M&S research and practice in healthcare on developing a toolkit to assist the modellers and simulation practitioners with selecting an appropriate set of techniques. This study is a preliminary step towards this goal. This paper presents some results from a systematic literature survey on applications of M&S in the commerce and defence domains that could inspire some improvements in the healthcare. Interim results show that in the commercial sector Discrete-Event Simulation (DES) has been the most widely used technique with System Dynamics (SD) in second place. However in the defence sector, SD has gained relatively more attention. SD has been found quite useful for qualitative and soft factors analysis. From both the surveys it becomes clear that there is a growing trend towards using hybrid M&S approaches

An Adaptive Design Methodology for Reduction of Product Development Risk

Embedded systems interaction with environment inherently complicates understanding of requirements and their correct implementation. However, product uncertainty is highest during early stages of development. Design verification is an essential step in the development of any system, especially for Embedded System. This paper introduces a novel adaptive design methodology, which incorporates step-wise prototyping and verification. With each adaptive step product-realization level is enhanced while decreasing the level of product uncertainty, thereby reducing the overall costs. The back-bone of this frame-work is the development of Domain Specific Operational (DOP) Model and the associated Verification Instrumentation for Test and Evaluation, developed based on the DOP model. Together they generate functionally valid test-sequence for carrying out prototype evaluation. With the help of a case study 'Multimode Detection Subsystem' the application of this method is sketched. The design methodologies can be compared by defining and computing a generic performance criterion like Average design-cycle Risk. For the case study, by computing Average design-cycle Risk, it is shown that the adaptive method reduces the product development risk for a small increase in the total design cycle time.Comment: 21 pages, 9 figure