11,132 research outputs found
Packet flow analysis in IP networks via abstract interpretation
Static analysis (aka offline analysis) of a model of an IP network is useful
for understanding, debugging, and verifying packet flow properties of the
network. There have been static analysis approaches proposed in the literature
for networks based on model checking as well as graph reachability. Abstract
interpretation is a method that has typically been applied to static analysis
of programs. We propose a new, abstract-interpretation based approach for
analysis of networks. We formalize our approach, mention its correctness
guarantee, and demonstrate its flexibility in addressing multiple
network-analysis problems that have been previously solved via tailor-made
approaches. Finally, we investigate an application of our analysis to a novel
problem -- inferring a high-level policy for the network -- which has been
addressed in the past only in the restricted single-router setting.Comment: 8 page
Automatic instantiation of abstract tests on specific configurations for large critical control systems
Computer-based control systems have grown in size, complexity, distribution
and criticality. In this paper a methodology is presented to perform an
abstract testing of such large control systems in an efficient way: an abstract
test is specified directly from system functional requirements and has to be
instantiated in more test runs to cover a specific configuration, comprising
any number of control entities (sensors, actuators and logic processes). Such a
process is usually performed by hand for each installation of the control
system, requiring a considerable time effort and being an error prone
verification activity. To automate a safe passage from abstract tests, related
to the so called generic software application, to any specific installation, an
algorithm is provided, starting from a reference architecture and a state-based
behavioural model of the control software. The presented approach has been
applied to a railway interlocking system, demonstrating its feasibility and
effectiveness in several years of testing experience
Using Indexed and Synchronous Events to Model and Validate Cyber-Physical Systems
Timed Transition Models (TTMs) are event-based descriptions for modelling,
specifying, and verifying discrete real-time systems. An event can be
spontaneous, fair, or timed with specified bounds. TTMs have a textual syntax,
an operational semantics, and an automated tool supporting linear-time temporal
logic. We extend TTMs and its tool with two novel modelling features for
writing high-level specifications: indexed events and synchronous events.
Indexed events allow for concise description of behaviour common to a set of
actors. The indexing construct allows us to select a specific actor and to
specify a temporal property for that actor. We use indexed events to validate
the requirements of a train control system. Synchronous events allow developers
to decompose simultaneous state updates into actions of separate events. To
specify the intended data flow among synchronized actions, we use primed
variables to reference the post-state (i.e., one resulted from taking the
synchronized actions). The TTM tool automatically infers the data flow from
synchronous events, and reports errors on inconsistencies due to circular data
flow. We use synchronous events to validate part of the requirements of a
nuclear shutdown system. In both case studies, we show how the new notation
facilitates the formal validation of system requirements, and use the TTM tool
to verify safety, liveness, and real-time properties.Comment: In Proceedings ESSS 2015, arXiv:1506.0325
Formal verification of a space system's user Interface with the IVY workbench
This paper describes the application of the IVY workbench to the formal analysis of a user interface for a safety-critical aerospace system. The operation manual of the system was used as a requirement document, and this made it possible to build a reference model of the user interface, focusing on navigation between displays, the information provided by each display, and how they are interrelated. Usability-related property specification patterns were then used to derive relevant properties for verification. This paper discusses both the modeling strategy and the analytical results found using the IVY workbench. The purpose of the reference model is to provide a standard against which future versions of the interface may be assessed.EPSRC - Engineering and Physical Sciences Research Council(EP/G059063/1)This work was partly funded by project ref. NORTE-07-0124-FEDER-000062, co-financed by the North Portugal Regional Operational Programme (ON.2 O Novo Norte), under the National Strategic Reference Framework (NSRF), through the European Regional Development Fund (ERDF), and by national funds, through the Portuguese foundation for science and technology (FCT)
Validating Behavioral Requirements, Conditions, and Rules of Autonomous Systems with Scenario-Based Testing
Assuring the safety of autonomous vehicles is more and more approached by using scenario-based testing. Relevant driving situations are utilized here to fuel the argument that an autonomous vehicle behaves correctly. Many recent works focus on the specification, variation, generation, and execution of individual scenarios. However, it is still an open question if operational design domains, which describe the environmental conditions under which the system under test has to function, can be assessed with scenario-based testing. In this paper, we present open challenges and resulting research questions in the field of assuring the safety of autonomous vehicles. We have developed a toolchain that enables us to conduct scenario-based testing experiments based on scenario classification with temporal logic and driving data obtained from the CARLA simulator. We discuss the toolchain and present first results using analysis metrics like class coverage or distribution
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
Property Model Methodology: A First Assessment in the Avionics Domain
International audienceThe aim of this paper is twofold. Firstly, it is intended to provide an overview of the goals, the concepts and the process of a new Model Based Systems Engineering methodology, called Property Model Methodology (PMM). The second aim is to provide a feedback on its application in the avionics domain. In this experiment, PMM has been used in order to develop a top level specification model regarding a textual specification of an avionics function, to validate the top level specification model, and according to PMM rules to develop (1) a design model of the function taking into account architectural constraints of an integrated avionics, (2) building block specification models and (3) building block design models. Building block specification models were validated regarding their encompassing system specification model and the selected system design model while the design models were integrated and verified, level by level up to the top level design model, regarding their specification model. This paper summarizes the lessons learnt during this process and some additional results related to safety issues. This paper, with others [1,2], proves the fundamental concepts of PMM and provides a starting point for further research on Model Based Systems Engineering of a wide range of engineered systems (discrete, hybrid, continuous and multi-physics systems), but also support additional systems engineering activities (e.g. safety-reliability activities)
- …