Second CLIPS Conference Proceedings, volume 1

Topics covered at the 2nd CLIPS Conference held at the Johnson Space Center, September 23-25, 1991 are given. Topics include rule groupings, fault detection using expert systems, decision making using expert systems, knowledge representation, computer aided design and debugging expert systems

Conformance testing of peer-to-peer systems using message traffic analysis

Peer-to-Peer architectures are used by a large number of distributed systems; however, the challenges such as maintaining a reliable and stable peer-to-peer network can make such networks undesirable for distributed systems. Peer-to-peer architectures are designed to be executed on systems with diverse hardware configurations, distant geographic locations, and varied, unpredictable Internet connectivity that make the software testing process difficult. This research defines a method for conformance testing peer-to-peer content distribution systems called “Method for Conformance Testing by Analyzing Message Activity” (MCTAMA). MCTAMA uses a common representation for describing the behavior of nodes during both design and deployment. ATAMA generates, evaluates and filters test cases that help determine variation between the expected and observed behaviors. The focus on message traffic allows MCTAMA to be used at multiple stages of development and deployment while not being affected by the variations in the operating environment, availability of source code or the capabilities of a monitoring mechanism. As a part of MCTAMA, this research includes a method for combining sequence diagrams to create a description of the expected behavior of nodes in the system

State-Based Techniques For Designing, Verifying And Debugging Message Passing Systems

Message passing systems support the applications of concurrent events, where independent or semi-independent events occur simultaneously in a nondeterministic fashion. The nature of independence, random interactions and concurrency made the code development of such applications complicated and error-prone. Conventional code development environments or IDEs, such as Microsoft Visual Studio, provide little programming support in this regard. Furthermore, ensuring the correctness of a message passing system is a challenge. Typically, it is important to guarantee that a system meets its desired specifications along its construction process. Model checking is one of the techniques used in software verification which has proven to be effective in discovering hidden design and implementation errors. The required advanced knowledge of formal methods and temporal languages is one of the impediments in adopting model checking by software developers. To integrate model checking environments and conventional IDEs, this dissertation proposes a multi-phase development framework that facilitates designing, verifying, implementing and debugging state-based message passing systems. The techniques and design principles of the proposed framework focus on improving and easing the software development experience. In the first phase, a two-level design methodology is proposed through using abstract high-level communication blocks and hierarchical state-behavioral descriptions that were developed in this research. In the second phase, a new method based on choosing from a pre-determined set of patterns in concurrent communication properties is proposed to facilitate collecting the essential specifications of the system where the atomic propositions are linked with the system design. A complex property can be attained by hierarchically nesting some of these patterns. A procedure to automatically generate formal models in a model checker (MC) language is proposed. Once the model that contains both the design and the properties of the system are generated, a model checker is used to verify the correctness of the proposed system and ensure its compliance with specifications. To help in locating the source of an undesired specification, if any, a procedure to map a counter example generated by the MC to the original design is presented. In the third phase, a skeleton code of the design specification is generated in a general programming language such as Microsoft C\#, Java, etc. moreover, the ability to debug the generated code using a conventional IDE while tracing the debugging process back to the original design was established. Finally, a graphical software tool that supports the proposed framework is developed where SPIN MC is used as a verifier. The tool was used to develop and verify several case studies. The proposed framework and the developed software tool can be considered a key solution for message passing systems design and verification

Complementary formalisms - synthesis, verification and visualization

Ph.DDOCTOR OF PHILOSOPH

System model for UML -- The interactions case

A system model for an OO specification language is any timed state transition system whose states are composed of a data store, a control store, and a message pool. To define a semantics for any OO specification language (as e.g. UML) is the art of defining the transition function $Delta$ depending on the current state and on the input sofar that moreover observes certain rules. Having defined what a system model is, the challenge now is to establish when such a system model satisfies a message interchange specification (expressed by means of UML interactions)

Proceedings of the First NASA Formal Methods Symposium

Topics covered include: Model Checking - My 27-Year Quest to Overcome the State Explosion Problem; Applying Formal Methods to NASA Projects: Transition from Research to Practice; TLA+: Whence, Wherefore, and Whither; Formal Methods Applications in Air Transportation; Theorem Proving in Intel Hardware Design; Building a Formal Model of a Human-Interactive System: Insights into the Integration of Formal Methods and Human Factors Engineering; Model Checking for Autonomic Systems Specified with ASSL; A Game-Theoretic Approach to Branching Time Abstract-Check-Refine Process; Software Model Checking Without Source Code; Generalized Abstract Symbolic Summaries; A Comparative Study of Randomized Constraint Solvers for Random-Symbolic Testing; Component-Oriented Behavior Extraction for Autonomic System Design; Automated Verification of Design Patterns with LePUS3; A Module Language for Typing by Contracts; From Goal-Oriented Requirements to Event-B Specifications; Introduction of Virtualization Technology to Multi-Process Model Checking; Comparing Techniques for Certified Static Analysis; Towards a Framework for Generating Tests to Satisfy Complex Code Coverage in Java Pathfinder; jFuzz: A Concolic Whitebox Fuzzer for Java; Machine-Checkable Timed CSP; Stochastic Formal Correctness of Numerical Algorithms; Deductive Verification of Cryptographic Software; Coloured Petri Net Refinement Specification and Correctness Proof with Coq; Modeling Guidelines for Code Generation in the Railway Signaling Context; Tactical Synthesis Of Efficient Global Search Algorithms; Towards Co-Engineering Communicating Autonomous Cyber-Physical Systems; and Formal Methods for Automated Diagnosis of Autosub 6000

A Lightweight State Machine for Validating Use Case Descriptions

This paper presents a tool to provide an enaction capability for use case descriptions. Use cases have wide industry acceptance and are well suited for constructing initial approximations of the intended behaviour. However, use case descriptions are still relatively immature with respect to precise syntax and semantics. Hence, despite promising work on providing writing guidelines, rigorous validation of use case descriptions requires further support. One approach to supporting validation is to use enaction. Indeed, enactable models have been used extensively within process modelling to clarify understanding of descriptions. Given the importance of requirements validation, such automated support promises significant benefits. However, the need to produce formal descriptions, to drive enaction, is often seen as a barrier to the takeup of such technologies. That is, developers have traditionally been reluctant to increase the proportion of effort devoted to requirements activities. Our approach involves the development of a lightweight state-machine, which obviates any need to create intermediate formal descriptions, thereby maintaining the simple nature of the use case description. Hence, this 'lightweight' approach, which provides an enaction capability ‘for minimal effort’, increases the likelihood of industrial take-up