Attempto - From Specifications in Controlled Natural Language towards Executable Specifications

Deriving formal specifications from informal requirements is difficult since one has to take into account the disparate conceptual worlds of the application domain and of software development. To bridge the conceptual gap we propose controlled natural language as a textual view on formal specifications in logic. The specification language Attempto Controlled English (ACE) is a subset of natural language that can be accurately and efficiently processed by a computer, but is expressive enough to allow natural usage. The Attempto system translates specifications in ACE into discourse representation structures and into Prolog. The resulting knowledge base can be queried in ACE for verification, and it can be executed for simulation, prototyping and validation of the specification.Comment: 15 pages, compressed, uuencoded Postscript, to be presented at EMISA Workshop 'Naturlichsprachlicher Entwurf von Informationssystemen - Grundlagen, Methoden, Werkzeuge, Anwendungen', May 28-30, 1996, Ev. Akademie Tutzin

Functional reasoning in diagnostic problem solving

This work is one facet of an integrated approach to diagnostic problem solving for aircraft and space systems currently under development. The authors are applying a method of modeling and reasoning about deep knowledge based on a functional viewpoint. The approach recognizes a level of device understanding which is intermediate between a compiled level of typical Expert Systems, and a deep level at which large-scale device behavior is derived from known properties of device structure and component behavior. At this intermediate functional level, a device is modeled in three steps. First, a component decomposition of the device is defined. Second, the functionality of each device/subdevice is abstractly identified. Third, the state sequences which implement each function are specified. Given a functional representation and a set of initial conditions, the functional reasoner acts as a consequence finder. The output of the consequence finder can be utilized in diagnostic problem solving. The paper also discussed ways in which this functional approach may find application in the aerospace field

Integrating Human Factors with Structured Analysis and Design Methods

Current human factors input to system development is effected through methods, tools and guidelines. Although the input prompts the consideration of human factors concerns during system design, reports have highlighted inadequacies with respect to the scope, granularity, format and timing of the contributions, e.g. Smith, 1986; Chapanis and Burdurka, 1990; Sutcliffe, 1989; etc. The thesis argues that such problems are obviated if design needs of both Software Engineering and Human Factors are appropriately represented within an overall system design cycle. Intersecting concerns may then be identified for explicit accommodation by the design agenda. To derive an overall design cycle, current conceptions for the individual disciplines should be examined. Since these conceptions are expressed at a lower level as methods, an overall design cycle may be instantiated more specifically by integrating compatible methods from the two disciplines. Methodological integration is desirable as design inter-dependencies and roles may be defined explicitly. More effective inter-disciplinary communication may also accrue from the use of a common set of notations. Methodological integration is facilitated if the design scope, process and notation of individual methods are well defined. Such characteristics are found in a class of Software Engineering methods commonly referred to as structured analysis and design methods. Unfortunately, the same are not currently to be found for human factors since its methods are generally unstructured and focus only on later design stages. 1 Thus, a pre-requisite for integration is the derivation of a reasonably complete and structured human factors method. Since well developed Software Engineering methods already exist, it would be appropriate (for the purposes of methodological integration) to structure human factors methods around specific structured analysis and design methods. The undertaking is exemplified by the present research for the Jackson System Development method. In other words, the scope of the thesis comprises the derivation, test and integration of a structured human factors method with the Jackson System Development method. In conclusion, the research contributes to the Human Factors discipline in two respects. Firstly, it informs the research community on how similar work with other structured analysis and design methods may be set up. Secondly, it offers designers an extended Jackson System Development method that facilitates the incorporation of human factors during system development

THE EVOLVING PHILOSOPHERS PROBLEM - DYNAMIC CHANGE MANAGEMENT

Published versio

Working Notes from the 1992 AAAI Workshop on Automating Software Design. Theme: Domain Specific Software Design

The goal of this workshop is to identify different architectural approaches to building domain-specific software design systems and to explore issues unique to domain-specific (vs. general-purpose) software design. Some general issues that cut across the particular software design domain include: (1) knowledge representation, acquisition, and maintenance; (2) specialized software design techniques; and (3) user interaction and user interface

Software integration testing based on communication coverage criteria and partial model generation

This paper considers the problem of integration testing the components of a timed distributed software system. We assume that communication between the components is specified using timed interface automata and use computational tree logic (CTL) to define communication-based coverage criteria that refer to send- and receive-statements and communication paths. The proposed method enables testers to focus during component integration on such parts of the specification, e.g. behaviour specifications or Markovian usage models, that are involved in the communication between components to be integrated. A more specific application area of this approach is the integration of test-models, e.g. a transmission gear can be tested based on separated models for the driver behaviour, the engine condition, and the mechanical and hydraulical transmission states. Given such a state-based specification of a distributed system and a concrete coverage goal, a model checker is used in order to determine the coverage or generate test sequences that achieve the goal. Given the generated test sequences we derive a partial test-model of the components from which the test sequences are derived. The partial model can be used to drive further testing and can also be used as the basis for producing additional partial models in incremental integration testing. While the process of deriving the test sequences could suffer from a combinatorial explosion, the effort required to generate the partial model is polynomial in the number of test sequences and their length. Thus, where it is not feasible to produce test sequences that achieve a given type of coverage it is still possible to produce a partial model on the basis of test sequences generated to achieve some other criterion. As a result, the process of generating a partial model has the potential to scale to large industrial software systems. While a particular model checker, UPPAAL, was used, it should be relatively straightforward to adapt the approach for use with other CTL based model checkers. A potential additional benefit of the approach is that it provides a visual description of the state-based testing of distributed systems, which may be beneficial in other contexts such as education and comprehension

Properties for Component Model: The definition Perspective

The presence of a large number of component models to date should be able to offer software developers a wide variety of component models -- which they can easily choose from -- for their software development projects. However, the opposite situation is currently observed, where the presence of many component models has caused difficulties in making the selection. Lack of properties or characteristics that can be used as a basis to perform objective comparison between the existing models is believed to have caused the difficulties. In this paper, a list of component model properties is derived by thoroughly examining the available component model definitions. Results from a comparative analysis performed on six component models using the properties show that the properties enable a more objective comparison between the existing component models to be performed

Leveraging Semantic Web Service Descriptions for Validation by Automated Functional Testing

Recent years have seen the utilisation of Semantic Web Service descriptions for automating a wide range of service-related activities, with a primary focus on service discovery, composition, execution and mediation. An important area which so far has received less attention is service validation, whereby advertised services are proven to conform to required behavioural specifications. This paper proposes a method for validation of service-oriented systems through automated functional testing. The method leverages ontology-based and rule-based descriptions of service inputs, outputs, preconditions and effects (IOPE) for constructing a stateful EFSM specification. The specification is subsequently utilised for functional testing and validation using the proven Stream X-machine (SXM) testing methodology. Complete functional test sets are generated automatically at an abstract level and are then applied to concrete Web services, using test drivers created from the Web service descriptions. The testing method comes with completeness guarantees and provides a strong method for validating the behaviour of Web services