Synthesizing Finite-state Protocols from Scenarios and Requirements

Scenarios, or Message Sequence Charts, offer an intuitive way of describing the desired behaviors of a distributed protocol. In this paper we propose a new way of specifying finite-state protocols using scenarios: we show that it is possible to automatically derive a distributed implementation from a set of scenarios augmented with a set of safety and liveness requirements, provided the given scenarios adequately \emph{cover} all the states of the desired implementation. We first derive incomplete state machines from the given scenarios, and then synthesis corresponds to completing the transition relation of individual processes so that the global product meets the specified requirements. This completion problem, in general, has the same complexity, PSPACE, as the verification problem, but unlike the verification problem, is NP-complete for a constant number of processes. We present two algorithms for solving the completion problem, one based on a heuristic search in the space of possible completions and one based on OBDD-based symbolic fixpoint computation. We evaluate the proposed methodology for protocol specification and the effectiveness of the synthesis algorithms using the classical alternating-bit protocol.Comment: This is the working draft of a paper currently in submission. (February 10, 2014

Distributed Implementation of Message Sequence Charts

International audienc

Scenario-based verification and validation of dynamic UML specifications

The Unified Modeling Language (UML) is the result of the unification process of earlier object oriented models and notations. Verification and validation (V&V) tasks, as applied to UML specifications, enable early detection of analysis and design flaws prior to implementation. In this work, we address four V&V analysis methods for UML dynamic specifications, namely: Timing analysis and automatic V&V of timing constraints, automated Architectural-level Risk assessment, Performance Modeling and Fault Injection analysis. For each we present: approaches, methods and/or automated techniques. We use two case studies: a Cardiac Pacemaker and a simplified Automatic Teller Machine (ATM) banking subsystem, for illustrating the developed techniques

Executable system architecting using systems modeling language in conjunction with Colored Petri Nets - a demonstration using the GEOSS network centric system

Models and simulation furnish abstractions to manage complexities allowing engineers to visualize the proposed system and to analyze and validate system behavior before constructing it. Unified Modeling Language (UML) and its systems engineering extension, Systems Modeling Language (SysML), provide a rich set of diagrams for systems specification. However, the lack of executable semantics of such notations limits the capability of analyzing and verifying defined specifications. This research has developed an executable system architecting framework based on SysML-CPN transformation, which introduces dynamic model analysis into SysML modeling by mapping SysML notations to Colored Petri Net (CPN), a graphical language for system design, specification, simulation, and verification. A graphic user interface was also integrated into the CPN model to enhance the model-based simulation. A set of methodologies has been developed to achieve this framework. The aim is to investigate system wide properties of the proposed system, which in turn provides a basis for system reconfiguration --Abstract, page iii

On Global Types and Multi-Party Session

Global types are formal specifications that describe communication protocols in terms of their global interactions. We present a new, streamlined language of global types equipped with a trace-based semantics and whose features and restrictions are semantically justified. The multi-party sessions obtained projecting our global types enjoy a liveness property in addition to the traditional progress and are shown to be sound and complete with respect to the set of traces of the originating global type. Our notion of completeness is less demanding than the classical ones, allowing a multi-party session to leave out redundant traces from an underspecified global type. In addition to the technical content, we discuss some limitations of our language of global types and provide an extensive comparison with related specification languages adopted in different communities

A Review on Software Performance Analysis for Early Detection of Latent Faults in Design Models

Organizations and society could face major breakdown if IT strategies do not comply with performance requirements. This is more so in the era of globalization and emergence of technologies caused more issues. Software design models might have latent and potential issues that affect performance of software. Often performance is the neglected area in the industry. Identifying performance issues in the design phase can save time, money and effort. Software engineers need to know the performance requirements so as to ensure quality software to be developed. Software performance engineering a quantitative approach for building software systems that can meet performance requirements. There are many design models based on UML, Petri Nets and Product-Forms. These models can be used to derive performance models that make use of LQN, MSC, QNM and so on. The design models are to be mapped to performance models in order to predict performance of system early and render valuable feedback for improving quality of the system. Due to emerging distributed technologies such as EJB, CORBA, DCOM and SOA applications became very complex with collaboration with other software. The component based software systems, software systems that are embedded, distributed likely need more systematic performance models that can leverage the quality of such systems. Towards this end many techniques came into existence. This paper throws light into software performance analysis and its present state-of-the-art. It reviews different design models and performance models that provide valuable insights to make well informed decisions

Initialisation Problems in Feature Composition

Composing features that have inconsistent requirements may lead to feature interactions that violate requirements satisfied by each feature in isolation. These interactions manifest themselves as conflicts on shared resources. Arbitration is a common approach to resolving such conflicts that uses prioritisation to decide which feature has access to resources when there is a conflict. However, arbitration alone does not guarantee satisfaction of the requirement of the feature that eventually gains access to a resource. This is because arbitration does not take into account that the resource may be in a state that is inconsistent with that expected by the feature. We call this the initialisation problem. In this thesis we propose an approach to addressing the initialisation problem which combines arbitration with contingencies. Contingency means having several specifications per feature satisfying the same requirement, depending on the current resource state. We illustrate and validate our approach by applying it to resolving conflicts between features in smart home and automotive domains. The validation shows that contingencies complement arbitration by enabling satisfaction of the requirement of the feature that eventually gains access to a shared resource, regardless of the current state of the resource. The main contribution of this thesis is an approach to analysing initialisation concerns in feature composition. At the core of our approach is an explicit consideration of all possible states of a resource as potential initial states. Given each initial state we then derive corresponding specifications that would enable a feature to satisfy its requirement in those states. We show that our approach to initialisation problems is relevant to addressing the feature interaction problem by characterising some types of conflicts as initialisation concerns