A teaching and support tool for building formal models of graphical user-interfaces

In this paper we propose the design of a tool that will allow the construction of a formal, textual description of a software system even if it has a graphical user-interface as a component. An important aspect of this design is that it can be used for two purposes-the teaching of first-order logic and the formal specification of graphical user-interfaces. The design has been suggested by considering a system that has already been very successful for teaching first-order logic, namely Tarski's World

Enhancing System Realisation in Formal Model Development

Software for mission-critical systems is sometimes analysed using formal specification to increase the chances of the system behaving as intended. When sufficient insights into the system have been obtained from the formal analysis, the formal specification is realised in the form of a software implementation. One way to realise the system's software is by automatically generating it from the formal specification -- a technique referred to as code generation. However, in general it is difficult to make guarantees about the correctness of the generated code -- especially while requiring automation of the steps involved in realising the formal specification. This PhD dissertation investigates ways to improve the automation of the steps involved in realising and validating a system based on a formal specification. The approach aims to develop properly designed software tools which support the integration of formal methods tools into the software development life cycle, and which leverage the formal specification in the subsequent validation of the system. The tools developed use a new code generation infrastructure that has been built as part of this PhD project and implemented in the Overture tool -- a formal methods tool that supports the Vienna Development Method. The development of the code generation infrastructure has involved the re-design of the software architecture of Overture. The new architecture brings forth the reuse and extensibility features of Overture to take into account the needs and requirements of software extensions targeting Overture. The tools developed in this PhD project have successfully supported three case studies from externally funded projects. The feedback received from the case study work has further helped improve the code generation infrastructure and the tools built using it

From RT-LOTOS to Time Petri Nets new foundations for a verification platform

The formal description technique RT-LOTOS has been selected as intermediate language to add formality to a real-time UML profile named TURTLE. For this sake, an RT-LOTOS verification platform has been developed for early detection of design errors in real-time system models. The paper discusses an extension of the platform by inclusion of verification tools developed for Time Petri Nets. The starting point is the definition of RT-LOTOS to TPN translation patterns. In particular, we introduce the concept of components embedding Time Petri Nets. The translation patterns are implemented in a prototype tool which takes as input an RT-LOTOS specification and outputs a TPN in the format admitted by the TINA tool. The efficiency of the proposed solution has been demonstrated on various case studies

Monitoring-Oriented Programming: A Tool-Supported Methodology for Higher Quality Object-Oriented Software

This paper presents a tool-supported methodological paradigm for object-oriented software development, called monitoring-oriented programming and abbreviated MOP, in which runtime monitoring is a basic software design principle. The general idea underlying MOP is that software developers insert specifications in their code via annotations. Actual monitoring code is automatically synthesized from these annotations before compilation and integrated at appropriate places in the program, according to user-defined configuration attributes. This way, the specification is checked at runtime against the implementation. Moreover, violations and/or validations of specifications can trigger user-defined code at any points in the program, in particular recovery code, outputting or sending messages, or raising exceptions. The MOP paradigm does not promote or enforce any specific formalism to specify requirements: it allows the users to plug-in their favorite or domain-specific specification formalisms via logic plug-in modules. There are two major technical challenges that MOP supporting tools unavoidably face: monitor synthesis and monitor integration. The former is heavily dependent on the specification formalism and comes as part of the corresponding logic plug-in, while the latter is uniform for all specification formalisms and depends only on the target programming language. An experimental prototype tool, called Java-MOP, is also discussed, which currently supports most but not all of the desired MOP features. MOP aims at reducing the gap between formal specification and implementation, by integrating the two and allowing them together to form a system

AsmetaF: A Flattener for the ASMETA Framework

Abstract State Machines (ASMs) have shown to be a suitable high-level specification method for complex, even industrial, systems; the ASMETA framework, supporting several validation and verification activities on ASM models, is an example of a formal integrated development environment. Although ASMs allow modeling complex systems in a rather concise way -and this is advantageous for specification purposes-, such concise notation is in general a problem for verification activities as model checking and theorem proving that rely on tools accepting simpler notations. In this paper, we propose a flattener tool integrated in the ASMETA framework that transforms a general ASM model in a flattened model constituted only of update, parallel, and conditional rules; such model is easier to map to notations of verification tools. Experiments show the effect of applying the tool to some representative case studies of the ASMETA repository.Comment: In Proceedings F-IDE 2018, arXiv:1811.09014. The first two authors are supported by ERATO HASUO Metamathematics for Systems Design Project (No. JPMJER1603), JST. Funding Reference number: 10.13039/501100009024 ERAT

EB2C : A Tool for Event-B to C Conversion Support

Poster and Tool Demo submission, and published in a CNR Technical Report.International audienceTo use of formal model effectively in formal method based development process, it is highly desirable that the formal specification be converted to C code, a de facto standard in many industrial application domains, such as medical, avionics and automotive control. In this paper we present the design methodology of a tool that translates an Event-B formal specification to equivalent C code with proper correctness assurance

Formal Specification Driven Development

This paper researches a quantitative metric of investigating Formal Specification-Driven Development (FSDD). Formal specification is needed at the beginning of the development process to prevent ambiguity and to improve the quality through corrections of errors found in the late phases of a traditional design process, Software Development Life Cycle (SDLC). The research is conducted with capstone students using both the FSDD and the SDLC (traditional) models and a quantitative analysis is presented to evaluate the internal quality of the software. The tool used to measure the internal quality is the .NET 2013 analysis tool. Formal Specification-Driven Development (FSDD) is a new approach in which formal specification is used and functional units of code are incrementally written and tested prior to the code implementation. In the research, there is a comparative study of Formal Specification-Driven Development with the traditional model. This research realized the promising attributes of Formal Specification Driven Development. It promotes the incorporation of FSDD in the software development process. FSDD is radically different from the traditional ways of developing software. In the traditional software development model (SDLC), the tests are written after code implementation. In FSDD the test occurs during development. This model is more of a programmer’s process. This study is the first complete evaluation of how FSDD affects software development and internal design quality. The study was carried out with students in a Software Engineering Capstone class. The research included a semester-long project to develop a ticketing system. This research demonstrated that software developers applying Formal Specification-Driven Development (FSDD) approach are likely to improve some software quality aspects compared to Software Development Life Cycle (FSDD) approach. In particular this research has shown significant differences in the areas of code complexity and size statistically. The differences in internal quality can considerably improve the external software quality, software maintainability, software understandability, and software re-usability. The research establishes a standard for future studies. It focused mainly on the software process. This research is going to raise awareness of FSDD as a new software development approach to explore further

Congruent weak conformance

Journal ArticleCongruent weak conformance is a property between formal models capturing the desired relationship between a specification and its implementation by allowing unused and redundant circuitry and tolerating unspec4jied behavior in the unreachable state space. By providing greater flexibility in design than previous properties, U becomes a useful tool to validate transformational systems, such as logic synthesis and hardware description language translation systems