Requirements analysis of the VoD application using the tools in TRADE

This report contains a specification of requirements for a video-on-demand (VoD) application developed at Belgacom, used as a trial application in the 2RARE project. The specification contains three parts: an informal specification in natural language; a semiformal specification consisting of a number of diagrams intended to illustrate the informal specification; and a formal specification that makes the requiremants on the desired software system precise. The informal specification is structured in such a way that it resembles official specification documents conforming to standards such as that of IEEE or ESA. The semiformal specification uses some of the tools in from a requirements engineering toolkit called TRADE (Toolkit for Requirements And Design Engineering). The purpose of TRADE is to combine the best ideas in current structured and object-oriented analysis and design methods within a traditional systems engineering framework. In the case of the VoD system, the systems engineering framework is useful because it provides techniques for allocation and flowdown of system functions to components. TRADE consists of semiformal techniques taken from structured and object-oriented analysis as well as a formal specification langyage, which provides constructs that correspond to the semiformal constructs. The formal specification used in TRADE is LCM (Language for Conceptual Modeling), which is a syntactically sugared version of order-sorted dynamic logic with equality. The purpose of this report is to illustrate and validate the TRADE/LCM approach in the specification of distributed, communication-intensive systems

Refinement and verification of concurrent systems specified in Object-Z and CSP

The formal development of large or complex systems can often be facilitated by the use of more than one formal specification language. Such a combination of languages is particularly suited to the specification of concurrent or distributed systems, where both the modelling of processes and state is necessary. This paper presents an approach to refinement and verification of specifications written using a combination of Object-Z and CSP. A common semantic basis for the two languages enables a unified method of refinement to be used, based upon CSP refinement. To enable state-based techniques to be used for the Object-Z components of a specification we develop state-based refinement relations which are sound and complete with respect to CSP refinement. In addition, a verification method for static and dynamic properties is presented. The method allows us to verify properties of the CSP system specification in terms of its component Object-Z classes by using the laws of the CSP operators together with the logic for Object-Z

Formal specification techniques in object-oriented analysis: a comparative view.

During the last decade, object orientation has been advanced as a promising paradigm for software construction. In addition several authors have advocated the use of formal specification techniques during software development. Formal methods enable reasoning (in a mathematical sense) about properties of programs and systems. It is clear that also object oriented software development can benefit from the use of formal techniques.But although the object oriented analysis (OOA) methods claim to provide the necessary concepts and tools to improve the quality of software development, they are in general informal. This is surprising as the modeling techniques used in OOA have a high potential for formalization. The purpose of this study is to compare the specification techniques used in current OOA-methods. In particular, the degree of formality provided by most of the methods is discussed and evaluated from a quality control perspective.Software; Methods; Programs; Systems; Studies; Quality control;

Validating specifications of dynamic systems using automated reasoning techniques

In this paper, we propose a new approach to validating formal specifications of observable behavior of discrete dynamic systems. By observable behavior we mean system behavior as observed by users or other systems in the environment of the system. Validation of a formal specification of an informal domain tries to answer the question whether the specification actually describes the intended domain. This differs from the verification problem, which deals with the correspondence between formal objects, e.g. between a formal specification of a system and an implementation of it. We consider formal specifications of object-oriented dynamic systems that are subject to static and dynamic integrity constraints. To validate that such a specification expresses the intended behavior, we propose to use a tool that can answer reachability queries. In a reachability query we ask whether the system can evolve from one state into another without violating the integrity constraints. If the query is answered positively, the system should exhibit an example path between the states; if the answer is negative, the system should explain why this is so. An example path produced by the tool can be used to produce scenarios for presentations of system behavior, but can also be used as a basis for acceptance testing. In this paper, we discuss the use of planning and theoremproving techniques to answer such queries, and illustrate the use of reachability queries in the context of information system development

Specification and Animation of Reactive Systems

SOLVE (Specification using an Object-based, LOTOS-defined, Visual language) is designed to allow formal requirements capture, particularly for reactive systems. The SOLVE language is object-based, and formally defined using LOTOS (Language Of Temporal Ordering Specification). SOLVE is supported by tools that allow direct visual animation of systems specified in this language. Animation is supported by translating a SOLVE specification automatically into a LOTOS specification, and then graphically simulating this. A further application is embodied in the XDILL tool that supports requirements specification and visual animation of digital logic circuits. Several illustrative SOLVE examples are given

An Object-Based Approach to Modelling and Analysis of Failure Properties

In protection systems, when traditional technology is replaced by software, the functionality and complexity of the system is likely to increase. The quantitative evidence normally provided for safety certification of traditional systems cannot be relied upon in software-based systems. Instead there is a need to provide qualitative evidence. As a basis for the required qualitative evidence, we propose an object-based approach that allows modelling of both the application and software domains. From the object class model of a system and a formal specification of the failure properties of its components, we generate a graph of failure propagation over object classes, which is then used to generate a graph in terms of object instances in order to conduct fault tree analysis. The model is validated by comparing the resulting minimal cut sets with those obtained from the fault tree analysis of the original system. The approach is illustrated on a case study based on a protection system from..

Engineering telecommunication services with SDL

If formal techniques are to be more widely accepted then they should evolve as current software engineering approaches evolve. Current techniques in the development of distributed systems use interface definition languages (IDLs) as a basis for the underlying communication and also as an abstraction tool. Object-oriented technologies [6] and the idea of engineering software through frameworks [5] are also widely accepted approaches in developing software. In this paper we show how the formal specification language SDL and associated tool support have been applied in the TOSCA1 project to engineer telecommunication services using these current techniques

A Formal Methodology for the Specification of Distributed Systems From an Object Perspective.

Distributed computing systems are systems in which multiple processors run independently by communicating with each other. The design of distributed systems is difficult to achieve as the execution patterns of distributed system are typically more complex than those of non-distributed computing systems. The application of object-oriented techniques to the design of distributed systems has the potential to increase the power of modeling and computing. A formal methodology which includes a specification language, developed from an object perspective, for the development of distributed systems is presented. The formal specification language, DOSL (Distributed Object-based Specification Language), represents the specification of distributed systems from an object perspective. DOSL has a hybrid format which combines the property-oriented approach and the model-oriented approach. In particular, it has strong features for message passing specification. The semantics of DOSL is defined formally by two operational semantics methods: transition systems and Petri nets. In addition, a formal object-based methodology for the specification of distributed systems is given. The methodology presents a framework for using the DOSL specification language and includes an integrated formalized method for identification of objects, their operations and behaviors from multiple modeling formats. The implementation of the methodology is supported by assistance with a knowledge base

cmUML - A UML based framework for formal specification of concurrent, reactive systems

Complex software systems possess concurrent and reactive behaviors requiring precise specifications prior to development. Lamport's transition axiom method is a formal specification method which combines axiomatic and operational approaches. On the other hand Unified Modeling Language (UML), a de facto industry standard visual language, lacks suitable constructs and semantics regarding concurrency aspects. Though UML includes action semantics, its higher level constructs and object semantics are inconsistent. Motivated by Lamport's approach, this paper proposes a UML based specification framework 'cmUML' ('cm' for concurrent modules) for formal specification of concurrent, reactive systems without object level diagrams and OCL. The framework integrates higher level diagrams of UML and addresses various concurrency issues including exception handling. It combines UML-RT and UML// SPT profile as the latter defines a core package for concurrency and causality. Further the framework includes the characteristic safety and liveness aspects of concurrent systems. The proposed framework is in contrast with existing approaches based on low level primitives (semaphore, monitors). The paper includes several specification examples validating the proposed framework

Visual animation of LOTOS using SOLVE (extended version)

SOLVE (Specification using an Object-based, LOTOS-defined, Visual language) is designed to allow formal requirements capture, particularly for interactive systems. The SOLVE language is object-based, and formally defined using LOTOS (Language Of Temporal Ordering Specification). SOLVE is also a set of software tools that allow direct visual animation of systems specified in this language. Communicating objects control onscreen icons that can be manipulated directly by the user. Animation is supported by translating a SOLVE specification automatically into a LOTOS specification, and then simulating this using standard LOTOS tools. A VCR (Video Cassette Recorder) clock controller is used to illustrate the SOLVE approach. A further application is embodied in the XDILL tool that supports requirements specification and animation of digital logic circuits. The architecture of the SOLVE toolset is described