Explicit connection actions in multiparty session types

This work extends asynchronous multiparty session types (MPST) with explicit connection actions to support protocols with op- tional and dynamic participants. The actions by which endpoints are connected and disconnected are a key element of real-world protocols that is not treated in existing MPST works. In addition, the use cases motivating explicit connections often require a more relaxed form of mul- tiparty choice: these extensions do not satisfy the conservative restric- tions used to ensure safety in standard syntactic MPST. Instead, we de- velop a modelling-based approach to validate MPST safety and progress for these enriched protocols. We present a toolchain implementation, for distributed programming based on our extended MPST in Java, and a core formalism, demonstrating the soundness of our approach. We discuss key implementation issues related to the proposed extensions: a practi- cal treatment of choice subtyping for MPST progress, and multiparty correlation of dynamic binary connections

MPLM -- MaTeLo Product Line Manager

International audienceThe diversity of requirements elicited from different customers leads to the development of many variants. Furthermore, compliance with safety standards as mandated for safety-critical systems requires high test efforts for each variant. Model-based testing aims to reduce test efforts by automatically generating test cases from test models. In this paper, we introduce variability management to usage models, a widely used model-based testing formalism. We present an approach that allows to derive usage model variants from a desired set of features and thus generate test cases for each variant. The approach is integrated in the industrial model-based testing tool chain MaTeLo and exemplified using an industrial case study from the aerospace domain

Toward a Formalism for Conservative Claims about the Dependability of Software-Based Systems

In recent work, we have argued for a formal treatment of confidence about the claims made in dependability cases for software-based systems. The key idea underlying this work is "the inevitability of uncertainty": It is rarely possible to assert that a claim about safety or reliability is true with certainty. Much of this uncertainty is epistemic in nature, so it seems inevitable that expert judgment will continue to play an important role in dependability cases. Here, we consider a simple case where an expert makes a claim about the probability of failure on demand (pfd) of a subsystem of a wider system and is able to express his confidence about that claim probabilistically. An important, but difficult, problem then is how such subsystem (claim, confidence) pairs can be propagated through a dependability case for a wider system, of which the subsystems are components. An informal way forward is to justify, at high confidence, a strong claim, and then, conservatively, only claim something much weaker: "I'm 99 percent confident that the pfd is less than 10-5, so it's reasonable to be 100 percent confident that it is less than 10-3." These conservative pfds of subsystems can then be propagated simply through the dependability case of the wider system. In this paper, we provide formal support for such reasoning

Formalism and judgement in assurance cases

This position paper deals with the tension between the desire for sound and auditable assurance cases and the current ubiquitous reliance on expert judgement. I believe that the use of expert judgement, though inevitable, needs to be much more cautious and disciplined than it usually is. The idea of assurance “cases ” owes its appeal to an awareness that all too often critical decisions are made in ways that are difficult to justify or even to explain, leaving the doubt (for the decision makers as well as other interested parties) that the decision may be unsound. By building a well-structured “case ” we would wish to allow proper scrutiny of the evidence and assumptions used, and of the arguments that link them to support a decision. A

A Visual Formalism for Interacting Systems

Interacting systems are increasingly common. Many examples pervade our everyday lives: automobiles, aircraft, defense systems, telephone switching systems, financial systems, national governments, and so on. Closer to computer science, embedded systems and Systems of Systems are further examples of interacting systems. Common to all of these is that some "whole" is made up of constituent parts, and these parts interact with each other. By design, these interactions are intentional, but it is the unintended interactions that are problematic. The Systems of Systems literature uses the terms "constituent systems" and "constituents" to refer to systems that interact with each other. That practice is followed here. This paper presents a visual formalism, Swim Lane Event-Driven Petri Nets, that is proposed as a basis for Model-Based Testing (MBT) of interacting systems. In the absence of available tools, this model can only support the offline form of Model-Based Testing.Comment: In Proceedings MBT 2015, arXiv:1504.0192