The TASTE Toolset: turning human designed heterogeneous systems into computer built homogeneous software.

The TASTE tool-set results from spin-off studies of the ASSERT project, which started in 2004 with the objective to propose innovative and pragmatic solutions to develop real-time software. One of the primary targets was satellite flight software, but it appeared quickly that their characteristics were shared among various embedded systems. The solutions that we developed now comprise a process and several tools ; the development process is based on the idea that real-time, embedded systems are heterogeneous by nature and that a unique UML-like language was not helping neither their construction, nor their validation. Rather than inventing yet another "ultimate" language, TASTE makes the link between existing and mature technologies such as Simulink, SDL, ASN.1, C, Ada, and generates complete, homogeneous software-based systems that one can straightforwardly download and execute on a physical target. Our current prototype is moving toward a marketed product, and sequel studies are already in place to support, among others, FPGA systems

Describing Layered Communication Architecture in SDL Markup Language

Using Specification and Description Language (SDL) as a formal language for specification of requirements for the complex, real-time and distributed systems involving many concurrent activities, we have come to the idea of making the language independent of platforms and operating systems which may use it. Shortly, we have developed markup version of the SDL language, and named it SDL Markup Language. It is an XML-based version of the SDL-PR (Phrase Representation), an SDL textual notation. We use the language to specify the complex communications protocols, which are used in wide range of layered architectures. We provide the specification from the INRES protocol in SDL-ML

Message sequence charts in the software engineering process

The software development process benefits from the use of Message Sequence Charts (MSC), which is a graphical language for displyaing the interaction behaviour of a system. We describe canonical applications of MSC independent of any software development methodology. We illustrate the use of MSC with a case study: the Meeting Scheduler

Model Driven Communication Protocol Engineering and Simulation based Performance Analysis using UML 2.0

The automated functional and performance analysis of communication systems specified with some Formal Description Technique has long been the goal of telecommunication engineers. In the past SDL and Petri nets have been the most popular FDTs for the purpose. With the growth in popularity of UML the most obvious question to ask is whether one can translate one or more UML diagrams describing a system to a performance model. Until the advent of UML 2.0, that has been an impossible task since the semantics were not clear. Even though the UML semantics are still not clear for the purpose, with UML 2.0 now released and using ITU recommendation Z.109, we describe in this dissertation a methodology and tool called proSPEX (protocol Software Performance Engineering using XMI), for the design and performance analysis of communication protocols specified with UML. Our first consideration in the development of our methodology was to identify the roles of UML 2.0 diagrams in the performance modelling process. In addition, questions regarding the specification of non-functional duration contraints, or temporal aspects, were considered. We developed a semantic time model with which a lack of means of specifying communication delay and processing times in the language are addressed. Environmental characteristics such as channel bandwidth and buffer space can be specified and realistic assumptions are made regarding time and signal transfer. With proSPEX we aimed to integrate a commercial UML 2.0 model editing tool and a discrete-event simulation library. Such an approach has been advocated as being necessary in order to develop a closer integration of performance engineering with formal design and implementation methodologies. In order to realize the integration we firstly identified a suitable simulation library and then extended the library with features required to represent high-level SDL abstractions, such as extended finite state machines (EFSM) and signal addressing. In implementing proSPEX we filtered the XML output of our editor and used text templates for code generation. The filtering of the XML output and the need to extend our simulation library with EFSM abstractions was found to be significant implementation challenges. Lastly, in order to to illustrate the utility of proSPEX we conducted a performance analysis case-study in which the efficient short remote operations (ESRO) protocol is used in a wireless e-commerce scenario

Message sequence chart specifications with cross verification

Current software specification verification methods are usually performed within the context of the specification method. There is little cross verification, pitting one type of specification against another, taking place. The most common techniques involve syntax checks across specifications or doing specification transformations and running verification within the new context. Since viewpoints of a system are different even within programming teams we concentrate on producing an efficient way to run cross verification on specifications, particularly specifications written with Message Sequence Charts and State Transition Diagrams.;In this work an algorithm is proposed in which all conditional MSCs are transformed into an algebraic representations, Message Flow Graphs and by stepwise refinement, a Global State Transition Graph is created. This GSTG has all the properties of a State Transition Diagram and therefore can be analyzed in conjunction with the original STD

Formal Methods for Communication Services

We survey formal methods as they are applied to the development of communication services. We report on industrial and academic projects, consider different communication architectures and work related to the feature interaction problem. Based on our survey, the results reported in the literature and most importantly, on extensive discussions with industry, we investigate important industrial concerns and criticisms about the use of formal methods for the development of communication services. We report on a collaborative project between the Swiss Federal Institute of Technology in Lausanne, Swisscom, Alcatel and Thomson in which these industrial concerns have been taken into account from the very beginning. The results of this project are currently being integrated into an industrial software development platform

A verification concept for SDL systems and its application to the Abracadabra protocol

SDL is a specification language to specify distributed systems. Especially it is suitable for communication protocols. In some cases however it is not enough to describe just the behaviour of a protocol, but there are formulated some additional properties as requirements of the SDL system. A formalism convenient to describe them is for example first order logic. Our approach is to prove such properties with methods of automated reasoning after transforming the SDL specification into a first order logic specification. The proofs are done with the program verification system Tatzelwurm, especially with its prover. Practical experience shows that it is convenient to do a proof in two steps. In the first step the behaviour of the system is calculated out of the behaviour of the agents. The proofs of this step is independent of the property to prove. In this report we give a proof methods containing instructions how the arguments are applied during these proofs. It is shown how reachability analysis is done during a formal proof and how fairness arguments are applied. The report contains two papers, where the first one describes the formal basis of the method and shows the proof obligations occurring verifying a communication protocol. The second paper shows how some tedious tasks can be done more elegant using rewrite rules and recursive equations. In the appendix we give two examples out of the verification of the Abracadabra Protocol