208 research outputs found

    Quantifying the Similarity of BPMN Processes

    Get PDF
    International audienceBusiness Process Model and Notation (BPMN) is a graphical modelling language for specifying business processes. Among the open issues existing in the business process development, one of them aims at providing techniques for comparing two versions of a process model. Comparing processes is useful for tackling several problems such as process reconfiguration or evolution, process harmonization or effective search. In this paper, we propose two measures of similarity between two versions of a BPMN process. The first one relies on the syntactic descriptions of the two processes considered as input, whereas the second one focuses on their semantic models. These two measures are complementary and allows users to better understand the differences and similarities between the two processes. Our approach is fully automated by several tools we reused or implemented for this work

    Compositional Verification of Priority Systems using Sharp Bisimulation

    Get PDF
    Sharp bisimulation is a refinement of divergence-preserving branching (a.k.a. divbranching) bisimulation, parameterized by a subset of the system's actions, called strong actions. This parameterization allows the sharp bisimulation to be tailored by the property under verification, whichever property of the modal µ-calculus is considered, while potentially reducing more than strong bisimulation. Sharp bisimulation equivalence is a congruence for parallel composition and other process algebraic operators such as hide, cut, and rename, and hence can be used in a compositional verification setting. In this paper, we prove that sharp bisimulation equivalence is also a congruence for action priority operators under some conditions on strong actions. We compare sharp bisimulation with orthogonal bisimulation, whose equivalence is also a congruence for action priority. We show that, if the internal action τ neither yield priority to nor take priority over other actions, then the quotient of a system with respect to sharp bisimulation equivalence (called sharp minimization) cannot be larger than the quotient of the same system with respect to orthogonal bisimulation equivalence. We then describe a signature-based partition refinement algorithm for sharp minimization, implemented in the BCG MIN tool of the CADP software toolbox. This algorithm can be adapted to implement orthogonal minimization. We show on a crafted example that using compositional sharp minimization may yield state space reductions that outperform compositional orthogonal minimization by several orders of magnitude. Finally, we illustrate the use of sharp minimization and priority to verify a bully leader election algorithm

    Quantifying the Similarity of Non-bisimilar Labelled Transition Systems

    Get PDF
    International audienceEquivalence checking is an established technique for automatically verifying that two behavioural models (Labelled Transition Systems, LTSs) are equivalent from the point of view of an external observer. When these models are not equivalent, the checker returns a Boolean result with a counterexample, which is a sequence of actions leading to a state where the equivalence relation is not satisfied. However, this counterexample does not give any indication of how far the two LTSs are one from another. One can wonder whether they are almost identical or totally different, which is quite different from a design or debugging point of view. In this paper, we present an approach for measuring the similarity between two LTS models. The set of metrics is computed automatically using a tool we implemented. Beyond presenting the foundations of the proposed solution, we will show how it can be applied to two concrete application domains for supporting the construction of IoT applications on the one hand and for contributing to the process model matching problem on the other

    Processos da engenharia de requisitos no contexto de internet das coisas (IoT) e técnicas de validação de requisitos

    Get PDF
    Trabalho de conclusão de curso (graduação)—Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2021.A Internet das Coisas possibilitou um engrandecimento nas possibilidades de automação e de facilitação do cotidiano das pessoas. Desde automação residencial até a edifícios inteligentes, o aumento da popularidade da IoT traz um desafio para o desenvolvimento de software e a engenharia de requisitos. Desenvolvedores e empresas não estão familiarizados com os processos e técnicas de validação de requisitos existentes no contexto de sistema IoT. Por conta disso, possíveis falhas de projeto e retrabalhos durante o desenvolvimento de software são problemas a serem considerados pelas equipes de desenvolvimento. O objetivo desse artigo é investigar na literatura os processos de engenharia de requisitos no contexto de IoT e as técnicas de validação de requisitos utilizadas. Além disso, apresentar um guia para apoiar as equipes de desenvolvimento de software a ter acesso fácil aos processos e técnicas propostas na literatura para este contexto. Nós realizamos um survey com os practitioners da indústria para investigar se eles usam e conhecem os processos e técnicas identificadas na literatura. Nossos achados revelam que a técnica mais utilizada pelos practitioners para realizar a especificação de requisitos são as reuniões com as partes interessadas e brainstorming e para validar requisitos são utilizados os protótipos e casos de uso.The Internet of Things made possible an increase in the possibilities of automation and facilitation of people’s daily lives. From home automation to smart buildings, the rise in IoT’s popularity brings a challenge to software development and requirements engineering. Developers and companies are not familiar with the requirements validation processes and techniques that exist in the context of an IoT system. Therefore, possible project failures and rework during software development are issues to be considered by development teams. The aim of this article is to investigate the requirements engineering processes in the IoT context and the requirements validation techniques used in the literature. Also, present a guide to support software development teams to have easy access to the processes and techniques proposed in the literature for this context. We conducted a survey of industry practitioners to investigate whether they use and know the processes and techniques identified in the literature. Our findings reveal that the technique most used by practitioners to perform requirements specification are stakeholders meeting and brainstorming and to validate requirements are prototypes and use cases

    Is CADP an Applicable Formal Method?

    Get PDF
    International audienceCADP is a comprehensive toolbox implementing results of concurrency theory. This paper addresses the question, whether CADP qualifies as an applicable formal method, based on the experience of the authors and feedback reported by users

    Técnicas para realizar a validação de requisitos no contexto de internet das coisas (IoT)

    Get PDF
    Trabalho de conclusão de curso (graduação) — Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2021.A internet das coisas vem ocupando um espaço cada vez maior em equipes de desenvolvi mento de software e na sociedade. O nível de aplicação da IoT é abrangente. Tráfego de pessoas, casas inteligentes, ambientes otimizados e gestão de água/energia são alguns dos exemplos da sua aplicabilidade. Nesse universo de possibilidades, desenvolvedores e empresas de tecnologia devem estar preparados para adaptar seus projetos e absorver essa tecnologia em expansão. Como essa tecnologia é recente, falhas de projeto e retrabalho acontecem com frequência e dificultam o desenvolvimento de produtos de alta qualidade atualmente. O objetivo deste trabalho é identificar por meio de uma pesquisa explo ratória, processos e técnicas de validação, voltadas ao contexto da internet das coisas. Além disso, investigamos a percepção dos desenvolvedores de software IoT sobre as suas atividades relacionadas a Engenharia de Requisitos em seus projetos. A percepção dos profissionais foi coletada através de entrevistas onde eles relataram as dificuldades e de safios que enfrentam durante suas atividades diárias. Foram encontrados 22 processos e 9 técnicas de validação para o contexto de IoT na literatura. A partir das entrevistas, foi possível perceber que stakeholders de projetos IoT não utilizam um processo formal de engenharia de requisitos. Normalmente, são utilizadas técnicas distintas como reuniões e diagramas, sempre com base na demanda e na necessidade do projeto. Apesar dos profissionais e stakeholders acharem importante a Engenharia de Requisitos, a adesão à processos e técnicas voltadas a IoT não é unânime devido a curva de aprendizado para adotar novos métodos e a falta de maleabilidade nos processos durante o desenvolvimento de software.Internet of things occupies more and more space in development teams and in society in general. The applicability that IoT covers is huge. Smart houses, water/energy consup tion, traffic management and smart buildings are some examples of what has been made in this context. In this vast universe of possibilities, developers and tech companies need to be prepared and adapt their projects to cover it. With that in mind, failures/reworks in projects happens more easily and makes it more difficult to produce high standards products. The objective of this paper is to identify, based on a exploratory research, processes and validation techniques in IoT context. Furthermore, this work investigates the professionals‘ perception in their activities with requirenment engineering in IoT projects. Their reports were collected through interviews so they could explain the difficulties and problems that arise in their daily work. In total, 22 processes and 9 validation techniques has been found in literature. From the interviews, it had been realized that stakeholders don´t use formal processes in their IoT projects. Usually, single techniques are used, like reunions and diagramans, to handle the requirements engineering.The stakeholders implement these methods based on the demand and size of the project. Although stakeholders thinks that RE is a important part inside a project, the use of processes and techniques for IoT development isn´t unanimous due to the learning curve to adopt such methods and the lack of flexibility in these processes during the development phase

    Une approche sémantique de détection de maliciel Android basée sur la vérification de modèles et l'apprentissage automatique

    Get PDF
    Le nombre croissant de logiciels malveillants Android s’accompagne d’une préoccupation profonde liée aux problèmes de la sécurité des terminaux mobiles. Les enjeux deviennent sans conteste de plus en plus importants, suscitant ainsi beaucoup d’attention de la part de la communauté des chercheurs. En outre, la prolifération des logiciels malveillants va de pair avec la sophistication et la complexité de ces derniers. En effet, les logiciels malveillants plus élaborés, tels que les maliciels polymorphes et métamorphiques, utilisent des techniques d’obscurcissement du code pour créer de nouvelles variantes qui préservent la sémantique du code original tout en modifiant sa syntaxe, échappant ainsi aux méthodes de détection usuelles. L’ambition de notre recherche est la proposition d’une approche utilisant les méthodes formelles et l’apprentissage automatique pour la détection des maliciels sur la plateforme Android. L’approche adoptée combine l’analyse statique et l’apprentissage automatique. En effet, à partir des applications Android en format APK, nous visons l’extraction d’un modèle décrivant de manière non ambiguë le comportement de ces dernières. Le langage de spécification formelle choisi est LNT. En se basant sur le modèle généré, les comportements malicieux exprimés en logique temporelle sont vérifiés à l’aide d’un vérificateur de modèle. Ces propriétés temporelles sont utilisées comme caractéristiques par un algorithme d’apprentissage automatique pour classifier les applications Android.The ever-increasing number of Android malware is accompanied by a deep concern about security issues in the mobile ecosystem. Unquestionably, Android malware detection has received much attention in the research community and therefore it becomes a crucial aspect of software security. Actually, malware proliferation goes hand in hand with the sophistication and complexity of malware. To illustrate, more elaborated malware like polymorphic and metamorphic malware, make use of code obfuscation techniques to build new variants that preserve the semantics of the original code but modify it’s syntax and thus escape the usual detection methods. In the present work, we propose a model-checking based approach that combines static analysis and machine learning. Mainly, from a given Android application we extract an abstract model expressed in terms of LNT, a process algebra language. Afterwards, security related Android behaviours specified by temporal logic formulas are checked against this model, the satisfaction of a specific formula is considered as a feature, finally machine learning algorithms are used to classify the application as malicious or not
    • …
    corecore