HAL/SM system functional design specification

The functional design of a preprocessor, and subsystems is described. A structure chart and a data flow diagram are included for each subsystem. Also a group of intermodule interface definitions (one definition per module) is included immediately following the structure chart and data flow for a particular subsystem. Each of these intermodule interface definitions consists of the identification of the module, the function the module is to perform, the identification and definition of parameter interfaces to the module, and any design notes associated with the module. Also described are compilers and computer libraries

On the Modular Specification of NFPs: A Case Study

The modular specification of non-functional properties of systems is a current challenge of Software Engineering, for which no clear solution exists. However, in the case of Domain-Specific Languages some successful proposals are starting to emerge, combining model-driven techniques with aspect-weaving mechanisms. In this paper we show one of these approaches in practice, and present the implementation we have developed to fully support it. We apply our approach for the specification and monitoring of non-functional properties using observers to a case study, illustrating how generic observers defining non-functional properties can be defined in an independent manner. Then, correspondences between these observers and the domain-specific model of the system can be established, and then weaved into a unified system specification using ATL model transformation. Such a unified specification can also be analyzed in a natural way to obtain the required non-functional properties of the system.This work is partially funded by Research Projects TIN2011-23795 and TIN2011-15497-E

Extending stream X-machines to specify and test systems with timeouts

Stream X-machines are a kind of extended finite state machine used to specify real systems where communication between the components is modeled by using a shared memory.In this paper we introduce an extension of the Stream X-machines formalism in order to specify delays/timeouts.The time spent by a system waiting for the environment to react has the capability of affecting the set of available outputs of the system. So, a relation focusing on functional aspects must explicitly take into account the possible timeouts.We also propose a formal testing methodology allowing to systematically test a system with respect to a specification. Finally, we introduce a test derivation algorithm. Given a specification, the derived test suite is sound and complete, that is, a system under test successfully passes the test suite if and only if this system conforms to the specification

Redevelopment of an industrial case study using Event-B and Rodin

CDIS is a commercial air traffic information system that was developed using formal methods 15 years ago by Praxis, and it is still in operation today. This system is an example of an industrial scale system that has been developed using formal methods. In particular, the functional requirements of the system were specified using VVSL -- a variant of VDM. A subset of the original specification has been chosen to be reconstructed on the Rodin platform based on the new Event-B formalism. The goal of our reconstruction was to overcome three key difficulties of the original formalisation, namely the difficulty of comprehending the original specification, the lack of any mechanical proof of the consistency of the specification and the difficulty of dealing with distribution and atomicity refinement. In this paper we elucidate how a new formal notation and tool can help to overcome these difficulties

Development of a Space Vehicle Electromagnetic Interference/compatibility Specification. Volume 3 - System Specification

This specification represents a new approach to controlling electromagnetic interference. In this approach the system integration contractor will be responsible for the development of discrete specification limits to be utilized on the program to which this specification is applied. The specification limits imposed upon subsystem contractors will be developed by the use of a computer program, available from the procuring agency, which is designed to consider the total system electromagnetic environment in the computation of these limits. The integration contractor will be required to mathematically model those circuits which represent required emitters and receptors of electromagnetic energy on the space vehicle. There are contained herein, a list of available computer models into which must be inserted particular parameters of the spacecraft subsystems. These functional models, when inserted into the computer program, will develop discrete specification limits based upon the requirements of the particular system modelled

Hardware proofs using EHDM and the RSRE verification methodology

Examined is a methodology for hardware verification developed by Royal Signals and Radar Establishment (RSRE) in the context of the SRI International's Enhanced Hierarchical Design Methodology (EHDM) specification/verification system. The methodology utilizes a four-level specification hierarchy with the following levels: functional level, finite automata model, block model, and circuit level. The properties of a level are proved as theorems in the level below it. This methodology is applied to a 6-bit counter problem and is critically examined. The specifications are written in EHDM's specification language, Extended Special, and the proofs are improving both the RSRE methodology and the EHDM system