An Incremental Process for the Development of Multi-agent Systems in Event-B

A multi-agent system is a group of software or hardware agents that cooperate or compete to achieve individual or shared goals. A method for developing a multi-agent system must be capable of modelling the concepts that are central to multi-agent systems. These concepts are identified in a review of Agent Oriented Software Engineering methodologies. The rigorous development of complex systems using formal methods can reduce the number of design faults. Event-B is a formal method for modelling and reasoning about reactive and distributed systems. There is currently no method that guides the developer specifically in the modelling of agent-based concepts in Event-B. The use of formal methods is seen by some developers as inaccessible. This thesis presents an Incremental Development Process for the development of multi-agent systems in Event-B. Development following the Incremental Development Process begins with the construction of informal models, based on agent concepts. The informal models relate system goals using a set of relationships. The developer is provided with guidance to construct formal Event-B models based on the informal design. The concepts that are central to multi-agent systems are captured in the Event-B models through the translation from the goal models. The Event-B models are refined and decomposed into specifications of roles that will be performed by the agents of the system. Two case studies illustrate how the Incremental Development Process can be applied to multi-agent systems. An additional aid to the developer presented in this thesis is a set of modelling patterns that provide fault-tolerance for Event-B models of interacting agents

An incremental process for the development of multi-agent systems in Event-B

A multi-agent system is a group of software or hardware agents that cooperate or compete to achieve individual or shared goals. A method for developing a multi-agent system must be capable of modelling the concepts that are central to multi-agent systems. These concepts are identified in a review of Agent Oriented Software Engineering methodologies. The rigorous development of complex systems using formal methods can reduce the number of design faults. Event-B is a formal method for modelling and reasoning about reactive and distributed systems. There is currently no method that guides the developer specifically in the modelling of agent-based concepts in Event-B. The use of formal methods is seen by some developers as inaccessible. This thesis presents an Incremental Development Process for the development of multi-agent systems in Event-B. Development following the Incremental Development Process begins with the construction of informal models, based on agent concepts. The informal models relate system goals using a set of relationships. The developer is provided with guidance to construct formal Event-B models based on the informal design. The concepts that are central to multi-agent systems are captured in the Event-B models through the translation from the goal models. The Event-B models are refined and decomposed into specifications of roles that will be performed by the agents of the system. Two case studies illustrate how the Incremental Development Process can be applied to multi-agent systems. An additional aid to the developer presented in this thesis is a set of modelling patterns that provide fault-tolerance for Event-B models of interacting agents.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Mixing Formal and Informal Model Elements for Tracing Requirements

Tracing between informal requirements and formal models is challenging. A method for such tracing should permit to deal efficiently with changes to both the requirements and the model. A particular challenge is posed by the persisting interplay of formal and informal elements. In this paper, we describe an incremental approach to requirements validation and systems modelling. Formal modelling facilitates a high degree of automation: it serves for validation and traceability. The foundation for our approach are requirements that are structured according to the WRSPM reference model. We provide a system for traceability with a state-based formal method that supports refinement. We do not require all specification elements to be modelled formally and support incremental incorporation of new specification elements into the formal model. Refinement is used to deal with larger amounts of requirements in a structured way. We provide a small example using Problem Frames and Event-B to demonstrate our approach

An incremental development of the Mondex system in Event-B

A development of the Mondex system was undertaken using Event-B and its associated proof tools. An incremental approach was used whereby the refinement between the abstract specification of the system and its detailed design was verified through a series of refinements. The consequence of this incremental approach was that we achieved a very high degree of automatic proof. The essential features of our development are outlined. We also present some modelling and proof guidelines that we found helped us gain a deep understanding of the system and achieve the high degree of automatic proo

Rodin: an open toolset for modelling and reasoning in Event-B

Event-B is a formal method for system-level modelling and analysis. Key features of Event-B are the use of set theory as a modelling notation, the use of refinement to represent systems at different abstraction levels and the use of mathematical proof to verify consistency between refinement levels. In this article we present the Rodin modelling tool that seamlessly integrates modelling and proving. We outline how the Event-B language was designed to facilitate proof and how the tool has been designed to support changes to models while minimising the impact of changes on existing proofs. We outline the important features of the prover architecture and explain how well-definedness is treated. The tool is extensible and configurable so that it can be adapted more easily to different application domains and development methods

An analysis of internal/external event ordering strategies for COTS distributed simulation

Distributed simulation is a technique that is used to link together several models so that they can work together (or interoperate) as a single model. The High Level Architecture (HLA) (IEEE 1516.2000) is the de facto standard that defines the technology for this interoperation. The creation of a distributed simulation of models developed in COTS Simulation Packages (CSPs) is of interest. The motivation is to attempt to reduce lead times of simulation projects by reusing models that have already been developed. This paper discusses one of the issues involved in distributed simulation with CSPs. This is the issue of synchronising data sent between models with the simulation of a model by a CSP, the so-called external/internal event ordering problem. The motivation is that the particular algorithm employed can represent a significant overhead on performance

Automatic Generation of Minimal Cut Sets

A cut set is a collection of component failure modes that could lead to a system failure. Cut Set Analysis (CSA) is applied to critical systems to identify and rank system vulnerabilities at design time. Model checking tools have been used to automate the generation of minimal cut sets but are generally based on checking reachability of system failure states. This paper describes a new approach to CSA using a Linear Temporal Logic (LTL) model checker called BT Analyser that supports the generation of multiple counterexamples. The approach enables a broader class of system failures to be analysed, by generalising from failure state formulae to failure behaviours expressed in LTL. The traditional approach to CSA using model checking requires the model or system failure to be modified, usually by hand, to eliminate already-discovered cut sets, and the model checker to be rerun, at each step. By contrast, the new approach works incrementally and fully automatically, thereby removing the tedious and error-prone manual process and resulting in significantly reduced computation time. This in turn enables larger models to be checked. Two different strategies for using BT Analyser for CSA are presented. There is generally no single best strategy for model checking: their relative efficiency depends on the model and property being analysed. Comparative results are given for the A320 hydraulics case study in the Behavior Tree modelling language.Comment: In Proceedings ESSS 2015, arXiv:1506.0325

Modelling SystemC scheduler by refinement

Systems on Chip, or shortly SoCs, and SoC architectures denote a challenging set of problems of specification, modelling techniques, security issues and structuring questions. Our methodology, for designing models of (SoC) system from requirements, leads to formally justify hints on the future architectural choices of that system; it is based on the B event-based method, which integrates the incremental development of models using a theorem prover to validate each step of development called refinement. The target system is generally expressed using a programming language notation like SystemC; the SystemC language is used by electronic designers to describe different parts of the system (hardware and software); SystemC constitutes a general framework for simulating and validating the design of the system under construction. The semantics of SystemC is based on its scheduling algorithm described in the language reference manual and we develop a B model of the scheduling. The B \textit{scheduling} model left unspecified parameters depending on the simulated SystemC program and those parameters are instantiated from the operational semantics of the developed SystemC program. By instantiation, we obtain a B abstract model of the simulated program and we can study properties of the SystemC program by simulation. B models are completely validated by the proof assistant of the event-B method. Finally, our models provide a sound framework for understanding the scheduling process