Model checking object-Z using ASM

A major problem with creating tools for Object-Z is that its high-level abstractions are difficult to deal with directly. Integrating Object-Z with a more concrete notation is a sound strategy. With this in mind, in this paper we introduce an approach to model-checking Object-Z specifications based on first integrating Object-Z with the Abstract State Machine (ASM) notation to get the notation OZ-ASM. We show that this notation can be readily translated into the specification language ASM-SL, a language that can be automatically translated into the language of the temporal logic model checker SMV

Supporting Abstraction when Model Checking ASM

Model checking as a method for automatic tool support for verification highly stimulates industry's interests. It is limited, however, with respect to the size of the systems' state space. In earlier work, we developed an interface between the ASM Workbench and the SMV model checker that allows model checking of finite ASM models. In this work, we add a means for abstraction in case the model to be checked is infinite and therefore not feasible for the model checking approach. We facilitate the ASM specification language (ASM-SL) with a notion for abstract types and introduce an interface between ASM-SL and Multiway Decision Graphs (MDGs). MDGs are capable of representing transition systems with abstract types and functions and provide the functionality necessary for symbolic model checking. Our interface maps abstract ASM models into MDGs in a semantic preserving way. It provides a very simple means for generating abstract models that are infinite but can be checked by a model checker based on MDGs

Executable formal specifications of complex distributed systems with CoreASM

Formal specifications play a crucial role in the design of reliable complex software systems. Executable formal specifications allow the designer to attain early validation and verification of design using static analysis techniques and accurate simulation of the runtime behavior of the system-to-be. With increasing complexity of software-intensive computer-based systems and the challenges of validation and verification of abstract software models prior to coding, the need for interactive software tools supporting executable formal specifications is even more evident. In this paper, we discuss how CoreASM, an environment for writing and running executable specifications according to the ASM method, provides flexibility and manages the complexity by using an innovative extensible language architecture

A Design for verification approach using an embedding of PSL in AsmL

In this paper, we propose to integrate an embedding of Property Specification Language (PSL) in Abstract State Machines Language (AsmL) with a top–down design for verification approach in order to enable the model checking of large systems at the early stages of the design process. We provide a complete embedding of PSL in the ASM language AsmL, which allows us to integrate PSL properties as a part of the design. For verification, we propose a technique based on the AsmL tool that translates the code containing both the design and the properties into a finite state machine (FSM) representation. We use the generated FSM to run model checking on an external tool, here SMV. Our approach takes advantage of the AsmL language capabilities to model designs at the system level as well as from the power of the AsmL tool in generating both C# code and FSMs from AsmL models. We applied our approach on the PCI-X bus standard, which AsmL model was constructed from the informal standard specifications and a subsequent UML model. Experimental results on the PCI-X bus case study showed a superiority of our approach to conventional verification

An Integrated Methodology for Creating Composed Web/Grid Services

This thesis presents an approach to design, specify, validate, verify, implement, and evaluate composed web/grid services. Web and grid services can be composed to create new services with complex behaviours. The BPEL (Business Process Execution Language) standard was created to enable the orchestration of web services, but there have also been investigation of its use for grid services. BPEL specifies the implementation of service composition but has no formal semantics; implementations are in practice checked by testing. Formal methods are used in general to define an abstract model of system behaviour that allows simulation and reasoning about properties. The approach can detect and reduce potentially costly errors at design time. CRESS (Communication Representation Employing Systematic Specification) is a domainindependent, graphical, abstract notation, and integrated toolset for developing composite web service. The original version of CRESS had automated support for formal specification in LOTOS (Language Of Temporal Ordering Specification), executing formal validation with MUSTARD (Multiple-Use Scenario Testing and Refusal Description), and implementing in BPEL4WS as the early version of BPEL standard. This thesis work has extended CRESS and its integrated tools to design, specify, validate, verify, implement, and evaluate composed web/grid services. The work has extended the CRESS notation to support a wider range of service compositions, and has applied it to grid services as a new domain. The thesis presents two new tools, CLOVE (CRESS Language-Oriented Verification Environment) and MINT (MUSTARD Interpreter), to respectively support formal verification and implementation testing. New work has also extended CRESS to automate implementation of composed services using the more recent BPEL standard WS-BPEL 2.0

QUALITY IMPROVEMENT AND VALIDATION TECHNIQUES ON SOFTWARE SPECIFICATION AND DESIGN

Ph.DDOCTOR OF PHILOSOPH

Automated specification-based testing of graphical user interfaces

Tese de doutoramento. Engenharia Electrónica e de Computadores. 2006. Faculdade de Engenharia. Universidade do Porto, Departamento de Informática, Escola de Engenharia. Universidade do Minh

Système d'aide à la décision pour le réseau de distribution

RÉSUMÉ De nos jours, de nouvelles technologies issues du domaine de l'information et de la communication sont introduites progressivement dans les réseaux de distribution électrique. Ces technologies nécessitent des études poussées et des simulations précises afin d'en évaluer les forces et les faiblesses. Toutefois, la simulation des réseaux électriques demeure une tâche complexe qui nécessite de tenir compte de plusieurs facteurs : électriques, mécaniques, économiques, naturels, matériels et humains. Pour pallier à la complexité inhérente à la simulation électrique, il est possible de recourir aux systèmes multiagents (SMA). Ils présentent de nombreux avantages. Ils offrent une grande flexibilité en permettant à des agents autonomes de collaborer pour atteindre des objectifs complexes. Le SMA, par opposition au système de simulation monolithique, présente l'avantage d'être une architecture souple et évolutive capable de traiter des opérations complexes. Toutefois, le développement et la manipulation de ces systèmes sont des tâches réservées à des experts en informatique et en SMA. Or, dans le cadre du projet LEOPAR, mené à l'Institut de recherche d'Hydro Québec, nous avons comme principal objectif de développer un SMA accessible à des non-experts en informatique. Le but est de permettre aux décideurs et aux ingénieurs électriques de modifier et de faire évoluer le simulateur de la manière la plus aisée possible. Pour ce faire, nous avons développée une architecture à mi-chemin entre les architectures de Tableau Noir et les SMA. Nous avons utilisé une zone distribuée de partage de données pour permettre la communication des agents. Le partage et l'échange d'informations se fait par la modification des données distribuées. Ce mécanisme réduit la complexité des agents et leur mode de communication. De plus, nous avons spécifié un langage d'actions de haut niveau qui permet de décrire de manière déclarative les actions, leurs effets, leurs conditions et leurs relations. Ce langage d'actions est automatiquement traduit en logique non monotone (Answer Set Programming) afin de permettre la coordination des agents du simulateur. La traduction que nous proposons du langage d'actions surpasse largement les autres langages d'actions en termes de rapidité d'exécution lors de la planification. La combinaison de notre langage d'actions et de la logique non monotone a permis le développement d'un système performant, qui offre la possibilité à des novices de rajouter, modifier ou supprimer des agents du simulateur. Le simulateur multiagents que nous avons développé fonctionne adéquatement et permet, entre autre, de réaliser des simulations de type Monte-Carlo pour l’étude de la fiabilité des réseaux. Notre simulateur permet de quantifier, à l'aide des indices de performances, l'impact et l'apport de nouvelles technologies. Il est en mesure de reproduire avec une grande fidélité des phénomènes électriques, mécaniques et humains, tels que la surcharge électrique des câbles, le changeur de prise des transformateurs, les équipes humaines d'intervention, le temps de restauration variable et la reconfiguration du réseau. Notre simulateur a été testé sur de véritables réseaux de distribution d'Hydro-Québec et a démontré sa capacité à traiter de grandes quantités de données. En comparaison à d'autres simulateurs électriques multiagents standards, notre système s'est avéré être tout aussi performant mais beaucoup plus facile à développer et à faire évoluer. Lors des simulations électriques, nous avons été en mesure de réaliser des études de fiabilité qui ont permis de déterminer les facteurs les plus importants influant les performances du réseau.----------ABSTRACT Nowadays, the information system technologies are increasingly used in power distribution systems to improve network reliability and performance. The impact of these structural changes is important and requires in-depth studies and investigations. A better understanding of the effect of these technologies is required to optimize the network. However, the simulation of power network is a complex task, where several technical issues need to be considered such as : electrical, mechanical, economical, natural and human aspects. The idea is to develop a multi-agent system (MAS) that can process complex simulations. Such a system is extensible and modular and it is composed by numerous simple agents that can collaborate and interact in order to achieve complex objectives. Multi-agent systems are capable of reaching goals that are difficult to achieve by monolithic systems or individual agents, which can be complex and hard to maintain and extend. Nevertheless, the development and the maintenance of a MAS is a complex task that has to be performed by experts on computer science and multi-agent systems. In the framework of the project LEOPAR, carried out by the \textit{Institute de Recherche d'Hydro-Québec}, we have as a main objective to develop an accessible and comprehensive MAS. The project's aim was to allow managers to modify the behavior and the objectives of the simulator without the assistance of an expert. To this end, we developed a simulator based on Blackboard and MAS. Our system relies on a common pool of data to share information between agents. This type of mechanism reduces the communication complexity and makes the development of agents easier. In addition, we defined a new action language that allows to incrementally describe the agent's actions, effects, conditions and relations. Our action language is automatically translated into a non-monotonic logic (Answer Set Programming) in order to process the agent's actions. The translated answer set program has shown to be effective in providing action plans. The action language combined to answer set programming allowed us to develop a powerful and accessible simulator, enabling novice to add, change, and remove agents' behavior. Our simulator works properly and allows, among other things, processing power network assessments using a Monte-Carlo approach. It analyses the impact of introducing new types of technologies, by comparing performance indicators of the network. Moreover, it is able to simulate with accuracy a wide variety of phenomena as wire overloading, protection mechanism activation, tap changer changes, human intervening team patrols, restoration process and network reconfiguration. It has been tested on realistic distribution network of Hydro-Quebec and it performed well in assessing networks. Our simulator is performing similarly to a classical multi-agents system, but with the benefit of being accessible and easy to use