Clafer: Lightweight Modeling of Structure, Behaviour, and Variability

Embedded software is growing fast in size and complexity, leading to intimate mixture of complex architectures and complex control. Consequently, software specification requires modeling both structures and behaviour of systems. Unfortunately, existing languages do not integrate these aspects well, usually prioritizing one of them. It is common to develop a separate language for each of these facets. In this paper, we contribute Clafer: a small language that attempts to tackle this challenge. It combines rich structural modeling with state of the art behavioural formalisms. We are not aware of any other modeling language that seamlessly combines these facets common to system and software modeling. We show how Clafer, in a single unified syntax and semantics, allows capturing feature models (variability), component models, discrete control models (automata) and variability encompassing all these aspects. The language is built on top of first order logic with quantifiers over basic entities (for modeling structures) combined with linear temporal logic (for modeling behaviour). On top of this semantic foundation we build a simple but expressive syntax, enriched with carefully selected syntactic expansions that cover hierarchical modeling, associations, automata, scenarios, and Dwyer's property patterns. We evaluate Clafer using a power window case study, and comparing it against other notations that substantially overlap with its scope (SysML, AADL, Temporal OCL and Live Sequence Charts), discussing benefits and perils of using a single notation for the purpose

On Formal Methods for Large-Scale Product Configuration

<p>In product development companies mass customization is widely used to achieve better customer satisfaction while keeping costs down. To efficiently implement mass customization, product platforms are often used. A product platform allows building a wide range of products from a set of predefined components. The process of matching these components to customers' needs is called product configuration. Not all components can be combined with each other due to restrictions of various kinds, for example, geometrical, marketing and legal reasons. Product design engineers develop configuration constraints to describe such restrictions. The number of constraints and the complexity of the relations between them are immense for complex product like a vehicle. Thus, it is both error-prone and time consuming to analyze, author and verify the constraints manually. Software tools based on formal methods can help engineers to avoid making errors when working with configuration constraints, thus design a correct product faster.</p> <p>This thesis introduces a number of formal methods to help engineers maintain, verify and analyze product configuration constraints. These methods provide automatic verification of constraints and computational support for analyzing and refactoring constraints. The methods also allow verifying the correctness of one specific type of constraints, item usage rules, for sets of mutually-exclusive required items, and automatic verification of equivalence of different formulations of the constraints. The thesis also introduces three methods for efficient enumeration of valid partial configurations, with benchmarking of the methods on an industrial dataset.</p> <p>Handling large-scale industrial product configuration problems demands high efficiency from the software methods. This thesis investigates a number of search-based and knowledge-compilation-based methods for working with large product configuration instances, including Boolean satisfiability solvers, binary decision diagrams and decomposable negation normal form. This thesis also proposes a novel method based on supervisory control theory for efficient reasoning about product configuration data. The methods were implemented in a tool, to investigate the applicability of the methods for handling large product configuration problems. It was found that search-based Boolean satisfiability solvers with incremental capabilities are well suited for industrial configuration problems.</p> <p>The methods proposed in this thesis exhibit good performance on practical configuration problems, and have a potential to be implemented in industry to support product design engineers in creating and maintaining configuration constraints, and speed up the development of product platforms and new products.</p

An information model for lean, agile, resilient and green supply chain management

Dissertação para a obtenção de Grau de Mestre em Engenharia e Gestão IndustrialIn modern business environments, an effective Supply Chain Management (SCM) is crucial to business continuity. In this context, Lean, Agile, Resilient and Green (LARG), are advocated as the fundamental paradigm for a competitive Supply Chain (SC) as a whole. In fact, competition between supply chains (SC) has replaced the traditional competition between companies. To make a supply chain more competitive, capable of responding to the demands of customers with agility, and capable of responding effectively to unexpected disturbance, in conjugation with environmental responsibilities, and the necessity to eliminate processes that add no value, companies must implement a set of LARG SCM practices and Key Performance Indicators (KPI) to measure their influence on the SC performance. However, the selection of the best LARG SCM practices and KPIs is a complex decision-making problem, involving dependencies and feedbacks. Still, any decision-making must be supported by real and transparent data. This dissertation intends to provide two integrated models to assist the information management and decision-making. The first is an information model to support a LARG SCM, allowing the exchange and storage of data/information through a single information platform. In this model three types of diagrams are developed, Business Process Diagram (BPD), Use Cases Diagram and Class Diagram to assist the information platform design. The second is a decision-making model, designated LARG Analytical Network Process (ANP) to select the best LARG SCM practices/KPI to be implemented in SCs. Both models are developed and validated within the automotive SC, namely in Volkswagen Autoeuropa

Lifecycle Management of Automotive Safety-Critical Over the Air Updates: A Systems Approach

With the increasing importance of Over The Air (OTA) updates in the automotive field, maintaining safety standards becomes more challenging as frequent incremental changes of embedded software are regularly integrated into a wide range of vehicle variants. This necessitates new processes and methodologies with a holistic view on the backend, where the updates are developed and released

Model-Based Engineering of Collaborative Embedded Systems

This Open Access book presents the results of the "Collaborative Embedded Systems" (CrESt) project, aimed at adapting and complementing the methodology underlying modeling techniques developed to cope with the challenges of the dynamic structures of collaborative embedded systems (CESs) based on the SPES development methodology. In order to manage the high complexity of the individual systems and the dynamically formed interaction structures at runtime, advanced and powerful development methods are required that extend the current state of the art in the development of embedded systems and cyber-physical systems. The methodological contributions of the project support the effective and efficient development of CESs in dynamic and uncertain contexts, with special emphasis on the reliability and variability of individual systems and the creation of networks of such systems at runtime. The project was funded by the German Federal Ministry of Education and Research (BMBF), and the case studies are therefore selected from areas that are highly relevant for Germany’s economy (automotive, industrial production, power generation, and robotics). It also supports the digitalization of complex and transformable industrial plants in the context of the German government's "Industry 4.0" initiative, and the project results provide a solid foundation for implementing the German government's high-tech strategy "Innovations for Germany" in the coming years

Formal verification of automotive embedded UML designs

Software applications are increasingly dominating safety critical domains. Safety critical domains are domains where the failure of any application could impact human lives. Software application safety has been overlooked for quite some time but more focus and attention is currently directed to this area due to the exponential growth of software embedded applications. Software systems have continuously faced challenges in managing complexity associated with functional growth, flexibility of systems so that they can be easily modified, scalability of solutions across several product lines, quality and reliability of systems, and finally the ability to detect defects early in design phases. AUTOSAR was established to develop open standards to address these challenges. ISO-26262, automotive functional safety standard, aims to ensure functional safety of automotive systems by providing requirements and processes to govern software lifecycle to ensure safety. Each functional system needs to be classified in terms of safety goals, risks and Automotive Safety Integrity Level (ASIL: A, B, C and D) with ASIL D denoting the most stringent safety level. As risk of the system increases, ASIL level increases and the standard mandates more stringent methods to ensure safety. ISO-26262 mandates that ASILs C and D classified systems utilize walkthrough, semi-formal verification, inspection, control flow analysis, data flow analysis, static code analysis and semantic code analysis techniques to verify software unit design and implementation. Ensuring software specification compliance via formal methods has remained an academic endeavor for quite some time. Several factors discourage formal methods adoption in the industry. One major factor is the complexity of using formal methods. Software specification compliance in automotive remains in the bulk heavily dependent on traceability matrix, human based reviews, and testing activities conducted on either actual production software level or simulation level. ISO26262 automotive safety standard recommends, although not strongly, using formal notations in automotive systems that exhibit high risk in case of failure yet the industry still heavily relies on semi-formal notations such as UML. The use of semi-formal notations makes specification compliance still heavily dependent on manual processes and testing efforts. In this research, we propose a framework where UML finite state machines are compiled into formal notations, specification requirements are mapped into formal model theorems and SAT/SMT solvers are utilized to validate implementation compliance to specification. The framework will allow semi-formal verification of AUTOSAR UML designs via an automated formal framework backbone. This semi-formal verification framework will allow automotive software to comply with ISO-26262 ASIL C and D unit design and implementation formal verification guideline. Semi-formal UML finite state machines are automatically compiled into formal notations based on Symbolic Analysis Laboratory formal notation. Requirements are captured in the UML design and compiled automatically into theorems. Model Checkers are run against the compiled formal model and theorems to detect counterexamples that violate the requirements in the UML model. Semi-formal verification of the design allows us to uncover issues that were previously detected in testing and production stages. The methodology is applied on several automotive systems to show how the framework automates the verification of UML based designs, the de-facto standard for automotive systems design, based on an implicit formal methodology while hiding the cons that discouraged the industry from using it. Additionally, the framework automates ISO-26262 system design verification guideline which would otherwise be verified via human error prone approaches

Tuotemallien tarkistuksen metriikan kehitys ja automaatio

A lot of interest and research has been focused on product quality and it is recognized as a crucial aspect of engineering. The quality of product models can also be seen as essential in engineering workflow especially in systems based on downstream data. Model quality effects not only the models accuracy and modifiability but also the agility of the whole engineering systems. Careful and thorough verification plays an important part in effecting product model quality. Verifying product models and designs manually can be laborious and time-consuming process. By automating parts of the verification process, benefits can be seen in the time frame and end results of the verification. The goal of the thesis is to develop metrics and automation for product model verification. Development of metrics is executed by researching literature for model quality metrics and construct a set of metrics for the company. Furthermore, the possibilities of product model verification automation are studied and a working automated model verification tool shall be created based on the metrics. The tool is intended be used in the current modeling environment. The outcomes of this thesis are a list of product quality dimensions with their corresponding metrics and a customized PTC ModelCHECK check that can automatically identify issues in product models. Quality dimensions were identified based on company needs and literature research. ModelCHECK platform was chosen for verification tool development as the software is readily available for the company which means it is a cost-effective way of utilizing automated product model verification in current design environment.Tuotteiden laatuun on jo pidemmän aikaa kiinnitetty paljon huomiota insinööriprosesseissa ja tutkimuksessa. Myös tuotemallien laatu voidaan nähdä insinöörityön kannalta elintärkeässä asemassa, erityisesti systeemeissä jotka perustuvat alaspäin virtaavaan tietoon. Mallien laatu vaikuttaa muun muassa sen tarkkuuteen ja muokattavuuteen sekä koko mallinnus- ja suunnittelujärjestelmän ketteryyteen. Huolellinen ja läpikotainen tarkistus on tärkeä osa tuotemallien laadun kehittämistä. Mallien manuaalinen tarkastaminen voi olla työlästä ja aikaavievää. Käyttämällä automaatiota tarkistuksen apuna, voidaan saavuttaa etuja tarkistuksen nopeudessa ja lopputuloksessa. Tämän diplomityön tavoitteena on kehittää tuotemallien tarkastuksen metriikkaa ja automaatiota. Metriikan kehitys perustuu kirjallisuustutkimukseen sekä muun muassa haastatteluissa kartoitettuihin yrityksen tarpeisiin. Tavoitteena on luoda tuotemalleille metriikkaa, joita vasten niiden ominaisuuksia voidaan arvioida. Myös tarkistuksen automaatiota tutkitaan ja tavoitteena on luoda automaattinen työkalu, jota voidaan käyttää yrityksen tämän hetkisessä suunnittelujärjestelmässä. Tutkimuksen lopputuloksena syntyi lista tuotemallien laadun ulottuvuuksista niihin liitetyillä metriikoilla ja metriikan mukainen PTC ModelCHECK tarkistuspohja 3D-malleille, joka löytyy automaattisesti virheitä malleista. ModelCHECK valittiin työkaluksi, koska se on valmiiksi saatavilla yrityksen nykyisessä mallinnusjärjestelmässä, joilloin automatisointi on erittäin kustannustehokasta