Building Responsive Systems from Physically-correct Specifications

Predictability - the ability to foretell that an implementation will not violate a set of specified reliability and timeliness requirements - is a crucial, highly desirable property of responsive embedded systems. This paper overviews a development methodology for responsive systems, which enhances predictability by eliminating potential hazards resulting from physically-unsound specifications. The backbone of our methodology is the Time-constrained Reactive Automaton (TRA) formalism, which adopts a fundamental notion of space and time that restricts expressiveness in a way that allows the specification of only reactive, spontaneous, and causal computation. Using the TRA model, unrealistic systems - possessing properties such as clairvoyance, caprice, in finite capacity, or perfect timing - cannot even be specified. We argue that this "ounce of prevention" at the specification level is likely to spare a lot of time and energy in the development cycle of responsive systems - not to mention the elimination of potential hazards that would have gone, otherwise, unnoticed. The TRA model is presented to system developers through the CLEOPATRA programming language. CLEOPATRA features a C-like imperative syntax for the description of computation, which makes it easier to incorporate in applications already using C. It is event-driven, and thus appropriate for embedded process control applications. It is object-oriented and compositional, thus advocating modularity and reusability. CLEOPATRA is semantically sound; its objects can be transformed, mechanically and unambiguously, into formal TRA automata for verification purposes, which can be pursued using model-checking or theorem proving techniques. Since 1989, an ancestor of CLEOPATRA has been in use as a specification and simulation language for embedded time-critical robotic processes.Harvard University; DARPA (N00039-88-C-0163

Using Specification and Description Language to define and implement discrete simulation models

The formal languages become important tools since they allow the complete understanding of the model and help in its implementation. However only a few simulation tools allow an automatic execution of a simulation model based in a formalization of the system. Specification and Description Language is a modern object oriented graphical formal language that allows the definition of distributed systems. It has focused on the modeling of reactive, state/event driven systems, and has been standardized by the International Telecommunications Union (ITU) in the Z.100. Since it is a graphical formalism simplifies the understanding of the model. In this paper we show how we can use Specification and Description Language to represent a discrete simulation model. We propose a solution, implemented in SDLPS, regarding how to manage the time in Specification and Description Language. Also, we show how SDLPS infrastructure allows a distribute simulation of the models.Postprint (published version

Animation and formal verification of real-time reactive systems in an object-oriented environment

Real-time reactive systems are characterized by their continuous interaction with their environment through stimulus-response behavior. The safety-critical nature of their domain and their inherent complexity advocate the use of formal methods in the software development process. TROMLAB development environment supports a process model adequate for dealing with the complexity of reactive systems. The foundation of the TROMLAB environment is the Timed Reactive Object Model (TROM), which combines object-oriented and real-time technologies. Simulation is essential in the behavioral analysis of real-time reactive systems; animation allows a visualization of the simulation process. A rigorous trace analysis of simulation scenarios provides insight into the behavior of the collaborating entities in the configuration. This supports validation of systems designed incrementally and iteratively in the software development life-cycle. Moreover, safety-critical systems need to be verified for adherence to stringent safety and liveness properties. The scope of this thesis is two-fold. We first present an animation tool supporting simulation of reactive systems described in the TROM formalism. We include formal specifications of the functionalities of the simulator in VDM specification language. We then introduce a methodology for formal verification of TROM subsystems. The novelty of the methodology lies in the formal verification approach embedded within an object-oriented framework. The simulator and the verification methodology conform respectively to the operational and logical semantics of TROMs

Towards a representation of environmenal models using specification and description language: from the fibonacci model to a wildfire model

In this paper we explore how we can use Specification and Description Language (SDL) to represent environmental models. Since the main concern in this kind of models is the representation of the geographical information data, we analyze how we can represent this information in the SDL diagrams. We base our approach using two examples, a representation of the Fibonacci function using a cellular automaton, and the representation of a wildfire model. To achieve this we propose the use of a language extension to Specification and Description Language. This allows the simplification of the representation of cellular automatons. Thanks this we can define the behavior of environmental models in a graphical way allowing its complete and unambiguous description. SDL is a modern object oriented formalism that allows the definition of distributed systems. It has focused on the modeling of reactive, state/event driven systems, and has been standardized by the International Telecommunications Union (ITU) in the Z.100.Postprint (published version

Representing Fibonacci function through cellular automata using specification and description language

In this poster we show how to use Specification and Description Language (SDL) to represent cellular automata models. To achieve that we use a generalization of the common cellular automata, named m:n-$CA^k$. Also we add some extension to SDL language to simplify the representation of these automata. Thanks to SDL and m:n-$CA^k$ the behavior of the cellular automata model can be defined in a graphical way allowing the complete and unambiguous description of the simulation model that uses it. SDL is a modern object oriented language that allows the definition of distributed systems. It has focused on the modeling of reactive, state/event driven systems, and has been standardized by the International Telecommunications Union (ITU) in the Z.100.Postprint (published version

A survey of agent-oriented methodologies

This article introduces the current agent-oriented methodologies. It discusses what approaches have been followed (mainly extending existing object oriented and knowledge engineering methodologies), the suitability of these approaches for agent modelling, and some conclusions drawn from the survey

Embedding object-oriented design in system engineering

The Unified Modeling Language (UML) is a collection of techniques intended to document design decisions about software. This contrasts with systems engineering approaches such as for exampleStatemate and the Yourdon Systems Method (YSM), in which the design of an entire system consisting of software and hardware can be documented. The difference between the system- and the software level is reflected in differences between execution semantics as well as in methodology. In this paper, I show how the UML can be used as a system-level design technique. I give a conceptual framework for engineering design that accommodates the system- as well as the software level and show how techniques from the UML and YSM can be classified within this framework, and how this allows a coherent use of these techniques in a system engineering approach. These ideas are illustrated by a case study in which software for a compact dynamic bus station is designed. Finally, I discuss the consequences of this approach for a semantics of UML constructs that would be appropriate for system-level design

CoFI: The Common Framework Initiative for Algebraic Specification and Development

An open collaborative effort has been initiated: to design acommon framework for algebraic specification and development of software. The rationale behind this initiative is that the lack of such a common framework greatly hinders the dissemination and application of researchresults in algebraic specification. In particular, the proliferationof specification languages, some differing in only quite minor ways from each other, is a considerable obstacle for the use of algebraic methods in industrial contexts, making it difficult to exploit standard examples, case studies and training material. A common framework with widespread acceptancethroughout the research community is urgently needed.The aim is to base the common framework as much as possible on a critical selection of features that have already been explored in various contexts. The common framework will provide a family of specificationlanguages at different levels: a central, reasonably expressive language, called CASL, for specifying (requirements, design, and architecture of) conventional software; restrictions of CASL to simpler languages, for use primarily in connection with prototyping and verification tools; and extensionsof CASL, oriented towards particular programming paradigms,such as reactive systems and object-based systems. It should also be possibleto embed many existing algebraic specification languages in members of the CASL family. A tentative design for CASL has already been proposed. Task groupsare studying its formal semantics, tool support, methodology, and other aspects, in preparation for the finalization of the design

State-of-the-art on evolution and reactivity

This report starts by, in Chapter 1, outlining aspects of querying and updating resources on the Web and on the Semantic Web, including the development of query and update languages to be carried out within the Rewerse project. From this outline, it becomes clear that several existing research areas and topics are of interest for this work in Rewerse. In the remainder of this report we further present state of the art surveys in a selection of such areas and topics. More precisely: in Chapter 2 we give an overview of logics for reasoning about state change and updates; Chapter 3 is devoted to briefly describing existing update languages for the Web, and also for updating logic programs; in Chapter 4 event-condition-action rules, both in the context of active database systems and in the context of semistructured data, are surveyed; in Chapter 5 we give an overview of some relevant rule-based agents frameworks