STAIRS - Understanding and Developing Specifications Expressed as UML Interaction Diagrams

STAIRS is a method for the step-wise, compositional development of interactions in the setting of UML 2.x. UML 2.x interactions, such as sequence diagrams and interaction overview diagrams, are seen as intuitive ways of describing communication between different parts of a system, and between a system and its users. STAIRS addresses the challenges of harmonizing intuition and formal reasoning by providing a precise understanding of the partial nature of interactions, and of how this kind of incomplete specifications may be consistently refined into more complete specifications. For understanding individual interaction diagrams, STAIRS defines a denotational trace semantics for the main constructs of UML 2.x interactions. The semantic model takes into account the partiality of interactions, and the formal semantics of STAIRS is faithful to the informal semantics given in the UML 2.x standard. For developing UML 2.x interactions, STAIRS defines a number of refinement relations corresponding to basic system development steps. STAIRS also defines matching compliance relations, for relating interactions to real computer systems. An important feature of STAIRS is the distinction between underspecification and inherent nondeterminism. Underspecification means that there are several possible behaviours serving the same overall purpose, and that it is sufficient for a computer system to perform only one of these. On the other hand, inherent nondeterminism is used to capture alternative behaviours that must all be possible for an implementation. A typical example is the tossing of a coin, where both heads and tails should be possible outcomes. In some cases, using inherent nondeterminism may also be essential for ensuring the necessary security properties of a system

Validation and refinement of timed MSC specifications

This thesis addresses the validation and the refinement of MSC (Message Sequence Charts) specifications at the requirement and the design phases in a software development process. The validation is necessary to ensure that an MSC specification does not contain semantic errors. The refinement provides a systematic approach to develop MSC specifications. The focus of this thesis is on timed MSC specifications, which may contain absolute and relative time constraints for specifying quantified timing requirements. To provide a foundation for analysis of MSC specifications, we develop a formal semantics for timed MSCs based on labeled partially ordered sets (lposets). We equip an lposet with two timing functions for expressing absolute and relative time constraints. The semantics of an MSC is represented by a set of lposets. The set can be obtained compositionally from the semantics of constructs contained in the MSC. Time constraints in an MSC specification may lead to inconsistencies. In such a case, the specification contains semantic errors. We study the time consistency of MSC specifications. We define the time consistency and develop sufficient and necessary conditions for the consistency. According to these conditions, algorithms are designed for checking the consistency. We also study the time consistency of high level MSCs and identify a subset of high level MSCs such that their consistency can be checked efficiently. We propose a refinement approach where we refine not only behaviors, but also time constraints specified in an MSC specification. Refining time constraints makes constraints on a system stronger, and assumptions on the environment weaker. We define refinement relations and develop algorithms to check the satisfaction of these relations. To reduce the complexity in the case of high level MSCs, we constrain the refinement rules. At last, as an outcome of our investigation of timed MSCs, we propose a new time construct as an extension of timed MSC in order to specify more timing requirements. Most of the algorithms presented in this thesis have been implemented and integrated to our set of tools MSC2SDL

The pragmatics of STAIRS

STAIRS is a method for the compositional development of interactions in the setting of UML 2.0. In addition to defining denotational trace semantics for the main aspects of interactions, STAIRS focuses on how interactions may be developed through successive refinement steps. In this tutorial paper, we concentrate on explaining the practical relevance of STAIRS. Guidelines are given on how to create interactions using the different STAIRS operators, and how these may be refined. The pragmatics is illustrated by a running example

Complementary formalisms - synthesis, verification and visualization

Ph.DDOCTOR OF PHILOSOPH

Preservation of Policy Adherence under Refinement

-Policy-based management is an approach to the management of systems with respect to issues such as security, access control and trust by the enforcement of policy rules. This paper addresses the problem of integrating the requirements imposed by a policy with the system development process. In order to take a policy specification into account in the development of a system specification, the notion of policy adherence is formalized as a relation between policy specifications and system specifications. Adherence of a system specification to a policy specification means that the former satisfies the latter. The integrated development process is supported by refinement, where both the policy specification and the system specification may be developed under any number of refinement steps. This paper characterizes the conditions under which adherence is preserved under refinement and identifies development rules that guarantee adherence preservation. By results of transitivity and compositionality the integrated development process and the analysis tasks can be conducted in a stepwise and modular way, thereby facilitating development. Oppdragsgiver: Research Council of Norwa

Assessment of bone marrow-derived Cellular Therapy in progressive Multiple Sclerosis (ACTiMuS):study protocol for a randomised controlled trial

BACKGROUND: We have recently completed an evaluation of the safety and feasibility of intravenous delivery of autologous bone marrow in patients with progressive multiple sclerosis (MS). The possibility of repair was suggested by improvement in the neurophysiological secondary outcome measure seen in all participants. The current study will examine the efficacy of intravenous delivery of autologous marrow in progressive MS. Laboratory studies performed in parallel with the clinical trial will further investigate the biology of bone marrow-derived stem cell infusion in MS, including mechanisms underlying repair. METHODS/DESIGN: A prospective, randomised, double-blind, placebo-controlled, stepped wedge design will be employed at a single centre (Bristol, UK). Eighty patients with progressive MS will be recruited; 60 will have secondary progressive disease (SPMS) but a subset (n = 20) will have primary progressive disease (PPMS). Participants will be randomised to either early or late (1 year) intravenous infusion of autologous, unfractionated bone marrow. The placebo intervention is infusion of autologous blood. The primary outcome measure is global evoked potential derived from multimodal evoked potentials. Secondary outcome measures include adverse event reporting, clinical (EDSS and MSFC) and self-assessment (MSIS-29) rating scales, optical coherence tomography (OCT) as well as brain and spine MRI. Participants will be followed up for a further year following the final intervention. Outcomes will be analysed on an intention-to-treat basis. DISCUSSION: Assessment of bone marrow-derived Cellular Therapy in progressive Multiple Sclerosis (ACTiMuS) is the first randomised, placebo-controlled trial of non-myeloablative autologous bone marrow-derived stem cell therapy in MS. It will determine whether bone marrow cell therapy can, as was suggested by the phase I safety study, improve conduction in multiple central nervous system pathways affected in progressive MS. Furthermore, laboratory studies performed in parallel with the clinical trial will inform our understanding of the cellular pharmacodynamics of bone marrow infusion in MS patients and the mechanisms underlying cell therapy. TRIAL REGISTRATION: ISRCTN27232902 Registration date 11/09/2012. NCT01815632 Registration date 19/03/201

Executable system architecting using systems modeling language in conjunction with Colored Petri Nets - a demonstration using the GEOSS network centric system

Models and simulation furnish abstractions to manage complexities allowing engineers to visualize the proposed system and to analyze and validate system behavior before constructing it. Unified Modeling Language (UML) and its systems engineering extension, Systems Modeling Language (SysML), provide a rich set of diagrams for systems specification. However, the lack of executable semantics of such notations limits the capability of analyzing and verifying defined specifications. This research has developed an executable system architecting framework based on SysML-CPN transformation, which introduces dynamic model analysis into SysML modeling by mapping SysML notations to Colored Petri Net (CPN), a graphical language for system design, specification, simulation, and verification. A graphic user interface was also integrated into the CPN model to enhance the model-based simulation. A set of methodologies has been developed to achieve this framework. The aim is to investigate system wide properties of the proposed system, which in turn provides a basis for system reconfiguration --Abstract, page iii