Step-wise Refinement Design Example Using LOTOS

The importance of a design methodology when using Formal Description Techniques is generally agreed in the scientific community. This paper presents some design principles and concepts that characterize a step-wise refinement design approach and illustrates their application on an example of a mutual exclusion access system. The relevance of this work is to provide a reference as to how design decisions during the design trajectory can be taken and represented in LOTOS specifications, and to evaluate the suitability of such techniques for use on an industrial scale. 1. INTRODUCTION LOTOS - Language Of Temporal Ordering Specification - is one of the Formal Description Techniques (FDTs) standardized by ISO [1] aiming at support of specification of OSI services and protocols. Due to its high expressive power, LOTOS is suitable for description of systems that display concurrency, distribution and synchronization. Since LOTOS is an International Standard and has therefore gained stabilit..

Projeto de sistemas utilizando construções predefinidas aplicadas a gerencia de redes : a biblioteca biblotos

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro TecnologicoEsta dissertação apresenta uma abordagem para o projeto de sistemas de gerência de redes de computadores que emprega uma biblioteca de construções predefinidas (a biblioteca bibLOTOS), realizadas com o uso da Técnica de Descrição Formal LOTOS. A biblioteca, implementada em banco de Dados ACCESS 2.0, inclui construções em LOTOS Básico, ACT ONE e LOTOS Completo. O emprego da bibLOTOS, assim como do método a ela associado, são ilustrados com o projeto de um sistema de gerência proativa de redes. Ferramentas LOTOS são utilizadas para a validação das especificações

Architectural notes: a framework for distributed systems development

This thesis develops a framework of methods and techniques for distributed systems development. This framework consists of two related domains in which design concepts for distributed systems are defined: the entity domain and the behaviour domain. In the entity domain we consider structures of functional entities and their interconnection, while in the behaviour domain we consider behaviour definition and structuring. An interaction in which we abstract from the particular responsibilities of the participating functional entities is considered as an action. Behaviours consist of actions, interactions and their relationships. Relationships between actions and interactions are defined in terms of causality relations. In each causality relation the conditions and constraints for an action or interaction to occur are defined. Two important behaviour structuring techniques have been identified from the possible ways causality relations can be distributed: causality-oriented behaviour composition and constraint-oriented behaviour composition. Causality-oriented behaviour composition consists of placing some conditions of an action and the action itself in different sub-behaviours. Constraint-oriented behaviour composition consists of placing parts of the conditions and constraints of an action in different sub-behaviours, such that this action is shared by these sub-behaviours. This thesis identifies milestones in the design process of distributed systems, as well as the design steps to move from one milestone to another. These design steps are characterized using the concepts of the entity and the behaviour domain. We identified two crucial design operations of the behaviour domain that support these design steps: behaviour refinement and action refinement. Behaviour refinement consists of introducing (internal) structure in the causality relations of reference actions of an abstract behaviour, but preserving their causality and exclusion relationships and their attribute values. Action refinement consists of replacing abstract actions by activities, such that the completion of these activities correspond to the occurrence of the abstract actions. One important characteristic of action refinement is the possibility of distributing attribute values of the abstract actions over actions of the activities that replace them in the concrete behaviours. The area of research, scope and objectives of this thesis are discussed in Chapter 1. The concept of design culture and its elements is introduced in this chapter in order to provide an overview of the important aspects of the design process. Entity domain, behaviour domain, and design milestones are introduced and discussed in Chapter 2. This chapter also discusses the global objectives of design steps, and the abstraction obtained by considering interactions between cooperating functional entities as actions of the interaction system between these entities. Action, action attributes, causality and exclusion are discussed in Chapter 3. This chapter shows how a behaviour can be defined in terms of the causality relations of its actions in a monolithic form. Causality-oriented behaviour composition is discussed in Chapter 4. Entries and exits of a behaviour are the mechanisms that make it possible to assign parts of a condition of an action and the action itself to different sub-behaviours. Constraint-oriented behaviour composition is discussed in Chapter 5. Decomposition possibilities of monolithic behaviours are systematically studied in this chapter. Behaviour refinement is discussed in Chapter 6. This chapter defines a method to obtain an abstraction of a concrete behaviour. This method can be used to check whether the concrete behaviour corresponds to a certain abstract behaviour. Action refinement is discussed in Chapter 7. This chapter identifies some activity forms, and define the rules for considering these activities as implementations of an abstract action. These rules are used in a method to derive an abstraction of a concrete behaviour in which the abstract actions are implemented as activities. This method can be used to check whether the concrete behaviour corresponds to a certain abstract behaviour. Chapter 8 discusses a design example that is meant to illustrate the use of our design concepts. The example is an interaction server, which is a component that supports the interaction between multiple functional entities. Chapter 9 draws some conclusions and revisits the design milestones of Chapter 2, showing alternatives for the design trajectory which have been created with the use of actions and interactions in a single framework

Property preserving development and testing for CSP-CASL.

This thesis describes a theoretical study and an industrial application in the area of formal systems development, verification and formal testing using the specification language CSP-CASL. The latter is a comprehensive specification language which allows to describe systems in a combined algebraic / process algebraic notation. To this end it integrates the process algebra CSP and the algebraic specification language CASL. In this thesis we propose various formal development notions for CSP-CASL capable of capturing informal vertical and horizontal software development which we typically find in industrial applications. We provide proof techniques for such development notions and verification methodologies to prove interesting properties of reactive systems. We also propose a theoretical framework for formal testing from CSP-CASL specifications. Here, we present a conformance relation between a physical system and a CSP-C ASL specification. In particular we study the relationship between CSP-CASL development notions and the implemented system. The proposed theoretical notions of formal system development, property verification and formal testing for CSP-CASL, have been successfully applied to two industrial application: an electronic payment system called EP2 and the starting system of the BR725 Rolls- Royce jet engine control software