Addressing performance requirements in the FDT-based design of distributed systems

The development of distributed systems is generally regarded as a complex and costly task, and for this reason formal description techniques such as LOTOS and ESTELLE (both standardized by the ISO) are increasingly used in this process. Our experience is that LOTOS can be exploited at many stages on the design trajectory, from requirements specification to implementation, but that the language elements do not allow direct formalization of performance requirements. To avoid duplication of effort by using two formalisms with distinct approaches, we propose a design method that incorporates performance constraints in an heuristic but effective manner

Message sequence chart specifications with cross verification

Current software specification verification methods are usually performed within the context of the specification method. There is little cross verification, pitting one type of specification against another, taking place. The most common techniques involve syntax checks across specifications or doing specification transformations and running verification within the new context. Since viewpoints of a system are different even within programming teams we concentrate on producing an efficient way to run cross verification on specifications, particularly specifications written with Message Sequence Charts and State Transition Diagrams.;In this work an algorithm is proposed in which all conditional MSCs are transformed into an algebraic representations, Message Flow Graphs and by stepwise refinement, a Global State Transition Graph is created. This GSTG has all the properties of a State Transition Diagram and therefore can be analyzed in conjunction with the original STD

TURTLE-P: a UML profile for the formal validation of critical and distributed systems

The timed UML and RT-LOTOS environment, or TURTLE for short, extends UML class and activity diagrams with composition and temporal operators. TURTLE is a real-time UML profile with a formal semantics expressed in RT-LOTOS. Further, it is supported by a formal validation toolkit. This paper introduces TURTLE-P, an extended profile no longer restricted to the abstract modeling of distributed systems. Indeed, TURTLE-P addresses the concrete descriptions of communication architectures, including quality of service parameters (delay, jitter, etc.). This new profile enables co-design of hardware and software components with extended UML component and deployment diagrams. Properties of these diagrams can be evaluated and/or validated thanks to the formal semantics given in RT-LOTOS. The application of TURTLE-P is illustrated with a telecommunication satellite system

Fostering the adoption of i* by practitioners: some challenges and research directions

The i* framework is a widespread formalism in the software engineering discipline that allows expressing intentionality of system actors. From the time it was issued, in the mid-nineties, a growing research community has adopted it either in its standard form or formulating variations in order to adapt it to some particular purpose. New methods, techniques and tools have made evolve the framework in a way that it may be currently considered quite mature from the scientific perspective. However, the i* framework has not been transferred to practitioners at the same extent yet: industrial experiences using i* are not many and have been mainly conducted by i* experts that are part of that very research community. Therefore, it may be argued that some steps are needed for boosting the adoption of i* by practitioners. In this chapter, we identify some scientific challenges whose overcoming could represent a step towards this goal. For each challenge, we present the problem that is addressed, its current state of the art and some envisaged lines of research.Preprin

A Formal Object Model for Layered Networks to Support Verification and Simulation

This work presents an abstract formal model of the interconnection structure of the Open Systems Interconnection Reference Model (OSI-RM) developed using Object-Oriented modeling principles permitting it to serve as a re-usable platform in supporting the development of simulations and formal methods applied to layered network protocols. A simulation of the object model using MODSIM III was developed and Prototype Verification System (PVS) was used to show the applicability of the object model to formal methods by formally specifying and verifying a Global Systems for Mobile communications (GSM) protocol. This application has proved to be successful in two aspects. The first was showing the existence of discrepancies between informal standard protocol specifications, and the second was that communication over the layered GSM network was verified. Although formal methods is somewhat difficult and time consuming, this research shows the need for the formal specification of all communication protocols to support a clear understanding of these protocols and to provide consistency in their implementations. A domain for the application of this model is mobile cellular telecommunications systems. Mobile Communications is one of the most rapidly expanding sectors of telecommunications. Expectations of what a mobile cellular phone can do have vastly increased the complexity of cellular communication networks, which makes it imperative that protocol specifications be verified before implementation

STAIRS - Understanding and Developing Specifications Expressed as UML Interaction Diagrams

STAIRS is a method for the step-wise, compositional development of interactions in the setting of UML 2.x. UML 2.x interactions, such as sequence diagrams and interaction overview diagrams, are seen as intuitive ways of describing communication between different parts of a system, and between a system and its users. STAIRS addresses the challenges of harmonizing intuition and formal reasoning by providing a precise understanding of the partial nature of interactions, and of how this kind of incomplete specifications may be consistently refined into more complete specifications. For understanding individual interaction diagrams, STAIRS defines a denotational trace semantics for the main constructs of UML 2.x interactions. The semantic model takes into account the partiality of interactions, and the formal semantics of STAIRS is faithful to the informal semantics given in the UML 2.x standard. For developing UML 2.x interactions, STAIRS defines a number of refinement relations corresponding to basic system development steps. STAIRS also defines matching compliance relations, for relating interactions to real computer systems. An important feature of STAIRS is the distinction between underspecification and inherent nondeterminism. Underspecification means that there are several possible behaviours serving the same overall purpose, and that it is sufficient for a computer system to perform only one of these. On the other hand, inherent nondeterminism is used to capture alternative behaviours that must all be possible for an implementation. A typical example is the tossing of a coin, where both heads and tails should be possible outcomes. In some cases, using inherent nondeterminism may also be essential for ensuring the necessary security properties of a system

On-the-fly Fast Mean-Field Model-Checking: Extended Version

A novel, scalable, on-the-fly model-checking procedure is presented to verify bounded PCTL properties of selected individuals in the context of very large systems of independent interacting objects. The proposed procedure combines on-the-fly model checking techniques with deterministic mean-field approximation in discrete time. The asymptotic correctness of the procedure is shown and some results of the application of a prototype implementation of the FlyFast model-checker are presented

A novel approach to emergency management of wireless telecommunication system

The survivability concerns the service continuity when the components of a system are damaged. This concept is especially useful in the emergency management of the system, as often emergencies involve accidents or incident disasters which more or less damage the system. The overall objective of this thesis study is to develop a quantitative management approach to the emergency management of a wireless cellular telecommunication system in light of its service continuity in emergency situations – namely the survivability of the system. A particular wireless cellular telecommunication system, WCDMA, is taken as an example to ground this research.The thesis proposes an ontology-based paradigm for service management such that the management system contains three models: (1) the work domain model, (2) the dynamic model, and (3) the reconfiguration model. A powerful work domain modeling tool called Function-Behavior-Structure (FBS) is employed for developing the work domain model of the WCDMA system. Petri-Net theory, as well as its formalization, is applied to develop the dynamic model of the WCDMA system. A concept in engineering design called the general and specific function concept is applied to develop a new approach to system reconfiguration for the high survivability of the system. These models are implemented along with a user-interface which can be used by emergency management personnel. A demonstration of the effectiveness of this study approach is included.There are a couple of contributions with this thesis study. First, the proposed approach can be added to contemporary telecommunication management systems. Second, the Petri Net model of the WCDMA system is more comprehensive than any dynamic model of the telecommunication systems in literature. Furthermore, this model can be extended to any other telecommunication system. Third, the proposed system reconfiguration approach, based on the general and specific function concept, offers a unique way for the survivability of any service provider system.In conclusion, the ontology-based paradigm for a service system management provides a total solution to service continuity as well as its emergency management. This paradigm makes the complex mathematical modeling of the system transparent to the manager or managerial personnel and provides a feasible scenario of the human-in-the-loop management