Addressing performance requirements in the FDT-based design of distributed systems

The development of distributed systems is generally regarded as a complex and costly task, and for this reason formal description techniques such as LOTOS and ESTELLE (both standardized by the ISO) are increasingly used in this process. Our experience is that LOTOS can be exploited at many stages on the design trajectory, from requirements specification to implementation, but that the language elements do not allow direct formalization of performance requirements. To avoid duplication of effort by using two formalisms with distinct approaches, we propose a design method that incorporates performance constraints in an heuristic but effective manner

LOTOS Symbolic Semantics in Maude

We present a formal tool where LOTOS specifications without restrictions in their data types can be executed. The reflective feature of rewriting logic and the metalanguage capabilities of Maude make it possible to implement the whole tool in the same semantic framework, and have allowed us to implement the LOTOS semantics and to build an entire environment with parsing, pretty printing, and input/output processing of LOTOS specifications

Compositional Performance Modelling with the TIPPtool

Stochastic process algebras have been proposed as compositional specification formalisms for performance models. In this paper, we describe a tool which aims at realising all beneficial aspects of compositional performance modelling, the TIPPtool. It incorporates methods for compositional specification as well as solution, based on state-of-the-art techniques, and wrapped in a user-friendly graphical front end. Apart from highlighting the general benefits of the tool, we also discuss some lessons learned during development and application of the TIPPtool. A non-trivial model of a real life communication system serves as a case study to illustrate benefits and limitations

Executable Structural Operational Semantics in Maude

This paper describes in detail how to bridge the gap between theory and practice when implementing in Maude structural operational semantics described in rewriting logic, where transitions become rewrites and inference rules become conditional rewrite rules with rewrites in the conditions, as made possible by the new features in Maude 2.0. We validate this technique using it in several case studies: a functional language Fpl (evaluation and computation semantics, including an abstract machine), imperative languages WhileL (evaluation and computation semantics) and GuardL with nondeterminism (computation semantics), Kahn’s functional language Mini-ML (evaluation or natural semantics), Milner’s CCS (with strong and weak transitions), and Full LOTOS (including ACT ONE data type specifications). In addition, on top of CCS we develop an implementation of the Hennessy-Milner modal logic for describing local capabilities of processes, and for LOTOS we build an entire tool where Full LOTOS specifications can be entered and executed (without user knowledge of the underlying implementation of the semantics). We also compare this method based on transitions as rewrites with another one based on transitions as judgements

Derivation of Test Cases for LAP-B from a LOTOS Specification

this paper, we show how this method has been applied to obtain test cases for LAP-B that are comparable, and in fact occasionally better, than those obtained by [KLPU][Kan]. Since TTCN is a common language for the spec- ification of test trees, the test cases obtained are written in TTCN (we should observe, however, that LOTOS itself appears to be adequate for the specification of test trees [Steen]). This technique appears to be valuable for conformance testing, at least until such time as the more formal approaches being developed by other authors become available (see Section 7). It makes it possible to extract test cases directly from (possibly standardized) formal descriptions, eliminating or reducing the importance of the interpretation of the informally specified standard. The formal specification is more complete and precise than the state tables and, unlike the latter, allows full formal treatment of the data part. For example, we shall show that automatic or semiautomatic generation of frame values appear to be possible by using the information contained in selection predicates

LOTOSphere:software development with LOTOS

LOTOS (Language Of Temporal Ordering Specification) became an international standard in 1989, although application of preliminary versions of the language to communication services and protocols of the ISO/OSI family dates back to 1984. This history of the use of LOTOS made it apparent that more advantages than the pure production of standard reference documents were to be expected from the use of such formal description techniques. LOTOSphere: Software Development with LOTOS describes in depth a five year project that moved LOTOS out of the ISO tower into software engineering practice. LOTOS became a vehicle for efficient, yet formally based industrial software specification, design, verification, implementation and testing. LOTOSphere: Software Development with LOTOS is divided into six parts. The first introduces the reader to LOTOS and the project LOTOSphere. The five remaining each treat an important part of the software development life cycle using LOTOS. This is the first book to give a comprehensive treatment of the use of these formal description techniques in a software engineering environment. It will thus be a valuable reference for researchers and software developers and can also be used as a text for an advanced course on the subject

Analysis and Verification of Service Interaction Protocols - A Brief Survey

Modeling and analysis of interactions among services is a crucial issue in Service-Oriented Computing. Composing Web services is a complicated task which requires techniques and tools to verify that the new system will behave correctly. In this paper, we first overview some formal models proposed in the literature to describe services. Second, we give a brief survey of verification techniques that can be used to analyse services and their interaction. Last, we focus on the realizability and conformance of choreographies.Comment: In Proceedings TAV-WEB 2010, arXiv:1009.330

Protocol Techniques for Testing Radiotherapy Accelerators

The nature of radiotherapy accelerators is briefly explained. It is argued that these complex safety-critical systems need a systematic basis for testing their software. The paper describes a novel application of protocol specification and testing methods to radiotherapy accelerators. An outline specification is given in LOTOS (Language Of Temporal Ordering Specification) of the accelerator control system. It is completely infeasible to use this directly for test generation. Instead, specification inputs are restricted using annotations in a Parameter Constraint Language. This is automatically translated into LOTOS and combined with the accelerator specification. It then becomes manageable to generate tests automatically of the actual accelerator to check that it agrees with its specification according to the relation ioconf (input-output conformance). Sample input annotations, their translation to LOTOS, and the resulting test cases are described