238 research outputs found

    Decomposition of sequential and concurrent models

    Get PDF
    Le macchine a stati finiti (FSM), sistemi di transizioni (TS) e le reti di Petri (PN) sono importanti modelli formali per la progettazione di sistemi. Un problema fodamentale è la conversione da un modello all'altro. Questa tesi esplora il mondo delle reti di Petri e della decomposizione di sistemi di transizioni. Per quanto riguarda la decomposizione dei sistemi di transizioni, la teoria delle regioni rappresenta la colonna portante dell'intero processo di decomposizione, mirato soprattutto a decomposizioni che utilizzano due sottoclassi delle reti di Petri: macchine a stati e reti di Petri a scelta libera. Nella tesi si dimostra che una proprietà chiamata ``chiusura rispetto all'eccitazione" (excitation-closure) è sufficiente per produrre un insieme di reti di Petri la cui sincronizzazione è bisimile al sistema di transizioni (o rete di Petri di partenza, se la decomposizione parte da una rete di Petri), dimostrando costruttivamente l'esistenza di una bisimulazione. Inoltre, è stato implementato un software che esegue la decomposizione dei sistemi di transizioni, per rafforzare i risultati teorici con dati sperimentali sistematici. Nella seconda parte della dissertazione si analizza un nuovo modello chiamato MSFSM, che rappresenta un insieme di FSM sincronizzate da due primitive specifiche (Wait State - Stato d'Attesa e Transition Barrier - Barriera di Transizione). Tale modello trova un utilizzo significativo nella sintesi di circuiti sincroni a partire da reti di Petri a scelta libera. In particolare vengono identificati degli errori nell'approccio originale, fornendo delle correzioni.Finite State Machines (FSMs), transition systems (TSs) and Petri nets (PNs) are important models of computation ubiquitous in formal methods for modeling systems. Important problems involve the transition from one model to another. This thesis explores Petri nets, transition systems and Finite State Machines decomposition and optimization. The first part addresses decomposition of transition systems and Petri nets, based on the theory of regions, representing them by means of restricted PNs, e.g., State Machines (SMs) and Free-choice Petri nets (FCPNs). We show that the property called ``excitation-closure" is sufficient to produce a set of synchronized Petri nets bisimilar to the original transition system or to the initial Petri net (if the decomposition starts from a PN), proving by construction the existence of a bisimulation. Furthermore, we implemented a software performing the decomposition of transition systems, and reported extensive experiments. The second part of the dissertation discusses Multiple Synchronized Finite State Machines (MSFSMs) specifying a set of FSMs synchronized by specific primitives: Wait State and Transition Barrier. It introduces a method for converting Petri nets into synchronous circuits using MSFSM, identifies errors in the initial approach, and provides corrections

    Language Design for Reactive Systems: On Modal Models, Time, and Object Orientation in Lingua Franca and SCCharts

    Get PDF
    Reactive systems play a crucial role in the embedded domain. They continuously interact with their environment, handle concurrent operations, and are commonly expected to provide deterministic behavior to enable application in safety-critical systems. In this context, language design is a key aspect, since carefully tailored language constructs can aid in addressing the challenges faced in this domain, as illustrated by the various concurrency models that prevent the known pitfalls of regular threads. Today, many languages exist in this domain and often provide unique characteristics that make them specifically fit for certain use cases. This thesis evolves around two distinctive languages: the actor-oriented polyglot coordination language Lingua Franca and the synchronous statecharts dialect SCCharts. While they take different approaches in providing reactive modeling capabilities, they share clear similarities in their semantics and complement each other in design principles. This thesis analyzes and compares key design aspects in the context of these two languages. For three particularly relevant concepts, it provides and evaluates lean and seamless language extensions that are carefully aligned with the fundamental principles of the underlying language. Specifically, Lingua Franca is extended toward coordinating modal behavior, while SCCharts receives a timed automaton notation with an efficient execution model using dynamic ticks and an extension toward the object-oriented modeling paradigm

    Automatization of Attack Trees

    Get PDF
    Oggigiorno la cybersecurity è più critica che mai. L'uso estensivo di dispositivi elettronici espone i nostri dati sensibili a sempre più minacce e vulnerabilità, e tutto ciò può portare a dei cyber-attacchi. Il problema della protezione dei dati e dei sistemi dalle minacce informatiche non ha una risoluzione banale a causa dell'eterogeneità dei sistemi e dei dispositivi esistenti, che possono richiedere mezzi protettivi molto diversi fra loro. Pertanto, giocano un ruolo centrale la prevenzione ed il rilevamento di potenziali minacce nei vari tipi di sistema esistenti. Lo scopo di questa tesi è quello di sviluppare un tool di analisi automatica dei cosiddetti event log dei sistemi che sono stati attaccati o hackerati. L'obiettivo è quello di ottenere un process tree che rappresenti le azioni dell'attaccante partendo dai log, e di usare successivamente alcune regole di traduzione per ottenere un attack tree del sistema in questione. Quest'ultimo può essere visto come una rappresentazione grafica di tutti i potenziali attacchi. Il lavoro proposto può essere utile come mezzo per identificare quali possano essere le possibili debolezze e vulnerabilità che un attaccante potrebbe sfruttare all'interno di un sistema

    What Petri Net Obliges Us to Say: Comparing Approaches for Behavior Composition

    Full text link
    We identify and demonstrate a weakness of Petri Nets (PN) in specifying composite behavior of reactive systems. Specifically, we show how, when specifying multiple requirements in one PN model, modelers are obliged to specify mechanisms for combining these requirements. This yields, in many cases, over-specification and incorrect models. We demonstrate how some execution paths are missed, and some are generated unintentionally. To support this claim, we analyze PN models from the literature, identify the combination mechanisms, and demonstrate their effect on the correctness of the model. To address this problem, we propose to model the system behavior using behavioral programming (BP), a software development and modeling paradigm designed for seamless integration of independent requirements. Specifically, we demonstrate how the semantics of BP, which define how to interweave scenarios into a single model, allow avoiding the over-specification. Additionally, while BP maintains the same mathematical properties as PN, it provides means for changing the model dynamically, thus increasing the agility of the specification. We compare BP and PN in quantitative and qualitative measures by analyzing the models, their generated execution paths, and the specification process. Finally, while BP is supported by tools that allow for applying formal methods and reasoning techniques to the model, it lacks the legacy of PN tools and algorithms. To address this issue, we propose semantics and a tool for translating BP models to PN and vice versa.Comment: 14 pages, 10 figures, Published in IEEE Transactions on Software Engineering (IEEE TSE

    Logs and Models in Engineering Complex Embedded Production Software Systems

    Get PDF

    Early timing analysis based on scenario requirements and platform models

    Get PDF
    Distributed, software-intensive systems (e.g., in the automotive sector) must fulfill communication requirements under hard real-time constraints. The requirements have to be documented and validated carefully using a systematic requirements engineering (RE) approach, for example, by applying scenario-based requirements notations. The resources of the execution platforms and their properties (e.g., CPU frequency or bus throughput) induce effects on the timing behavior, which may lead to violations of the real-time requirements. Nowadays, the platform properties and their induced timing effects are verified against the real-time requirements by means of timing analysis techniques mostly implemented in commercial-off-the-shelf tools. However, such timing analyses are conducted in late development phases since they rely on artifacts produced during these phases (e.g., the platform-specific code). In order to enable early timing analyses already during RE, we extend a scenario-based requirements notation with allocation means to platform models and define operational semantics for the purpose of simulation-based, platform-aware timing analyses. We illustrate and evaluate the approach with an automotive software-intensive system

    System: A core conceptual modeling construct for capturing complexity

    Get PDF
    [EN] The digitalization of human society continues at a relentless rate. However, to develop modern information technologies, the increasing complexity of the real-world must be modeled, suggest-ing the general need to reconsider how to carry out conceptual modeling. This research proposes that the often-overlooked notion of "system"should be a separate, and core, conceptual modeling construct and argues for incorporating it and related concepts, such as emergence, into existing approaches to conceptual modeling. The work conducts a synthesis of the ontology of systems and general systems theory. These modeling foundations are then used to propose a CESM+ template for conducing systems-grounded conceptual modeling. Several new conceptual modeling notations are introduced. The systemist modeling is then applied to a case study on the development of a citizen science platform. The case demonstrates the potential contributions of the systemist approach and identifies specific implications of explicit modeling with systems for theory and practice. The paper provides recommendations for how to incorporate systems into existing projects and suggests fruitful opportunities for future conceptual modeling research.We wish to thank the editor-in-chief, Carson Woo, and three anonymous reviewers for their exceptionally insightful and developmental comments. The substantial improvements that resulted from their feedback were much deeper than we usually experience in journal review processes. We wish to thank the participants of www.nlnature.com (now inactive) who contributed their sightings from 2010 to 2022. We also thank Jeffrey Parsons and Yolanda Wiersma - the co -investigators of NLNature. We are grateful to the late Mario Bunge and to Ron Weber with whom we discussed ontological ideas that inspired this paper. We also want to thank the participants and reviewers of AIS SIGSAND and ER Conference for their comments and feedback on earlier versions of this paper. This research was supported by McIntire School of Commerce, University of Virginia, J. Mack Robinson College of Business, Georgia State University, United States, and by VRAIN Research Institute of the Universitat Politecnica de Valencia and the Generalitat Valenciana, Spain under the CoMoDiD project (CIPROM/2021/023) .Lukyanenko, R.; Storey, VC.; Pastor LĂłpez, O. (2022). System: A core conceptual modeling construct for capturing complexity. Data & Knowledge Engineering. 141:1-29. https://doi.org/10.1016/j.datak.2022.10206212914

    Automatically Generating Test Cases for Safety-Critical Software via Symbolic Execution

    Full text link
    Automated test generation based on symbolic execution can be beneficial for systematically testing safety-critical software, to facilitate test engineers to pursue the strict testing requirements mandated by the certification standards, while controlling at the same time the costs of the testing process. At the same time, the development of safety-critical software is often constrained with programming languages or coding conventions that ban linguistic features which are believed to downgrade the safety of the programs, e.g., they do not allow dynamic memory allocation and variable-length arrays, limit the way in which loops are used, forbid recursion, and bound the complexity of control conditions. As a matter of facts, these linguistic features are also the main efficiency-blockers for the test generation approaches based on symbolic execution at the state of the art. This paper contributes new evidence of the effectiveness of generating test cases with symbolic execution for a significant class of industrial safety critical-systems. We specifically focus on Scade, a largely adopted model-based development language for safety-critical embedded software, and we report on a case study in which we exploited symbolic execution to automatically generate test cases for a set of safety-critical programs developed in Scade. To this end, we introduce a novel test generator that we developed in a recent industrial project on testing safety-critical railway software written in Scade, and we report on our experience of using this test generator for testing a set of Scade programs that belong to the development of an on-board signaling unit for high-speed rail. The results provide empirically evidence that symbolic execution is indeed a viable approach for generating high-quality test suites for the safety-critical programs considered in our case study

    Fundamental Approaches to Software Engineering

    Get PDF
    This open access book constitutes the proceedings of the 25th International Conference on Fundamental Approaches to Software Engineering, FASE 2022, which was held during April 4-5, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 17 regular papers presented in this volume were carefully reviewed and selected from 64 submissions. The proceedings also contain 3 contributions from the Test-Comp Competition. The papers deal with the foundations on which software engineering is built, including topics like software engineering as an engineering discipline, requirements engineering, software architectures, software quality, model-driven development, software processes, software evolution, AI-based software engineering, and the specification, design, and implementation of particular classes of systems, such as (self-)adaptive, collaborative, AI, embedded, distributed, mobile, pervasive, cyber-physical, or service-oriented applications

    Interactive Model-Based Compilation: A Modeller-Driven Development Approach

    Get PDF
    There is a growing tendency for using domain-specific languages, which help domain experts to stay focussed on abstract problem solutions. It is important to carefully design these languages and tools, which fundamentally perform model-to-model transformations. The quality of both usually decides the effectiveness of the subsequent development and therefore the quality of the final applications. However, as the complexity and safety requirements of modern systems grow, it becomes increasingly burdensome to create highly customized languages and difficult to provide reasonable overviews within these tools. This thesis introduces a new interactive model-based compilation methodology. Compilations for arbitrary model-to-model transformations are themselves described as models. They can be instantiated for particular inputs, e. g. a program, to create concrete compilation runs, which return the result of that compilation. The compilation instance is interactively observable. Intermediate results serve as new inputs and as documentation. They can be used to create highly customized views and facilitate understandability. This methodology guides modellers from the start of the compilation to the final result so that they can interactively refine their models. The methodology has been implemented and validated as the KIELER Compiler (KiCo) and is available as part of the KIELER open-source project. It is used to implement the current reference compiler for the SCCharts language, a statecharts dialect designed for specifying safety-critical reactive systems based on a synchronous model of computation. The interactive model-based compilation approach was key to the rapid prototyping of three different compilation strategies, as well as new language extensions, variations and closely related languages. The results are verified with benchmarks, which are again modelled using the same approach and technology. The usability of the SCCharts language and the KiCo tooling is documented with long-term surveys and real-life industrial, academic and teaching examples
    • …
    corecore