Nivat's processes and their synchronization

AbstractThis short paper retraces how the notion of synchronization of processes introduced by Maurice Nivat in 1979 has evolved over more than 20 years

Model-based dependability analysis : state-of-the-art, challenges and future outlook

Abstract: Over the past two decades, the study of model-based dependability analysis has gathered significant research interest. Different approaches have been developed to automate and address various limitations of classical dependability techniques to contend with the increasing complexity and challenges of modern safety-critical system. Two leading paradigms have emerged, one which constructs predictive system failure models from component failure models compositionally using the topology of the system. The other utilizes design models - typically state automata - to explore system behaviour through fault injection. This paper reviews a number of prominent techniques under these two paradigms, and provides an insight into their working mechanism, applicability, strengths and challenges, as well as recent developments within these fields. We also discuss the emerging trends on integrated approaches and advanced analysis capabilities. Lastly, we outline the future outlook for model-based dependability analysis

Model based safety analysis for an Unmanned Aerial System

This paper aims at describing safety architectures of autonomous systems by using Event-B formal method. The autonomous systems combine various activities which can be organised in layers. The Event-B formalism well supports the rigorous design of this kind of systems. Its refinement mechanism allows a progressive modelling by checking the correctness and the relevance of the models by discharging proof obligations. The application of the Event-B method within the framework of layered architecture specification enables the emergence of desired global properties with relation to layer interactions. The safety objectives are derived in each layer and they involve static and dynamic properties such as an independence property, a redundant property or a sequential property. The originality of our approach is to consider a refinement process between two layers in which the abstract model is the model of the lower layer. In our modelling, we distinguish nominal behaviour and abnormal behaviour in order to well establish failure propagation in our architecture

Supporting a Multi-formalism Model Driven Development Process with Model Transformation, a TOPCASED implementation

International audienceThe ASSERT (Automated proof based System and Software Engineering for Real-Time Applications) European Integrated Project (IST-FP6-004033, http://www.assert-project.net/) defined and experimented a multi formalism Model Driven Engineering (MDE) process, enforcing an approach with separated specification and refinement of functional and non-functional properties.• Functional specification, design and development is based on UML profiles to support AADL concepts [2] and behavioural specification.• Real time Architecture properties are based on extensions targeting Ravenscar Computing execution Model (RCM see [6]) constraints upon component interface and ports.• Model transformation is supporting correctness preserving rules towards a Virtual Machine execution environment or a verification dedicated environment.A tool chain called IDEA (Integrated Development Environment for ASSERT) supporting the process was developed by the CS ASSERT team on top of the Eclipse/TOPCASED environment allowing:• Integrated use of several formalisms in a development life-cycle (UML, AADL, IF[4]) .• Model transformation from UML to IF, AADL to RCM and RCM to Ada• Automated code generationThe approach experimented allows combined use of best suited formalisms and features for MDE developments. The TOPCASED tool proved to be a unique integrated toolset for prototyping UML and meta models supporting tools.The main feedback gained from applying the notations and approach on small to medium case studies is that UML profiling is not scalable, and that use of several Domain Specific Languages (DSL) seems far more suitable. Semantic clashes can be limited by raising the abstraction level, and by partitioning properties for verification

Toward a methodology for the AltaRica modelling of multi-physical systems

Numerous works deal with the use of the formal language AltaRica to improve the safety as-sessment process of industrial systems. In this context, the paper aims at describing and applying a common methodology to model physical systems. The example of a mechanical system and a hydro-mechanical system will be taken

SPaCIFY: a Formal Model-Driven Engineering for Spacecraft On-Board Software

International audienceThe aim of this article is to present a model- driven approach proposed by the SPaCIFY project for spacecraft on-board software development. This ap- proach is based on a formal globally asynchronous lo- cally synchronous language called Synoptic, and on a set of transformations allowing code generation and model verification

Analyse de sécurité de systèmes autonomes: formalisation et évaluation en Event-B

Cet article présente une partie de l'étude d'architectures de sécurité de systèmes autonomes s'appuyant sur l'utilisation de la méthode formelle Event-B. Le formalisme Event-B supporte bien la conception rigoureuse de ces systèmes qui combinent diverses activités que l'on peut structurer en couches. Sa technique de raffinement permet une modélisation progressive en vérifiant la correction et la pertinence des modèles par décharge de preuves. L'application de la méthode Event-B dans le cadre de la spécification d'architectures en couches garantit l'émergence de propriétés globales attendues, telles que les propriétés de sécurité, lorsque l'on s'assure du respect de propriétés au niveau des relations entre les couches. Cet article se situe au début de cette nouvelle étude. Il présente les principes de la modélisation Event-B d'un système de contrôle de drone simplifié. Il caractérise le concept d'architecture en couches utilisée pour cette modélisation. Il décrit ensuite une première modélisation d'une couche avant de conclure sur l'intérêt de cette modélisation pour la validation de systèmes autonomes par rapport aux objectifs de sécurité fixés

Formal Safety and Security Assessment of an Avionic Architecture with Alloy

We propose an approach based on Alloy to formally model and assess a system architecture with respect to safety and security requirements. We illustrate this approach by considering as a case study an avionic system developed by Thales, which provides guidance to aircraft. We show how to define in Alloy a metamodel of avionic architectures with a focus on failure propagations. We then express the specific architecture of the case study in Alloy. Finally, we express and check properties that refer to the robustness of the architecture to failures and attacks.Comment: In Proceedings ESSS 2014, arXiv:1405.055

Reconfigurable IMA platform: from safety assessment to test scenarios on the SCARLETT demonstrator

International audienceThe next generation of IMA platforms should include reconfiguration capabilities in order to limit the effect of some hardware failures on aircraft operational reliability. The contribution of this paper is to describe the safety assessment process from the safety assessment on the preliminary design of a reconfigurable IMA architecture to the execution of the failure scenarios on the SCARLETT demonstrator

Integration of formal fault analysis in ASSERT: Case studies and lessons learnt

International audienceThe ASSERT European Integrated Project (Automated proof-based System and Software Engineering for Real-Time systems; EC FP6, IST-004033) has investigated, elaborated and experimented advanced methods based on the AltaRica language and support tool OCAS for architecture and fault approach propagation description analysis, and integrated in the complete ASSERT process. The paper describes lessons learnt from three case studies: safety critical spacecraft, autonomous deep exploration spacecraft, and civil aircraft