What makes industries believe in formal methods

The introduction of formal methods in the design and development departments of an industrial company has far reaching and long lasting consequences. In fact it changes the whole environment of methods, tools and skills that determine the design culture of that company. A decision to replace current design practice by formal methods, therefore, appears a vital one and is not lightly taken. The past has shown that efforts to introduce formal methods in industry has faced a lot of controversy and opposition at various hierarchical levels in companies, resulting in a marginal spread of such methods. This paper revisits the requirements for formal description techniques and identifies some critical success and inhibiting factors associated with the introduction of formal methods in the industrial practice. One of the inhibiting factors is the often encountered lack of appropriateness of the formal model to express and manipulate the design concerns that determine the world of the engineer. This factor motivated our research in the area of architectural and implementation design concepts. The last two sections of this paper report on some results of this research

LOTOS specification style for OSI

The architecture of OSI is used to derive guidelines for writing LOTOS specifications of distributed systems. In particular, the architectural concepts that underlie service and protocol designs are examined in detail. For each of these concepts a representation in LOTOS is given. Examples are provided of how the LOTOS representations of the concepts are used in the construction of LOTOS specifications of service and protocol designs. The approach described in this paper is motivated by the need to produce distributed system specifications in a more consistent and productive fashion

LOTOSphere:software development with LOTOS

LOTOS (Language Of Temporal Ordering Specification) became an international standard in 1989, although application of preliminary versions of the language to communication services and protocols of the ISO/OSI family dates back to 1984. This history of the use of LOTOS made it apparent that more advantages than the pure production of standard reference documents were to be expected from the use of such formal description techniques. LOTOSphere: Software Development with LOTOS describes in depth a five year project that moved LOTOS out of the ISO tower into software engineering practice. LOTOS became a vehicle for efficient, yet formally based industrial software specification, design, verification, implementation and testing. LOTOSphere: Software Development with LOTOS is divided into six parts. The first introduces the reader to LOTOS and the project LOTOSphere. The five remaining each treat an important part of the software development life cycle using LOTOS. This is the first book to give a comprehensive treatment of the use of these formal description techniques in a software engineering environment. It will thus be a valuable reference for researchers and software developers and can also be used as a text for an advanced course on the subject

Formal description techniques for distributed computing systems:the challenges for the 1990's

Initially FDTs where developed within IS0 and CCITT for specification, at a high-level of abstraction, of distributed systems. Research is now being performed on the use of FDTs to support the complete implementation trajectory. In this paper we discuss a number of such research activities that are conducted within the framework of the Lotosphere project(*). The paper discusses aspects of design methodology, correctness preserving transformation, the reflection of design criteria, the role of pre-defined specification and implementation constructs, and formal approaches to conformance testing. Furthermore some insight is given in the development of a comprehensive toolset that supports these aspects of design methodology. The paper concludes with some experience obtained from the application of these methods and tools to some realistic pilot implementations: an ISDN and MHS application and a Transaction Processing application

Efficient Implementation of Estelle Specifications

Efficient implementation of communication software is of critical importance for high-speed networks. We analyze performance bottlenecks in existing implementations and propose two techniques for improvements: The first exploits parallelism not only in the actions of the FSMs, but also in the runtime system of the protocol stack. The second integrates adjacent layers leading to considerable savings in inter-layer interface handling and in the number of transitions occurring in the FSMs. Both techniques are discussed in the context of OSI upper layers, and are based on protocol specification in Estelle

On the design of application protocols

In the last decades, much effort has been spent on the design and provision of sophisticated communication infrastructures. The development of end-user oriented distributed system applications, leaning on top of these communication infrastructures, so far has attracted little attention. This is regrettable, since communication infrastructures can only become useful and profitable if they can be deployed in the context of a sufficient number of distributed applications.\ud Two important factors determine the success of distributed applications: (1) the provision of high quality application services and protocols at short time scales; and (2) the availability of standards for these services and protocols that can be used for the construction of �open� distributed systems. The achievement of both (1) and (2) can be supported by a suitable design methodology.\ud A design methodology entails a systematic approach to carry out complex designs, and therefore should incorporate proper concepts that enable the effective structuring of such designs. Concepts currently used for the design and structuring of application protocols appear to be inadequate for this purpose. Also a step-wise design approach that would help to master complexity and shorten development times is currently lacking.\ud Standards are necessary since individual users of distributed system applications prefer to be independent on any particular manufacturer or vendor when procuring products, while manufacturers prefer to have maximum implementation freedom when developing such products. An �open� protocol standard defines necessary and sufficient conditions for system parts to interact, such that the system parts can be implemented independently of each other.\ud ISO and ITU-TSS base the development and definition of protocol standards on a �reference model�, called the Reference Model for Open Systems Interconnection (OSIRM). This model comprises a rudimentary form of a design approach and a reference architecture that can be derived with this approach. According to the OSI-RM, the overall application protocol functionality is distributed over three hierarchical protocol layers. Each layer has been assigned a specific functionality, except the highest layer, the Application\ud Layer, which is made responsible for all remaining protocol functions. Because the functionality of the Application Layer is not delimited it cannot, as opposed to the other layers, be covered by a single protocol standard or a fixed set of protocol standards. Several identified sets of Application Layer protocol functions are defined by separate Application Service Elements (ASEs).\ud The appropriateness of the OSI-RM for the development and definition of application protocol standards can be criticized on a number of points:\ud - the reference architecture defined by the OSI-RM is not flexible enough to adequately cope with the diversity of interaction requirements of distributed applications.\ud - some design concepts are not clearly defined, thus prohibiting their effective application to structuring problems;\ud - the relationship between high level application requirements and proposed application protocol solutions is unclear;\ud - the development of application protocol standards generally takes a long time.\ud This thesis aims at the development of a methodology for the design of application protocols, including application protocol standards, and so addresses the problems mentioned above. The following contributions are made to achieve this aim:\ud - design quality criteria are proposed that can be used to guide design decisions and to evaluate designs;\ud - OSI design decisions and design concepts with respect to application protocols are evaluated;\ud - general-purpose, elementary design concepts are proposed;\ud - milestones in the application protocol design process are presented;\ud - behaviour composition and structuring techniques are developed that can be used to represent design results corresponding to the identified milestones;\ud - design methods are proposed to support the correct performance of design steps between milestones;\ud - a flexible reference architecture is proposed.\ud A (potential) result of the design methodology is that layered application protocol hierarchies can be avoided if they are not required by the class of distributed applications that must be supported

Easing the Transition from Inspiration to Implementation: A Rapid Prototyping Platform for Wireless Medium Access Control Protocols

Packet broadcast networks are in widespread use in modern wireless communication systems. Medium access control is a key functionality within such technologies. A substantial research effort has been and continues to be invested into the study of existing protocols and the development of new and specialised ones. Academic researchers are restricted in their studies by an absence of suitable wireless MAC protocol development methods. This thesis describes an environment which allows rapid prototyping and evaluation of wireless medium access control protocols. The proposed design flow allows specification of the protocol using the specification and description language (SDL) formal description technique. A tool is presented to convert the SDL protocol description into a C++ model suitable for integration into both simulation and implementation environments. Simulations at various levels of abstraction are shown to be relevant at different stages of protocol design. Environments based on the Cinderella SDL simulator and the ns-2 network simulator have been developed which allow early functional verification, along with detailed and accurate performance analysis of protocols under development. A hardware platform is presented which allows implementation of protocols with flexibility in the hardware/software trade-off. Measurement facilities are integral to the hardware framework, and provide a means for accurate real-world feedback on protocol performance