51 research outputs found

    Towards Language-Oriented Modeling

    Get PDF
    In this habilitation à diriger des recherches (HDR), I review a decade of research work in the fields of Model-Driven Engineering (MDE) and Software Language Engineering (SLE). I propose contributions to support a language-oriented modeling, with the particular focus on enabling early validation & verification (V&V) of software-intensive systems. I first present foundational concepts and engineering facilities which help to capture the core domain knowledge into the various heterogeneous concerns of DSMLs (aka. metamodeling in the small), with a particular focus on executable DSMLs to automate the development of dynamic V&V tools. Then, I propose structural and behavioral DSML interfaces, and associated composition operators to reuse and integrate multiple DSMLs (aka. metamodeling in the large).In these research activities I explore various breakthroughs in terms of modularity and reusability of DSMLs. I also propose an original approach which bridges the gap between the concurrency theory and the algorithm theory, to integrate a formal concurrency model into the execution semantics of DSMLs. All the contributions have been implemented in software platforms — the language workbench Melange and the GEMOC studio – and experienced in real-world case studies to assess their validity. In this context, I also founded the GEMOC initiative, an attempt to federate the community on the grand challenge of the globalization of modeling languages

    Multilevel Modeling

    Get PDF
    Domain-specific modeling languages (DSMLs) promise clear advantages over general-purpose modeling languages. However, their design poses a fundamental challenge. While economies of scale advocate the development of DSMLs that can be used in a wide range of cases, modeling productivity demands more specific language concepts tuned to individual requirements. Inspired by the actual use of technical languages (German: “Fachsprachen”), this paper presents a novel multilevel modeling approach to conceptual modeling and to the design of information systems. Unlike traditional language architectures such as Meta Object Facility (MOF), it features a recursive architecture that allows for an arbitrary number of classification levels and, hence, for the design of hierarchies of DSMLs ranging from reference DSMLs to “local” DSMLs. It can not only diminish the conflict inherent in designing DSMLs, but enables the reuse and integration of software artifacts in general. It also helps reduce modeling complexity by relaxing the rigid dichotomy between specialization and instantiation. Furthermore, it integrates a meta-modeling language with a metamodel of a reflective meta-programming language, thereby allowing for executable models. The specification of the language architecture is supplemented by the description of use scenarios that illustrate the potential of multilevel modeling and a critical discussion of its peculiarities

    A Catalog of Reusable Design Decisions for Developing UML/MOF-based Domain-specific Modeling Languages

    Get PDF
    In model-driven development (MDD), domain-specific modeling languages (DSMLs) act as a communication vehicle for aligning the requirements of domain experts with the needs of software engineers. With the rise of the UML as a de facto standard, UML/MOF-based DSMLs are now widely used for MDD. This paper documents design decisions collected from 90 UML/MOF-based DSML projects. These recurring design decisions were gained, on the one hand, by performing a systematic literature review (SLR) on the development of UML/MOF-based DSMLs. Via the SLR, we retrieved 80 related DSML projects for review. On the other hand, we collected decisions from developing ten DSML projects by ourselves. The design decisions are presented in the form of reusable decision records, with each decision record corresponding to a decision point in DSML development processes. Furthermore, we also report on frequently observed (combinations of) decision options as well as on associations between options which may occur within a single decision point or between two decision points. This collection of decision-record documents targets decision makers in DSML development (e.g., DSML engineers, software architects, domain experts).Series: Technical Reports / Institute for Information Systems and New Medi

    Component-Based Model-Driven Software Development

    Get PDF
    Model-driven software development (MDSD) and component-based software development are both paradigms for reducing complexity and for increasing abstraction and reuse in software development. In this thesis, we aim at combining the advantages of each by introducing methods from component-based development into MDSD. In MDSD, all artefacts that describe a software system are regarded as models of the system and are treated as the central development artefacts. To obtain a system implementation from such models, they are transformed and integrated until implementation code can be generated from them. Models in MDSD can have very different forms: they can be documents, diagrams, or textual specifications defined in different modelling languages. Integrating these models of different formats and abstraction in a consistent way is a central challenge in MDSD. We propose to tackle this challenge by explicitly separating the tasks of defining model components and composing model components, which is also known as distinguishing programming-in-the-small and programming-in-the-large. That is, we promote a separation of models into models for modelling-in-the-small (models that are components) and models for modelling-in-the-large (models that describe compositions of model components). To perform such component-based modelling, we introduce two architectural styles for developing systems with component-based MDSD (CB-MDSD). For CB-MDSD, we require a universal composition technique that can handle models defined in arbitrary modelling languages. A technique that can handle arbitrary textual languages is universal invasive software composition for code fragment composition. We extend this technique to universal invasive software composition for graph fragments (U-ISC/Graph) which can handle arbitrary models, including graphical and textual ones, as components. Such components are called graph fragments, because we treat each model as a typed graph and support reuse of partial models. To put the composition technique into practice, we developed the tool Reuseware that implements U-ISC/Graph. The tool is based on the Eclipse Modelling Framework and can therefore be integrated into existing MDSD development environments based on the framework. To evaluate the applicability of CB-MDSD, we realised for each of our two architectural styles a model-driven architecture with Reuseware. The first style, which we name ModelSoC, is based on the component-based development paradigm of multi-dimensional separation of concerns. The architecture we realised with that style shows how a system that involves multiple modelling languages can be developed with CB-MDSD. The second style, which we name ModelHiC, is based on hierarchical composition. With this style, we developed abstraction and reuse support for a large modelling language for telecommunication networks that implements the Common Information Model industry standard

    Integration and Test of MOF/UML-based Domain-specific Modeling Languages

    Get PDF
    In model-driven development (MDD), domain-specific modeling languages (DSMLs) are used as tailor-made software languages targeting dedicated application domains. Due to the narrow domain coverage of DSMLs, demands to integrate their individual functionality into a consolidated DSML arise (e.g., developing a software product combining two or more pre-existing DSMLs). However, in order to realize the benefits of integrated DSMLs, it must be ensured that the integrated DSML is correctly implemented and behaves as specified. To support the integration and the test of DSMLs, this thesis presents an approach targeting the Meta Object Facility (MOF) and the Unified Modeling Language (UML)- a metamodeling infrastructure frequently employed for the MDD of software systems. The integration of DSMLs is based on a rewriting technique for model-to-text (M2T) transformations. This method allows for the reuse as well as for the automatic refactoring of M2T transformation templates to fix important syntactical mismatches between templates and the integrated DSML. To test an integrated DSML, scenarios are used to define domain requirements on an abstract level (via structured text descriptions). In a subsequent step, executable scenario tests are derived from the requirements-level scenarios. These executable scenario specifications are then employed to test the integrated DSML for compliance with corresponding domain requirements. Empirical evaluations of the approach (case studies, controlled experiment) demonstrate its successful application, collect evidence for its usefulness, and quantify its benefits. The integrated proof-of-concept implementations build on the Eclipse Modeling Framework (EMF), making use of and extending well-known Eclipse-based projects. All accompanying developments are placed into the public domain as free/libre open source software. Within the framework of this thesis, research results were originally published as individual contributions (workshop, conference, and journal articles). All research contributions are results of applying a design science research approach. (author's abstract

    Augmenting DSVL Meta-Tools with Pattern Specification, Instantiation and Reuse

    Get PDF
    This paper describes an approach for using patterns in domain-specific visual language (DSVL) meta-tools. Our approach facilitates DSVL development via high level design-for-reuse and design-by-reuse pattern modelling tools. It provides a simple visual pattern modelling language that is used in parallel with DSVL meta-model specifications for modelling and reusing DSVL structural and behavioural design patterns. It also provides tool support for instantiating and visualising structural patterns, as well as executing behavioural patterns on DSVL model instances

    Towards the Formal Verification of Model Transformations: An Application to Kermeta

    Get PDF
    Model-Driven Engineering (MDE) is becoming a popular engineering methodology for developing large-scale software applications, using models and transformations as primary principles. MDE is now being successfully applied to domain-specific languages (DSLs), which target a narrow subject domain like process management, telecommunication, product lines, smartphone applications among others, providing experts high-level and intuitive notations very close to their problem domain. More recently, MDE has been applied to safety-critical applications, where failure may have dramatic consequences, either in terms of economic, ecologic or human losses. These recent application domains call for more robust and more practical approaches for ensuring the correctness of models and model transformations. Testing is the most common technique used in MDE for ensuring the correctness of model transformations, a recurrent, yet unsolved problem in MDE. But testing suffers from the so-called coverage problem, which is unacceptable when safety is at stake. Rather, exhaustive coverage is required in this application domain, which means that transformation designers need to use formal analysis methods and tools to meet this requirement. Unfortunately, two factors seem to limit the use of such methods in an engineer’s daily life. First, a methodological factor, because MDE engineers rarely possess the effective knowledge for deploying formal analysis techniques in their daily life developments. Second, a practical factor, because DSLs do not necessarily have a formal explicit semantics, which is a necessary enabler for exhaustive analysis. In this thesis, we contribute to the problem of formal analysis of model transformations regarding each perspective. On the conceptual side, we propose a methodological framework for engineering verified model transformations based on current best practices. For that purpose, we identify three important dimensions: (i) the transformation being built; (ii) the properties of interest ensuring the transformation’s correctness; and finally, (iii) the verification technique that allows proving these properties with minimal effort. Finding which techniques are better suited for which kind of properties is the concern of the Computer-Aided Verification community. Consequently in this thesis, we focus on studying the relationship between transformations and properties. Our methodological framework introduces two novel notions. A transformation intent gathers all transformations sharing the same purpose, abstracting from the way the transformation is expressed. A property class captures under the same denomination all properties sharing the same form, abstracting away from their underlying property languages. The framework consists of mapping each intent with its characteristic set of property classes, meaning that for proving the correctness of a particular transformation obeying this intent, one has to prove properties of these specific classes. We illustrate the use and utility of our framework through the detailed description of five common intents in MDE, and their application to a case study drawn from the automative software domain, consisting of a chain of more than thirty transformations. On a more practical side, we study the problem of verifying DSLs whose behaviour is expressed with Kermeta. Kermeta is an object-oriented transformation framework aligned with Object Management Group standard specification MOF (Meta-Object Facility). It can be used for defining metamodels and models, as well as their behaviour. Kermeta lacks a formal semantics: we first specify such a semantics, and then choose an appropriate verification domain for handling the analysis one is interested in. Since the semantics is defined at the level of Kermeta’s transformation language itself, our work presents two interesting features: first, any DSL whose behaviour is defined using Kermeta (more precisely, any transformation defined with Kermeta) enjoys a de facto formal underground for free; second, it is easier to define appropriate abstractions for targeting specific analysis for this full-fledged semantics than defining specific semantics for each possible kind of analysis. To illustrate this point, we have selected Maude, a powerful rewriting system based on algebraic specifications equipped with model-checking and theorem-proving capabilities. Maude was chosen because its underlying formalism is close to the mathematical tools we use for specifying the formal semantics, reducing the implementation gap and consequently limiting the possible implementation mistakes. We validate our approach by illustrating behavioural properties of small, yet representative DSLs from the literature

    Machine checkable design patterns using dependent types and domain specific goal-oriented modelling languages

    Get PDF
    Goal-Oriented Modelling Languages such as the Goal Requirements Language (GRL) have been used to reason about Design Patterns. However, the GRL is a general purpose modelling language that does not support concepts bespoke to the pattern domain. This thesis has investigated how advanced programming language techniques, namely Dependent Types and Domain Specific Languages, can be used to enhance the design and construction of Domain Specific Modelling languages (DSMLs), and apply the results to Design Pattern Engineering. This thesis presents Sif, a DSML for reasoning about design patterns as goal-oriented requirements problems. Sif presents modellers with a modelling language tailored to the pattern domain but leverages the GRL for realisation of the modelling constructs. Dependent types have influenced the design and implementation of Sif to provide correctness guarantees, and have led to the development of NovoGRL a novel extension of the GRL. A technique for DSML implementation called Types as (Meta) Modellers was developed in which the interpretation between a DSML and its host language is implemented directly within the type-system of the DSML. This provides correctness guarantees of DSML model instances during model construction. Models can only be constructed if and only if the DSML’s type-system can build a valid representation of the model in the host language. This thesis also investigated design pattern evaluation, developing PREMES an evaluation framework that uses tailorable testing techniques to provide demonstrable reporting on pattern quality. Linking PREMES with Sif are: Freyja - an active pattern document schema in which Sif models are embedded within pattern documents; and Frigg - a tool for interacting with pattern documents. The proof-of-concept tools in this thesis demonstrate: machine enhanced interactions with design patterns; reproducible automation in the PREMES framework; and machine checking of pattern documents as Sif models. With the tooling and techniques presented, design pattern engineering can become a more rigorous, demonstrable, and machine checkable process

    A Model-driven Approach for the Automatic Generation of System-Level Test Cases

    Get PDF
    Systems at the basis of the modern society, as the as the homeland security, the environment protection, the public and private transportations, the healthcare or the energy supply depend on the correct functioning of one or more embedded systems. In several cases, such systems shall be considered critical, since the consequences of their failures may result in economic losses, damages to the environment or even injuries to human life. Possible disastrous consequences of embedded critical systems, suggest that discover flaws during systems development and avoid their propagation to the system execution, is a crucial task. In fact, most of the failures found during the usage of embedded critical systems, is due to errors introduced during early stages of the system development. Thus, it is desiderable to start Verification and Validation (V&V) activities during early stages of a system life cycle. However such V&V activities can account over the 50% of times and costs of a system life cycle and there is therefore the need to introduce techniques able to reduce the accounted resources without losses in term efficiency. Among the methodologies found in scientific and industrial literature there is a large interest in the V&V automation. In particular, automatic verification can be performed during different stages of a system development life cycle and can assume different meanings. In this thesis, the focus is on the automation of the test cases generation phase performed at the System level starting from SUT and test specifications. A recent research trend, related to this, is to support such process providing a flexible tool chain allowing for effective Model Driven Engineering (MDE) approaches. The adoption of a model-driven techniques requires the modelling of the SUT to drive the generation process, by using suitable domain-specific modelling languages and model transformations. Thus, a successful application of the MDE principles is related to the choice of the high-level language for SUT specification and the tools and techniques provided to support the V\&V processes. According to this, the model-driven approach define in this thesis relies on three key factors: (1) the definition of new domain-specific modelling languages (DSMLs) for the SUT and the test specifications, (2) the adoption of model checking techniques to realize the generation of the test cases and (3) the implementation of a concrete framework providing a complete tool chain supporting the automation process. This work is partially involved in an ARTEMIS European project CRYSTAL (CRitical sYSTem engineering AcceLeration). CRYSTAL is strongly industry-oriented and aims at achieving technical innovation by a user-driven approach based on the idea to apply engineering methods to industrially relevant Use Cases from the automotive, aerospace, rail and health-care sectors. The DSML that will be presented in this thesis, emerged as an attempt to address the modelling requirements and the design practices of the industrial partners of the project, within a rigorous and well-founded formal specification and verification approach. In fact, the main requirement that a modelling language suitable for the industry should have is to be small and as simple as possible. Thus, the modelling language should provide an adequate set of primitive constructs to allow for a natural modelling of the system of interest. Furthermore, the larger the gap between the design specification and the actual implementation is, the less useful the results of the design analysis would be. The test case generation is supported by model checking techniques; the SUT and test models are in fact translated in specifications expressed by the language adopted by a model checker. The thesis discusses all the issues addressed in the mapping process and provides their implementations by means of model transformations. A class of test specifications is addressed to exemplify the generation process over a common class of reachability requirements. The model-driven approach discussed in the thesis is applied in the contest of the railway control systems, and in particular on some of the key functionalities of the Radio Block Center, the main component of the ERTMS/ETCS standards for the interoperability of the railway control systems in the European Community. The thesis is organized as follows. The first chapter introduces embedded critical systems and outlines the main research trends related to their V&V process. The Chapter 2 outlines the state of the art in testing automation with a particular focus on model-driven approaches for automatic test generation. The same Chapter 2 provides also the necessary technical background supporting to understand the development process of the supporting framework. The Chapter 3 describes the context of the CRYSTAL project and the proposed model-driven approach partially involved in its activities. The Chapter 4 describes the domains pecific modelling languages defined for the modelling of the SUT specifications and of the test generation outcomes. Moreover the guidelines defined for modelling test specifications are discussed. The Chapter 5 focuses on the mapping process that enable the translation of the high-level language for the modelling of the SUT specification to the language adopted by the chosen model checker. The implementation of the overall framework is addressed in Chapter 6. Here model transformations realizing the defined mappings and the architecture of the Test Case Generator (TCG) framework are described and discussed. The Chapter 7 shows the results of the application of the approach in the context of the railway control systems and in particular to the Radio Block Centre system, a key component in the ERTMS/ETCS standard. Chapter 8 end the thesis, giving some conclusive remarks
    • …
    corecore