Incremental Deductive Verification for Relational Model Transformations

International audienceIn contract-based development of model transformations, continuous deductive verification may help the transformation developer in early bug detection. However, because of the execution performance of current verification systems, re-verifying from scratch after a change has been made would introduce impractical delays. We address this problem by proposing an incremental verification approach for the ATL model-transformation language. Our approach is based on decomposing each OCL contract into sub-goals, and caching the sub-goal verification results. At each change we exploit the semantics of relational model transformation to determine whether a cached verification result may be impacted. Consequently, less postconditions/sub-goals need to be re-verified. When a change forces the re-verification of a postcondition, we use the cached verification results of sub-goals to construct a simplified version of the postcondition to verify. We prove the soundness of our approach and show its effectiveness by mutation analysis. Our case study presents an approximate 50% reuse of verification results for postconditions, and 70% reuse of verification results for sub-goals. The user perceives about 56% reduction of verification time for postconditions, and 51% for sub-goals

Collaborative Verification-Driven Engineering of Hybrid Systems

Hybrid systems with both discrete and continuous dynamics are an important model for real-world cyber-physical systems. The key challenge is to ensure their correct functioning w.r.t. safety requirements. Promising techniques to ensure safety seem to be model-driven engineering to develop hybrid systems in a well-defined and traceable manner, and formal verification to prove their correctness. Their combination forms the vision of verification-driven engineering. Often, hybrid systems are rather complex in that they require expertise from many domains (e.g., robotics, control systems, computer science, software engineering, and mechanical engineering). Moreover, despite the remarkable progress in automating formal verification of hybrid systems, the construction of proofs of complex systems often requires nontrivial human guidance, since hybrid systems verification tools solve undecidable problems. It is, thus, not uncommon for development and verification teams to consist of many players with diverse expertise. This paper introduces a verification-driven engineering toolset that extends our previous work on hybrid and arithmetic verification with tools for (i) graphical (UML) and textual modeling of hybrid systems, (ii) exchanging and comparing models and proofs, and (iii) managing verification tasks. This toolset makes it easier to tackle large-scale verification tasks

Fault localization in DSLTrans model transformations by combining symbolic execution and spectrum-based analysis

The verification of model transformations is important for realizing robust model-driven engineering technologies and quality-assured automation. Many approaches for checking properties of model transformations have been proposed. Most of them have focused on the effective and efficient detection of property violations by contract checking... While there exist fault localization approaches in the model transformation verification literature, these require the creation and maintenance of test cases, which imposes an additional burden on the developer. In this paper, we combine transformation verification based on symbolic execution with spectrum-based fault localization techniques for identifying the faulty rules in DSLTrans model transformations. This fault localization approach operates on the path condition output of symbolic transformation checkers instead of requiring a set of test input models. In particular, we introduce a workflow for running the symbolic execution of a model transformation, evaluating the defined contracts for satisfaction, and computing different measures for tracking the faulty rules. We evaluate the effectiveness of spectrum-based análisis techniques for tracking faulty rules and compare our approach to previous works. We evaluate our technique by introducing known mutations into five model transformations. Our results show that the best spectrum-based analysis techniques allow for effective fault localization, showing an average EXAM score below 0.30 (less than 30% of the transformation needs to be inspected). These techniques are also able to locate the faulty rule in the top-three ranked rules in 70% of all cases. The impact of the model transformation, the type of mutation and the type of contract on the results is discussed. Finally, we also investigate the cases where the technique does not work properly, including discussion of a potential pre-check to estimate the prospects of the technique for a certain transformation.Funding for open access charge: Universidad de Málaga / CBUA Funding for open access publishing: Universidad Málaga / CBU

Spectrum-Based Fault Localization in Model Transformations

Model transformations play a cornerstone role in Model-Driven Engineering (MDE), as they provide the essential mechanisms for manipulating and transforming models. The correctness of software built using MDE techniques greatly relies on the correctness of model transformations. However, it is challenging and error prone to debug them, and the situation gets more critical as the size and complexity of model transformations grow, where manual debugging is no longer possible. Spectrum-Based Fault Localization (SBFL) uses the results of test cases and their corresponding code coverage information to estimate the likelihood of each program component (e.g., statements) of being faulty. In this article we present an approach to apply SBFL for locating the faulty rules in model transformations. We evaluate the feasibility and accuracy of the approach by comparing the effectiveness of 18 different stateof- the-art SBFL techniques at locating faults in model transformations. Evaluation results revealed that the best techniques, namely Kulcynski2, Mountford, Ochiai, and Zoltar, lead the debugger to inspect a maximum of three rules to locate the bug in around 74% of the cases. Furthermore, we compare our approach with a static approach for fault localization in model transformations, observing a clear superiority of the proposed SBFL-based method.Comisión Interministerial de Ciencia y Tecnología TIN2015-70560-RJunta de Andalucía P12-TIC-186

Certifying a Rule-Based Model Transformation Engine for Proof Preservation

International audienceExecutable engines for relational model-transformation languages evolve continuously because of language extension, performance improvement and bug fixes. While new versions generally change the engine semantics, end-users expect to get backward-compatibility guarantees, so that existing transformations do not need to be adapted at every engine update.The CoqTL model-transformation language allows users to define model transformations, theorems on their behavior and machine-checked proofs of these theorems in Coq. Backward-compatibility for CoqTL involves also the preservation of these proofs. However, proof preservation is challenging, as proofs are easily broken even by small refactorings of the code they verify.In this paper we present the solution we designed for the evolution of CoqTL, and by extension, of rule-based transformation engines. We provide a deep specification of the transformation engine, including a set of theorems that must hold against the engine implementation. Then, at each milestone in the engine development, we certify the new version of the engine against this specification, by providing proofs of the impacted theorems. The certification formally guarantees end-users that all the proofs they write using the provided theorems will be preserved through engine updates. We illustrate the structure of the deep specification theorems, we produce a machine-checked certification of three versions of CoqTL against it, and we show examples of user theorems that leverage this specification and are thus preserved through the updates

Generating operation specifications from UML class diagrams: A model transformation approach

One of the more tedious and complex tasks during the specification of conceptual schemas (CSs) is modeling the operations that define the system behavior. This paper aims to simplify this task by providing a method that automatically generates a set of basic operations that complement the static aspects of the CS and suffice to perform all typical life-cycle create/update/delete changes on the population of the elements of the CS. Our method guarantees that the generated operations are executable, i.e. their executions produce a consistent state wrt the most typical structural constraints that can be defined in CSs (e.g. multiplicity constraints). In particular, our method takes as input a CS expressed as a Unified Modeling Language (UML) class diagram (optionally defined using a profile to enrich the specification of associations) and generates an extended version of the CS that includes all necessary operations to start operating the system. If desired, these basic operations can be later used as building blocks for creating more complex ones. We show the formalization and implementation of our method by means of model-to-model transformations. Our approach is particularly relevant in the context of Model Driven Development approaches. © 2011 Elsevier B.V. All rights reserved.The authors want to thank the anonymous referees of this journal for their interesting suggestions. This work has been partly supported by the MICINN under projects TIN2008-00444, Grupo Consolidado and TIN2010-18011, and by the Generalitat Valenciana under the project OKA PROMETEO/2009/015, and co-financed with the European Regional Development Fund.Albert Albiol, M.; Cabot Sagrera, J.; Gómez Seoane, C.; Pelechano Ferragud, V. (2011). Generating operation specifications from UML class diagrams: A model transformation approach. Data and Knowledge Engineering. 70(4):365-389. https://doi.org/10.1016/j.datak.2011.01.003S36538970

Model Transformation Languages with Modular Information Hiding

Model transformations, together with models, form the principal artifacts in model-driven software development. Industrial practitioners report that transformations on larger models quickly get sufficiently large and complex themselves. To alleviate entailed maintenance efforts, this thesis presents a modularity concept with explicit interfaces, complemented by software visualization and clustering techniques. All three approaches are tailored to the specific needs of the transformation domain

Model Transformation Languages with Modular Information Hiding

Model transformations, together with models, form the principal artifacts in model-driven software development. Industrial practitioners report that transformations on larger models quickly get sufficiently large and complex themselves. To alleviate entailed maintenance efforts, this thesis presents a modularity concept with explicit interfaces, complemented by software visualization and clustering techniques. All three approaches are tailored to the specific needs of the transformation domain

A proposal to improve marketing efectiveness in a business to business model

Um projecto de apresentação de uma proposta de melhoria da eficácia e eficiência de marketing e retorno de investimentos em marketing (ROMI), numa empresa multinacional de embalagens para alimentos líquidos. Iniciando por uma análise da abordagem actual da empresa na maximização e garantia do retorno dos seus investimentos indirectos com os seus clientes da industria alimentar. Procurando respostas às questões que normalmente rodeiam a temática de eficiência e eficácia de investimentos em marketing como: estão os nossos investimentos indirectos com os nossos clientes da indústria alimentar realmente a beneficiar a nossa quota de mercado e o nosso volume de vendas a logo prazo? O projecto assenta no pressuposto base do quadro conceptual utilizado que a modelação adequada do ROMI contribui significativamente para o aumento deste. A recomendação de melhoria assenta na implementação uma abordagem de modelação proposta pelo Boston Consulting Group (BCG), que dê cobertura à maioria dos investimentos que a companhia faz indirectamente com a indústria alimentar. Os resultados esperados são uma significativa melhoria no ROMI e uma linha no orçamento anual da empresa especialmente para suportar os três elementos fundamentais de uma cultura de marketing effectiveness: medição de desempenho, modelação e simulação, e gestão e monitorização. Se desempenha funções em marketing e está pressionado para demonstrar a sua contribuição para os resultados no longo prazo, se está preocupado com o impacto publicitário dos seus investimentos, ou se está preocupado em valorizar marcas ou em como atribuir orçamento por categorias de produtos, então este documento merece definitivamente uma leitura.A project presenting a proposal for marketing effectiveness and return on marketing investments (ROMI) improvement in a business to business company that operates in food packaging industry, starting from the analysis of the company’s actual approach to maximize effectiveness. Answers to questions surrounding the effectiveness of marketing investments like: are our investments together with our partners (customers) really benefiting our market shares and derived long term sales volume? The project’s basic framework assumption is that proper ROMI modelling tends to contribute significantly to increase ROMI. The key recommendation is to implement marketing effectiveness modelling based on the Boston Consulting Group (BCG) approach covering the majority of the company’s marketing investment with their business partners (customers). The expected results will be a significant improved ROMI and a line item in the budget specifically designated to support the three elements of the marketing effectiveness culture: measurement and metrics, modelling and simulation, and management and monitoring. If you work in marketing in a business to business environment and you are pressurized to demonstrate the contribution of marketing in the long term, worried about your advertising’s effects, want to value your partner’s brands and wondering how to allocate marketing budget across partners and categories, so this document should definitely read on