145 research outputs found

    Translating between Alloy specifications and UML class diagrams annotated with OCL

    Get PDF
    Model-driven engineering (MDE) is a software engineering approach based on model transformations at different abstraction levels. It prescribes the development of software by successively transforming the models from abstract (specifications) to more concrete ones (code). Alloy is an increasingly popular lightweight formal specification language that supports automatic verification. Unfortunately, its widespread industrial adoption is hampered by the lack of an ecosystem of MDE tools, namely code generators. This paper presents a model transformation from Alloy to UML class diagrams annotated with OCL (UML+OCL) and shows how an existing transformation from UML+OCL to Alloy can be improved to handle dynamic issues. The proposed bidirectional transformation enables a smooth integration of Alloy in the current MDE contexts, by allowing UML+OCL specifications to be transformed to Alloy for validation and verification, to correct and possibly refine them inside Alloy, and to translate them back to UML+OCL for sharing with stakeholders or to reuse current model-driven architecture tools to refine them toward code.This work was funded by European Regional Development Fund (ERDF) through the COMPETE Programme (operational program for competitiveness) and by national funds through the FCT (Fundaaco para a Ciencia e a Tecnologia-portuguese Foundation for Science and Technology) within project FCOMP-01-0124-FEDER-020532. Part of the work was done while the first author was visiting the Software Design Group at CSAIL, MIT, USA, funded by FCT sabbatical grant SFRH/BSAB/1187/2011. The second author was also partially supported by QREN (the portuguese National Strategy Reference Chart) project 1621, while visiting the High-Assurance Software Laboratory at Universidade do Minho, Portugal. Finally, we would also like to thank all anonymous reviewers for the valuable comments and suggestions

    Translating alloy apecifications to UML class diagrams annotated with OCL

    Get PDF
    Proceedings of the 9th International Conference on Software Engineering and Formal MethodsModel-Driven Engineering (MDE) is a Software Engineering approach based on model transformations at different abstraction levels. It prescribes the development of software by successively transforming models from abstract (specifications) to more concrete ones (code). Alloy is an increasingly popular lightweight formal specification language that supports automatic verification. Unfortunately, its widespread industrial adoption is hampered by the lack of an ecosystem of MDE tools, namely code generators. This paper presents a model transformation between Alloy and UML Class Diagrams annotated with OCL. The proposed transformation enables current UML-based tools to also be applied to Alloy specifications, thus unleashing its potential for MDE

    Verifying UML/OCL operation contracts

    Get PDF
    In current model-driven development approaches, software models are the primary artifacts of the development process. Therefore, assessment of their correctness is a key issue to ensure the quality of the final application. Research on model consistency has focused mostly on the models' static aspects. Instead, this paper addresses the verification of their dynamic aspects, expressed as a set of operations defined by means of pre/postcondition contracts. This paper presents an automatic method based on Constraint Programming to verify UML models extended with OCL constraints and operation contracts. In our approach, both static and dynamic aspects are translated into a Constraint Satisfaction Problem. Then, compliance of the operations with respect to several correctness properties such as operation executability or determinism are formally verified

    A UML/OCL framework for the analysis of fraph transformation rules

    Get PDF
    In this paper we present an approach for the analysis of graph transformation rules based on an intermediate OCL representation. We translate different rule semantics into OCL, together with the properties of interest (like rule applicability, conflicts or independence). The intermediate representation serves three purposes: (i) it allows the seamless integration of graph transformation rules with the MOF and OCL standards, and enables taking the meta-model and its OCL constraints (i.e. well-formedness rules) into account when verifying the correctness of the rules; (ii) it permits the interoperability of graph transformation concepts with a number of standards-based model-driven development tools; and (iii) it makes available a plethora of OCL tools to actually perform the rule analysis. This approach is especially useful to analyse the operational semantics of Domain Specific Visual Languages. We have automated these ideas by providing designers with tools for the graphical specification and analysis of graph transformation rules, including a backannotation mechanism that presents the analysis results in terms of the original language notation

    Least - change bidirectional model transformation With QVT- R and ATL

    Get PDF
    QVT Relations (QVT-R) is the standard language proposed by the OMG to specify bidirectional model transformations. Unfortunately, in part due to ambiguities and omissions in the original semantics, acceptance and development of effective tool support has been slow. Recently, the checking semantics of QVTR has been clarified and formalized. In this article we propose a QVT-R tool that complies to such semantics. Unlike any other existing tool, it also supports metamodels enriched with OCL constraints (thus avoiding returning ill-formed models), and proposes an alternative enforcement semantics that works according to the simple and predictable “principle of least change”. The implementation is based on an embedding of both QVT-R transformations and UML class diagrams (annotated with OCL) in Alloy, a lightweight formal specification language with support for automatic model finding via SAT solving. We also show how this technique can be applied to bidirectionalize ATL, a popular (but unidirectional) model transformation language.This work is funded by ERDF-European Regional Development Fund through the COMPETE Programme (operational programme for competitiveness) and by national funds through the FCT-Fundacao para a Ciencia e a Tecnologia (Portuguese Foundation for Science and Technology) within project FCOMP-01-0124-FEDER-020532. The first author is also sponsored by FCT grant SFRH/BD/69585/2010. The authors would also like to thank all anonymous reviewers for the valuable comments and suggestions

    Implementing QVT-R bidirectional model transformations using alloy

    Get PDF
    QVT Relations (QVT-R) is the standard language proposed by the OMG to specify bidirectional model transformations. Unfortunately, in part due to ambiguities and omissions in the original semantics, acceptance and development of effective tool support has been slow. Recently, the checking semantics of QVT-R has been clarified and formalized. In this paper we propose a QVT-R tool that complies to such semantics. Unlike any other existing tool, it also supports meta-models enriched with OCL constraints (thus avoiding returning ill-formed models), and proposes an alternative enforcement semantics that works according to the simple and predictable “principle of least change”. The implementation is based on an embedding of both QVT-R transformations and UML class diagrams (annotated with OCL) in Alloy, a lightweight formal specification language with support for automatic model finding via SAT solving.Fundação para a Ciência e a Tecnologi

    Verification and validation of domain specific languages using Alloy

    Get PDF
    A domain specific language (DSL) focuses on a particular problem domain, facilitating the specification of its instances. Since they are frequently defined using imprecise languages, such as UML, they present ambiguities and their verification and validation (V&V) becomes complex. This paper proposes an approach to the precise definition of DSLs using Alloy - a formal language with tool-support that enables its V&V. The approach is illustrated with a DSL for Software Architecture.XII Workshop Ingeniería de Software (WIS)Red de Universidades con Carreras en Informática (RedUNCI

    Verification and Validation of UML/OCL Object Componenets Models

    Get PDF

    Improving Model-Driven Software Testing by using Formal Languages

    Get PDF
    Model-Driven Testing or MDT is a new and promising approach for software testing automation that can significantly reduce the efforts in the testing cycle of a software development. It consists in a black box test that uses structural and behavioral models to automate the tests generation process. In this paper, we describe a tool that allows developers to translate a software model written in UML with OCL formal constraints to its corresponding Java code, automating the generation of strong test-cases codes and specifying them not only in Java language but also in two formal languages, which are OCL and Alloy. This tool provides more reliable support by amalgamating different techniques, which strengthens the testing process.O Model-DrivenTesting ou MDT é uma nova e promissora abordagem para automação de testes de software que pode reduzir significativamente os esforços no ciclo de testes de um desenvolvimento de software. Consiste em um teste de caixa preta que utiliza modelos estruturais e comportamentais para automatizar o processo de geração de testes. Neste artigo, descrevemos uma ferramenta que permite aos desenvolvedores traduzir um modelo de software escrito em UML com restrições formais OCL para seu código Java correspondente, automatizando a geração de códigos de casos de teste e especificando-os não apenas na linguagem Java, mas também em dois linguagens formais, que são OCL e Alloy. Esta ferramenta fornece suporte mais confiável, combinando diferentes técnicas, o que fortalece o processo de teste.Laboratorio de Investigación y Formación en Informática Avanzad

    Hybrid model checking approach to analysing rule conformance applied to HIPAA privacy rules, A

    Get PDF
    2017 Summer.Includes bibliographical references.Many of today's computing systems must show evidence of conformance to rules. The rules may come from business protocol choices or from multi-jurisdictional sources. Some examples are the rules that come from the regulations in the Health Insurance Portability and Accountability Act (HIPAA) protecting the privacy of patient information and the Family Educational Rights and Privacy Act (FERPA) protecting the privacy of student education records. The rules impose additional requirements on already complex systems, and rigorous analysis is needed to show that any system implementing the rules exhibit conformance. If the analysis finds that a rule is not satisfied, we adjudge that the system fails conformance analysis and that it contains a fault, and this fault must be located in the system and fixed. The exhaustive analysis performed by Model Checking makes it suitable for showing that systems satisfy conformance rules. Conformance rules may be viewed in two, sometimes overlapping, categories: process- aware conformance rules that dictate process sequencing, and data-aware conformance rules that dictate acceptable system states. Where conformance rules relate to privacy, the analysis performed in model check- ing requires the examination of fine-grained structural details in the system state for showing conformance to data-aware conformance rules. The analysis of these rules may cause model checking to be intractable due to a state space explosion when there are too many system states or too many details in a system state. To over- come this intractable complexity, various abstraction techniques have been proposed that achieve a smaller abstracted system state model that is more amenable to model checking. These abstraction techniques are not useful when the abstractions hide the details necessary to verify conformance. If non-conformance occurs, the abstraction may not allow isolation of the fault. In this dissertation, we introduce a Hybrid Model Checking Approach (HMCA) to analyse a system for both process- and data-aware conformance rules without abstracting the details from a system's detailed process- and data models. Model Checking requires an analysable model of the system under analysis called a program graph and a representation of the rules that can be checked on the program graph. In our approach, we use connections between a process-oriented (e.g. a Unified Modelling Language (UML) activity model) and a data-oriented (e.g. UML class model) to create a unified paths-and-state system model. We represent this unified model as a UML state machine. The rule-relevant part of the state machine along with a graph-oriented formalism of the rules are the inputs to HMCA. The model checker uses an exhaustive unfolding of the program graph to produce a transition system showing all the program graph's reachable paths and states. Intractable complexity during model checking is encountered when trying to create the transition system. In HMCA, we use a divide and conquer approach that applies a slicing technique on the program graph to semi- automatically produce the transition system by analysing each slice individually, and composing its result with the results from other slices. Our ability to construct the transition system from the slices relieves a traditional model checker of that step. We then return to use model checking techniques to verify whether the transition system satisfies the rules. Since the analysis involves examining system states, if any of the rules are not satisfied, we can isolate the specific location of the fault from the details contained in the slices. We demonstrate our technique on an instance of a medical research system whose requirements include the privacy rules mandated by HIPAA. Our technique found seeded faults for common mistakes in logic that led to non-conformance and underspecification leading to conflicts of interests in personnel relationships
    corecore