986 research outputs found
Clafer: Lightweight Modeling of Structure, Behaviour, and Variability
Embedded software is growing fast in size and complexity, leading to intimate
mixture of complex architectures and complex control. Consequently, software
specification requires modeling both structures and behaviour of systems.
Unfortunately, existing languages do not integrate these aspects well, usually
prioritizing one of them. It is common to develop a separate language for each
of these facets. In this paper, we contribute Clafer: a small language that
attempts to tackle this challenge. It combines rich structural modeling with
state of the art behavioural formalisms. We are not aware of any other modeling
language that seamlessly combines these facets common to system and software
modeling. We show how Clafer, in a single unified syntax and semantics, allows
capturing feature models (variability), component models, discrete control
models (automata) and variability encompassing all these aspects. The language
is built on top of first order logic with quantifiers over basic entities (for
modeling structures) combined with linear temporal logic (for modeling
behaviour). On top of this semantic foundation we build a simple but expressive
syntax, enriched with carefully selected syntactic expansions that cover
hierarchical modeling, associations, automata, scenarios, and Dwyer's property
patterns. We evaluate Clafer using a power window case study, and comparing it
against other notations that substantially overlap with its scope (SysML, AADL,
Temporal OCL and Live Sequence Charts), discussing benefits and perils of using
a single notation for the purpose
Development of a framework for automated systematic testing of safety-critical embedded systems
“This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder." “Copyright IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.”In this paper we introduce the development of a framework for testing safety-critical embedded systems based on the concepts of model-based testing. In model-based testing the test cases are derived from a model of the system under test. In our approach the model is an automaton model that is automatically extracted from the C-source code of the system under test. Beside random test data generation the test case generation uses formal methods, in detail model checking techniques. To find appropriate test cases we use the requirements defined in the system specification. To cover further execution paths we developed an additional, to our best knowledge, novel method based on special structural coverage criteria. We present preliminary results on the model extraction using a concrete industrial case study from the automotive domain
Software dependability modeling using an industry-standard architecture description language
Performing dependability evaluation along with other analyses at
architectural level allows both making architectural tradeoffs and predicting
the effects of architectural decisions on the dependability of an application.
This paper gives guidelines for building architectural dependability models for
software systems using the AADL (Architecture Analysis and Design Language). It
presents reusable modeling patterns for fault-tolerant applications and shows
how the presented patterns can be used in the context of a subsystem of a
real-life application
A model for requirements traceability in an heterogeneous model-based design process. Application to automotive embedded systems
Requirements traceability modeling is a key issue in real-time embedded design process. In such systems, requirements are of different nature (software-related, system-related, functional and non functional) and must be traced through a multi level design flow which integrates multiple and heterogeneous models. Validation and Verification (V&V) activities must be performed on models and on the final product to check if they are matching the initial require-ments. Results of a design and of V&V activities must impact the traceability information. We propose the DARWIN4REQ metamodel for requirement traceability based on three indepen-dent flows (requirement model, solution model and V&V model). The DARWIN4REQ metamodel establishes the link between these flows and allows a full traceability of requirements including the heterogeneous models. This paper presents the DARWIN4REQ metamodel and its use in the context of heterogeneous models for requirement modeling, design and V&V. An automotive application illustrates the approach with SYSML, EAST_ADL2 and MARTE for the design and SIMULINK, SyNDEx and TIMESQUARE for V&V activities
Modeling and Analysis of Mixed Synchronous/Asynchronous Systems
Practical safety-critical distributed systems must integrate safety critical and non-critical data in a common platform. Safety critical systems almost always consist of isochronous components that have synchronous or asynchronous interface with other components. Many of these systems also support a mix of synchronous and asynchronous interfaces. This report presents a study on the modeling and analysis of asynchronous, synchronous, and mixed synchronous/asynchronous systems. We build on the SAE Architecture Analysis and Design Language (AADL) to capture architectures for analysis. We present preliminary work targeted to capture mixed low- and high-criticality data, as well as real-time properties in a common Model of Computation (MoC). An abstract, but representative, test specimen system was created as the system to be modeled
Design of formal languages and interfaces: "formal" does not mean "unreadable".
This chapter provides an introduction to a work that aims to apply the achievements of engineering psychology to the area of formal methods, focusing on the specification phase of a system development process. Formal methods often assume that only two factors should be satisfied: the method must be sound and give such a representation, which is concise and beautiful from the mathematical point of view, without taking into account any question of readability, usability, or tool support. This leads to the fact that formal methods are treated by most engineers as something that is theoretically important but practically too hard to understand and to use, where even some small changes of a formal method can make it more understandable and usable for an average engineer
Specification and verification of radiation therapy system with respiratory compensation using Uppaal
The goal of radiation therapy is to give as much dose as possible to the target volume of tissue and avoid giving any dose to a healthy tissue. Advances of the digital control allow performing accurate plans and treatments. Unfortunately, motion compensation during the treatment remains a considerable problem. Currently, a combination of the different techniques, such as gating (restricting movement of patient) and periodic emission are used to avoid damaging healthy tissue. This paper focuses on systems that completely compensate respiratory movement (up to certain limit) and start by investigating adequacy of the existing hardware and software platform. In this paper a radiation therapy system consisting of a HexaPOD couch with 6-degrees movement, a tracking camera, a marker (markers) and a controller is modeled. A formal un-timed model was evaluated and found to be insufficient to completely determine adequacy of the system to compensate respiratory motion. Therefore, un-timed model was extended to include time and investigated. It provides more information than un-timed model, but does not answer all interesting question. Therefore, based on the results further research directions are sketched
- …