384 research outputs found
Timing diagrams add Requirements Engineering capability to Event-B Formal Development
Event-B is a language for the formal development of reactive systems. At present the RODIN toolkit [15] for Event-B is used for modeling requirements, specifying refinements and doing verification. In order to extend graphical requirements modeling capability into the real-time domain, where timing constraints are essential, we propose a Timing diagram (TD) [13] notation for Event-B. The UML 2.0 based notation provides an intuitive graphical specification capability for timing constraints and causal dependencies between system events. A translation scheme to Event-B is proposed and presented. Support for model refinement is provided. A partial case study is used to demonstrate the translation in practice
Management and Object Behavior of Statecharts through Statechart DNA
We propose composed strings called āstatechart DNAā as essential building blocks for a new statechart (sc) abstraction method. We define the simplified statechart (ssc) and show that our definition covers the UML 2.0 sc model, by matching it to all model elements of the StateMachine package of the UML 2.0 metamodel and to the OCL constraints on these model elements. A Model Driven Architecture (MDA) is defined, inspired by a PIM-to- PIM model transformation procedure between UML sc models and ssc models. We discuss the rationale behind action abstraction in ssc models. This framework is used to isolate sc DNA, first in ssc models, then in UML sc models. We show how sc DNA, a compaction of sc construction primitives, can be used to define behavior model metrics and more generally, to manage and maintain evolving object behavior. State machine versioning is an important application of statechart DNA to manage industrial model repositories
Formal management of object behavior with statechart DNA
We introduce and explore a new statechart (sc) abstraction method. We define simplified statecharts (ssc) and discuss the use of action abstraction in ssc models. We isolate sc DNA from UML sc models, and show how this sc DNA can be used to define behavior model metrics and more generally, to manage object behavior
Refinement sensitive formal semantics of state machines with persistent choice
Modeling languages usually support two kinds of nondeterminism, an external one for interactions of a system with its environment, and one that stems from under-specification as familiar in models of behavioral requirements. Both forms of nondeterminism are resolvable by composing a system with an environment model and by refining under-specified behavior (respectively). Modeling languages usually dont support nondeterminism that is persistent in that neither the composition with an environment nor refinements of under-specification will resolve it. Persistent nondeterminism is used, e.g., for modeling faulty systems. We present a formal semantics for UML state machines enriched with an operator persistent choice that models persistent nondeterminism. This semantics is based on abstract models - Ī¼-automata with a novel refinement relation - and a sound three-valued satisfaction relation for properties expressed in the Ī¼-calculus. Ā© 2009 Elsevier B.V. All rights reserved
Semantics and Verification of UML Activity Diagrams for Workflow Modelling
This thesis defines a formal semantics for UML activity diagrams that is suitable for workflow modelling. The semantics allows verification of functional requirements using model checking. Since a workflow specification prescribes how a workflow system behaves, the semantics is defined and motivated in terms of workflow systems. As workflow systems are reactive and coordinate activities, the defined semantics reflects these aspects. In fact, two formal semantics are defined, which are completely different. Both semantics are defined directly in terms of activity diagrams and not by a mapping of activity diagrams to some existing formal notation. The requirements-level semantics, based on the Statemate semantics of statecharts, assumes that workflow systems are infinitely fast w.r.t. their environment and react immediately to input events (this assumption is called the perfect synchrony hypothesis). The implementation-level semantics, based on the UML semantics of statecharts, does not make this assumption. Due to the perfect synchrony hypothesis, the requirements-level semantics is unrealistic, but easy to use for verification. On the other hand, the implementation-level semantics is realistic, but difficult to use for verification. A class of activity diagrams and a class of functional requirements is identified for which the outcome of the verification does not depend upon the particular semantics being used, i.e., both semantics give the same result. For such activity diagrams and such functional requirements, the requirements-level semantics is as realistic as the implementation-level semantics, even though the requirements-level semantics makes the perfect synchrony hypothesis. The requirements-level semantics has been implemented in a verification tool. The tool interfaces with a model checker by translating an activity diagram into an input for a model checker according to the requirements-level semantics. The model checker checks the desired functional requirement against the input model. If the model checker returns a counterexample, the tool translates this counterexample back into the activity diagram by highlighting a path corresponding to the counterexample. The tool supports verification of workflow models that have event-driven behaviour, data, real time, and loops. Only model checkers supporting strong fairness model checking turn out to be useful. The feasibility of the approach is demonstrated by using the tool to verify some real-life workflow models
Collaborative Verification-Driven Engineering of Hybrid Systems
Hybrid systems with both discrete and continuous dynamics are an important
model for real-world cyber-physical systems. The key challenge is to ensure
their correct functioning w.r.t. safety requirements. Promising techniques to
ensure safety seem to be model-driven engineering to develop hybrid systems in
a well-defined and traceable manner, and formal verification to prove their
correctness. Their combination forms the vision of verification-driven
engineering. Often, hybrid systems are rather complex in that they require
expertise from many domains (e.g., robotics, control systems, computer science,
software engineering, and mechanical engineering). Moreover, despite the
remarkable progress in automating formal verification of hybrid systems, the
construction of proofs of complex systems often requires nontrivial human
guidance, since hybrid systems verification tools solve undecidable problems.
It is, thus, not uncommon for development and verification teams to consist of
many players with diverse expertise. This paper introduces a
verification-driven engineering toolset that extends our previous work on
hybrid and arithmetic verification with tools for (i) graphical (UML) and
textual modeling of hybrid systems, (ii) exchanging and comparing models and
proofs, and (iii) managing verification tasks. This toolset makes it easier to
tackle large-scale verification tasks
MDM: A Mode Diagram Modeling Framework
Periodic control systems used in spacecrafts and automotives are usually
period-driven and can be decomposed into different modes with each mode
representing a system state observed from outside. Such systems may also
involve intensive computing in their modes. Despite the fact that such control
systems are widely used in the above-mentioned safety-critical embedded
domains, there is lack of domain-specific formal modelling languages for such
systems in the relevant industry. To address this problem, we propose a formal
visual modeling framework called mode diagram as a concise and precise way to
specify and analyze such systems. To capture the temporal properties of
periodic control systems, we provide, along with mode diagram, a property
specification language based on interval logic for the description of concrete
temporal requirements the engineers are concerned with. The statistical model
checking technique can then be used to verify the mode diagram models against
desired properties. To demonstrate the viability of our approach, we have
applied our modelling framework to some real life case studies from industry
and helped detect two design defects for some spacecraft control systems.Comment: In Proceedings FTSCS 2012, arXiv:1212.657
- ā¦