Component-based Development using the B method

Research reportIn component-based software development approaches, components are considered as black boxes. Components communicate through required and provided interfaces which describe their visible behaviors. In the best cases, the provided interfaces are checked compatible with the corresponding required interfaces, but in general cases, adapters have to be introduced to connect them. Compatibility between required and provided interfaces concerns the interface signatures, behavioral aspects and protocol level. We propose to specify component interfaces in B in order to verify these three levels of interoperability. The use of B assembling and refinement mechanisms eases the verification of the interoperability between interfaces and the correctness of the component assembly. The verification is done by the B prover

Cyber-Virtual Systems: Simulation, Validation & Visualization

We describe our ongoing work and view on simulation, validation and visualization of cyber-physical systems in industrial automation during development, operation and maintenance. System models may represent an existing physical part - for example an existing robot installation - and a software simulated part - for example a possible future extension. We call such systems cyber-virtual systems. In this paper, we present the existing VITELab infrastructure for visualization tasks in industrial automation. The new methodology for simulation and validation motivated in this paper integrates this infrastructure. We are targeting scenarios, where industrial sites which may be in remote locations are modeled and visualized from different sites anywhere in the world. Complementing the visualization work, here, we are also concentrating on software modeling challenges related to cyber-virtual systems and simulation, testing, validation and verification techniques for them. Software models of industrial sites require behavioural models of the components of the industrial sites such as models for tools, robots, workpieces and other machinery as well as communication and sensor facilities. Furthermore, collaboration between sites is an important goal of our work.Comment: Preprint, 9th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE 2014

Tau Be or not Tau Be? - A Perspective on Service Compatibility and Substitutability

One of the main open research issues in Service Oriented Computing is to propose automated techniques to analyse service interfaces. A first problem, called compatibility, aims at determining whether a set of services (two in this paper) can be composed together and interact with each other as expected. Another related problem is to check the substitutability of one service with another. These problems are especially difficult when behavioural descriptions (i.e., message calls and their ordering) are taken into account in service interfaces. Interfaces should capture as faithfully as possible the service behaviour to make their automated analysis possible while not exhibiting implementation details. In this position paper, we choose Labelled Transition Systems to specify the behavioural part of service interfaces. In particular, we show that internal behaviours (tau transitions) are necessary in these transition systems in order to detect subtle errors that may occur when composing a set of services together. We also show that tau transitions should be handled differently in the compatibility and substitutability problem: the former problem requires to check if the compatibility is preserved every time a tau transition is traversed in one interface, whereas the latter requires a precise analysis of tau branchings in order to make the substitution preserve the properties (e.g., a compatibility notion) which were ensured before replacement.Comment: In Proceedings WCSI 2010, arXiv:1010.233

Contract Aware Components, 10 years after

The notion of contract aware components has been published roughly ten years ago and is now becoming mainstream in several fields where the usage of software components is seen as critical. The goal of this paper is to survey domains such as Embedded Systems or Service Oriented Architecture where the notion of contract aware components has been influential. For each of these domains we briefly describe what has been done with this idea and we discuss the remaining challenges.Comment: In Proceedings WCSI 2010, arXiv:1010.233

A Service-Based Component Model: Formalism, Analysis and Mechanization

Component-Based Software Engineering (CBSE) is one of the approaches to master the development of large scale software. In this setting, the verification concern is still a challenge. The objective of our work is to provide the designer of components-based systems with the methods to assist his/her use of the components. In particular, the current work adresses the composability of components and their services. A component model is presented, based on services. An associated simple but expressive formalism is introduced; it describes the services as extended LTS and their structuring as components. The composition of components is mainly based on service composition and encapsulation. The composability of component is defined from the composability of services. To ensure the correctness of component composition, we check that an assembly is possible via the checking of the composabiblity of the linked services, and their behavioral compatibility. In order to mechanize our approach, the services and the components are translated into the MEC and LOTOS formalism. Finally the MEC and LOTOS CADP toolbox is used to perform experiments

Computer-aided verification in mechanism design

In mechanism design, the gold standard solution concepts are dominant strategy incentive compatibility and Bayesian incentive compatibility. These solution concepts relieve the (possibly unsophisticated) bidders from the need to engage in complicated strategizing. While incentive properties are simple to state, their proofs are specific to the mechanism and can be quite complex. This raises two concerns. From a practical perspective, checking a complex proof can be a tedious process, often requiring experts knowledgeable in mechanism design. Furthermore, from a modeling perspective, if unsophisticated agents are unconvinced of incentive properties, they may strategize in unpredictable ways. To address both concerns, we explore techniques from computer-aided verification to construct formal proofs of incentive properties. Because formal proofs can be automatically checked, agents do not need to manually check the properties, or even understand the proof. To demonstrate, we present the verification of a sophisticated mechanism: the generic reduction from Bayesian incentive compatible mechanism design to algorithm design given by Hartline, Kleinberg, and Malekian. This mechanism presents new challenges for formal verification, including essential use of randomness from both the execution of the mechanism and from the prior type distributions. As an immediate consequence, our work also formalizes Bayesian incentive compatibility for the entire family of mechanisms derived via this reduction. Finally, as an intermediate step in our formalization, we provide the first formal verification of incentive compatibility for the celebrated Vickrey-Clarke-Groves mechanism

Characterization and Verification Environment for the RD53A Pixel Readout Chip in 65 nm CMOS

The RD53 collaboration is currently designing a large scale prototype pixel readout chip in 65 nm CMOS technology for the phase 2 upgrades at the HL-LHC. The RD53A chip will be available by the end of the year 2017 and will be extensively tested to confirm if the circuit and the architecture make a solid foundation for the final pixel readout chips for the experiments at the HL-LHC. A test and data acquisition system for the RD53A chip is currently under development to perform single-chip and multi-chip module measurements. In addition, the verification of the RD53A design is performed in a dedicated simulation environment. The concept and the implementation of the test and data acquisition system and the simulation environment, which are based on a modular data acquisition and system testing framework, are presented in this work