Developing Specifications by using Operators: a Process to guarantee correctness by construction

We propose a process model for the development of specifications based on the notions of multi-view state and of operators. A specification state consists of a UML view and a B expression of the same specification. Operators model design decisions as the simultaneous transformation of UML and B descriptions. A specification development is a sequence of applications of operators. We define a notion of coherence of a specification state which allows us to define formally a notion of correctness for operators. Thus, the development process guarantees that the specification can be safely verified and validated

Ensuring specification correctness by construction

We propose a process model for the development of formal and semi-formal specifications based on the notions of multi-view states and development operators. A specification state is composed of a UML and a B view. The development of a specification is seen as a sequence of application of operators, which model design decisions and make both views evolve. To produce consistent specifications, we define a consistency relation between views, allowing to define and check operators' correctness. Thus, the development process guarantees that the specification can be safely verified

Using a Dynamic Domain-Specific Modeling Language for the Model-Driven Development of Cross-Platform Mobile Applications

There has been a gradual but steady convergence of dynamic programming languages with modeling languages. One area that can benefit from this convergence is modeldriven development (MDD) especially in the domain of mobile application development. By using a dynamic language to construct a domain-specific modeling language (DSML), it is possible to create models that are executable, exhibit flexible type checking, and provide a smaller cognitive gap between business users, modelers and developers than more traditional model-driven approaches. Dynamic languages have found strong adoption by practitioners of Agile development processes. These processes often rely on developers to rapidly produce working code that meets business needs and to do so in an iterative and incremental way. Such methodologies tend to eschew “throwaway” artifacts and models as being wasteful except as a communication vehicle to produce executable code. These approaches are not readily supported with traditional heavyweight approaches to model-driven development such as the Object Management Group’s Model-Driven Architecture approach. This research asks whether it is possible for a domain-specific modeling language written in a dynamic programming language to define a cross-platform model that can produce native code and do so in a way that developer productivity and code quality are at least as effective as hand-written code produced using native tools. Using a prototype modeling tool, AXIOM (Agile eXecutable and Incremental Objectoriented Modeling), we examine this question through small- and mid-scale experiments and find that the AXIOM approach improved developer productivity by almost 400%, albeit only after some up-front investment. We also find that the generated code can be of equal if not better quality than the equivalent hand-written code. Finally, we find that there are significant challenges in the synthesis of a DSML that can be used to model applications across platforms as diverse as today’s mobile operating systems, which point to intriguing avenues of subsequent research

Invariant discovery and refinement plans for formal modelling in Event-B

The continuous growth of complex systems makes the development of correct software increasingly challenging. In order to address this challenge, formal methods o er rigorous mathematical techniques to model and verify the correctness of systems. Refinement is one of these techniques. By allowing a developer to incrementally introduce design details, refinement provides a powerful mechanism for mastering the complexities that arise when formally modelling systems. Here the focus is on a posit-and-prove style of refinement, where a design is developed as a series of abstract models introduced via refinement steps. Each refinement step generates proof obligations which must be discharged in order to verify its correctness – typically requiring a user to understand the relationship between modelling and reasoning. This thesis focuses on techniques to aid refinement-based formal modelling, specifically, when a user requires guidance in order to overcome a failed refinement step. An integrated approach has been followed: combining the complementary strengths of bottomup theory formation, in which theories about domains are built based on basic background information; and top-down planning, in which meta-level reasoning is used to guide the search for correct models. On the theory formation perspective, we developed a technique for the automatic discovery of invariants. Refinement requires the definition of properties, called invariants, which relate to the design. Formulating correct and meaningful invariants can be tedious and a challenging task. A heuristic approach to the automatic discovery of invariants has been developed building upon simulation, proof-failure analysis and automated theory formation. This approach exploits the close interplay between modelling and reasoning in order to provide systematic guidance in tailoring the search for invariants for a given model. On the planning perspective, we propose a new technique called refinement plans. Refinement plans provide a basis for automatically generating modelling guidance when a step fails but is close to a known pattern of refinement. This technique combines both modelling and reasoning knowledge, and, contrary to traditional pattern techniques, allow the analysis of failure and partial matching. Moreover, when the guidance is only partially instantiated, and it is suitable, refinement plans provide specialised knowledge to further tailor the theory formation process in an attempt to fully instantiate the guidance. We also report on a series of experiments undertaken in order to evaluate the approaches and on the implementation of both techniques into prototype tools. We believe the techniques presented here allow the developer to focus on design decisions rather than on analysing low-level proof failures

A rigorous approach to combining use case modelling and accident scenarios

Nearly all serious accidents, in the past twenty years, in which software has been involved can be traced to requirements flaws. Accidents related to or involving safety-critical systems often lead to significant damage to life, property, and environment in which the systems operate. This thesis explores an extension to use case modelling that allows safety concerns to be modelled early in the systems development process. This motivation comes from interaction with systems and safety engineers who routinely rely upon use case modelling during the early stages of defining and analysing system behaviour. The approach of embedded formal methods is adopted. That is, we use one discipline of use case modelling to guide the development of a formal model. This enables a greater precision and formal assurance when reasoning about concerns identified by system and safety engineers as well as the subsequent changes made at the level of use case modelling. The chosen formal method is Event-B, which is re nement based and has consequently enabled the approach to exploit a natural abstractions found within use case modelling. This abstraction of the problem found within use cases help introduce their behaviour into the Event-B model via step-wise re nement. The central ideas underlying this thesis are implemented in, UC-B, a tool support for modelling use cases on the Rodin platform (an eclipse-based development environment for Event-B). UC-B allows the specification of the use cases to be detailed with both informal and formal notation, and supports the automatic generation of an Event-B model given a formally specified use case. Several case studies of use cases with accident cases are provided, with their formalisation in Event-B supported by UC-B tool. An examination of the translation from use cases to Event-B model is discussed, along with the subsequent verification provided by Event-B to the use case model

Development of a graphical approach to software requirements analysis

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Nuclear Engineering, 1998.Includes bibliographical references (p. 205-226).by Xinhui Chen.Ph.D