Tightening the contract refinements of a system architecture

Contract-based design is an emerging paradigm for correct-by-construction hierarchical systems: components are associated with assumptions and guarantees expressed as formal properties; the architecture is analyzed by verifying that each contract of composite components is correctly refined by the contracts of its subcomponents. The approach is very efficient, because the overall correctness proof is decomposed into proofs local to each component. However, the process for the contract specification and refinement is quite expensive because the requirements are formalized into formal properties, where part of the complexity is delegated to the designer, who has the burden of specifying the contracts. Typical problems include understanding which contracts are necessary, and how they can be simplified without breaking the correctness of the refinement and other refinements in case some subcontracts are shared. In this paper, we tackle these problems by proposing a technique to understand and simplify the contract refinements of a system architecture during the development process for the contract specification and refinement. The technique, called tightening, is based on parameter synthesis. The idea is to generate a set of parametric proof obligations, where each parameter evaluation corresponds to a variant of the original(s) contract refinement(s), and to search for tighter variants of the contracts that still ensure the correctness of the refinement(s). We cast this approach in the OCRA framework, where contracts are expressed with LTL formulas, and we evaluate its performance and effectiveness on a number of benchmarks.Fil: Cimatti, Alessandro. Fondazione Bruno Kessler; ItaliaFil: Demasi, Ramiro Adrian. Fondazione Bruno Kessler; Italia. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física. Sección Ciencias de la Computación; ArgentinaFil: Tonetta, Stefano. Fondazione Bruno Kessler; Itali

Simulation relations for fault-tolerance

We present a formal characterization of fault-tolerant behaviors of computing systems via simulation relations. This formalization makes use of variations of standard simulation relations in order to compare the executions of a system that exhibits faults with executions where no faults occur; intuitively, the latter can be understood as a specification of the system and the former as a fault-tolerant implementation. By employing variations of standard simulation algorithms, our characterization enables us to algorithmically check fault-tolerance in polynomial time, i.e., to verify that a system behaves in an acceptable way even subject to the occurrence of faults. Furthermore, the use of simulation relations in this setting allows us to distinguish between the different levels of fault-tolerance exhibited by systems during their execution. We prove that each kind of simulation relation preserves a corresponding class of temporal properties expressed in CTL; more precisely, masking fault-tolerance preserves liveness and safety properties, nonmasking fault-tolerance preserves liveness properties, while failsafe fault-tolerance guarantees the preservation of safety properties. We illustrate the suitability of this formal framework through its application to standard examples of fault-tolerance.Fil: Demasi, Ramiro Adrian. Fondazione Bruno Kessler; ItaliaFil: Castro, Pablo Francisco. Universidad Nacional de Rio Cuarto. Facultad de Cs.exactas Fisicoquímicas y Naturales. Departamento de Computación. Grupo de Ingeniería de Software; ArgentinaFil: Maibaum, Thomas S. E.. Mcmaster University. Faculty Of Engineering; CanadáFil: Aguirre, Nazareno Matias. Mcmaster University. Faculty Of Engineering; Canadá. Universidad Nacional de Rio Cuarto. Facultad de Cs.exactas Fisicoquímicas y Naturales. Departamento de Computación. Grupo de Ingeniería de Software; Argentin

Routing in Delay-Tolerant Networks under uncertain contact plans

Delay-Tolerant Networks (DTN) enable store-carry-and-forward data transmission in networks challenged by frequent disruptions and high latency. Existing classification distinguishes between scheduled and probabilistic DTNs, for which specific routing solutions have been developed. In this paper, we uncover a gap in-between where uncertain contact plans can be exploited to enhance data delivery in many practical scenarios described by probabilistic schedules available a priori. Routing under uncertain contact plans (RUCoP) is next formulated as a multiple-copy Markov Decision Process and then exported to local-knowledge (L-RUCoP) and Contact Graph Routing extensions (CGR-UCoP) which can be implemented in the existing DTN protocol stack. RUCoP and its derivations are evaluated in a first extensive simulation benchmark for DTNs under uncertain contact plans comprising both random and realistic scenarios. Results confirm that RUCoP and L-RUCoP closely approach the ideal delivery ratio of an oracle, while CGR-UCoP improves state-of-the-art DTN routing schemes delivery ratio up to 25%.Fil: Raverta, Fernando Dario. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba; ArgentinaFil: Fraire, Juan Andres. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba; Argentina. Universitat Saarland; AlemaniaFil: Madoery, Pablo Gustavo. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba; ArgentinaFil: Demasi, Ramiro Adrian. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba. Facultad de Matemática, Astronomía y Física. Sección Ciencias de la Computación; ArgentinaFil: Finochietto, Jorge Manuel. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba; ArgentinaFil: D'argenio, Pedro Ruben. Consejo Nacional de Investigaciones Científicas y Técnicas. Centro Científico Tecnológico Conicet - Córdoba; Argentina. Universidad Nacional de Córdoba; Argentina. Universitat Saarland; Alemani