Extended Connectors: Structuring Glue Operators in BIP

Based on a variation of the BIP operational semantics using the offer predicate introduced in our previous work, we extend the algebras used to model glue operators in BIP to encompass priorities. This extension uses the Algebra of Causal Interaction Trees, T(P), as a pivot: existing transformations automatically provide the extensions for the Algebra of Connectors. We then extend the axiomatisation of T(P), since the equivalence induced by the new operational semantics is weaker than that induced by the interaction semantics. This extension leads to canonical normal forms for all structures and to a simplification of the algorithm for the synthesis of connectors from Boolean coordination constraints.Comment: In Proceedings ICE 2013, arXiv:1310.401

A Note on the Expressiveness of BIP

We extend our previous algebraic formalisation of the notion of component-based framework in order to formally define two forms, strong and weak, of the notion of full expressiveness. Our earlier result shows that the BIP (Behaviour-Interaction-Priority) framework does not possess the strong full expressiveness. In this paper, we show that BIP has the weak form of this notion and provide results detailing weak and strong full expressiveness for classical BIP and several modifications, obtained by relaxing the constraints imposed on priority models.Comment: In Proceedings EXPRESS/SOS 2016, arXiv:1608.0269

Offer Semantics: Achieving Compositionality, Flattening and Full Expressiveness for the Glue Operators in BIP

Based on a concise but comprehensive overview of some fundamental properties required from component-based frameworks, namely compositionality, incrementality, flattening, modularity and expressiveness, we review three modifications of the semantics of glue operators in the Behaviour-Interaction-Priority (BIP) framework. We provide theoretical results and examples illustrating the degree, to which the three semantics meet these requirements. In particular, we show that the latest semantics, based on the offer predicate is the only one that satisfies all of them. The classical and offer semantics are not comparable: there are systems that can be assembled in the classical semantics, but not in the offer one. We present a strict characterisation of the behaviour hierarchy determining the conditions, under which systems in the classical semantics can be transposed into the offer semantics directly, with minor modifications, by introducing a new type of synchronisation or not at all. The offer semantics allows us to extend the algebras, which are used to model glue operators in BIP, to encompass priorities. This extension uses the Algebra of Causal Interaction Trees, T(P), as a pivot: existing transformations automatically provide the extensions for the Algebra of Connectors. We then extend the axiomatisation of T(P), since the equivalence induced by the new operational semantics is weaker than that induced by the interaction semantics. This extension leads to canonical normal forms for all structures and to a simplification of the algorithm for the synthesis of connectors from Boolean coordination constraints

A Semantic Framework for Architecture Modelling

Architectures are common means for organising coordination between components in order to build complex systems and to make them manageable. They allow thinking on a higher plane and avoiding low-level mistakes. Architectures provide means for ensuring correctness-by-construction by enforcing global properties characterising the coordination between components. In this work, we consider the following questions of architecture modelling: 1) how to model architectures; 2) how to compose them if several properties enforced by different architectures are required; 3) how to specify architectures styles that generalise the notion of architectures and represent families of architectures satisfying the same property. An architecture can be considered as an operator that, applied to a set of components, builds a composite component meeting a characteristic property. The underlying concepts of components and their interaction originate from the BIP framework. This thesis is structured in two parts. In the first part, we study the expressiveness of glue operators in the BIP framework. We provide results for classical BIP glue and for several modifications obtained by relaxing the constraints imposed on priority models. We also study an alternative semantics of BIP glue based on the offer predicate. It meets fundamental properties required from component-based frameworks, namely compositionality, incrementality, flattening and modularity. We provide the comparison with the classical BIP semantics and the algorithm for the synthesis of connectors from the interaction logic used to describe coordination constraints. In the second part, we define architectures and propose an architecture composition operator. We study their properties and prove that the composition operator preserves safety properties of its operands. The alternative glue semantics presented in the first part of the thesis allows to extend architectures with priorities. For the specification of architecture styles, we propose configuration logics. We provide a sound and complete axiomatisation of the propositional configuration logic as well as decision procedures for checking that an architecture satisfies a given logical specification. To allow genericity of specifications, we study higher-order extensions of the propositional configuration logic. We illustrate with examples the specification of various architecture styles. We provide an experimental evaluation using the Maude rewriting system to implement the decision procedure for configuration logics. Additionally, we study the relation between the architecture composition operator and the composition of configuration logic formulas

Configuration Logics - Modelling Architecture Styles

We study a framework for the specification of architecture styles as families of architectures involving a common set of types of components and coordination mechanisms. The framework combines two logics: 1)~interaction logics for the specification of architectures as generic coordination schemes involving a configuration of interactions between typed components; and 2)~configuration logics for the specification of architecture styles as sets of interaction configurations. Configuration logics can be considered as a power-set extension of interaction logics. The relation between the two logics is similar to the relation between programs and their specifications. As program specifications can be expressed, \eg in temporal logics, architecture styles can be specified in configuration logics. The presented results build on previous work on architecture modelling in BIP. We show how propositional interaction logic can be extended into a corresponding configuration logic by adding new operators on sets of interaction configurations. In addition to the usual set-theoretic operators, configuration logic is equipped with a coalescing operator + to express combination of configuration sets. This operator proves to be particularly useful for the specification of architecture styles including a given class of configurations. We provide a complete axiomatization of propositional configuration logic as well as decision procedures for checking that an architecture satisfies given logical specifications. To allow genericity of specifications, we study first-order and second-order extensions of the propositional configuration logic. First-order logic formulas involve quantification over component variables. Second-order logic formulas involve additional quantification over sets of components. We provide several examples illustrating the application of the results to the characterisation of various architecture styles. We also provide an experimental evaluation using the Maude rewriting system to implement the decision procedure for the propositional flavour of the logic. We conclude with a discussion of the related work and of future directions dealing with the application of the results through the development of specific methods and tools

Baital: An Adaptive Weighted Sampling Platform for Configurable Systems

The diversity of software application scenarios has led the evolution towards highly configurable systems. Testing of such systems is challenging due to an immense number of configurations and is usually performed on a small sample set. Sampling is a promising approach for the sample set generation. t-wise coverage is often used to measure the quality of sample sets. Uniform sampling being most known method can fail to achieve high coverage in presence of complex constraints on configurations. Another challenge is a scalability hurdle for the t-wise coverage computation leaving sampling for higher values of t unexplored. In this work, we present Baital, a platform that combines two novel techniques for sampling of configurable systems. It is based on the adaptive weighted sampling approach to generate sample sets with high t-wise coverage. The approximation techniques for the t-wise coverage computation allow the consideration of higher values of t; they improve scalability for both t-wise coverage computation and sampling process

Serums Healthcare System: Completed and Secured

With software systems having access to private data, their verification becomes an essential part of the development. The Serums project aims to build a secure and transparent medical data sharing platform. Due to the operation with sensitive data, guarantees of platform correctness and data privacy are required. The verification of the platform is supported by formal methods capable to check that the system meets the desired properties. We report our experience in the verification of the Serums platform with Statistical Model Checking. We present a model of the platform created with the Uppaal SMC tool and describe the verification process. Results show the scalability and the utility of Statistical Model Checking for the verification of real-world projects

Statistical Model Checking meets GDPR

Software systems are incorporated into various aspects of human society. However, their integration brings a set of challenges, especially when software operates on personal data. The systems must be correct and provide the desired functionality while maintaining privacy and security of personal data. Verification techniques can support software system development and provide mathematical evidence of their correctness and security. This work considers two recent applied and collaborative national/EU projects from different domains. Both projects involve processing personal data and sharing it among multiple individuals and organizations. Therefore, ensuring security and data privacy guarantees, as mandated by the General Data Protection Regulation (GDPR), is crucial. We explore the applicability of formal methods and demonstrate the utility of Statistical Model Checking to ensure security and privacy in real-world projects. The goal is to validate specific aspects of GDPR compliance for both projects