Rigorous development process of a safety-critical system: from ASM models to Java code

The paper presents an approach for rigorous development of safety-critical systems based on the Abstract State Machine formal method. The development process starts from a high level formal view of the system and, through refinement, derives more detailed models till the desired level of specification. Along the process, different validation and verification activities are available, as simulation, model review, and model checking. Moreover, each refinement step can be proved correct using an SMT-based approach. As last step of the refinement process, a Java implementation can be developed and linked to the formal specification. The correctness of the implementation w.r.t. its formal specification can be proved by means of model-based testing and runtime verification. The process is exemplified by using a Landing Gear System as case study

Validation of Constraints Among Configuration Parameters Using Search-Based Combinatorial Interaction Testing

The appeal of highly-configurable software systems lies in their adaptability to users’ needs. Search-based Combinatorial Interaction Testing (CIT) techniques have been specifically developed to drive the systematic testing of such highly-configurable systems. In order to apply these, it is paramount to devise a model of parameter configurations which conforms to the software implementation. This is a non-trivial task. Therefore, we extend traditional search-based CIT by devising 4 new testing policies able to check if the model correctly identifies constraints among the various software parameters. Our experiments show that one of our new policies is able to detect faults both in the model and the software implementation that are missed by the standard approaches

Online Model-Based Testing under Uncertainty

Modern software systems are required to operate in a highly uncertain and changing environment. They have to control the satisfaction of their requirements at run-time, and possibly adapt and cope with situations that have not been completely addressed at design-time. Software engineering methods and techniques are, more than ever, forced to deal with change and uncertainty (lack of knowledge) explicitly. For tackling the challenge posed by uncertainty in delivering more reliable systems, this paper proposes a novel online Model-based Testing technique that complements classic test case generation based on pseudo-random sampling strategies with an uncertainty-aware sampling strategy. To deal with system uncertainty during testing, the proposed strategy builds on an Inverse Uncertainty Quantification approach that is related to the discrepancy between the measured data at run-time (while the system executes) and a Markov Decision Process model describing the behavior of the system under test. To this purpose, a conformance game approach is adopted in which tests feed a Bayesian inference calibrator that continuously learns from test data to tune the system model and the system itself. A comparative evaluation between the proposed uncertainty-aware sampling policy and classical pseudo-random sampling policies is also presented using the Tele Assistance System running example, showing the differences in achieved accuracy and efficiency

Evaluación de la toxicidad genética de la yerba mate (Ilex paraguariensis) en Allium cepa

INTRODUCCIÓN: La Yerba Mate, es una infusión hecha de las hojas del árbol Ilex paraguariensis, planta de la familia Aquifoliaceae. Es una bebida que se consume principalmente en los países de América del Sur como Argentina, Uruguay, Brasil, Paraguay y está logrando una mayor penetración en Estados Unidos como en otros países del mundo. OBJETIVO: El presente estudio evalúa la genotoxicidad de la yerba mate (Ilex paraguariensis), previamente probado para la presencia de hongos toxigénicos en cultivos específicos. MATERIAL Y METODOS: Se utilizó el sistema Allium cepa para el estudio de genotoxicidad, las células meristemáticas fueron tratadas con una infusión filtrada de mate, con agua destilada como control negativo y Dimetilsulfóxido (DMS) al 0,2 % como control positivo. RESULTADOS: El crecimiento radicular fue reducido dependiendo de la concentración, y al estudiar la proliferación celular se observó que la frecuencia de células mitóticas se reducía progresivamente a medida que aumentaba la concentración de yerba mate. Por otra parte, se observó un aumento en la frecuencia de células aberrantes con la concentración de yerba mate más alta (1400 µg/ml). CONCLUSIONES: Los hallazgos de este estudio muestran que la yerba mate induce efectos clastogénicos en las raíces meristemáticas de Allium cepa

Integrating formal methods into medical software development : the ASM approach

Medical devices are safety-critical systems since their malfunctions can seriously compromise human safety. Correct operation of a medical device depends upon the controlling software, whose development should adhere to certification standards. However, these standards provide general descriptions of common software engineering activities without any indication regarding particular methods and techniques to assure safety and reliability. This paper discusses how to integrate the use of a formal approach into the current normative for the medical software development. The rigorous process is based on the Abstract State Machine (ASM) formal method, its refinement principle, and model analysis approaches the method supports. The hemodialysis machine case study is used to show how the ASM-based design process covers most of the engineering activities required by the related standards, and provides rigorous approaches for medical software validation and verification

Metamodelling a formal method : applying MDE to abstract state machines

This paper presents the AsmM, a metamodel for Abstract State Machines developed by following the guidelines of the Model Driven Engineering. The AsmM represents concepts and constructs of the ASM formal method in an abstract way, it is endowed with a standard visual notation, and it is intended easy to learn and understand by practitioners and students. From the AsmM a concrete syntax is also proposed and a standard interchange format for a systematic integration of a number of loosely-coupled ASM tools is derived. The metamodelling advantages for tool interoperability are shown by referring to the experience in making the ATGT, an existing tool supporting test case generation for ASMs, compliant to the AsmM

Zone-based formal specification and timing analysis of real-time self-adaptive systems

Self-adaptive software systems are able to autonomously adapt their behavior at run-time to react to internal dynamics and to uncertain and changing environment conditions. Formal specification and verification of self-adaptive systems are tasks generally very difficult to carry out, especially when involving time constraints. In this case, in fact, the system correctness depends also on the time associated with events. This article introduces the Zone-based Time Basic Petri nets specification formalism. The formalism adopts timed adaptation models to specify self-adaptive behavior with temporal constraints, and relies on a zone-based modeling approach to support separation of concerns. Zones identified during the modeling phase can be then used as modules either in isolation, to verify intra-zone properties, or all together, to verify inter-zone properties over the entire system. In addition, the framework allows the verification of (timed) robustness properties to guarantee self-healing capabilities when higher levels of reliability and availability are required to the system, especially when dealing with time-critical systems. This article presents also the ZAFETY tool, a Java software implementation of the proposed framework, and the validation and experimental results obtained in modeling and verifying two time-critical self-adaptive systems: the Gas Burner system and the Unmanned Aerial Vehicle system