Rigorous development process of a safety-critical system: from ASM models to Java code

The paper presents an approach for rigorous development of safety-critical systems based on the Abstract State Machine formal method. The development process starts from a high level formal view of the system and, through refinement, derives more detailed models till the desired level of specification. Along the process, different validation and verification activities are available, as simulation, model review, and model checking. Moreover, each refinement step can be proved correct using an SMT-based approach. As last step of the refinement process, a Java implementation can be developed and linked to the formal specification. The correctness of the implementation w.r.t. its formal specification can be proved by means of model-based testing and runtime verification. The process is exemplified by using a Landing Gear System as case study

Integrating formal methods into medical software development : the ASM approach

Medical devices are safety-critical systems since their malfunctions can seriously compromise human safety. Correct operation of a medical device depends upon the controlling software, whose development should adhere to certification standards. However, these standards provide general descriptions of common software engineering activities without any indication regarding particular methods and techniques to assure safety and reliability. This paper discusses how to integrate the use of a formal approach into the current normative for the medical software development. The rigorous process is based on the Abstract State Machine (ASM) formal method, its refinement principle, and model analysis approaches the method supports. The hemodialysis machine case study is used to show how the ASM-based design process covers most of the engineering activities required by the related standards, and provides rigorous approaches for medical software validation and verification

NetFPGA Hardware Modules for Input, Output and EWMA Bit-Rate Computation

NetFPGA is a hardware board that it is becoming increasingly popular in various research areas. It is a hardware customizable router and it can be used to study, implement and test new protocols and techniques directly in hardware. It allows researchers to experience a more real experiment environment. In this paper we present a work about the design and development of four new modules built on top of the NetFPGA Reference Router design. In particular, they compute the input and output bit rate run time and provide an estimation of the input bit rate based on an EWMA filter. Moreover we extended the rate limiter module which is embedded within the output queues in order to test our improved Reference Router. Along the paper we explain in detail each module as far as the architecture and the implementation are concerned. Furthermore, we created a testing environment which show the effectiveness and effciency of our module

Equivalence checking of NuSMV specifications

We present a technique for checking the equivalence of NuSMV specifications. The approach is founded on the notion of equivalence between Kripke structures. The necessity to tackle this problem arisen working on using mutation to asses the static analysis fault detection capability. Indeed, mutation, consisting into introducing simple syntactic changes -- representing typical mistakes designers often make -- into specifications, may produce equivalent mutants, namely models behaving as the original one. Equivalent mutants should be detected since they do not represent actual faults. In program mutation, detecting equivalent mutants is an undecidable problem and, when possible, is a time-consuming activity, difficult to automatize. In this work we focus on how detecting equivalence of NuSMV specifications. The novel technique we propose, consists in building a merging unique specification and proving by model checking a series of CTL properties

Designing a governor policy for energy saving and heat control in frequency-scaling green routers

n/

Metamodelling a formal method : applying MDE to abstract state machines

This paper presents the AsmM, a metamodel for Abstract State Machines developed by following the guidelines of the Model Driven Engineering. The AsmM represents concepts and constructs of the ASM formal method in an abstract way, it is endowed with a standard visual notation, and it is intended easy to learn and understand by practitioners and students. From the AsmM a concrete syntax is also proposed and a standard interchange format for a systematic integration of a number of loosely-coupled ASM tools is derived. The metamodelling advantages for tool interoperability are shown by referring to the experience in making the ATGT, an existing tool supporting test case generation for ASMs, compliant to the AsmM

LEMP : a language engineering model-driven process

In this paper, we propose LEMP as a model-driven process to develop a language endowed with a set of derived artifacts (syntax, interchange format, APIs, ...) and with a well defined formal semantics. The process exploits the Model Driven Engineering principles of metamodeling, model transformation and automatic generation of language processing tools. We describe the requirements to fulfill and the development steps of this language engineering life cycle, including the validation activities regarding the syntactic and semantic aspects. As a proof-of-concepts, we apply LEMP to the Finite State Machines and we report our experience in developing a language for the Abstract State Machine formal method