Verification of external specifications of reactive systems

2006

TURTLE is a real-time UML profile supported by a toolkit which enables application of formal verification techniques to the analysis, design and deployment phases of systems design trajectory. This paper extends the TURTLE methodology with a requirement capture phase. SysML requirement diagrams are introduced. Temporal requirements (TR) are formally expressed using a dedicated language based on Allen's interval algebra. TRs serve as starting point to automatically synthesize observers and to guide the verification process applied to the TURTLE model of the system. Verification results are automatically collected in traceability matrices. A Hybrid Sport Utility Vehicle serves as example.

2003

UML-RT is achieving increasing popularity as a modeling language for real-time applications. Unfortunately UML-RT is not formally well defined and it is not well suited for supporting the specification stage: e.g., it does not provide native constructs to represent time and non-determinism. UML+ is an extension of UML that is formally well defined and suitable for expressing the specifications of real-time systems (e.g., the properties of a UML+ model can be formally verified). However, UML+ does not support design and development. This article addresses the translation of UML+ into UML-RT, thus posing the basis for a development framework where UML+ and UML-RT are used together, in order to remove each other’s limitations. Specifications are written using UML+, they are verified by means of formal methods, and are then converted in an equivalent UML-RT model that becomes the starting point for the implementation.

1997

ASTRAL is a formal specification language for realtime systems. It is intended to support formal software development and, therefore, has been formally defined. The structuring mechanisms in ASTRAL allow one to build modularized specifications of complex systems with layering. A realtime system is modeled by a collection of state machine specifications and a single global specification. This paper discusses the rationale of ASTRAL's design. ASTRAL's specification style is illustrated by discussing a telephony example. Composability of one or more ASTRAL system specifications is also discussed by the introduction of a composition section, which provides the needed information to combine two or more ASTRAL system specifications.

Journal of Systems and Software, 1996

In this paper, a framework for maintaining control of and analyzing object-oriented system specifications of real-time systems by using a set of metrics covering technical, cognitive, and process-oriented views is presented. The indicators defined can be used for monitoring the evolution of system quality and for effort prediction. The use of metrics for the estimation of reusability, verifiability, and testability is analyzed. The metric framework is integrated in a CASE tool named TOOMS, which is based on TROL, a dual object-oriented language with both descriptive and operational capabilities. TOOMS allows one to describe the system at different levels of structural abstractions and at different levels of specification detail, such as many other languages and models for real-time systems (e.g., OSDL, ObjectTime, Objectchart). According to this, the metrics proposed are capable of producing estimations at each level of system specification, thus allowing incremental specification/metrication. The metric framework must be regarded as a support for controlling the process of software development in order to guarantee the final quality.

A specification language for real-time software systems is presented. Notions from Category Theory are used to specify how the components of a system should interact. The potential role of the proposed language in the search for interoperability of specification formalisms is briefly discussed.

IEE Proceedings - Computers and Digital Techniques, 2004

With the rapid escalation in design complexity of real-time embedded software, application frameworks have become an almost indispensable tool because they greatly ease the work of a designer by performing tedious tasks on behalf of a designer and by reusing semicomplete application codes. To ensure code quality and reliability, computer-aided analysis is also performed for the generated application software in some frameworks. However, when the target is real-time embedded systems, the correctness of the software in terms of satisfying all user-given real-time and embedded constraints becomes a primary objective for such frameworks. To guarantee correctness, formal verification in the form of model checking is a viable solution due to its full automation capability. Nevertheless, little is known from either the existing literature or industrial experience on how formal verification can be integrated into an object-oriented application framework, whose primary purpose was previously only to design and generate application software. This work contributes to the state-of-art technology by showing how a design framework and a verification framework can be integrated. Three main issues are tackled: (i) what to verify?; (ii) when to verify?; and (iii) how to verify? As a solution to these three issues the authors propose a mapping from the object-oriented model to a formal model, a schedule-verifymap strategy and a compositional verification methodology, respectively. These have been implemented in a component-based framework and experiments performed to illustrate their feasibility. Due to the incorporation of industry de-facto standards such as real-time unified modelling language and real-time Java, in the proposed techniques it should now be possible for an engineer to gain access to theoretically proven formal verification technologies that would otherwise be considered to be inaccessible to an engineer unskilled in verification techniques.

Increasingly complex systems are being designed that consist of concurrently operating and communicating processes, often combining both hardware and software. A methodology for high level specification and design of software/ hardware systems (SHE [1]) has been designed to cope with this increasing complexity. SHE incorporates a formal specification language named POOSL. Many systems today can be characterised as real-time. The timing properties of such a realtime system determine the correctness of an implementation. This paper describes the extension of the language POOSL with a notion of time and with real-time primitives, which enable it to specify and model timing properties. Concepts and aspects related to timing and concurrency are discussed and options for introducing time and adding temporal meaning to existing elements of the language are investigated. The language POOSL and its formal semantics have been extended with a notion of time and a new primitive has been added. It is shown that this extension enables the expression of typical forms of temporal behaviour such as execution time, time-out behaviour, etcetera. POOSL can thus be used as a formal basis for specifying and designing real-time systems within the SHE methodology.

This paper presents a survey about the formal specification languages which are used to specify Real-time systems. Real time systems are critical systems such as nuclear missile system, auto pilot system etc. A minor fault in these systems can result into serious consequences. These consequences may comprise threat to human life. Therefore it is very vital to specify the system correctly. To achieve the correct and unambiguous specification, formal languages are used. Formal languages increase the confidence on the specification and hence the overall system. This paper compares formal languages which are used to specify real-time systems such as VDM++, RTSJ, ASTRAL. A comparison criterion is established to select the best suitable specification languages for Real-Time systems. In the end a small example is mapped in to three selected specification languages which conclude that which language provides the best constructs and tools for Real-Time systems.

Proc. Software Engineering Research Forum, 1995

A new specification and refinement calculus for real time processes is set out here. Under JiT, a specification is a three-phase ``before, during and after" set of temporal assertions, connected by cross-constraints. Specifications laid out on the page have the look of an Alice-in-Wonderland wardrobe, with a door to enter, a door to peep out of, and a door to exit by, plus a bottom drawer full of undergarments. The specification style is reminiscent of Z and VDM and is intended to appeal to the same technologists. Refinements are pseudo-code containing scheduling and wait statements.

Traditionally, real-time software system development focuses on low-level programming techniques to increase timeliness and operate within constraints; however, more recently higher-level, object-oriented methodologies are being used to create real-time software systems. This increase in object-oriented design for realtime systems is due to the improved use of active objects and concurrency in object-oriented languages. Real-time aspects have not only improved in many programming languages, but these real-time constraints are becoming more essential in general object-oriented software development. Consequently, the specification of real-time object-oriented systems is becoming important in software development processes. One of the many tools used to specify software is an executable specification language called Descartes. Descartes relates output data to input data as a function of the input data through a tree structure notation called "Hoare trees." This useful specification structure has been extended and supported for several types of systems since the language's creation in 1977. In particular, Descartes has been extended for the specification of real-time systems and for object-oriented designed systems. In spite of this, the combination of the two extensions for specification of real-time object oriented (RTOO) systems has not been tested. Thus, the main objective was to validate that the combination of the two Descartes extensions either satisfied the needed specification for RTOO systems or that the language needed to be additionally extended. To gain further verification of these united Descartes extensions, the Unified Modeling Language (UML) was used for comparison in aspects of design and effectiveness. In this research effort, UML 2.0, a widely used modeling language was used and analyzed to model security requirements along with the application requirements for real time object oriented systems. The outcome from this research effort was efficient modeling notations included to UML 2.0 modeling notations that can be used to specify security requirements in the beginning phase of software engineering, when application requirements are specified.