This note briefly discusses the relationship between program correctness and satisfaction of system requirements. The concept of program correctness assumes the existence of a formal program specification. In software-intensive systems such a specification may be hard to obtain and will unavoidably involve formalisation of the natural, non-formal problem world which can be checked by verification tools. Problem structure in such systems exhibits characteristic patterns that are not commonly found elsewhere—both patterns of individual components and patterns of their composition. These patterns affect the structure of the system development steps and documentation, including software and specification texts, and suggest potentially useful forms of verification and verification output. The inevitably imperfect formalisation of the nonformal problem world poses major difficulties, but here too appropriate verification tools can contribute to system reliability.

Abstract. Our goal is to help the developers of computer-based systems to make informed design decisions on the basis of insights gained from the rigorous analysis of abstract system models. The early work on model-oriented specification has inspired the development of numerous formalisms and tools supporting modelling and analysis. There are also many stories of successful industrial application, often driven by a few champions possessing deep a priori understanding of formalisms. There are fewer cases of successful take-up or adoption of the technology in the long term. We argue that successful industrial adoption of this technology requires that potential users strike a balance between the effort expended in producing and analysing a model and insight gained. In order to support this balancing act, tools need to offer a range of levels of effort and insight. Further, educators need to recognise that training in formal development techniques must support this trade-off process. 1

A system for engineering and verifying component-based software must include mechanisms for specifying abstractly not only the complete functionality of components but their exact performance as well. This paper introduces profiles as a firstclass construct for complete, independent specification of performance in higher-level languages. Using profiles, a developer can select from an assortment of implementations for a particular functionality the one that best suits his needs with respect to speed and memory usage. Equally importantly, he can define the expected performance of larger scale components using compositions of the profiles of their constituent (possibly as yet unimplemented) components. To support scalability, the profile construct facilitates abstraction in performance specifications as well as performance composition and analysis.

Mechanical verification of object oriented programs is a central software engineering problem. Any successful solution to the problem should strike a delicate compromise between amenability to automation and several software engineering factors, such as the form and ease of specifications, demands on software developers to provide invariants and hints, development and use of relevant mathematical theories, and software design. The objective of this paper is to illustrate these issues through our experiments towards push-button verification of an imperative object-based code in a modular fashion. 1.

Abstract not found

Abstract. Formal methods based tools and techniques have been recognised to be a promising approach to support the process of verification and validation of a critical system in early stage of the development. Specially, medical devices are very prone to show an unexpected behavior of the system in operating due to stochastic nature of the system and when a system uses traditional methods for system testing. Device-related problems are responsible for a large number of serious injuries. FDA officials has found that many deaths and injuries related to the devices are caused by product design and engineering flaws. Cardiac pacemaker and implantable cardioverter-defibrillators (ICDs) are main critical medical devices, which require close-loop modeling (integration of system and environment modeling) for verification purpose to obtain a certificate from certification bodies. No any technique is available to provide an environment modeling to verify the developed system model. This report presents a methodology to model a biological system, like heart, for modeling a biological environment. The heart model is mainly based on electrocardiography analysis, which models the heart system at cellular level. Main objective of this methodology is to model the heart system and integrate with medical device model like cardiac pacemaker to specify a close-loop model. Close-loop model of an environment and a device is an open problem in real world. Industries are striving for such kind of approach from long time to validate a system model under a virtual biological environment. Our approach involves the pragmatic combination of formal specification of a system and a biological environment to model a close-loop system to verify the correctness of a system and helps in quality improvement of the system.

More than twenty years of research have created a large body of ideas, concepts and theories for model-based development of embedded software-intensive systems. These approaches have been implemented by several tools and successfully applied to various development projects. However, the everyday use of model-based approaches in the automotive and avionic industries is still limited. Most of the time, the engineers work with a pre-defined set of isolated tools, and therefore adapt their engineering and process to the available tools. Today, the industry achieves tool integration by demand-driven, pragmatic and ad-hoc composed chains of a priori existent commercial tools. Nevertheless, these tool chains are not (and cannot be) seamless, since the integration that can be achieved is not deep enough. This hampers the reuse and refinement of models, which subsequently leads to problems like redundancy, inconsistency and lack of automation. In the end, these deficiencies decrease both the productivity and quality that could be provided by model-based approaches. To overcome these problems, a deep, coherent and comprehensive integration of models and tools is required. Such an integration can be achieved by the following three ingredients: 1) a comprehensive modeling theory that serves as a semantic domain for the models, 2) an integrated architectural model that holistically describes the product and process, and 3) a manner to build tools that conform to the modeling theory and allow the authoring of the product model. We show that from a scientific point of view all ingredients are at our hands to do a substantial step into an integrated process and tool world. Further, we illustrate why such a solution has not been achieved so far, and discuss what is to be done to get a step closer to seamless model-based engineering.

Abstract. Test and Simulation are the only verification techniques used for any biomedical devices such as pacemaker system, implantable cardioverter/defibrillators (ICDs) etc. The construction of formal models of Pacemaker systems is a considerable practical challenge. Formal modeling of an artificial Pacemaker system is a case study proposed by the software quality research laboratory at McMaster University 1 in the Grand Challenge Initiative. Using an incremental proof-based approach, we model functionalities of the Pacemaker. The approach is illustrated by developing a new formal model of the cardiac pacemaker system. Our contribution are in this report to model the single electrode pacemaker system using Event-B and prove it. The incremental proof-based development is mainly driven by the refinement between an abstract model of the system and its detailed design through a series of refinements. A series of refinements is progressively added the functional and the timing properties to the abstract system-level specifications using some intermediate models. The properties express system architecture, action-reaction and timing behavior. This paper uses all possible operational modes of a single electrode Pacemaker system that helps to develop better hardware. Every stage of refinement includes the detail information about operating modes. The models are expressed in Event-B modeling language and validated primarily by the ProB tool in different situation such as hysteresis and rate adapting pacing under real-time constraints. In each stages of refinements include the detail information and more events are introduced. The final step of refinement completely localized the events and similar to implementation of single electrode pacemaker operating modes system. The stepwise refinement of the single electrode Pacemaker system contributes to achieve a high degree of automatic proof.