Results 1 - 10
of
20
Tools for constructing requirements specifications: The SCR toolset at the age of ten
, 2005
"... ..."
Software cost reduction
- of Software Engineering. 2nd edition
, 2002
"... Software Cost Reduction (SCR) is a set of techniques for designing software sys-tems developed by David Parnas and researchers from the U.S. Naval Research Laboratory (NRL) beginning in the late 1970s. A major goal of the original SCR research team was to evaluate the utility and scalability of soft ..."
Abstract
-
Cited by 21 (3 self)
- Add to MetaCart
(Show Context)
Software Cost Reduction (SCR) is a set of techniques for designing software sys-tems developed by David Parnas and researchers from the U.S. Naval Research Laboratory (NRL) beginning in the late 1970s. A major goal of the original SCR research team was to evaluate the utility and scalability of software engineer-
Model Exploration with Temporal Logic Query Checking
- IN PROCEEDINGS OF SIGSOFT CONFERENCE ON FOUNDATIONS OF SOFTWARE ENGINEERING (FSE'02
, 2002
"... A temporal logic query is a temporal logic formula with placeholders. Given a model, a solution to a query is a set of assignments of propositional formulas to placeholders, such that replacing the placeholders with any of these assignments results in a temporal logic formula that holds in the model ..."
Abstract
-
Cited by 20 (9 self)
- Add to MetaCart
A temporal logic query is a temporal logic formula with placeholders. Given a model, a solution to a query is a set of assignments of propositional formulas to placeholders, such that replacing the placeholders with any of these assignments results in a temporal logic formula that holds in the model. Query checking, first introduced by William Chan [2], is an automated technique for finding solutions to temporal logic queries. It allows discovery of the temporal properties of the system and as such may be a useful tool for model exploration and reverse engineering. This paper
Temporal Logic Query Checking: A Tool for Model Exploration
- IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 2003
"... Temporal logic query checking was first introduced by W. Chan in order to speed up design understanding by discovering properties not known a priori. A query is a temporal logic formula containing a special symbol?1, known as a placeholder. Given a Kripke structure and a propositional formula’, we ..."
Abstract
-
Cited by 13 (5 self)
- Add to MetaCart
(Show Context)
Temporal logic query checking was first introduced by W. Chan in order to speed up design understanding by discovering properties not known a priori. A query is a temporal logic formula containing a special symbol?1, known as a placeholder. Given a Kripke structure and a propositional formula’, we say that’satisfies the query if replacing the placeholder by’results in a temporal logic formula satisfied by the Kripke structure. A solution to a temporal logic query on a Kripke structure is the set of all propositional formulas that satisfy the query. Query checking helps discover temporal properties of a system and, as such, is a useful tool for model exploration. In this paper, we show that query checking is applicable to a variety of model exploration tasks, ranging from invariant computation to test case generation. We illustrate these using a Cruise Control System. Additionally, we show that query checking is an instance of a multi-valued model checking of Chechik et al. This approach enables us to build an implementation of a temporal logic query checker, TLQSolver, on top of our existing multi-valued model checker Chek. It also allows us to decide a large class of queries and introduce witnesses for temporal logic queries—an essential notion for effective model exploration.
Generating optimized code from scr specifications
- Proceedings of LCTES 2006: ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems
, 2006
"... A promising trend in software development is the increasing adoption of model-driven design. In this approach, a developer first constructs an abstract model of the required program behavior in a language, such as Statecharts or Stateflow, and then uses a code generator to automatically transform th ..."
Abstract
-
Cited by 11 (7 self)
- Add to MetaCart
(Show Context)
A promising trend in software development is the increasing adoption of model-driven design. In this approach, a developer first constructs an abstract model of the required program behavior in a language, such as Statecharts or Stateflow, and then uses a code generator to automatically transform the model into an executable program. This approach has many advantages—typically, a model is not only more concise than code and hence more understandable, it is also more amenable to mechanized analysis. Moreover, automatic generation of code from a model usually produces code with fewer errors than hand-crafted code. One serious problem, however, is that a code generator may produce inefficient code. To address this problem, this paper describes a method for generating efficient code from SCR (Software Cost Reduction) specifications. While the SCR tabular notation and tools have been used successfully to specify, simulate, and verify numerous embedded systems, until now SCR has lacked an automated method for generating optimized code. This paper describes an efficient method for automatic code generation from SCR specifications, together with an implementation and an experimental evaluation. The method first synthesizes an execution-flow graph from the specification, then applies three optimizations to the graph, namely, input slicing, simplification, and output slicing, and then automatically generates code from the optimized graph. Experiments on seven benchmarks demonstrate that the method produces significant performance improvements in code generated from large specifications. Moreover, code generation is relatively fast, and the code produced is relatively compact.
Program synthesis from formal requirements specifications using APTS. Higher-Order and Symbolic Computation
- Proc. Joint 7th Eur. Softw. Eng. Conf. and 7th ACM SIGSOFT Symp. Foundations Softw. Eng
, 2003
"... Abstract. Formal specifications of software systems are extremely useful because they can be rigorously an-alyzed, verified, and validated, giving high confidence that the specification captures the desired behavior. To transfer this confidence to the actual source code implementation, a formal link ..."
Abstract
-
Cited by 10 (3 self)
- Add to MetaCart
(Show Context)
Abstract. Formal specifications of software systems are extremely useful because they can be rigorously an-alyzed, verified, and validated, giving high confidence that the specification captures the desired behavior. To transfer this confidence to the actual source code implementation, a formal link is needed between the specifi-cation and the implementation. Generating the implementation directly from the specification provides one such link. A program transformation system such as Paige’s APTS can be useful in developing a source code generator. This paper describes a case study in which APTS was used to produce code generators that construct C source code from a requirements specification in the SCR (Software Cost Reduction) tabular notation. In the study, two different code generation strategies were explored. The first strategy uses rewrite rules to transform the parse tree of an SCR specification into a parse tree for the corresponding C code. The second strategy associates a relation with each node of the specification parse tree. Each member of this relation acts as an attribute, holding the C code corresponding to the tree at the associated node; the root of the tree has the entire C program as its member of the relation. This paper describes the two code generators supported by APTS, how each was used to synthesize code for two example SCR requirements specifications, and what was learned about APTS from these implementations.
A strategy for efficiently verifying requirements specifications using composition and invariants
- In European Software Engineering Conference/ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2003
, 2003
"... This paper describes a compositional proof strategy for verifying properties of requirements specifications. The proof strategy, which may be applied using either a model checker or a theorem prover, uses known state invariants to prove state and transition invariants. Two proof rules are presented: ..."
Abstract
-
Cited by 5 (0 self)
- Add to MetaCart
(Show Context)
This paper describes a compositional proof strategy for verifying properties of requirements specifications. The proof strategy, which may be applied using either a model checker or a theorem prover, uses known state invariants to prove state and transition invariants. Two proof rules are presented: a standard incremental proof rule analogous to Manna and Pnueli’s incremental proof rule and a compositional proof rule. The advantage of applying the compositional rule is that it decomposes a large verification problem into smaller problems which often can be solved more efficiently than the larger problem. The steps needed to implement the compositional rule are described, and the results of applying the proof strategy to two examples, a simple cruise control system and a realworld Navy system, are presented. In the Navy example, compositional verification using either theorem proving or model checking was three times faster than verification based on the standard incremental (noncompositional) rule. In addition to the two above rules for proving invariants, a new compositional proof rule is presented for circular assume-guarantee proofs of invariants. While in principle the strategy and rules described for proving invariants may be applied to any state-based specification with parallel composition of components, the specifications in the paper are expressed in the SCR (Software Cost Reduction) tabular notation, the auxiliary invariants used in the proofs are automatically generated invariants, and the verification is supported by the SCR tools. Categories and Subject Descriptors D.2.1 [Requirements/Specifications]: languages, methodologies, tools; D.2.4 [Software/Program Verification]: formal methods, model checking
A UML-Based Meta-modeling Architecture with Example Frameworks
- WISME 2002, WORKSHOP ON SOFTWARE MODEL ENGINEERING
, 2002
"... Based on a survey of modelers’ practice, we propose a UML-based metamodeling architecture in which the two uppermost layers (meta-metamodeling and metamodeling) are organized into a mirroring structure. Using this architecture we can formally define a semantical integration of metamodels. We propose ..."
Abstract
-
Cited by 3 (3 self)
- Add to MetaCart
Based on a survey of modelers’ practice, we propose a UML-based metamodeling architecture in which the two uppermost layers (meta-metamodeling and metamodeling) are organized into a mirroring structure. Using this architecture we can formally define a semantical integration of metamodels. We propose two applications of such metamodel integration: a framework for integrated design and interoperability of information systems, and a framework for the Semantic Web.
Managing Complexity in Software Development with Formally Based Tools
- FESCA 2004
, 2004
"... Over the past two decades, formal methods researchers have produced a number of powerful software tools designed to detect errors in, and to verify properties of, hardware designs, software systems, and software system artifacts. Mostly used in the past to debug hardware designs, in future years, th ..."
Abstract
-
Cited by 2 (0 self)
- Add to MetaCart
Over the past two decades, formal methods researchers have produced a number of powerful software tools designed to detect errors in, and to verify properties of, hardware designs, software systems, and software system artifacts. Mostly used in the past to debug hardware designs, in future years, these tools should help developers improve the quality of software systems. They should be especially useful in developing high assurance software systems, where compelling evidence is required that the system satisfies critical properties, such as safety and security. This paper describes the di#erent roles that formally based software tools can play in improving the correctness of software and software artifacts. Such tools can help developers manage complexity by automatically exposing certain classes of software errors and by producing evidence (e.g., mechanically checked proofs, results of executing automatically generated test cases, etc.) that a software system satisfies its requirements. In addition, the tools allow practitioners to focus on development tasks best performed by people---e.g., obtaining and validating requirements and constructing a high-quality requirements specification.
Incremental verification with mode variable invariants in state machines?
"... Abstract. We describe two complementary techniques to aid the automatic ver-ification of safety properties of synchronous systems by model checking. A first technique allows the automatic generation of certain inductive invariants for mode variables. Such invariants are crucial in the verification o ..."
Abstract
-
Cited by 2 (2 self)
- Add to MetaCart
(Show Context)
Abstract. We describe two complementary techniques to aid the automatic ver-ification of safety properties of synchronous systems by model checking. A first technique allows the automatic generation of certain inductive invariants for mode variables. Such invariants are crucial in the verification of safety properties in sys-tems with complex modal behavior. A second technique allows the simultaneous verification of multiple properties incrementally. Specifically, the outcome of a property—valid or invalid—is communicated to the user as soon as it is known. Moreover, each property proven valid is used immediately as an invariant in the model checking procedure to aid the verification of the remaining properties. We have implemented these techniques as new options in the KIND model checker. Experimental evidence shows that these two techniques combine synergistically to increase KIND’s precision as well as its speed. 1
