Results 1 - 10
of
39
Symbolic Invariant Verification for Systems with Dynamic Structural Adaptation
, 2006
"... The next generation of networked mechatronic systems will be characterized by complex coordination and structural adaptation at run-time. Crucial safety properties have to be guaranteed for all potential structural configurations. Testing cannot provide safety guarantees, while current model checkin ..."
Abstract
-
Cited by 44 (10 self)
- Add to MetaCart
The next generation of networked mechatronic systems will be characterized by complex coordination and structural adaptation at run-time. Crucial safety properties have to be guaranteed for all potential structural configurations. Testing cannot provide safety guarantees, while current model checking and theorem proving techniques do not scale for such systems. We present a verification technique for arbitrarily large multi-agent systems from the mechatronic domain, featuring complex coordination and structural adaptation. We overcome the limitations of existing techniques by exploiting the local character of structural safety properties. The system state is modeled as a graph, system transitions are modeled as rule applications in a graph transformation system, and safety properties of the system are encoded as inductive invariants (permitting the verification of infinite state systems). We developed a symbolic verification procedure that allows us to perform the computation on an efficient BDD-based graph manipulation engine, and we report performance results for several examples.
Tools for constructing requirements specifications: The SCR toolset at the age of ten
, 2005
"... ..."
Applying Practical Formal Methods to the Specification and Analysis of Security Properties
, 2001
"... The SCR (Software Cost Reduction) toolset contains tools for specifying, debugging, and verifying system and software requirements. The utility of the SCR tools in detecting specification errors, many involving safety properties, has been demonstrated recently in projects involving practical system ..."
Abstract
-
Cited by 22 (0 self)
- Add to MetaCart
The SCR (Software Cost Reduction) toolset contains tools for specifying, debugging, and verifying system and software requirements. The utility of the SCR tools in detecting specification errors, many involving safety properties, has been demonstrated recently in projects involving practical systems, such as the International Space Station, a flight guidance system, and a U.S. weapons system. This paper briefly describes our experience in applying the tools in the development of two secure systems: a communications device and a biometrics standard for user authentication.
Software cost reduction
- of Software Engineering. 2nd edition
, 2002
"... Software Cost Reduction (SCR) is a set of techniques for designing software sys-tems developed by David Parnas and researchers from the U.S. Naval Research Laboratory (NRL) beginning in the late 1970s. A major goal of the original SCR research team was to evaluate the utility and scalability of soft ..."
Abstract
-
Cited by 21 (3 self)
- Add to MetaCart
(Show Context)
Software Cost Reduction (SCR) is a set of techniques for designing software sys-tems developed by David Parnas and researchers from the U.S. Naval Research Laboratory (NRL) beginning in the late 1970s. A major goal of the original SCR research team was to evaluate the utility and scalability of software engineer-
An Algorithm for Strengthening State Invariants Generated from Requirements Specifications
, 2001
"... In earlier work, we developed a xpoint algorithm for automatically generating state invariants, properties that hold in each reachable state of a state machine model, from state-based requirements specifications. Such invariants are useful both in validating requirements specifications and as auxili ..."
Abstract
-
Cited by 20 (8 self)
- Add to MetaCart
In earlier work, we developed a xpoint algorithm for automatically generating state invariants, properties that hold in each reachable state of a state machine model, from state-based requirements specifications. Such invariants are useful both in validating requirements specifications and as auxiliary lemmas in proofs that a requirements specification satisfies other invariant properties. This paper describes a new related algorithm that strengthens state invariants generated by our initial algorithm and demonstrates the new algorithm on a simplified version of an automobile cruise control system. The paper concludes by describing how the two algorithms were used togenerate state invariants fromarequirements specification of a cryptographic device and how the invariants in conjunction with a theorem prover were used toprove formally that the device satisfies a set of critical security properties.
Automated Validation of Software Models
"... This paper describes the application of an automated verification tool to a software model developed at Ford. Ford already has in place an advanced model-based software development framework that employs the Matlab R○, Simulink R○, and Stateflow R ○ modeling tools. During this project we applied the ..."
Abstract
-
Cited by 17 (0 self)
- Add to MetaCart
This paper describes the application of an automated verification tool to a software model developed at Ford. Ford already has in place an advanced model-based software development framework that employs the Matlab R○, Simulink R○, and Stateflow R ○ modeling tools. During this project we applied the invariant checker Salsa to a Simulink R○ / Stateflow R ○ model of automotive software to check for nondeterminism, missing cases, dead code, and redundant code. During the analysis, a number of anomalies were detected that had not been found during manual review. We argue that the detection and correction of these problems demonstrates a cost-effective application of formal verification that elevates our level of confidence in the model.
Applying the SCR Requirements Method to the Light Control Case Study
- Journal of Universal Computer Science
, 2000
"... Abstract: To date, the SCR (Software Cost Reduction) requirements method has been used in industrial environments to specify the requirements of many practical systems, including control systems for nuclear power plants and avionics systems. This paper describes the use of the SCR method to specify ..."
Abstract
-
Cited by 16 (6 self)
- Add to MetaCart
(Show Context)
Abstract: To date, the SCR (Software Cost Reduction) requirements method has been used in industrial environments to specify the requirements of many practical systems, including control systems for nuclear power plants and avionics systems. This paper describes the use of the SCR method to specify the requirements of the Light Control System (LCS), the subject of a case study at the Dagstuhl Seminar on Requirements Capture, Documentation, and Validation in June 1999. It introduces a systematic process for constructing the LCS requirements speci cation, presents the speci cation of the LCS in the SCR tabular notation, discusses the tools that we applied to the LCS speci cation, and concludes with a discussion of a number of issues that arose in developing the speci cation.
Generating optimized code from scr specifications
- Proceedings of LCTES 2006: ACM SIGPLAN/SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems
, 2006
"... A promising trend in software development is the increasing adoption of model-driven design. In this approach, a developer first constructs an abstract model of the required program behavior in a language, such as Statecharts or Stateflow, and then uses a code generator to automatically transform th ..."
Abstract
-
Cited by 11 (7 self)
- Add to MetaCart
(Show Context)
A promising trend in software development is the increasing adoption of model-driven design. In this approach, a developer first constructs an abstract model of the required program behavior in a language, such as Statecharts or Stateflow, and then uses a code generator to automatically transform the model into an executable program. This approach has many advantages—typically, a model is not only more concise than code and hence more understandable, it is also more amenable to mechanized analysis. Moreover, automatic generation of code from a model usually produces code with fewer errors than hand-crafted code. One serious problem, however, is that a code generator may produce inefficient code. To address this problem, this paper describes a method for generating efficient code from SCR (Software Cost Reduction) specifications. While the SCR tabular notation and tools have been used successfully to specify, simulate, and verify numerous embedded systems, until now SCR has lacked an automated method for generating optimized code. This paper describes an efficient method for automatic code generation from SCR specifications, together with an implementation and an experimental evaluation. The method first synthesizes an execution-flow graph from the specification, then applies three optimizations to the graph, namely, input slicing, simplification, and output slicing, and then automatically generates code from the optimized graph. Experiments on seven benchmarks demonstrate that the method produces significant performance improvements in code generated from large specifications. Moreover, code generation is relatively fast, and the code produced is relatively compact.
Program synthesis from formal requirements specifications using APTS. Higher-Order and Symbolic Computation
- Proc. Joint 7th Eur. Softw. Eng. Conf. and 7th ACM SIGSOFT Symp. Foundations Softw. Eng
, 2003
"... Abstract. Formal specifications of software systems are extremely useful because they can be rigorously an-alyzed, verified, and validated, giving high confidence that the specification captures the desired behavior. To transfer this confidence to the actual source code implementation, a formal link ..."
Abstract
-
Cited by 10 (3 self)
- Add to MetaCart
(Show Context)
Abstract. Formal specifications of software systems are extremely useful because they can be rigorously an-alyzed, verified, and validated, giving high confidence that the specification captures the desired behavior. To transfer this confidence to the actual source code implementation, a formal link is needed between the specifi-cation and the implementation. Generating the implementation directly from the specification provides one such link. A program transformation system such as Paige’s APTS can be useful in developing a source code generator. This paper describes a case study in which APTS was used to produce code generators that construct C source code from a requirements specification in the SCR (Software Cost Reduction) tabular notation. In the study, two different code generation strategies were explored. The first strategy uses rewrite rules to transform the parse tree of an SCR specification into a parse tree for the corresponding C code. The second strategy associates a relation with each node of the specification parse tree. Each member of this relation acts as an attribute, holding the C code corresponding to the tree at the associated node; the root of the tree has the entire C program as its member of the relation. This paper describes the two code generators supported by APTS, how each was used to synthesize code for two example SCR requirements specifications, and what was learned about APTS from these implementations.
A framework for the formal analysis of multi-agent systems
- In Proc. Formal Approaches to Multi-Agent Systems, ETAPS 2003
, 2003
"... Abstract. In this paper we present an integrated formal framework for the specication and analysis of Multi-Agent Systems (MAS). Agents are speci ed in a synchronous programming language called Secure Opera-tions Language (SOL) which supports the modular development of secure agents. Multi-agent sys ..."
Abstract
-
Cited by 9 (4 self)
- Add to MetaCart
(Show Context)
Abstract. In this paper we present an integrated formal framework for the specication and analysis of Multi-Agent Systems (MAS). Agents are speci ed in a synchronous programming language called Secure Opera-tions Language (SOL) which supports the modular development of secure agents. Multi-agent systems are constructed from individual agent mod-ules by using the composition operator of SOL, the semantics of which are guaranteed to preserve certain individual agent properties. The for-mal semantics and the underlying framework of SOL also serve as the basis for analysis and transformation techniques such as abstraction, consistency checking, verication by model checking or theorem proving, and automatic synthesis of agent code. Based on this framework, we are currently developing a suite of analysis and transformation tools for the formal specication, analysis, and synthesis of multi-agent systems. 1
