Vered Gafni - Academia.edu (original) (raw)

Papers by Vered Gafni

Research paper thumbnail of Reasoning About Real-Time Reactive Systems with MASS

Research paper thumbnail of Activation-oriented specification of real-time systems

Lecture Notes in Computer Science, 1994

Research paper thumbnail of Decidability Results of PLOT and MASS

Research paper thumbnail of Real-Time Systems Development with MASS

In this paper, we demonstrate the capability of mass, a real-time design language, for large syst... more In this paper, we demonstrate the capability of mass, a real-time design language, for large systems specification. The paper presents a hierarchical specification of an automatic cruise controller that evolves through stepwise refinement. In particular, we show modular design, the separation of the functional and reactive concerns, and the succinct and intuitive nature of specifications in mass. 1 Introduction A real-time system consists of a plant where dynamic processes take place, and a controller (an embedded computer) aimed at the stabilization of the on-going processes at a required state. The controller design is especially complex, as compared with non-real-time applications, due to the reactive aspect of the its operation. This aspect comprises the need to synchronize its computations with the occurrences of the plant events (indicated by sensor data) and to accomplish their executions within hard deadlines determined by the controlled process dynamics (typical application...

Research paper thumbnail of Formal Development of Real-time Systems with PLOT/MASS

The paper presents a formal development process of a real-time system. We employ two related lang... more The paper presents a formal development process of a real-time system. We employ two related languages: the real-time logic plot for plant modeling and requirements specification, and the real-time language mass for the controller design. A deductive proof system is used to verify the design against the requirements. The examples given in the paper demonstrate the special features of the mass/plot framework that make it especially suitable for real-time systems specification. In particular, we show explicit expression of causality and timing in plot, modular design by refinement in mass, and the succinct and intuitive nature of specifications in this framework. 1 Introduction A real-time system consists of a plant where dynamic processes take place, and a controller (an embedded computer) aimed at the stabilization of the on-going processes at a required state. The plant and the controller interact through sensors that collect plant data, and actuators that are capable of affecting ...

Research paper thumbnail of Reasoning sbout Real-Time Reactive Systems with MASS (Extended Abstract)

) Vered Gafni Yishai Feldman Amiram Yehudai Computer Science Department Tel-Aviv University, Tel-... more ) Vered Gafni Yishai Feldman Amiram Yehudai Computer Science Department Tel-Aviv University, Tel-Aviv 69978, ISRAEL PH: +972-3-6409299, FAX: +972-3-6409357, e-mail: amiram@math.tau.ac.il Abstract This paper lays the theoretical foundation for formal reasoning with the language MASS. MASS is an activation oriented specification language, suitable for specifying reactive real time systems. Following a short review of MASS, the paper presents a logical formalism based on the language of MASS events, for stating properties of MASS specifications. A version of MASS in which specified reactions must be given explicit deadlines is then shown to be decidable. The general unbounded version is shown to be undecidable. 1 Introduction MASS is an activation oriented specification language, suitable for specifying reactive real time systems. A previous paper [6] explained the basic approach, presented the language definition, showed specification examples, and outlined a semantic model for MASS...

Research paper thumbnail of Combining Reflection and Finite State Diagrams for Design Enforcement

This paper presents a method for design enforcement, based on a combination of reflection and Sta... more This paper presents a method for design enforcement, based on a combination of reflection and State Machine Diagrams. The method is supported by RECOS, a REflective system in a Concurrent Object-oriented environment that uses Finite State Diagrams. The reflection methodology is now a developing branch in computer science for controlling and modifying systems, particularly Object-Oriented systems. RECOS is a "base-system" under which other systems can be built. Combining concepts of Concurrent Object-Oriented design, Finite State Diagrams, and reflection leads to an increase in the reliability of the systems, by insuring that objects function according to their design. RECOS also presents a safe way for handling modifications of the systems. We attempt to provide the developer of a system under RECOS with an environment that balances between easing implementation effort and guarding against unsafe implementations. We address here the issue of reflection, present the structu...

Research paper thumbnail of MASS - A Real-Time Activation Oriented Specification Language

This report presents an activation oriented approach for RTS specification, formalized in a langu... more This report presents an activation oriented approach for RTS specification, formalized in a language called MASS.

Research paper thumbnail of Mass a Real-time Activation Oriented Speciication Language Technical Report | Version 2 |

Research paper thumbnail of MASS - A Real-Time Activation Oriented Specification Language

Research paper thumbnail of Robots

ACM SIGSOFT Software Engineering Notes, 1999

Research paper thumbnail of An automatic assistant for program understanding

[1988] Proceedings. The Third Israel Conference on Computer Systems and Software Engineering, 1988

Research paper thumbnail of Robots: A Real-Time Systems Architectural Style

Lecture Notes in Computer Science, 1999

Research paper thumbnail of Reactions: an activation scheme specification language

Proceedings. EUROMICRO `91 Workshop on Real-Time Systems, 1991

It is widely recognized that the special properties characterizing a reactive system especially a... more It is widely recognized that the special properties characterizing a reactive system especially affect its activation requirements. Therefore, we propose a specification language, called Reactions, specifically designed to express the activation scheme of a reactive system. The language is of a declarative form and associated with a formal semantics providing for its practical use as a programing language. In addition, a Reactions specification has a natural representation as a set of interval temporal logics formulae, thus enabling a formal analysis of a specification written in the language.

Research paper thumbnail of A Model for a Hard Real Time System Executive

Real Time Programming 1988, 1989

Research paper thumbnail of A tasking model for reactive systems

[1989] Proceedings. Real-Time Systems Symposium, 1989

Page 1. A TASKING MODEL FOR REACTIVE SYSTEMS Vered Gafni Department of Software Engineering , 390... more Page 1. A TASKING MODEL FOR REACTIVE SYSTEMS Vered Gafni Department of Software Engineering , 3902 MBT , Israel Aircraft Industries. Yehud , 56216 Israel Abstract. ... (*) the term 'reactive' is attributable to Hare1 and Pnueli 151. 258 ...

Research paper thumbnail of 6.5.4 SafeAir - An Integrated Development Environment and Methodology

INCOSE International Symposium, 2001

Research paper thumbnail of A real-time simulation environment for embedded computer systems software testing

[1989] Proceedings. The Fourth Israel Conference on Computer Systems and Software Engineering, 1989

Research paper thumbnail of Activation-oriented specification of real-time systems

Lecture Notes in Computer Science, 1994

We p r e s e n t MASS, a declarative language for specifying the reactive b e h a vior of real-ti... more We p r e s e n t MASS, a declarative language for specifying the reactive b e h a vior of real-time systems. The basic primitive of the language is the task, which i s t h e i n terface between the reactive and sequential aspects of the speci cation. The purely computational meaning of a task (as an I/O transformation) is given outside MASS using standard speci cation languages for sequential computations. The reactive aspects of real-time systems are expressed in MASS through causal and temporal relations between events that signal task terminations. Hierarchical systems are obtained by re ning tasks, specifying them as sub-systems in MASS. MASS is given a formal semantics in a trace model augmented with explicit representation of causes. A synchronous execution model conforming with the formal semantics makes MASS speci cations executable. A development system based on this model allows both simulation of (possibly incomplete) speci cations and the generation of complete target applications (given code for the sequential computations of tasks). We have successfully used MASS in a case study involving several robots and a complex conveyer system.

Research paper thumbnail of Combining reflection and finite state diagrams for design enforcement

Theory and Practice of Object Systems, 1996

This paper presents a method for design enforcement, based on a combination of re ection and Stat... more This paper presents a method for design enforcement, based on a combination of re ection and State Machine Diagrams. The method is supported by RECOS, a RE ective system in a Concurrent Object-oriented environment that uses Finite State Diagrams. The re ection methodology is now a developing branch in computer science for controlling and modifying systems, particularly Object-Oriented systems. RECOS is a \base-system" under which other systems can be built. Combining concepts of Concurrent Object-Oriented design, Finite State Diagrams, and re ection leads to an increase in the reliability of the systems, by insuring that objects function according to their design. RECOS also presents a safe way for handling modi cations of the systems. We attempt to provide the developer of a system under RECOS with an environment that balances between easing implementation e ort and guarding against unsafe implementations. We address here the issue of re ection, present the structure of RECOS, using as a running example a heating system, and brie y discuss implementation details and future work.

Research paper thumbnail of Reasoning About Real-Time Reactive Systems with MASS

Research paper thumbnail of Activation-oriented specification of real-time systems

Lecture Notes in Computer Science, 1994

Research paper thumbnail of Decidability Results of PLOT and MASS

Research paper thumbnail of Real-Time Systems Development with MASS

In this paper, we demonstrate the capability of mass, a real-time design language, for large syst... more In this paper, we demonstrate the capability of mass, a real-time design language, for large systems specification. The paper presents a hierarchical specification of an automatic cruise controller that evolves through stepwise refinement. In particular, we show modular design, the separation of the functional and reactive concerns, and the succinct and intuitive nature of specifications in mass. 1 Introduction A real-time system consists of a plant where dynamic processes take place, and a controller (an embedded computer) aimed at the stabilization of the on-going processes at a required state. The controller design is especially complex, as compared with non-real-time applications, due to the reactive aspect of the its operation. This aspect comprises the need to synchronize its computations with the occurrences of the plant events (indicated by sensor data) and to accomplish their executions within hard deadlines determined by the controlled process dynamics (typical application...

Research paper thumbnail of Formal Development of Real-time Systems with PLOT/MASS

The paper presents a formal development process of a real-time system. We employ two related lang... more The paper presents a formal development process of a real-time system. We employ two related languages: the real-time logic plot for plant modeling and requirements specification, and the real-time language mass for the controller design. A deductive proof system is used to verify the design against the requirements. The examples given in the paper demonstrate the special features of the mass/plot framework that make it especially suitable for real-time systems specification. In particular, we show explicit expression of causality and timing in plot, modular design by refinement in mass, and the succinct and intuitive nature of specifications in this framework. 1 Introduction A real-time system consists of a plant where dynamic processes take place, and a controller (an embedded computer) aimed at the stabilization of the on-going processes at a required state. The plant and the controller interact through sensors that collect plant data, and actuators that are capable of affecting ...

Research paper thumbnail of Reasoning sbout Real-Time Reactive Systems with MASS (Extended Abstract)

) Vered Gafni Yishai Feldman Amiram Yehudai Computer Science Department Tel-Aviv University, Tel-... more ) Vered Gafni Yishai Feldman Amiram Yehudai Computer Science Department Tel-Aviv University, Tel-Aviv 69978, ISRAEL PH: +972-3-6409299, FAX: +972-3-6409357, e-mail: amiram@math.tau.ac.il Abstract This paper lays the theoretical foundation for formal reasoning with the language MASS. MASS is an activation oriented specification language, suitable for specifying reactive real time systems. Following a short review of MASS, the paper presents a logical formalism based on the language of MASS events, for stating properties of MASS specifications. A version of MASS in which specified reactions must be given explicit deadlines is then shown to be decidable. The general unbounded version is shown to be undecidable. 1 Introduction MASS is an activation oriented specification language, suitable for specifying reactive real time systems. A previous paper [6] explained the basic approach, presented the language definition, showed specification examples, and outlined a semantic model for MASS...

Research paper thumbnail of Combining Reflection and Finite State Diagrams for Design Enforcement

This paper presents a method for design enforcement, based on a combination of reflection and Sta... more This paper presents a method for design enforcement, based on a combination of reflection and State Machine Diagrams. The method is supported by RECOS, a REflective system in a Concurrent Object-oriented environment that uses Finite State Diagrams. The reflection methodology is now a developing branch in computer science for controlling and modifying systems, particularly Object-Oriented systems. RECOS is a "base-system" under which other systems can be built. Combining concepts of Concurrent Object-Oriented design, Finite State Diagrams, and reflection leads to an increase in the reliability of the systems, by insuring that objects function according to their design. RECOS also presents a safe way for handling modifications of the systems. We attempt to provide the developer of a system under RECOS with an environment that balances between easing implementation effort and guarding against unsafe implementations. We address here the issue of reflection, present the structu...

Research paper thumbnail of MASS - A Real-Time Activation Oriented Specification Language

This report presents an activation oriented approach for RTS specification, formalized in a langu... more This report presents an activation oriented approach for RTS specification, formalized in a language called MASS.

Research paper thumbnail of Mass a Real-time Activation Oriented Speciication Language Technical Report | Version 2 |

Research paper thumbnail of MASS - A Real-Time Activation Oriented Specification Language

Research paper thumbnail of Robots

ACM SIGSOFT Software Engineering Notes, 1999

Research paper thumbnail of An automatic assistant for program understanding

[1988] Proceedings. The Third Israel Conference on Computer Systems and Software Engineering, 1988

Research paper thumbnail of Robots: A Real-Time Systems Architectural Style

Lecture Notes in Computer Science, 1999

Research paper thumbnail of Reactions: an activation scheme specification language

Proceedings. EUROMICRO `91 Workshop on Real-Time Systems, 1991

It is widely recognized that the special properties characterizing a reactive system especially a... more It is widely recognized that the special properties characterizing a reactive system especially affect its activation requirements. Therefore, we propose a specification language, called Reactions, specifically designed to express the activation scheme of a reactive system. The language is of a declarative form and associated with a formal semantics providing for its practical use as a programing language. In addition, a Reactions specification has a natural representation as a set of interval temporal logics formulae, thus enabling a formal analysis of a specification written in the language.

Research paper thumbnail of A Model for a Hard Real Time System Executive

Real Time Programming 1988, 1989

Research paper thumbnail of A tasking model for reactive systems

[1989] Proceedings. Real-Time Systems Symposium, 1989

Page 1. A TASKING MODEL FOR REACTIVE SYSTEMS Vered Gafni Department of Software Engineering , 390... more Page 1. A TASKING MODEL FOR REACTIVE SYSTEMS Vered Gafni Department of Software Engineering , 3902 MBT , Israel Aircraft Industries. Yehud , 56216 Israel Abstract. ... (*) the term 'reactive' is attributable to Hare1 and Pnueli 151. 258 ...

Research paper thumbnail of 6.5.4 SafeAir - An Integrated Development Environment and Methodology

INCOSE International Symposium, 2001

Research paper thumbnail of A real-time simulation environment for embedded computer systems software testing

[1989] Proceedings. The Fourth Israel Conference on Computer Systems and Software Engineering, 1989

Research paper thumbnail of Activation-oriented specification of real-time systems

Lecture Notes in Computer Science, 1994

We p r e s e n t MASS, a declarative language for specifying the reactive b e h a vior of real-ti... more We p r e s e n t MASS, a declarative language for specifying the reactive b e h a vior of real-time systems. The basic primitive of the language is the task, which i s t h e i n terface between the reactive and sequential aspects of the speci cation. The purely computational meaning of a task (as an I/O transformation) is given outside MASS using standard speci cation languages for sequential computations. The reactive aspects of real-time systems are expressed in MASS through causal and temporal relations between events that signal task terminations. Hierarchical systems are obtained by re ning tasks, specifying them as sub-systems in MASS. MASS is given a formal semantics in a trace model augmented with explicit representation of causes. A synchronous execution model conforming with the formal semantics makes MASS speci cations executable. A development system based on this model allows both simulation of (possibly incomplete) speci cations and the generation of complete target applications (given code for the sequential computations of tasks). We have successfully used MASS in a case study involving several robots and a complex conveyer system.

Research paper thumbnail of Combining reflection and finite state diagrams for design enforcement

Theory and Practice of Object Systems, 1996

This paper presents a method for design enforcement, based on a combination of re ection and Stat... more This paper presents a method for design enforcement, based on a combination of re ection and State Machine Diagrams. The method is supported by RECOS, a RE ective system in a Concurrent Object-oriented environment that uses Finite State Diagrams. The re ection methodology is now a developing branch in computer science for controlling and modifying systems, particularly Object-Oriented systems. RECOS is a \base-system" under which other systems can be built. Combining concepts of Concurrent Object-Oriented design, Finite State Diagrams, and re ection leads to an increase in the reliability of the systems, by insuring that objects function according to their design. RECOS also presents a safe way for handling modi cations of the systems. We attempt to provide the developer of a system under RECOS with an environment that balances between easing implementation e ort and guarding against unsafe implementations. We address here the issue of re ection, present the structure of RECOS, using as a running example a heating system, and brie y discuss implementation details and future work.