Formal methods Research Papers - Academia.edu (original) (raw)

OO Big O 80 Joan Krone (Denison University) and W. F. Ogden (The Ohio State University) Ontology-based Description and Reasoning for Component-based Development on the Web 84 Claus Pahl (Dublin City University) Modeling Multiple Aspects... more

OO Big O 80 Joan Krone (Denison University) and W. F. Ogden (The Ohio State University) Ontology-based Description and Reasoning for Component-based Development on the Web 84 Claus Pahl (Dublin City University) Modeling Multiple Aspects of Software Components 88 Roshanak Roshandel and Nenad Medvidovic (University of Southern California, Los Angeles) Reasoning About Parameterized Components with Dynamic Binding 92 Nigamanth Sridhar and Bruce W. Weide (The Ohio State University) DEMONSTRATIONS 96 Specifications in the Development Process: An AsmL Demonstration 97 Mike Barnett (Microsoft Research) Mae: An Architectural Evolution Environment 99 Roshanak Roshandel (University of Southern California, Los Angeles) Runtime Assertion Checking Using JML 101 Roy Patrick Tan (Virginia Tech)

Hardware and software systems are growing everyday in scale and functionality. This increase in complexity increases the number of subtle errors. Moreover, some of these errors may cause catastrophic loss of money, time, or even in many... more

Hardware and software systems are growing everyday in scale and functionality. This increase in complexity increases the number of subtle errors. Moreover, some of these errors may cause catastrophic loss of money, time, or even in many cases human life. A major goal of ...

In Mobile communications age, the IT environment and IT technology update rapidly. The requirements change is the software project must face challenge. Able to overcome the impact of requirements change, software development risks can be... more

In Mobile communications age, the IT environment and IT technology update rapidly. The requirements change is the software project must face challenge. Able to overcome the impact of requirements change, software development risks can be effectively reduced. Agile software development uses the Iterative and Incremental Development (IID) process and focuses on the workable software and client communication. Agile software development is a very suitable development method for handling the requirements change in software development process. In agile development, user stories are the important documents for the client communication and criteria of acceptance test. However, the agile development doesn't pay attention to the formal requirements analysis and artifacts tracability to cause the potential risks of software change management. In this paper, analyzing and collecting the critical quality factors of user stories, and proposes the User Story Quality Measurement (USQM) model. Applied USQM model, the requirements quality of agile development can be enhanced and risks of requirement changes can be reduced.

This report gives an overview of the work performed by the Programming Research Group as part of the European collaborative ESPRIT II REDO project (no. 2487). This work covered the areas of reverse-engineering: redocumentation and... more

This report gives an overview of the work performed by the Programming Research Group as part of the European collaborative ESPRIT II REDO project (no. 2487). This work covered the areas of reverse-engineering: redocumentation and re-engineering; validation: post-hoc veri fication and generation of correct code from speci fications; maintenance: new languages and methods to support maintenance. Research in areas of concurrent programming and decompilation were also performed.

We introduce a logical verification methodology for checking behavioral properties of service-oriented computing systems. Service properties are described by means of SocL, a branching-time temporal logic that we have specifically... more

We introduce a logical verification methodology for checking behavioral properties of service-oriented computing systems. Service properties are described by means of SocL, a branching-time temporal logic that we have specifically designed for expressing in an effective way distinctive aspects of services, such as, acceptance of a request, provision of a response, correlation among service requests and responses, etc. Our approach allows service properties to be expressed in such a way that they can be independent of service domains and specifications. We show an instantiation of our general methodology that uses the formal language COWS to conveniently specify services and the expressly developed software tool CMC to assist the user in the task of verifying SocL formulas over service specifications. We demonstrate the feasibility and effectiveness of our methodology by means of the specification and analysis of a case study in the automotive domain.

In this paper we introduce a model as a foundation for het-erogeneous services, therefore unifying web services tech-nologies in SOA (Service Oriented Architecture), specif-ically, SOAP/WS * and RESTful models. This model ab-stracts away... more

In this paper we introduce a model as a foundation for het-erogeneous services, therefore unifying web services tech-nologies in SOA (Service Oriented Architecture), specif-ically, SOAP/WS * and RESTful models. This model ab-stracts away from service implementations, in order to verify and to enforce some important security properties.

"Formal methods aim to apply mathematically-based techniques to the development of computer-based systems, especially at the specification level, but also down to the implementation level. This aids early detection and avoidance of errors... more

"Formal methods aim to apply mathematically-based techniques to the development of computer-based systems, especially at the specification level, but also down to the implementation level. This aids early detection and avoidance of errors through increased understanding. It is also beneficial for more rigorous testing coverage. This talk presents the use of formal methods on a real project. The Z notation has been used to specify a large-scale high integrity system to aid in air traffic control. The system has been implemented directly from the Z specification using SPARK Ada, an annotated subset of the Ada programming language that includes assertions and tool support for proofs. The Z specification has been used to direct the testing of the software through additional test design documents using tables and fragments of Z. In addition, Mathematica has been used as a test oracle for algorithmic aspects of the system. In summary, formal methods can be used successfully in all phases of the lifecycle for a large software project with suitably trained engineers, despite limited tool support.
"

Formal methods have traditionally been used for specification and development of software. However there are potential benefits for the testing stage as well. The panel session associated with this paper explores the usefulness or... more

Formal methods have traditionally been used for specification and development of software. However there are potential benefits for the testing stage as well. The panel session associated with this paper explores the usefulness or otherwise of formal methods in various contexts for improving software testing. A number of different possibilities for the use of formal methods are explored and questions raised. The contributors are all members of the UK FORTEST Network on formal methods and testing. Although the authors generally believe that formal methods are useful in aiding the testing process, this paper is intended to provoke discussion. Dissenters are encouraged to put their views to the panel or individually to the authors.

Abstract Z is one of the most widely used formal speci cation languages. However, traditionally it has lacked adequate tool support for use in an industrial setting. It has grown up from a mathematically based tradition of the use of... more

Abstract Z is one of the most widely used formal speci cation languages. However, traditionally it has lacked adequate tool support for use in an industrial setting. It has grown up from a mathematically based tradition of the use of formal methods, rather than being based on any particular tool. This paper presents a tool and, in particular, its associated machine-readable syntax description of Z that could be useful as a common front-end to a number of tools to aid the production of a Z speci cation.

The formal analysis described here detects two so far undetected real deadlock situations per thousand C source files or million lines of code in the open source Linux operating system kernel, and three undetected accesses to freed... more

The formal analysis described here detects two so far undetected real deadlock situations per thousand C source files or million lines of code in the open source Linux operating system kernel, and three undetected accesses to freed memory, at a few seconds per file. That is notable because the code has been continuously under scrutiny from thousands of developers' pairs of eyes. In distinction to model-checking techniques, which also use symbolic logic, the analysis uses a ``3-phase" compositional Hoare-style programming logic combined with abstract interpretation. The result is a customisable post-hoc semantic analysis of C code that is capable of several different analyses at once.

The autonomic computing paradigm has been proposed to cope with size, complexity, and dynamism of contemporary software-intensive systems. The challenge for language designers is to devise appropriate abstractions and linguistic... more

The autonomic computing paradigm has been proposed to cope with size, complexity, and dynamism of contemporary software-intensive systems. The challenge for language designers is to devise appropriate abstractions and linguistic primitives to deal with the large dimension of systems and with their need to adapt to the changes of the working environment and to the evolving requirements. We propose a set of programming abstractions that permit us to represent behaviors, knowledge, and aggregations according to specific policies and to support programming context-awareness, self-awareness, and adaptation. Based on these abstractions, we define SCEL (Software Component Ensemble Language), a kernel language whose solid semantic foundations lay also the basis for formal reasoning on autonomic systems behavior. To show expressiveness and effectiveness of SCEL;’s design, we present a Java implementation of the proposed abstractions and show how it can be exploited for programming a robotics...

Abstract. In the last three years or so we at Enterprise Platforms Group at Intel Corporation have been applying formal methods to various problems that arose during the process of defining platform architectures for Intel’s processor... more

Abstract. In the last three years or so we at Enterprise Platforms Group at Intel Corporation have been applying formal methods to various problems that arose during the process of defining platform architectures for Intel’s processor families. In this paper we give an overview of some of the problems we have worked on, the results we have obtained, and the lessons we have learned. The last topic is addressed mainly from the perspective of platform architects. 1. Problems and Results Modern computer systems are highly complex distributed systems with many interacting components. Architecturally they are often organized like a computer network into multiple layers: physical layer, link layer, protocol layer, etc. Most of the problems to which we applied formal methods are the formal verification (FV) of intricate protocols in the protocol and link layers. In addition, we also found several novel uses of binary decision diagrams (BDDs) [3] that are worth mentioning. 1.1. Directory-bas...

7th International Conference on Software Engineering (SOFT 2021) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Software Engineering and Applications. The goal of... more

7th International Conference on Software Engineering (SOFT 2021) will provide an excellent
international forum for sharing knowledge and results in theory, methodology and applications of
Software Engineering and Applications. The goal of this Conference is to bring together researchers
and practitioners from academia and industry to focus on understanding Modern software
engineering concepts and establishing new collaborations in these areas.

We describe methods and software tools which aid in reverse-engineering COBOL application programs back to the specification stage (and in validating them against the specification). The aim is to create object-oriented abstractions from... more

We describe methods and software tools which aid in reverse-engineering COBOL application programs back to the specification stage (and in validating them against the specification). The aim is to create object-oriented abstractions from the implementation which capture the design concepts accurately, and the central process which the tools support is `transformation from formalism to formalism', first from COBOL to the intermediate language UNIFORM, then from UNIFORM to a functional description language, and then to the specification language Z. In the process data-flow diagrams, entity-relationship diagrams and call-graph, and other types of information, are extracted from the code.

Formal methods and testing are two important approaches that assist in the development of high-quality software. While traditionally these approaches have been seen as rivals, in recent years a new consensus has developed in which they... more

Formal methods and testing are two important approaches that assist in the development of high-quality software. While traditionally these approaches have been seen as rivals, in recent years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing.

The preoccupation of this study is to investigate whether women are financially excluded from formal financial services in Lagos State. Four local government areas (Ikeja, Ifako- Ijaiye, Somolu-Bariga and Agege) were selected for the... more

The preoccupation of this study is to investigate whether women are financially excluded from formal financial services in Lagos State. Four local government areas (Ikeja, Ifako- Ijaiye, Somolu-Bariga and Agege) were selected for the empirical enquiry. Perceptions of women about formal financial services were collected by means of questionnaires. Of the 280 questionnaires sent out, 202 were recovered and the data was analyzed using descriptive analyses techniques. Two major findings are reported:(i) women are excluded from financial services mostly because of their lower level of education which thus exclude them from being able to utilize financial products such as mobile and internet banking; and (ii)the older the respondents get, the lower their willingness to make use of internet or mobile banking, as the emergence of new products in that line is too sophisticated for them to understand, thus, they experience technical exclusion from financial services. The study
recommends that: (i) there is need for specialized financial product for women and increased awareness of beneficial products by the financial institutions; and (ii) financial institutions should design specialized financial products for women and to embark on road shows in markets where women are mostly aggregated in order to create efficient awareness of these financial products.

If you are confused by the title above you are in the same boat as the vast majority of software producers when confronted with a display of formal methods. The easiest option when dealing with an activity whose benefi ts are doubtful... more

If you are confused by the title above you are in the same boat as the vast majority of software producers when confronted with
a display of formal methods. The easiest option when dealing with an activity whose benefi ts are doubtful and which looks impenetrable is to ignore it and do without. This is precisely what most software developers do and not necessarily to the detriment of their business (unless this business has safety implications); witness Microsoft, which makes millions of dollars selling MS-DOS and Windows without a single quantifi er in sight. Even a successful mathematical product such as Mathematica, which supports the interactive computer-based use of mathematics, consists of the order of a million lines of C-based code produced with no formal development.

Computer programming is difficult and error-prone. In critical and large-scale computing systems, such as real-time systems and clouds, the errors are hazardous and expensive. An example of such errors was reported by Mars Orbiter Mishap... more

Computer programming is difficult and error-prone. In critical and large-scale computing systems, such as real-time systems and clouds, the errors are hazardous and expensive. An example of such errors was reported by Mars Orbiter Mishap Investigation Board in September 1999, when the Mars Climate Orbiter crashed because of a ‘silly mistake’ caused by the incorrect distance units in a program. The distance unit miscalculation caused the aircraft to go too close to Mars, which eventually caused the crash.

This report describes a formal approach to verification and validation of safety requirements for embedded software, by application to a simple control-logic case study. The logic is formally specified in Z. System safety properties are... more

This report describes a formal approach to verification and validation of safety requirements for embedded software, by application to a simple control-logic case study. The logic is formally specified in Z. System safety properties are formalised by defining an abstract model of the system’s physical behaviour in Z, including its hazardous states and dominant sensor failures. The Possum specification-animation tool is then used to check that the logic meets its safety requirements. Finally, the logic is implemented in SPARK Ada and SPARK Examiner is used to formally verify the implementation meets its specification. Design safety validation and source code verification are completely automated, removing the need for

In this paper there is an attempt to descript a logic basis and general way to design safe and dependable systems. The notion ‘diverse axiomatic bases’ had been introduced. It is shown that the safe and dependable software and hardware... more

In this paper there is an attempt to descript a logic basis and general way to design safe and dependable systems. The notion ‘diverse axiomatic bases’ had been introduced. It is shown that the safe and dependable software and hardware development, which is based on diverse axiomatic bases, allow formalizing terms of diversity and common cause failure. Examples are given of such diverse axiomatic bases and ways how to use for proof of correctness for microprocessor systems. Finally, it is argued that possible important advantages, both theoretical and practical, which may follow from these topics.

org/seas/index Call for Papers 11 th International Conference on Software Engineering and Applications (SEAS 2022) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of... more

org/seas/index Call for Papers 11 th International Conference on Software Engineering and Applications (SEAS 2022) will provide an excellent international forum for sharing knowledge and results in theory, methodology and applications of Software Engineering and Applications. The goal of this conference is to bring together researchers and practitioners from academia and industry to focus on understanding Modern software engineering concepts and establishing new collaborations in these areas.

Service-oriented applications are frequently used in highly dynamic contexts: ser- vice compositions may change dynamically, in particular, because new services are discovered at runtime. Moreover, subtyping has recently been identified... more

Service-oriented applications are frequently used in highly dynamic contexts: ser- vice compositions may change dynamically, in particular, because new services are discovered at runtime. Moreover, subtyping has recently been identified as a strong requirement for service dis- covery. Correctness guarantees over service compositions, provided in particular by type systems, are highly desirable in this context. However, while service oriented applications can be built using various technologies and protocols, none of them provides decent support ensuring that well-typed services cannot go wrong. An emitted message, for instance, may be dangling and remain as a ghost message in the network if there is no agent to receive it. In this article, we introduce a formal model for service compositions and define a type system with subtyping that ensures type soundness by combining static and dynamic checks. We also demonstrate how to preserve type soundness in presence of malicious agents and...

Formal methods are being applied to the development of software of various applications at Philips Healthcare. In particular, the Analytical Software Design (ASD) method is being used as a formal technology for developing defect-free... more

Formal methods are being applied to the development of software of various applications at Philips Healthcare. In particular, the Analytical Software Design (ASD) method is being used as a formal technology for developing defect-free control software of highly sophisticated X-ray machines. In this paper we analyze the effects of applying ASD in the development of various control software units. We compare the quality of these units with other units developed in traditional development methods. The results indicate that applying ASD as a formal technology for developing control software results in better quality code.

In this paper a concept will be proposed about a hypergraph-based formalism for representing enterprise architecture. The paper presents a formal model using TOGAF and hypergraph theory. Hypergraphs provide a flexible mathematical... more

In this paper a concept will be proposed about a hypergraph-based formalism for representing enterprise architecture. The paper presents a formal model using TOGAF and hypergraph theory. Hypergraphs provide a flexible mathematical structure to describe complex relationships in an enterprise architecture , mirroring the dependencies among components, and exploring integrity and consistency issues. The proposed approach extends the analytical potential for discrepancy checking in complex enterprise architecture structures. The approach can be utilized for EAM-based analysis of information systems.

The answer to software reliability concerns may lie in formal methods.

Formal methods have yet to achieve wide industrial acceptance for several reasons. They are not well integrated into established industrial software processes, their application requires significant abstraction and mathematical skills,... more

Formal methods have yet to achieve wide industrial acceptance for several reasons. They are not well integrated into established industrial software processes, their application requires significant abstraction and mathematical skills, and existing tools do not satisfactorily support the entire formal software development process. We have proposed a language called SOFL (Structured-Object-based-formal Language) and a SOFL methodology for system development that attempts to address these problems using an ...

The International Journal of Software Engineering & Applications (IJSEA) is a bi-monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the Software Engineering & Applications. The... more

The International Journal of Software Engineering & Applications (IJSEA) is a bi-monthly open access peer-reviewed journal that publishes articles which contribute new results in all areas of the Software Engineering & Applications. The goal of this journal is to bring together researchers and practitioners from academia and industry to focus on understanding Modern software engineering concepts & establishing new collaborations in these areas.

Formal methods can be used at any stage of product development process to improve the software quality and efficiency using mathematical models for analysis and verification. From last decade, researchers and practitioners are trying to... more

Formal methods can be used at any stage of product development process to improve the software quality and efficiency using mathematical models for analysis and verification. From last decade, researchers and practitioners are trying to establish successful transfer of practices of formal methods into industrial process development. In the last couple of years, numerous analysis ap-proaches and formal methods have been applied in different settings to improve software quality. In today’s highly competitive software development industry, companies are striving to deliver fast with low cost and improve quality solutions and agile methodologies have proved their effi-ciency in acquiring these. Here, we will present an integration of formal methods, specifications and verification practices in the most renowned process development methodology of agile i.e. extreme programming with a conceptual solution. That leads towards the development of a com-plete formalized XP process in future. T...

H.264, a state-of-the-art video compression standard, is used across a range of products from cellphones to HDTV. These products have vastly different performance, power and cost requirements, necessitating different hardware-software... more

H.264, a state-of-the-art video compression standard, is used across a range of products from cellphones to HDTV. These products have vastly different performance, power and cost requirements, necessitating different hardware-software solutions for H.264 decoding. We show that a design methodology and associated tools which support synthesis from high-level descriptions and which allow modular refinement throughout the design cycle, can share the majority of design effort across multiple design points. Using Bluespec SystemVerilog, we have created a variety of designs for the H.264 decoder tuned to support decoding at resolutions ranging from QCIF video (176 times 144 @ 15 frames/second) to 1080p video ((1280 times 1080)p @60 frames/second) in a 180 nm process. Some of these design points require major transformations of pipelining to increase performance or to reduce area. We also explore several common design issues surrounding memory structures, such as caches and on-chip vs. off...

Model-driven development (MDD) has become a key technique in systems and software engineering, including the aeronautic domain. It facilitates on systematic use of models from a very early phase of the design process and through various... more

Model-driven development (MDD) has become a key technique in systems and software engineering, including the aeronautic domain. It facilitates on systematic use of models from a very early phase of the design process and through various model transformation steps (semi-)automatically generates source code and documentation. However, on one hand, the use of model-driven approaches for the development of configuration data is not as widely used as for source code synthesis. On the other hand, we believe that, particular systems that make heavy use of configuration tables like the ARINC 653 standard can benefit from model-driven design by (i) automating error-prone configuration file editing and (ii) using model based validation for early error detection. In this paper, we will present the results of the European project DIANA that investigated the use of MDD in the context of Integrated Modular Avionics (IMA) and the ARINC 653 standard. In the scope of the project, a tool chain was implemented that generates ARINC 653 configuration tables from high-level architecture models. The tool chain was integrated with different target systems (VxWorks 653, SIMA) and evaluated during case studies with real-world and real-sized avionics applications.

A detailed generic model of the control design process is introduced and discussed. It is used for surveying different formal approaches in the context of PLC programming. The survey focuses on formal methods for verification and... more

A detailed generic model of the control design process is introduced and discussed. It is used for surveying different formal approaches in the context of PLC programming. The survey focuses on formal methods for verification and validation (V&V). The varying works in this area are categorized using three criteria: the general approach (A) to the task (model based, constraint based or without a model), the formalism (F) (Petri net, automata, etc.,) used to state the formal description, and the method (M) (model-checking, reachability analysis, etc.,) used to analyze the properties. Based on these three criteria (A-F-M) a three letter code for V&V approaches is introduced. Some works from the multitude of V&V research are presented and categorized using this new system

Compiler compilers are in widespread use, but decompiler compilers are a more novel concept. This paper presents an approach for the decompilation of object code back to source code using a decompiler generator. An example decompilation... more

Compiler compilers are in widespread use, but decompiler compilers are a more novel concept. This paper presents an approach for the decompilation of object code back to source code using a decompiler generator. An example decompilation is presented. Potential applications include reverse engineering, quality assessment, debugging and safety-critical code validation or verification.

Safety-critical systems require the utmost care in their specification and design to avoid errors in their implementation, using state of the art techniques in a responsible manner. To do otherwise is at best unprofessional and at worst... more

Safety-critical systems require the utmost care in their specification and design to avoid errors in their implementation, using state of the art techniques in a responsible manner. To do otherwise is at best unprofessional and at worst can lead to disastrous consequences. An inappropriate approach could lead to loss of life, and will almost certainly result in financial penalties in the long run, whether because of loss of business or because of the imposition of fines. Legislation and standards impose external pressures, but education and ethical considerations should help provide more self-imposed guidelines for all those involved in the production of safety-critical systems. This paper considers some of the issues involved, with pointers to material providing greater depth in particular areas, especially with respect to the use of formal methods.

Outlier detection is an important branch in data mining, which is the discovery of data that deviate a lot from other data patterns. Outlier identification can be classified in to formal and informal methods. This paper deals the informal... more

Outlier detection is an important branch in data mining, which is the discovery of data that deviate a lot from other data patterns. Outlier identification can be classified in to formal and informal methods. This paper deals the informal methods also called as labeling methods. Identification of outliers in real time medical data using outlier labeling methods was studied. There are several labeling methods applying in practical situation in the dataset are computed. Finally the estimated results of the outliers are more appropriate way to resolving the large populations.

The safety aspects of computer-based systems as increasingly important as the use of software escalates because of its convenience and flexibility. However the complexity of even modestly sized programs is such that the elimination of... more

The safety aspects of computer-based systems as increasingly important as the use of software escalates because of its convenience and flexibility. However the complexity of even modestly sized programs is such that the elimination of errors with a high degree of confidence is extremely difficult. There are a number of approaches to enhancing safety in safety-critical control systems. These are surveyed and compared with particular emphasis on systems with software in the controlling system. A glossary of terms and an extensive bibliography for further reading are included.

Space syntax is a significant theory / tool, describing buildings and cities as evolutionary processes and offering valuable support to architectural and urban design. However, theory and analytical research are different from the... more

Space syntax is a significant theory / tool, describing buildings and cities as evolutionary processes and offering valuable support to architectural and urban design. However, theory and analytical research are different from the processes that characterise the generation of ideas in design practice. This chapter elaborates first, on the differences and intersections of analytical knowledge and intentional design; second, on some projects charged with integrating space syntax analysis in the studio. Considering design as a propositional field manipulating elements and relations through intuition and logical order, we argue that classification forms a crucial concept in design thinking, serving as a tool for design generation and invention. We propose a 'bisociative' approach as the intellectual synthesis of relations in two domains, the 'form-of-a-class' and the 'syntax-of-a-class'. The former refers to conceptual relations of similarity and difference in design, while the latter describes topological properties among elements of built space. Based on the membership of elements in the same or different domains, we identify two fundamental modes of design operation, the 'convergent' and 'divergent' modes. Bisociation can be used in the design studio to generate ideas while maintaining intellectual synthesis and rigour. 6.1 Introduction Doing architecture involves intuition, imagination and virtuosity. Equally important is engaging deeply with a design through intellectual thinking. When we do architecture, we deal with making and reflecting on what we make at the same time. How do we interface designing and reflecting, action and reasoning, evaluation and formulation? How do designs employ analytic understanding and design experimentation? Bill Hillier suggests that architects use quasi-theoretical ideas derived from a wide range of forms which are intuitively evaluated in the design process. He argues for an analytic theory, underpinning his proposition that architecture involves comparative theoretical knowledge about a wide range of configurations in the field of possibility, aiming at innovation rather than cultural reduplication (Hillier