Lecture 7: Requirements Modeling III. Formal Methods in RE
|
|
- Caroline Owens
- 5 years ago
- Views:
Transcription
1 Lecture 7: Requirements Modeling III Last Last Week: Week: Modeling Modeling and and (II) (II) Modeling Modeling Functionality Functionality Structured Structured Object Object Oriented Oriented This This Week: Week: Modeling Modeling and and (III) (III) Formal Formal Modeling Modeling Techniques Techniques Program Program Specification Specification vs. vs. Reqts Reqts Modeling Modeling Egs: Egs: RSML, RSML, SCR, SCR, RML, RML, Telos, Telos, Albert Albert II II Tips Tips on on formal formal modeling modeling Next Next Week: Week: Communicating Communicating Reqts Reqts Specification Specification Languages Languages Documentation Documentation Standards Standards Traceability Traceability 1 What formalize in RE? Formal Methods in RE ƒ models of knowledge (so we can reason about m) ƒ specifications of (so we can document m precisely) Why Why formalize in in RE? RE? Why Why people don t don t formalize in in RE RE ƒ To To remove remove ambiguity ambiguity and and improve improve ƒ Formal Formal Methods Methods tend tend be be lower lower level level precision precision than than or or analysis analysis techniques techniques ƒ Provides Provides a a basis basis for for verification verification that They force you include o much detail that They force you include o much detail have have been been met ƒ met Formal Formal Methods Methods tend tend concentrate concentrate on on ƒ Allows Allows us us reason reason about about consistent, consistent, correct correct models models but most of time your models are but most of time your models are inconsistent, incorrect, incomplete Properties of formal models inconsistent, incorrect, incomplete Properties of formal models can be checked aumatically ƒ can be checked aumatically People People get get confused confused about about which which ols ols Can test for consistency, explore Can test for consistency, explore are are appropriate: appropriate: consequences, etc. consequences, etc. E.g. modeling program behaviour vs. E.g. modeling program behaviour vs. ƒ Allows Allows us us animate/execute animate/execute modeling modeling formal methods advocates get o attached formal methods advocates get o attached Helps with visualization and validation one ol! Helps with visualization and validation one ol! ƒ Will Will have have formalize formalize eventually eventually anyway ƒ anyway Formal Formal methods methods require require more more effort effort RE is all about bridging from informal...and payoff is deferred RE is all about bridging from informal...and payoff is deferred world a formal machine domain world a formal machine domain 2 1
2 What are Formal Methods? Broad View (Leveson) ƒ application of discrete mamatics software engineering ƒ involves modeling and analysis ƒ with an underlying mamatically-precise notation Narrow View (Wing) ƒ Use of a formal language a set of strings over some well-defined alphabet, with rules for distinguishing which strings belong language ƒ Formal reasoning about formulae in language E.g. formal proofs: use axioms and proof rules demonstrate that some formula is in language For modeling ƒ A notation is formal if: it comes with a formal set of rules which define its syntax and semantics. rules can be used analyse expressions determine if y are syntactically well-formed or prove properties about m. 3 Varieties of formal analysis Consistency analysis and typechecking does design meet? ƒ Is formal model well-formed? [assuming that we only use modeling languages where well-formedness is a useful thing check] Validation: ƒ Animation of model on small examples ƒ Formal challenges: if model is correct n following property should hold... ƒ What if questions: reasoning about consequences of particular ; reasoning about effect of possible changes ƒ State exploration E.g. use a model checking find traces that satisfy some property ƒ Checking application properties: will system ever do following... Verifying design refinement 4 2
3 Three different models?? D: a model of environment R: a model of is satisfied by acts upon constrains S: a model of software behaviour 5 FM in practice From Shuttle Study [Crow & DiVi 1996] ƒ More errors found in process of formalizing than were found in formal analysis Formalization forces you be precise and explicit, hence reveals problems Formal analysis n finds fewer, but more subtle problems ƒ Typical errors found include: inconsistent interfaces incorrect (system does wrong thing in response an input) clarity/maintainability problems Issue Severity With FM Existing High Major 2 0 Low Major 5 1 High Minor 17 3 Low Minor 6 0 Totals
4 How do FMs differ? Mamatical Foundation ƒ Logic first order predicate logic - e.g. RML temporal logic - e.g. Albert II, SCR, KAOS multi-valued logic e.g. Xchek ƒ Or algebraic languages - e.g. Larch set ory - e.g. Z Onlogy ƒ fixed states, events, actions - e.g. SCR entities, activities, assertions - e.g. RML ƒ extensible meta language for defining new concepts - e.g. Telos Treatment of Time ƒ State/event models time as a discrete sequence of events - e.g. SCR time as quantified intervals - e.g. KAOS ƒ Time as a first class object meta-level class represent time - e.g. Telos 7 Three traditions Formal Specification Languages ƒ Grew out of work on program verification ƒ Spawned many general purpose specification languages Suitable for specifying behaviour of program units ƒ Key technologies: Type checking, Theorem proving Reactive System Modeling ƒ Grew out of a need capture dynamic models of system behaviour ƒ Focus is on reactive systems (e.g. real-time, embedded control systems) support reasoning about safety, liveness, performance(?) provide a precise specification language ƒ Key technologies: Consistency checking, Model checking Formal Conceptual Modeling ƒ Grew out of a concern for capturing real-world knowledge in RE ƒ Focus is on modeling domain entities, activities, agents, assertions provide a formal onlogy for domain modeling use first order predicate logic as underlying formalism ƒ Key technologies: inference engines, default reasoning, KBS-shells Applicability Applicability RE RE is is poor poor No No abstraction abstraction or or structuring structuring closely closely tied tied program program semantics semantics Larch, Larch, Z, Z, VDM, VDM, Applicability Applicability RE RE is is good good modeling modeling languages languages were were developed developed specifically specifically for for RE RE Statecharts, Statecharts, RSML, RSML, Parnas-tables, Parnas-tables, SCR, SCR, Applicability Applicability RE RE is is excellent excellent modeling modeling schemes schemes capture capture key key concepts concepts Reqts Reqts Apprentice, Apprentice, RML, RML, Telos, Telos, Albert Albert II, II, 8 4
5 (1) Formal Specification Languages Three basic flavours: ƒ Operational - specification is executable abstraction of implementation good for rapid protyping e.g., Lisp, Prolog, Smalltalk ƒ State-based - views a program as a (large) data structures whose state can be altered by procedure calls using pre/post-conditions specify effect of procedures e.g., VDM, Z ƒ Algebraic - views a program as a set of abstract data structures with a set of operations operations are defined declaratively by giving a set of axioms e.g., Larch, CLEAR, OBJ Developed for specifying programs ƒ Programs are formal, man-made objects and can be modeled precisely in terms of input-output behaviour ƒ But in RE we re more concerned with: real-world concepts, stakeholders, goals, loosely define problems, environments ƒ So se languages are NOT appropriate for RE but people fail realise that specification program specification 9 (2) Reactive System Modeling modeling how a system should behave ƒ General approach: Model environment as a state machine Model system as a state machine Model safety, liveness properties of machine as temporal logic assertions Check wher properties hold of system interacting with its environment ƒ Statecharts Harel s notation for modeling large systems Adds parallelism, decomposition and conditional transitions STDs ƒ RSML Heimdahl & Leveson s Requirements State Machine Language Adds tabular specification of complex conditions Statecharts ƒ A7e approach Major project led by Parnas formalize A7e aircraft spec Uses tables specify transition relations & outputs ƒ SCR Heitmeyer et. al. Software Cost Reduction Extends A7e approach include dictionaries & support tables 10 5
6 (3) Formal Conceptual Modeling General approach ƒ model world beyond functional specifications a specification is prescriptive, concentrating on desired properties of machine but we also need capture an understanding of application domain hence build models of humans knowledge/beliefs about world ƒ make use of abstraction & refinement as structuring primitives ƒ RML - Requirements Modeling Language Developed by Greenspan & Mylopoulos in mid-1980s First major attempt use knowledge representation techniques in RE Essentially an object oriented language, with classes for activities, entities and assertions Uses First Order Predicate Language as an underlying reasoning engine ƒ Telos Extends RML by creating a fully extensible onlogy meta-level classes define onlogy ( basic set is built in) ƒ Albert II developed by Dubois & du Bois in mid-1990s Models a set of interacting agents that perform actions that change ir state uses an object-oriented real-time temporal logic for reasoning 11 Example: State Transition Diagram on hook / quiet busy idle off hook / dial ne on hook / quiet Dial busy number / busy ne dial ne on hook / quiet on hook / quiet Dial idle number / ringing ne Called party on hook / dial ne ringing Called party off hook / connected connected state transition stimulus response 12 6
7 Example: Statecharts Off hook Lift receiver Dial (callee idle) idle Dial ne Ringing ne Replace receiver Dial (callee busy) Busy ne Callee replaces receiver Callee lifts receiver connected state Super-state Sub-state transition Default entry state stimulus guard 13 Four Variable Model: System Example: SCR Monired Variables input devices input data items software output data items output devices Controlled Variables Enviroment Enviroment Dictionaries: Monired/Controlled Variables Mode Transition Tables VariableTypeInitial ValueUnitsWarningFlagbooleanfalse-OrFlagbooleantrueFudgelevelenumeratedone-Waterlevelreal0.0mtemperaturereal0.0degrees CurrentModePoweredonToo ColdTemp OKToo CBlipCounterinteger0milesTimeNowreal100.0secAirBrakeAccreal0.0m/sec HotNew CurrentModePoweredonToo ColdTemp OKToo Hot Tables: CurrentModePoweredonToo ColdTemp OKToo HotNew Event Tables also: Assertions, Scenarios, light =OffOn =OffOn... Types TypeBaseTypeValuesUnitsWarningLevelenumeratedlow,med,high-Temperatureinteger degrees CWaterlevelinteger0..100metersFlagenumeratedon, off- Constants Condition Tables ModesEventsNoFailuretruefalseACFailuretemp > temp0 ConstantTypeValueUnitsLowTempinteger15degrees CHighTempinteger23degrees CMaxTimeOutinteger300millisecReferenceSafetyLevelsafetytypelow-TempMargininteger5degrees C ModesEventsNoFailurefalsetrueACFailure, HeatFailuretruefa On SCR Specification 14 7
8 SCR basics Modes and Mode classes ƒ A mode class is a finite state machine, with states called system modes Transitions in each mode class are triggered by events ƒ Complex systems are described using a number of mode classes operating in parallel System State ƒ A (system) state is defined as: system is in exactly one mode from each mode class and each variable has a unique value Events ƒ An event occurs when any system entity changes value An input event occurs when an input variable changes value Single input assumption - only one input event can occur at once means c changed from false true ƒ A conditioned event is an event with a WHEN d means: c became true when c was false and d was true Source: Adapted from Heitmeyer et. al SCR Tables Mode Class Tables ƒ Define set of modes (states) that software can be in. ƒ A complex system will have many different modes classes Each mode class has a mode table showing conditions that cause transitions between modes ƒ A mode table defines a partial function from modes and events modes Event Tables ƒ An event table defines how a term or controlled variable changes in response input events ƒ Defines a partial function from modes and events variable values Condition Tables ƒ A condition table defines value of a term or controlled variable under every possible condition ƒ Defines a tal function from modes and conditions variable values Source: Adapted from Heitmeyer et. al
9 Example: Temp Control System Mode transition table: Current Powered Too Cold Temp OK Too Hot New Mode Mode on - t - t t AC Off - - Heat - - AC Off - - Inactive Off - - Inactive Source: Adapted from Heitmeyer et. al Failure modes Mode transition table: Current Mode Powered on Cold Heater Too Cold Warm AC Too Hot New Mode NoFailure t - - HeatFailure t - t ACFailure HeatFailure t - - NoFailure ACFailure t - t NoFailure Event table: Modes never ACFailure, HeatFailure Warning light = Off On Source: Adapted from Heitmeyer et. al
10 Syntax Consistency Checks in SCR ƒ did we use notation correctly? Type Checks ƒ do we use each variable correctly? Disjointness ƒ is re any overlap between rows of mode tables? ensures we have a deterministic state machine Coverage ƒ does each condition table define a value for all possible conditions? Mode Reachability ƒ is re any mode that cannot ever happen? Cycle Detection ƒ have we defined any variable in terms of itself? 19 Using Formal Methods Selective use of Formal Methods ƒ Amount of formality can vary ƒ Need not build complete formal models Apply most critical pieces Apply where existing analysis techniques are weak ƒ Need not formally analyze every system property E.g. check safety properties only ƒ Need not apply FM in every phase of development E.g. use for modeling, but don t formalize system design ƒ Can choose what level of abstraction (amount of detail) model Lightweight Formal Methods ƒ Have become popular as a means of getting technology transferred ƒ Two approaches Lightweight use of FMs - selectively apply FMs for partial modeling Lightweight FMs - new methods that allow unevaluated predicates 20 10
Formal Structural Requirements. Functional Requirements: Why Formal? Revisiting SADT. A Formalization of RML/Telos. A Survey of Formal Methods
Functional Requirements: Formal Structural Requirements Why Formal? Revisiting SADT RML/Telos Essentials A Formalization of RML/Telos A Survey of Formal Methods 1 2 RML/Telos Essentials [S. Greenspan,
More informationTopic Formal Methods. ICS 121 Lecture Notes. What are Formal Methods? What are Formal Methods? Formal Specification in Software Development
Lecture Notes What are? 1 Formal Method (FM) = specification language + formal reasoning Body of techniques supported by precise mathematics powerful analysis tools Rigorous effective mechanisms for system
More informationQ Body of techniques supported by. R precise mathematics. R powerful analysis tools. Q Rigorous, effective mechanisms for system.
Introduction to Formal Methods 1 Introduction to Formal Methods 2 Formal Specification Requirements specification R notational statement of system services Software specification R formal abstract depiction
More informationAn Introduction to Formal Modeling in Requirements Engineering
Outline An Introduction Fmal Modeling in Requirements Engineering Why do we need Fmal Methods in RE? What do fmal methods have offer? A survey of existing techniques Example modeling language: SCR you
More informationIntroduction to Formal Methods
2008 Spring Software Special Development 1 Introduction to Formal Methods Part I : Formal Specification i JUNBEOM YOO jbyoo@knokuk.ac.kr Reference AS Specifier s Introduction to Formal lmethods Jeannette
More informationƒ Entity Relationship Models ƒ Class Diagrams (& OO Analysis) ƒ Dataflow diagrams (& Structured Analysis) ƒ UML Activity Diagrams
Lecture 6: Requirements II What to Model Last Last Week: Week: Enterprises Enterprises General General Issues Issues Human Human Activity, Activity, i* i* etc. etc. This This Week: Week: Modelling Modelling
More informationRequirements Specifications
ACM Transactions on Software Engineering and Methodology, 1996. Automated Consistency Checking of Requirements Specifications CONSTANCE L. HEITMEYER, RALPH D. JEFFORDS, BRUCE G. LABAW JUNBEOM YOO Dependable
More informationBehavioral Requirements
Functional Requirements: Behavioral Requirements Overview Decision-oriented Behavioral Models State-oriented Behavioral Models Finite State Machines (Protocol Validation & Verification) Statecharts SCR
More informationModeling Issues Modeling Enterprises. Modeling
Modeling Issues Modeling Enterprises SE502: Software Requirements Engineering Modeling Modeling can guide elicitation: It can help you figure out what questions to ask It can help to surface hidden requirements
More informationDistributed Systems Programming (F21DS1) Formal Verification
Distributed Systems Programming (F21DS1) Formal Verification Andrew Ireland Department of Computer Science School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh Overview Focus on
More informationTechniques for the unambiguous specification of software
Formal Techniques for the unambiguous of software Objectives To explain why formal techniques help discover problems in system requirements To describe the use of algebraic techniques for interface To
More informationLecture 11 Lecture 11 Nov 5, 2014
Formal Verification/Methods Lecture 11 Lecture 11 Nov 5, 2014 Formal Verification Formal verification relies on Descriptions of the properties or requirements Descriptions of systems to be analyzed, and
More informationChapter 4. Capturing the Requirements. 4th Edition. Shari L. Pfleeger Joanne M. Atlee
Chapter 4 Capturing the Requirements Shari L. Pfleeger Joanne M. Atlee 4th Edition It is important to have standard notations for modeling, documenting, and communicating decisions Modeling helps us to
More information3.4 Deduction and Evaluation: Tools Conditional-Equational Logic
3.4 Deduction and Evaluation: Tools 3.4.1 Conditional-Equational Logic The general definition of a formal specification from above was based on the existence of a precisely defined semantics for the syntax
More information! Use of formal notations. ! in software system descriptions. ! for a broad range of effects. ! and varying levels of use. !
What Are Formal Methods? David S. Rosenblum ICS 221 Winter 2001! Use of formal notations! first-order logic, state machines, etc.! in software system descriptions! system models, constraints, specifications,
More informationModule 3. Requirements Analysis and Specification. Version 2 CSE IIT, Kharagpur
Module 3 Requirements Analysis and Specification Lesson 6 Formal Requirements Specification Specific Instructional Objectives At the end of this lesson the student will be able to: Explain what a formal
More informationPresented by Jack G. Nestell. Topics for Discussion. I. Introduction. Discussion on the different logics and methods of reasonings of Formal Methods
A Discussion on Security Protocols over open networks and distributed Systems: Formal methods for their Analysis, Design, and Verification S. Gritzalis, D. Spinellis, and P. Georgiadis Presented by Jack
More informationChapter 10 Formal Specification
Chapter 10 Formal Specification Ian Sommerville 2000 Software Engineering, Chapter 10 Slide 1 Objectives To explain why formal specification helps discover problems in system requirements. To describe
More informationProving the Correctness of Distributed Algorithms using TLA
Proving the Correctness of Distributed Algorithms using TLA Khushboo Kanjani, khush@cs.tamu.edu, Texas A & M University 11 May 2007 Abstract This work is a summary of the Temporal Logic of Actions(TLA)
More informationCS2 Language Processing note 3
CS2 Language Processing note 3 CS2Ah 5..4 CS2 Language Processing note 3 Nondeterministic finite automata In this lecture we look at nondeterministic finite automata and prove the Conversion Theorem, which
More informationLectures 20, 21: Axiomatic Semantics
Lectures 20, 21: Axiomatic Semantics Polyvios Pratikakis Computer Science Department, University of Crete Type Systems and Static Analysis Based on slides by George Necula Pratikakis (CSD) Axiomatic Semantics
More informationCover Page. The handle holds various files of this Leiden University dissertation
Cover Page The handle http://hdl.handle.net/1887/22891 holds various files of this Leiden University dissertation Author: Gouw, Stijn de Title: Combining monitoring with run-time assertion checking Issue
More informationChapter 5 System modeling
Chapter 5 System Modeling Lecture 1 1 Topics covered Context models Interaction models Structural models Behavioral models Model-driven driven engineering 2 System modeling System modeling is the process
More informationProgramming Languages Third Edition
Programming Languages Third Edition Chapter 12 Formal Semantics Objectives Become familiar with a sample small language for the purpose of semantic specification Understand operational semantics Understand
More informationSystem Correctness. EEC 421/521: Software Engineering. System Correctness. The Problem at Hand. A system is correct when it meets its requirements
System Correctness EEC 421/521: Software Engineering A Whirlwind Intro to Software Model Checking A system is correct when it meets its requirements a design without requirements cannot be right or wrong,
More informationCombining Complementary Formal Verification Strategies to Improve Performance and Accuracy
Combining Complementary Formal Verification Strategies to Improve Performance and Accuracy David Owen June 15, 2007 2 Overview Four Key Ideas A Typical Formal Verification Strategy Complementary Verification
More informationCS558 Programming Languages
CS558 Programming Languages Fall 2016 Lecture 7a Andrew Tolmach Portland State University 1994-2016 Values and Types We divide the universe of values according to types A type is a set of values and a
More informationVerification of the Requirements Specification
Software Verification and Validation (VIMMD052) Verification of the Requirements Specification Istvan Majzik majzik@mit.bme.hu Budapest University of Technology and Economics Dept. of Measurement and Information
More informationA Short Introduction to Formal Specifications
A Short Introduction to Formal Specifications Prof. Dr. Hans J. Schneider Lehrstuhl für Programmiersprachen und Programmiermethodik Friedrich-Alexander-Universität Erlangen-Nürnberg 30.11.2000 Methods
More informationChapter 4 Objectives
Chapter 4 Objectives Eliciting requirements from the customers Modeling requirements Reviewing requirements to ensure their quality Documenting requirements for use by the design and test teams 4.1 The
More informationGoals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1
Natural Semantics Goals: Define the syntax of a simple imperative language Define a semantics using natural deduction 1 1 Natural deduction is an instance of first-order logic; that is, it is the formal
More informationAdding Formal Requirements Modeling to SysML
Adding Formal Requirements Modeling to SysML Mark R. Blackburn www.markblackburn.com Abstract. This paper seeks to raise awareness on the SCR extensions derived from industry use, and discusses how an
More informationAn Annotated Language
Hoare Logic An Annotated Language State and Semantics Expressions are interpreted as functions from states to the corresponding domain of interpretation Operators have the obvious interpretation Free of
More informationSequence-Based Specification
Sequence-Based Specification Tom Swain tomswain@comcast.net Specification Objectives Completeness Consistency a response is defined for every stimulus history each stimulus history maps to only one response
More informationFormal Methods in Software Engineering. Lecture 07
Formal Methods in Software Engineering Lecture 07 What is Temporal Logic? Objective: We describe temporal aspects of formal methods to model and specify concurrent systems and verify their correctness
More informationSoftware Model Checking: Theory and Practice
Software Model Checking: Theory and Practice Lecture: Specification Checking - Specification Patterns Copyright 2004, Matt Dwyer, John Hatcliff, and Robby. The syllabus and all lectures for this course
More informationIntroduction to Linear-Time Temporal Logic. CSE 814 Introduction to LTL
Introduction to Linear-Time Temporal Logic CSE 814 Introduction to LTL 1 Outline Motivation for TL in general Types of properties to be expressed in TL Structures on which LTL formulas are evaluated Syntax
More informationChapter 27 Formal Specification
Chapter 27 Formal Specification Chapter 27 Formal Specification Slide 1 Objectives To explain why formal specification helps discover problems in system requirements. To describe the use of: Algebraic
More informationThe design of a programming language for provably correct programs: success and failure
The design of a programming language for provably correct programs: success and failure Don Sannella Laboratory for Foundations of Computer Science School of Informatics, University of Edinburgh http://homepages.inf.ed.ac.uk/dts
More informationSOFTWARE REQUIREMENTS ANALYSIS (SWRA) Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU
SOFTWARE REQUIREMENTS ANALYSIS (SWRA) Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU OUTLINE Introduction to Requirements Analysis and the SW Requirements Specifications
More informationRE for Embedded Systems - Part 1
REQUIREMENTS ENGINEERING LECTURE 2017/2018 Dr. Jörg Dörr RE for Embedded Systems - Part 1 Fraunhofer IESE Lecture Outline Embedded systems and their characteristics Requirements specifications (for embedded
More informationFormal Verification. Lecture 10
Formal Verification Lecture 10 Formal Verification Formal verification relies on Descriptions of the properties or requirements of interest Descriptions of systems to be analyzed, and rely on underlying
More informationDeclarative programming. Logic programming is a declarative style of programming.
Declarative programming Logic programming is a declarative style of programming. Declarative programming Logic programming is a declarative style of programming. The programmer says what they want to compute,
More informationFormal Specification. Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 10 Slide 1
Formal Specification Ian Sommerville 2006 Software Engineering, 8th edition. Chapter 10 Slide 1 Objectives To explain why formal specification techniques help discover problems in system requirements To
More informationΗΜΥ 317 Τεχνολογία Υπολογισμού
ΗΜΥ 317 Τεχνολογία Υπολογισμού Εαρινό Εξάμηνο 2008 ΙΑΛΕΞΗ 11: Τυποποιημένες (Formal) Προδιαγραφές ΧΑΡΗΣ ΘΕΟΧΑΡΙ ΗΣ Λέκτορας ΗΜΜΥ (ttheocharides@ucy.ac.cy) [Προσαρμογή από Ian Sommerville, Software Engineering,
More informationApplications of Program analysis in Model-Based Design
Applications of Program analysis in Model-Based Design Prahlad Sampath (Prahlad.Sampath@mathworks.com) 2018 by The MathWorks, Inc., MATLAB, Simulink, Stateflow, are registered trademarks of The MathWorks,
More informationCom S 541. Programming Languages I
Programming Languages I Lecturer: TA: Markus Lumpe Department of Computer Science 113 Atanasoff Hall http://www.cs.iastate.edu/~lumpe/coms541.html TR 12:40-2, W 5 Pramod Bhanu Rama Rao Office hours: TR
More informationTesting! Prof. Leon Osterweil! CS 520/620! Spring 2013!
Testing Prof. Leon Osterweil CS 520/620 Spring 2013 Relations and Analysis A software product consists of A collection of (types of) artifacts Related to each other by myriad Relations The relations are
More informationGrundlagen des Software Engineering Fundamentals of Software Engineering
Software Engineering Research Group: Processes and Measurement Fachbereich Informatik TU Kaiserslautern Grundlagen des Software Engineering Fundamentals of Software Engineering Winter Term 2011/12 Prof.
More informationChecking General Safety Criteria on UML Statecharts
Checking General Safety Criteria on UML Statecharts Zsigmond Pap, István Majzik 1 and András Pataricza Dept. of Measurement and Information Systems Budapest University of Technology and Economics H-1521
More informationAn Introductory Guide to SpecTRM
An Introductory Guide to SpecTRM SpecTRM (pronounced spectrum and standing for Specification Tools and Requirements Methodology) is a toolset to support the specification and development of safe systems
More informationA Michael Jackson presentation. CSE503: Software Engineering. The following slides are from his keynote at ICSE 1995
A Michael Jackson presentation CSE503: Software Engineering The following slides are from his keynote at ICSE 1995 David Notkin University of Washington Computer Science & Engineering Spring 2006 1 2 3
More informationSubsystem Hazard Analysis (SSHA)
Subsystem Hazard Analysis (SSHA) c "!$#%! Examine subsystems to determine how their Normal performance Operational degradation Functional failure Unintended function Inadvertent function (proper function
More informationRelational Specification of Interface Modules for Real-time Systems
Relational Specification of Interface Modules for Real-time Systems By c Yingzi Wang, B. Eng. A Thesis Submitted to the School of Graduate Studies in Partial Fulfilment of the Requirements for the Degree
More informationCSC 501 Semantics of Programming Languages
CSC 501 Semantics of Programming Languages Subtitle: An Introduction to Formal Methods. Instructor: Dr. Lutz Hamel Email: hamel@cs.uri.edu Office: Tyler, Rm 251 Books There are no required books in this
More informationThis is already grossly inconvenient in present formalisms. Why do we want to make this convenient? GENERAL GOALS
1 THE FORMALIZATION OF MATHEMATICS by Harvey M. Friedman Ohio State University Department of Mathematics friedman@math.ohio-state.edu www.math.ohio-state.edu/~friedman/ May 21, 1997 Can mathematics be
More informationTHE USE OF CONCEPTUAL MODELS DURING THE DESIGN OF NEW TELECOMMUNICATION SERVICES. Ali Roshannejad, Armin Eberlein
THE USE OF CONCEPTUAL MODELS DURING THE DESIGN OF NEW TELECOMMUNICATION SERVICES Ali Roshannejad, Armin Eberlein Electrical and Computer Engineering Department University of Calgary Tel: (403) 220-5002
More informationContents. Chapter 1 SPECIFYING SYNTAX 1
Contents Chapter 1 SPECIFYING SYNTAX 1 1.1 GRAMMARS AND BNF 2 Context-Free Grammars 4 Context-Sensitive Grammars 8 Exercises 8 1.2 THE PROGRAMMING LANGUAGE WREN 10 Ambiguity 12 Context Constraints in Wren
More informationChapter 3. Describing Syntax and Semantics
Chapter 3 Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings of Programs:
More informationComputing Fundamentals 2 Introduction to CafeOBJ
Computing Fundamentals 2 Introduction to CafeOBJ Lecturer: Patrick Browne Lecture Room: K408 Lab Room: A308 Based on work by: Nakamura Masaki, João Pascoal Faria, Prof. Heinrich Hußmann. See notes on slides
More informationAutomatic Generation of Test Vectors for SCR-Style Specifications
Automatic Generation of Test Vectors for SCR-Style Specifications Mark R. Blackburn Software Productivity Consortium blackbur@software.org Abstract This paper provides the basis for integrating the Software
More informationCOMP4418 Knowledge Representation and Reasoning
COMP4418 Knowledge Representation and Reasoning Week 3 Practical Reasoning David Rajaratnam Click to edit Present s Name Practical Reasoning - My Interests Cognitive Robotics. Connect high level cognition
More informationTTM/PAT: Specifying and Verifying Timed Transition Models
TTM/PAT: Specifying and Verifying Timed Transition Models Jonathan S. Ostroff 1, Chen-Wei Wang 1,Yang Liu 2, Jun Sun 3, and Simon Hudon 1 1 Department of Electrical Engineering & Computer Science, York
More informationSoftwaretechnik. Lecture 03: Types and Type Soundness. Peter Thiemann. University of Freiburg, Germany SS 2008
Softwaretechnik Lecture 03: Types and Type Soundness Peter Thiemann University of Freiburg, Germany SS 2008 Peter Thiemann (Univ. Freiburg) Softwaretechnik SWT 1 / 35 Table of Contents Types and Type correctness
More informationNote that in this definition, n + m denotes the syntactic expression with three symbols n, +, and m, not to the number that is the sum of n and m.
CS 6110 S18 Lecture 8 Structural Operational Semantics and IMP Today we introduce a very simple imperative language, IMP, along with two systems of rules for evaluation called small-step and big-step semantics.
More informationMulti-event IDS Categories. Introduction to Misuse Intrusion Detection Systems (IDS) Formal Specification of Intrusion Signatures and Detection Rules
Formal Specification of Intrusion Signatures and Detection Rules By Jean-Philippe Pouzol and Mireille Ducassé 15 th IEEE Computer Security Foundations Workshop 2002 Presented by Brian Kellogg CSE914: Formal
More informationFinite State Verification. CSCE Lecture 21-03/28/2017
Finite State Verification CSCE 747 - Lecture 21-03/28/2017 So, You Want to Perform Verification... You have a property that you want your program to obey. Great! Let s write some tests! Does testing guarantee
More informationMethods for requirements engineering
Methods for requirements engineering Objectives To explain the role of methods and techniques in requirements engineering To introduce data-flow modelling To introduce semantic data modelling To introduce
More informationSeminar Software Quality and Safety
Seminar Software Quality and Safety SCADE a model-driven Software Development Environment by Dominik Protte Software Engineering Group Universität Paderborn Motivation Many safety-critical components in
More informationName: UW CSE 473 Midterm, Fall 2014
Instructions Please answer clearly and succinctly. If an explanation is requested, think carefully before writing. Points may be removed for rambling answers. If a question is unclear or ambiguous, feel
More informationChapter 3. Describing Syntax and Semantics ISBN
Chapter 3 Describing Syntax and Semantics ISBN 0-321-49362-1 Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the
More informationSCR*: A Toolset for Specifying and. Analyzing Software Requirements? Constance Heitmeyer, James Kirby, Bruce Labaw and Ramesh Bharadwaj
SCR*: A Toolset for Specifying and Analyzing Software Requirements? Constance Heitmeyer, James Kirby, Bruce Labaw and Ramesh Bharadwaj Naval Research Laboratory, Code 5546, Washington, DC 20375, USA Abstract.
More informationChapter 3. Describing Syntax and Semantics
Chapter 3 Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings of Programs:
More informationSE 1: Software Requirements Specification and Analysis
SE 1: Software Requirements Specification and Analysis Lecture 4: Basic Notations Nancy Day, Davor Svetinović http://www.student.cs.uwaterloo.ca/ cs445/winter2006 uw.cs.cs445 U Waterloo SE1 (Winter 2006)
More informationPromela and SPIN. Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH. Promela and SPIN
Promela and SPIN Mads Dam Dept. Microelectronics and Information Technology Royal Institute of Technology, KTH Promela and SPIN Promela (Protocol Meta Language): Language for modelling discrete, event-driven
More informationAnalyzing Tabular Requirements Specifications Using Infinite State Model Checking
Analyzing Tabular Requirements Specifications Using Infinite State Model Checking Tevfik Bultan 1 Univ. of California, Santa Barbara Constance Heitmeyer 2 Naval Research Laboratory Abstract This paper
More informationSUMMARY: MODEL DRIVEN SECURITY
SUMMARY: MODEL DRIVEN SECURITY JAN-FILIP ZAGALAK, JZAGALAK@STUDENT.ETHZ.CH Model Driven Security: From UML Models to Access Control Infrastructres David Basin, Juergen Doser, ETH Zuerich Torsten lodderstedt,
More informationOn the construction of convergent transfer subgraphs in general labeled directed graphs
On the construction of convergent transfer subgraphs in general labeled directed graphs 38th CGTC 7 March 2007 Christopher League * Mohammed Ghriga First, I ll explain what we mean by Convergent Transfer
More informationNOTES ON OBJECT-ORIENTED MODELING AND DESIGN
NOTES ON OBJECT-ORIENTED MODELING AND DESIGN Stephen W. Clyde Brigham Young University Provo, UT 86402 Abstract: A review of the Object Modeling Technique (OMT) is presented. OMT is an object-oriented
More informationBy: Chaitanya Settaluri Devendra Kalia
By: Chaitanya Settaluri Devendra Kalia What is an embedded system? An embedded system Uses a controller to perform some function Is not perceived as a computer Software is used for features and flexibility
More informationAnnouncements. Written Assignment 2 due today at 5:00PM. Programming Project 2 due Friday at 11:59PM. Please contact us with questions!
Type-Checking Announcements Written Assignment 2 due today at 5:00PM. Programming Project 2 due Friday at 11:59PM. Please contact us with questions! Stop by office hours! Email the staff list! Ask on Piazza!
More informationA Tutorial on Runtime Verification and Assurance. Ankush Desai EECS 219C
A Tutorial on Runtime Verification and Assurance Ankush Desai EECS 219C Outline 1. Background on Runtime Verification 2. Challenges in Programming Robotics System Drona). 3. Solution 1: Combining Model
More informationParnas Tables: A Practical Formalism. Joanne M. Atlee Department of Computer Science University of Waterloo
Parnas Tables: A Practical Formalism Joanne M. Atlee Department of Computer Science University of Waterloo Critical Software Medical Devices Transportation Telecommunications Automated Manufacturing Software
More informationDynamic Modeling - Finite State Machines
Dynamic Modeling - Finite State Machines SWE 321 Fall 2014 Rob Pettit 1 Finite State Machines Finite number of states Only in one state at a time Transition Change of state Caused by event Transition to
More informationSoftware Architectures
Software Architectures Richard N. Taylor Information and Computer Science University of California, Irvine Irvine, California 92697-3425 taylor@ics.uci.edu http://www.ics.uci.edu/~taylor +1-949-824-6429
More informationIntroduction to Homotopy Type Theory
Introduction to Homotopy Type Theory Lecture notes for a course at EWSCS 2017 Thorsten Altenkirch March 5, 2017 1 What is this course about? To explain what Homotopy Type Theory is, I will first talk about
More informationLogik für Informatiker Logic for computer scientists
Logik für Informatiker for computer scientists WiSe 2011/12 Overview Motivation Why is logic needed in computer science? The LPL book and software Scheinkriterien Why is logic needed in computer science?
More informationCritical Analysis of Computer Science Methodology: Theory
Critical Analysis of Computer Science Methodology: Theory Björn Lisper Dept. of Computer Science and Engineering Mälardalen University bjorn.lisper@mdh.se http://www.idt.mdh.se/ blr/ March 3, 2004 Critical
More informationSpecifying circuit properties in PSL
Specifying circuit properties in PSL Formal methods Mathematical and logical methods used in system development Aim to increase confidence in riktighet of system Apply to both hardware and software 1 Formal
More informationFinite State Verification. CSCE Lecture 14-02/25/2016
Finite State Verification CSCE 747 - Lecture 14-02/25/2016 So, You Want to Perform Verification... You have a property that you want your program to obey. Great! Let s write some tests! Does testing guarantee
More information2 rd class Department of Programming. OOP with Java Programming
1. Structured Programming and Object-Oriented Programming During the 1970s and into the 80s, the primary software engineering methodology was structured programming. The structured programming approach
More informationTo be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 COPYRIGHT 2011 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
To be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 Introduction SDN research directions as outlined in IRTF RG outlines i) need for more flexibility and programmability
More informationSpecifying circuit properties in PSL. (Some of this material is due to Cindy Eisner and Dana Fisman, with thanks) See also the Jasper PSL Quick Ref.
Specifying circuit properties in PSL (Some of this material is due to Cindy Eisner and Dana Fisman, with thanks) See also the Jasper PSL Quick Ref. Background: Model Checking property G(p -> F q) yes MC
More informationIntroduction to Logic Programming
Introduction to Logic Programming York University CSE 3401 Vida Movahedi York University CSE 3401 V. Movahedi 1 Overview Programming Language Paradigms Logic Programming Functional Programming Brief review
More information02. (Conceptual) Modeling. F. Dalpiaz & J. Mylopoulos -- OIS Slide 1
02. (Conceptual) Modeling F. Dalpiaz & J. Mylopoulos -- OIS 2011-12 Slide 1 Updates about the exam Assignment 1 is due April 20th (was, April 15th) After receiving feedback from the TA, students have 2
More informationA Small Interpreted Language
A Small Interpreted Language What would you need to build a small computing language based on mathematical principles? The language should be simple, Turing equivalent (i.e.: it can compute anything that
More informationA Taxonomy of Verification and Validation of Software Requirement and Specifications 1
A Taxonomy of Verification and Validation of Software Requirement and Specifications 1 Juan F. Sequeda Department of Computer Sciences, The University of Texas at Austin, USA jsequeda@cs.utexas.edu Abstract.
More informationMonitoring Interfaces for Faults
Monitoring Interfaces for Faults Aleksandr Zaks RV 05 - Fifth Workshop on Runtime Verification Joint work with: Amir Pnueli, Lenore Zuck Motivation Motivation Consider two components interacting with each
More informationHeteroskedasticity and Homoskedasticity, and Homoskedasticity-Only Standard Errors
Heteroskedasticity and Homoskedasticity, and Homoskedasticity-Only Standard Errors (Section 5.4) What? Consequences of homoskedasticity Implication for computing standard errors What do these two terms
More informationChapter 3 (part 3) Describing Syntax and Semantics
Chapter 3 (part 3) Describing Syntax and Semantics Chapter 3 Topics Introduction The General Problem of Describing Syntax Formal Methods of Describing Syntax Attribute Grammars Describing the Meanings
More information