By Topic

Theoretical Aspects of Software Engineering, 2009. TASE 2009. Third IEEE International Symposium on

Date 29-31 July 2009

Filter Results

Displaying Results 1 - 25 of 67
  • [Front cover]

    Page(s): C1
    Save to Project icon | Request Permissions | PDF file iconPDF (4880 KB)  
    Freely Available from IEEE
  • [Title page i]

    Page(s): i
    Save to Project icon | Request Permissions | PDF file iconPDF (97 KB)  
    Freely Available from IEEE
  • [Title page iii]

    Page(s): iii
    Save to Project icon | Request Permissions | PDF file iconPDF (180 KB)  
    Freely Available from IEEE
  • [Copyright notice]

    Page(s): iv
    Save to Project icon | Request Permissions | PDF file iconPDF (134 KB)  
    Freely Available from IEEE
  • Table of contents

    Page(s): v - ix
    Save to Project icon | Request Permissions | PDF file iconPDF (163 KB)  
    Freely Available from IEEE
  • Message from the Chairs

    Page(s): x
    Save to Project icon | Request Permissions | PDF file iconPDF (131 KB)  
    Freely Available from IEEE
  • TASE 2009 Committee Lists

    Page(s): xi - xii
    Save to Project icon | Request Permissions | PDF file iconPDF (87 KB)  
    Freely Available from IEEE
  • TASE 2009 Additional Reviewers

    Page(s): xiii
    Save to Project icon | Request Permissions | PDF file iconPDF (70 KB)  
    Freely Available from IEEE
  • Verification and Performance Analysis for Embedded Systems

    Page(s): 3 - 4
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (162 KB) |  | HTML iconHTML  

    This talk provides a thorough tutorial of the UPPAAL tool suite for, modeling, simulation, verification, optimal scheduling, synthesis, testing and performance analysis of embedded and real-time systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Modular Development of Certified System Software

    Page(s): 5
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (89 KB) |  | HTML iconHTML  

    Certified software consists of a machine executable program plus a rigorous formal proof (checkable by computer) that the software is free of bugs with respect to a particular specification. The conventional wisdom is that certified software will never be practical because any real software must also rely on the underlying operating system which is too low-level and complex to be verifiable. In recent years, however, there have been many advances in the theory and engineering of mechanized proof systems applied to verification of low-level code, including proof-carrying code, certified assembly programming, logic-based type system, and certified or certifying compilation. In this talk, I will give an overview of this exciting new area, focusing on both foundational ideas and key insights that make the work on certified software differ from traditional style program verification. I will also describe several recent work on building certified thread implementation, interrupt handlers, stack-based control libraries, garbage collectors, and OS bootloaders. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Towards Expressive Specification and Efficient Model Checking

    Page(s): 9
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (176 KB) |  | HTML iconHTML  

    We share the views that specifications are preferably executable. In this tutorial, we introduce our latest effort on combining the expressiveness of integrated formal specification languages with the power of mechanical system analysis method like model checking. We present a process analysis toolkit (PAT) which is a self-contained framework for system specification, simulation and verification. PAT supports a modeling language named CSP# (short for communicating sequential programs). View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Improving Responsiveness of Hard Real-Time Embedded Systems

    Page(s): 13 - 20
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (311 KB) |  | HTML iconHTML  

    Hard real-time systems are found in many critical embedded applications, for example aeroplane flight control, industrial production line control, and so on. The safe scheduling of tasks in these hard real-time systems is crucial to their correct operation, but the hard constraints of this type of scheduling reduce the responsiveness of the systems. In this paper we show the application of runtime analysis in informing the design of hard real-time embedded systems by allowing scheduled tasks to be dynamically re-ordered to improve the average responsiveness, while still meeting the hard constraints imposed by the system. The technique is semi-automated, and uses the reduce computer algebra system to precalculate a symbolic form of the runtime of scheduled tasks. The symbolic form is used to modify the source code of the scheduler. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Environmental Simulation of Real-Time Systems with Nested Interrupts

    Page(s): 21 - 28
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (532 KB) |  | HTML iconHTML  

    Interrupts are important aspects of real-time embedded systems to handle events in time. When there exist nested interrupts in a real-time system, and an urgent interrupt is allowed to preempt the current interrupt handling, the design and analysis of the system become difficult due to the lack of appropriate behavioral models. This paper proposes a compositional model for nested interrupts and an analysis named environmental simulation. We present a new kind of timed transition system, named controller automata, to treat interrupts. Together with an interrupt environment modeled as a timed automaton, and a scheduler as a timed automaton with semaphores, the system behaviors with nested interrupts are realized by a sequence of transitions with time. Although various verification problems for this model are undecidable in general, it is shown that the reachability of error states is practically solvable with our implementation of the environmental simulation by Maude. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Semantics for Communicating Actors with Interdependent Real-Time Deadlines

    Page(s): 29 - 35
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (264 KB) |  | HTML iconHTML  

    Models of embedded systems with communicating actors and deadlines offer abstraction and encapsulation of related functionality, but their behavior is complex. Verification is therefore difficult and requires a combination of simulation, model checking and testing tools. In order to rely on the results, these tools must use consistent semantics for the model. Yet, a monolithic semantic model is just as complex as the entity it describes. In order to circumvent this issue, we define a three level semantics giving independent definitions of the functionality of actors, the temporal properties of communications, and finally imposing deadlines on the timing of dependent actors. With this approach the semantics is used directly in developing a simulator supporting the nondeterminism of the abstract semantics such that e.g. potential race conditions can be detected. The layers are also planned to underpin independent specialized verification tools. The verification task for timed, hybrid systems can thus be divided into the continuous, discrete, and timing domains with automated translation to specialized tools, and this promises better scalability than simulation or model checking of one complex model. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • An Efficient Algorithm for Finding Empty Space for Reconfigurable Systems

    Page(s): 36 - 43
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (276 KB) |  | HTML iconHTML  

    The management of resources in reconfigurable systems is one of the most critical factors concerned deeply with the performance of dynamic reconfigurable systems. There are several algorithms for managing the empty space of reconfigurable systems, among which the basic scan line algorithm (SLA) is a relative efficient one. However, SLA suffers from two problems: redundancy and duplication. To solve duplication, the improved scan line algorithm (ISLA) is proposed in. However, the redundancy problem is remained. Therefore, we are motivated to over come this problem and propose an enhanced algorithm called ESLA based on SLA. ESLA solves problems of both redundancy and duplication. Further, Simulation experiments show that the performance of ESLA is better than ISLA. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • State Visibility and Communication in Unifying Theories of Programming

    Page(s): 47 - 54
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (182 KB) |  | HTML iconHTML  

    We explore the interactions between program-variable state visibility and communication behaviour in state-rich CSP-like processes, using the unifying theories of programming (UTP) framework. The key results of this work are: having variable state visible while a process is waiting to communicate, results in an operationally complex theory of behaviour; by contrast, considering state as unobservable during communication wait periods results in an elegant theory, with much cleaner operational intuitions. The language constructs most affected by this observability choice are those of external choice and parallel composition. We also discuss situations where this state hiding can prevent the adoption of interesting operators that seize control from waiting processes. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Semantics of Metamodels in UML

    Page(s): 55 - 62
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (498 KB) |  | HTML iconHTML  

    A modelling language can be defined by a metamodel in UML class diagram. This paper defines the semantics of such metamodels through two mappings: a signature mapping from metamodels to signatures of first order languages and an axiom mapping from metamodels to sets of axioms over the signature. Valid models, i.e. instances of the metamodel, are therefore mathematical structures in the signature that satisfies the axioms. This semantics definition enables us to analyse the logical consistency and completeness of metamodels. A software tool called LAMBDES is implemented to translate metamodels into first order logic systems and analyse them by employing the theorem prover SPASS. Case studies with the tool detected inconsistency and incompleteness in the metamodel of UML 2.0 and an AspectJ profile. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Refinement Algebra with Explicit Probabilism

    Page(s): 63 - 70
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (343 KB) |  | HTML iconHTML  

    Refinement algebra provides axioms for the stepwise removal of abstraction, in the form of demonic nondeterminism, in a first-order system that supports reasoning about loops. It has been extended by Solin and Meinecke to computations involving implicit probabilistic choices: demonic nondeterminism then satisfies weaker properties. In this paper their axiom system is extended to capture explicit probabilistic choices. The first form is an unquantified probabilistic choice; the second is a partial quantified probabilistic choice (from which the usual binary probabilistic choice can be recovered). The new refinement algebra is sound with respect to 1-bounded expectation transformers, the premier model of probabilistic computations, but also with respect to a new model introduced here to capture more directly partial quantified computations. In this setting a `normal form' result of Kozen is proved, replacing multiple loops with a single loop that does the same job; and the extent to which the two forms of loop have the same expected number of steps to termination is considered. Being entirely first-order, the new refinement algebra is targeted to automation. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Environment Abstraction with State Clustering and Parameter Truncating

    Page(s): 73 - 80
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (200 KB) |  | HTML iconHTML  

    Environment abstraction enriches predicate abstraction by idea from counter abstraction to develop a framework for verification of parameterized systems. However, despite various effects, the constructed abstractions still go beyond the capability of the usual model checkers for many realistic systems. In this paper, a new technique, called state clustering, is proposed to group local states into a small number of clusters, by purely syntactic analysis. The size of array variables in the resulting abstractions are further reduced using parameter abstraction technique. By combining different abstraction techniques, real-life cache coherence protocols such as FLASH have been successfully verified. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Verification of Population Ring Protocols in PAT

    Page(s): 81 - 89
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (209 KB) |  | HTML iconHTML  

    The population protocol model has emerged as an elegant paradigm for describing mobile ad hoc networks, consisting of a number of nodes that interact with each other to carry out a computation. One essential property of self-stabilizing population protocols is that all nodes must eventually converge to the correct output value, with respect to all possible initial configurations. It has been shown that fairness constraints play a crucial role in designing population protocols. The Process Analysis Toolkit (PAT) has been developed to perform verifications under different fairness constraints efficiently. In particular, it can handle global fairness, which is required for the correctness of most of population protocols. It is an ideal candidate for automatically verifying population protocols. In this paper, we summarize our latest empirical evaluation of PAT on a set of self-stabilizing population protocols for ring networks. We report one previously unknown bug in a protocol for leader election identified using PAT. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Bounded Model Checking of ACTL Formulae

    Page(s): 90 - 99
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (347 KB) |  | HTML iconHTML  

    In this paper, we give a new and improved Bounded Model Checking encoding method for the universal fragment of CTL (ACTL). More specifically, the new encoding method works for verification of ACTL properties, instead of error-hunting. Combine our verification encoding and bug-hunting encoding proposed before, we get a Bounded Model Checking procedure that works for both valid and invalid ACTL properties. The underlying idea and intuition are summarized in this paper and we implement our tool BMV (Bounded Model Verification) on top of the well-known model checker NuSMV 2, and conduct experiments that show the strength and weakness of ACTL Bounded Model Checking compared to traditional BDD-based model checking procedure. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Coarse Grained Retrenchment and the Mondex Denial of Service Attacks

    Page(s): 103 - 110
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (234 KB) |  | HTML iconHTML  

    Retrenchment is a framework that allows relatively unrestricted system evolution steps to be described in a way that gives an evolution step some formal content - unlike model based refinement, whence it emerged, which is inapplicable outside some fairly tightly drawn notion of `progress towards implementation'. In this paper, we introduce a `coarse grained' version of retrenchment, relating to system behaviours in the large, and exemplify it on the requirements issues surrounding a denial of service case study drawn from the Mondex Purse. We show that the coarse grained retrenchment framework gives a good account of this case study. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Enforcing Constraints on Life Cycles of Business Artifacts

    Page(s): 111 - 118
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (263 KB) |  | HTML iconHTML  

    Artifact-centric business process models allow to describe artifacts (data objects) and their life cycles, which allow designers to focus on individual artifact in business processes, thus simplifies the design and analysis of business process model. However, this feature is a double-edged sword. The description of the relationships between artifacts becomes a new and nontrivial problem. It is better that the associations among business artifacts are specified at a high level as logical assertions. We think taking business constraints as complements of artifact-centric business operational model is an useful idea. Based on this consideration,in this paper, we propose an approach which combines both the declarative way and the procedural way in the construction of business processes. This flexibility can help designers to separate the parts of a business process that are more likely to change from those that are less likely to change. We propose a language TiLE to specify business constraints, and give complexity results on the satisfiability of TiLE. Moreover, we discussed how to enforce the constraints at run-time. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Consistency Checking for LSC Specifications

    Page(s): 119 - 126
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (403 KB) |  | HTML iconHTML  

    Live sequence charts (LSCs) have been proposed as an inter-object scenario-based specification and visual programming language. In this paper, we introduce a high level computational semantics of LSCs, in the form of a PLAY-tree, to show how a running LSC affects the system behaviors in response to a set of external events. Given a nonempty regular language of external events,the consistency of an LSC specification is defined as whether there exists a corresponding PLAY-tree with all success branches; in case of inconsistency, failure traces can be obtained through failure branches of the PLAY-tree. We also present an algorithm using a memoized depth-first search strategy and an implementation framework in logic programming for consistency checking of LSCs. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.
  • Integrating Specification and Programs for System Modeling and Verification

    Page(s): 127 - 135
    Save to Project icon | Request Permissions | Click to expandQuick Abstract | PDF file iconPDF (228 KB) |  | HTML iconHTML  

    High level specification languages like CSP use mathematical objects as abstractions to represent systems and processes. System behaviors are described as process expressions combined with compositional operators, which are associated with elegant algebraic laws for system analysis. Nonetheless, modeling systems with non-trivial data and functional aspects using CSP remains difficult. In this work, we propose a modeling language named CSP# (short for communicating sequential programs) which integrates high-level modeling operators with low-level procedural codes, for the purpose of efficient mechanical system verification. We demonstrate that data operations can be modeled as terminating sequential programs, which can be composed using high-level compositional operators. CSP# is supported by the PAT model checker and has been applied to a number of systems. View full abstract»

    Full text access may be available. Click article title to sign in or learn about subscription options.