SAMCAHNG Yun Goo Kim I. Formal Model Based Development & Safety Analysis II. UML (Model) Based Safety RMS S/W Development February 03 2006 KIM, YUN GOO.

Slides:

Advertisements

Similar presentations

Practical Database Design Methodology and Use of UML Diagrams

Advertisements

Integration of MBSE and Virtual Engineering for Detailed Design

Certifying Auto-generated Flight Code Ewen Denney Robust Software Engineering NASA Ames Research Center California, USA.

Model Driven Generative Programming Reza Azimi February 6, 2003 ECE1770: Trends in Middleware Systems.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.

LIFE CYCLE MODELS FORMAL TRANSFORMATION

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 24 Slide 1 Critical Systems Validation 2.

IEC Substation Configuration Language and Its Impact on the Engineering of Distribution Substation Systems Notes Dr. Alexander Apostolov.

Formal Model-Based Development in Aerospace Systems: Challenges to Adoption Mats P. E. Heimdahl University of Minnesota Software Engineering Center Critical.

Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.

Building Reliable Software Requirements and Methods.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 19Slide 1 Verification and Validation l Assuring that a software system meets a user's.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

Design of Fault Tolerant Data Flow in Ptolemy II Mark McKelvin EE290 N, Fall 2004 Final Project.

16/27/2015 3:38 AM6/27/2015 3:38 AM6/27/2015 3:38 AMTesting and Debugging Testing The process of verifying the software performs to the specifications.

©Ian Sommerville 2000Software Engineering, 6/e, Chapter 91 Formal Specification l Techniques for the unambiguous specification of software.

CS 290C: Formal Models for Web Software Lecture 6: Model Driven Development for Web Software with WebML Instructor: Tevfik Bultan.

Software Testing for Safety- Critical Applications Presented by: Ciro Espinosa & Daniel Llauger.

CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

Overview of the Multos construction process Chad R. Meiners.

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

End-to-End Design of Embedded Real-Time Systems Kang G. Shin Real-Time Computing Laboratory EECS Department The University of Michigan Ann Arbor, MI

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 1 Slide 1 An Introduction to Software Engineering.

1 Software Testing and Quality Assurance Lecture 1 Software Verification & Validation.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 10 Slide 1 Formal Specification.

MCA –Software Engineering Kantipur City College. Topics include  Formal Methods Concept  Formal Specification Language Test plan creation Test-case.

Software Engineering Tools and Methods Presented by: Mohammad Enamur Rashid( ) Mohammad Rashim Uddin( ) Masud Ur Rahman( )

NASA Space Launch System (SLS) Independent Verification and Validation (IV&V) Analysis Processes within Enterprise Architecture (EA) September 11, 2013.

Introduction to Software Testing

Frequently asked questions about software engineering

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Critical Systems Specification 3 Formal Specification.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 10 Slide 1 Formal Specification.

Software Integration and Documenting

SEDS Research GroupSchool of EECS, Washington State University Annual Reliability & Maintainability Symposium January 30, 2002 Frederick T. Sheldon and.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 9 Slide 1 Formal Specification l Techniques for the unambiguous specification of software.

CMSC 345 Fall 2000 Unit Testing. The testing process.

Software Models (Cont.) 9/22/2015ICS 413 – Software Engineering1 -Component-based software engineering -Formal Development Model.

Advanced Technology Center Slide 1 Requirements-Based Testing Dr. Mats P. E. Heimdahl University of Minnesota Software Engineering Center Dr. Steven P.

Software Testing Testing types Testing strategy Testing principles.

Reliable Design of Safety Critical Systems Dr. Abhik Roychoudhury School of Computing

Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.

1 New Development Techniques: New Challenges for Verification and Validation Mats Heimdahl Critical Systems Research Group Department of Computer Science.

Overview of Formal Methods. Topics Introduction and terminology FM and Software Engineering Applications of FM Propositional and Predicate Logic Program.

Intent Specification Intent Specification is used in SpecTRM

CEFRIEL Consorzio per la Formazione e la Ricerca in Ingegneria dell’Informazione Politecnico di Milano Model Checking UML Specifications of Real Time Software.

WXGE6103 Software Engineering Process and Practice Formal Specification.

WELCOME TO SEMINAR ON SCADA WELCOME TO SEMINAR ON SCADA Presented by: ANIL KUMAR RAUT Adm No:33IE/2k.

1 A Spectrum of IV&V Modeling Techniques Mats Heimdahl (Co-PI) Jimin Gao (RA) University of Minnesota Tim Menzies (Co-PI) David Owen (RA) West Virginia.

Verification and Validation in the Context of Domain-Specific Modelling Janne Merilinna.

Integrating Systems: models and fault modes SESAM-möte, 19 Oktober, 2005 Jonas Elmqvist Real-Time Systems Laboratory Department of Computer and Information.

Requirements Specification. Welcome to Software Engineering: “Requirements Specification” “Requirements Specification”  Verb?  Noun?  “Specification”

Safety-Critical Systems 7 Summary T V - Lifecycle model System Acceptance System Integration & Test Module Integration & Test Requirements Analysis.

Software Engineering1  Verification: The software should conform to its specification  Validation: The software should do what the user really requires.

Version 02U-1 Computer Security: Art and Science1 Correctness by Construction: Developing a Commercial Secure System by Anthony Hall Roderick Chapman.

Hosted by: Institute for Software Integrated Systems (ISIS) Vanderbilt University Software Reliability for FCS Discussion Format May 18-19, 2004 ARO Workshop.

Software Quality Assurance and Testing Fazal Rehman Shamil.

Requirement Elicitation Review – Class 8 Functional Requirements Nonfunctional Requirements Software Requirements document Requirements Validation and.

I. UML Tool review (Rhapsody) and II. Requirement and TEST in UML modeling May 31th 2005 KIM, YUN GOO Lab Seminar.

1 Ontological Foundations For SysML Henson Graves September 2010.

Defects of UML Yang Yichuan. For the Presentation Something you know Instead of lots of new stuff. Cases Instead of Concepts. Methodology instead of the.

Software Engineering (CSI 321)

Software Design Methodology

Model-Driven Analysis Frameworks for Embedded Systems

Department of Computer Science Abdul Wali Khan University Mardan

Software Engineering for Safety: a Roadmap

Software Architecture & Design

Presentation transcript:

SAMCAHNG Yun Goo Kim I. Formal Model Based Development & Safety Analysis II. UML (Model) Based Safety RMS S/W Development February KIM, YUN GOO

Background  SAFECOMP2005  THE 24thInternational Conference on COMPUTER SAFETY, RELIABILITY AND SECURITY  September 2005 Fredrikstad, Norway  CSDUML  The 4th International Workshop on Critical Systems Development Using Modeling Languages  Formal Model Based Development  Keynote by Professor Mats Heimdahl, University of Minnesota, USA  Model Based Safety Analysis of Simulink Models Using SCADE Design Verifier

Model Based Development

Commercial and research tools  Commercial  Esterel and SCADE (Esterel Technologies)  Statemate Magnum and Rhapsody (i- Logix)  SpecTRM (Safeware Engineering)  Simulink and Stateflows from Mathworks Inc  Rose Realtime from Rational(IBM)  Research  SCR  RSML-e  Ptolemy

S/W Development Model Water Fall Model V-Model

Model based development Process V-Model Y-Model

Y Model from Luiz Fernando Capretz Ref Journal of Computer Science 1 (1): 76-82, 2005 Y: A New Component-Based Software Life Cycle Model

ROI with Model Based Development % - 25 % - 75 % - 50 %

Model-Based Development Examples

Potential Issues… Can We REALLY trust code generator Are the languages usable syntax and semantics? Can they be inspected? Is the specification “right”? Can we trust execution environment? Trust the results? Tested enough? Can we trust execution environment?

“Correct” Code Generation—How?  Provably Correct Compilers  Very Hard (and Often Not Convincing)  Proof Carrying Code  Generate Test Suites From Model  Compare Model Behavior With Generated Code  Unit Testing Is Now Not Eliminated, but Largely Automated

Proof Techniques  Certify analysis tools  Too costly and probably impossible  Use redundant proof paths  Technically feasible, but is the redundancy “trustworthy”??  Cost…  Automation is key  Must keep analysis cost under control  Generate test suites from specification  Low cost since it is already done for the code generator

Three Conjectures  No modeling language will be universally accepted, nor universally applicable  No verification/validation tool will satisfy the analysis needs of a user  Languages and tools must be tested on real world problems by practicing engineers  Preferably commercial tools

Tool Chain

Challenges  Next generation tools must allow easy extension and modification of notations to meet domain specific needs  They must allow easy construction of high quality translations from modeling notations to analysis tools  They also must enable controlled reuse of tool infrastructure to make tool extensions cost effective  Model Validation  Language Syntax and Semantics  Tool Verification and Certification  New Tools Infrastructure

UML Based Development DOORS RhapsodyStatemateC++ Test Concept Requirement ModelingVerification Unit Test System Test ImplementationCode Test Model Test Formal Verification TEST CASE Generation

Concept : Use Case Diagram  The Radiation Monitoring System (RMS) shall be a computer based data acquisition, analysis, display, and report generating system. The RMS shall monitor radiation levels of designated systems and areas of a two-unit pressurized water reactor (PWR) nuclear power generating station. Each unit shall have its own independent RMS consisting of redundant (dual) computer subsystem and radiation monitors specified in this specification. The system is to include both safety-related equipment required for safe operation of the plant, and equipment which is not safety-related but necessary for recording the radiation history of the power plant. All hardware, firmware and software necessary for proper system operation shall be included. The RMS shall include offsite dose calculation and report generating subsystem composed of all necessary hardware and software.

Requirement : Use Case Diagram  SR1. The RMS shall include at least the following process, functional, and malfunction alarms:  SR1.1 Two high radiation level alarms that can be set at any point in the measurement range. These alarms shall include an output inhibit in the circuit that is initiated by check source actuation.  SR1.2 Rate of rise. An alarm shall be actuated when the rate of increase in radiation level exceeds a preset value.  SR1.3 A low radiation level alarm for indication of malfunction.  SR1.4 Loss of power (may be combined with low radiation level alarm)  SR1.5 A system alarm shall be generated when data buffer is 70 percent full  SR1.6 Cabinet high temperature alarm  SR2. The alarms shall not operate if the RMS is switched off.  SR3. Access to the radiation monitoring system's alarm setpoints shall be under administrative control

Requirement : Use Case Diagram

Requirement Traceability  SR1. The RMS shall include at least the following process, functional, and malfunction alarms:  SR1.1 Two high radiation level alarms that can be set at any point in the measurement range. These alarms shall include an output inhibit in the circuit that is initiated by check source actuation.  SR1.2 Rate of rise. An alarm shall be actuated when the rate of increase in radiation level exceeds a preset value.  SR1.3 A low radiation level alarm for indication of malfunction.  SR1.4 Loss of power (may be combined with low radiation level alarm)  SR1.5 A system alarm shall be generated when data buffer is 70 percent full  SR1.6 Cabinet high temperature alarm  SR2. The alarms shall not operate if the RMS is switched off.  SR3. Access to the radiation monitoring system's alarm setpoints shall be under administrative control

Design : Class Diagram

Design : StateChart  Auto Code Generation

State chart based Link  Rhapsody and StateMate Magnum are from I-logix  Manual Change  Limit of number of instance  Function Call is not supported by StateMate->use another state  Event Value passing is not supported by StateMate->use Global variable  Automatic Change  XML Conversion  State Chart Source Analysis

Discussion  Model Based Development  Introduction to CSDUML and SAFECOMP20005  Paper Review of Prof Heimdahl  Model Validation, Tool verification  Empirical Study  UML Based Development  Detail modeling  Formal conversion (Rhapsody to Statemate magnum)