DSM-TP 2016 Verification of Model Transformations and DSLs in Industry Levi Lúcio Joint work with: Bentley James Oakes, Cláudio Gomes, Salman Rahman and.

Slides:



Advertisements
Similar presentations
2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.
Advertisements

A System to Generate Test Data and Symbolically Execute Programs Lori A. Clarke September 1976.
Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
CSI5112 Software Engineering Team: Andrei Anisenia Margi Fumtiwala.
Irwin/McGraw-Hill Copyright © 2000 The McGraw-Hill Companies. All Rights reserved Whitten Bentley DittmanSYSTEMS ANALYSIS AND DESIGN METHODS5th Edition.
Formal Techniques in Software Engineering Universiteit AntwerpenIntroduction 1.1 Formal Techniques in Software Engineering 3de BAC Informatica Chapter.
Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.
The Unified Software Development Process - Workflows Ivar Jacobson, Grady Booch, James Rumbaugh Addison Wesley, 1999.
Lesson-12 Information System Development-2
Software Evolution Managing the processes of software system change
Π-Method: A Model-Driven Formal Method for Architecture- Centric Software Engineering By Flavio Oquendo Presented by: Sajith Wickramaratne.
Ontologies Reasoning Components Agents Simulations An Overview of Model-Driven Engineering and Architecture Jacques Robin.
MCA –Software Engineering Kantipur City College. Topics include  Formal Methods Concept  Formal Specification Language Test plan creation Test-case.
1.3 Executing Programs. How is Computer Code Transformed into an Executable? Interpreters Compilers Hybrid systems.
Comparing M2T & M2M Complementary Approaches © 2008 INRIA, University of York & SINTEF Comparing M2T & M2M Complementary Approaches Hugo Bruneliere,
Version Enterprise Architect Redefines Modeling in 2006 An Agile and Scalable modeling solution Provides Full Lifecycle.
Software Reengineering 2003 년 12 월 2 일 최창익, 고광 원.
- Chaitanya Krishna Pappala Enterprise Architect- a tool for Business process modelling.
Xactium xDSLs Run Models Not Code Tony Clark
Assurance techniques for code generators Ewen Denney USRA/RIACS, NASA Ames Bernd Fischer ECS, U Southampton.
Verification of Translation Model Transformations Levi Lúcio †, Bentley James Oakes, and Hans Vangheluwe †,‡ † School of Computer Science, McGill University,
Verification of Model Transformations for Real Verifying Model Transformations for Real Levi Lúcio work done jointly with: Bentley James Oakes, McGill.
Jessica Chen-Burger A Framework for Knowledge Sharing and Integrity Checking for Multi-Perspective Models Yun-Heh (Jessica) Chen-Burger Artificial Intelligence.
Building Tools by Model Transformations in Eclipse Oskars Vilitis, Audris Kalnins, Edgars Celms, Elina Kalnina, Agris Sostaks, Janis Barzdins Institute.
Copyright © 2009 AtlanMod. All Rights Reserved Frédéric Jouault & Hugo Bruneliere AtlanMod team (INRIA & Mines de Nantes) Possible Benefits of Bridging.
WSMX Execution Semantics Executable Software Specification Eyal Oren DERI
University of Southern California Center for Systems and Software Engineering Model-Based Software Engineering Supannika Koolmanojwong Spring 2013.
11 CORE Architecture Mauro Bruno, Monica Scannapieco, Carlo Vaccari, Giulia Vaste Antonino Virgillito, Diego Zardetto (Istat)
© 2012 xtUML.org Bill Chown – Mentor Graphics Model Driven Engineering.
Model Driven Development An introduction. Overview Using Models Using Models in Software Feasibility of MDA MDA Technologies The Unified Modeling Language.
Software Debugging, Testing, and Verification Presented by Chris Hundersmarck November 10, 2004 Dr. Bi’s SE516.
PROC-1 1. Software Development Process. PROC-2 A Process Software Development Process User’s Requirements Software System Unified Process: Component Based.
Semantics for DSL Group Members: Ritu Arora, Diyang Chu, Zekai Demirezen, Jeff Gray, Jacob Gulotta, Luis Pedro, Arturo Sanchez, Greg Sullivan,Ximing Yu.
11 CORE Architecture Mauro Bruno, Monica Scannapieco, Carlo Vaccari, Giulia Vaste Antonino Virgillito, Diego Zardetto (Istat)
Using Symbolic PathFinder at NASA Corina Pãsãreanu Carnegie Mellon/NASA Ames.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 4 Slide 1 Software Processes.
1 Contractual Consistency Between BON Static and Dynamic Diagrams Ali Taleghani July 30, 2004.
R-Verify: Deep Checking of Embedded Code James Ezick † Donald Nguyen † Richard Lethin † Rick Pancoast* (†) Reservoir Labs (*) Lockheed Martin The Eleventh.
CS3320-Chap21 Office Hours TR 1:00-2:15 PM W 2:30-3:30 PM By appointment.
Ontologies Reasoning Components Agents Simulations An Overview of Model-Driven Engineering and Architecture Jacques Robin.
Copyright 1999 G.v. Bochmann ELG 7186C ch.1 1 Course Notes ELG 7186C Formal Methods for the Development of Real-Time System Applications Gregor v. Bochmann.
1 Ontological Foundations For SysML Henson Graves September 2010.
M&CML: A Monitoring & Control Specification Modeling Language
Sub-fields of computer science. Sub-fields of computer science.
Advanced Computer Systems
Compiler Design (40-414) Main Text Book:
CIM Modeling for E&U - (Short Version)
Definition CASE tools are software systems that are intended to provide automated support for routine activities in the software process such as editing.
SysML 2.0 Formalism: Requirement Benefits, Use Cases, and Potential Language Architectures Formalism WG December 6, 2016.
Recent trends in estimation methodologies
Matching Logic An Alternative to Hoare/Floyd Logic
Chapter 1 OBJECT-ORIENTED ANALYSIS AND DESIGN
Software Processes (a)
Overview Part 1 – Design Procedure Beginning Hierarchical Design
Software Design Methodology
Designing Software for Ease of Extension and Contraction
Business Rule Based Configuration Management and Software System Implementation Using Decision Tables Olegas Vasilecas, Aidas Smaizys VGTU, Vilnius, Lithuania.
Overview of System Engineering
Introduction to Software Testing
QGen and TQL-1 Qualification
QGen and TQL Qualification
Object-Oriented and Classical Software Engineering Fifth Edition, WCB/McGraw-Hill, 2002 Stephen R. Schach
Modular design of domain-specific languages
CS310 Software Engineering Lecturer Dr.Doaa Sami
Lecture 06:Software Maintenance
Automated Analysis and Code Generation for Domain-Specific Models
CISC 7120X Programming Languages and Compilers
Applying Use Cases (Chapters 25,26)
Applying Use Cases (Chapters 25,26)
Software Architecture & Design
Presentation transcript:

DSM-TP 2016 Verification of Model Transformations and DSLs in Industry Levi Lúcio Joint work with: Bentley James Oakes, Cláudio Gomes, Salman Rahman and Hans Vangheluwe August 23, 2016

DSM-TP 2016 Talk Map Verification of Model Transformations Current MDD projects and interaction with the industry Conclusion and Wrap-up 2

DSM-TP 2016 Talk Map Verification of Model Transformations Current MDD projects and interaction with the industry Conclusion and Wrap-up 3

DSM-TP 2016 What? A push-button tool for the automatic analysis of model transformations Automatic proof construction for pre- / post- condition contracts Formal methods in practice: a proof is valid for all inputs How? By using a model transformation language with reduced expressiveness: DSLTrans Contracts are proved on a symbolic execution-based abstraction Challenges Handling all constructs of the model transformation language Reaching full automation Scale to real-world transformations Going mainstream 4 Verification of Model Transformations

DSM-TP and live demo VIDEO (video editing by Bentley James Oakes)

DSM-TP 2016 Implementation 6 Principle: Development of the tool should be model-driven (as much as as possible) First class citizens: Metamodels Models (Higher-Order) Model Transformations “MPM: Model everything explicitly at the most appropriate level(s) of abstraction using the most appropriate formalisms”

DSM-TP 2016 Tools and Developers 7 igraph / Himesis Levi Lúcio fortiss / McGill U. Bentley J. Oakes McGill U. Gehan Selim Queen’s U. Cláudio Gomes Antwerp U. T-Core

DSM-TP 2016 SyVOLT’s Architecture 8

DSM-TP 2016 SyVOLT’s Architecture 9

DSM-TP 2016 SyVOLT is a GitHub Project 10

DSM-TP 2016 Talk Map Verification of Model Transformations Current MDD projects and interaction with the industry Conclusion and Wrap-up 11

DSM-TP 2016 Talk Map Verification of Model Transformations Current MDD projects and interaction with the industry Conclusion and Wrap-up 12

DSM-TP 2016 cert-mbddr Project mbeddr is a set of DSLs written in MPS, to ease the writing of C code. C code is generated through a model transformation.

DSM-TP 2016 Objective mbeddr’s qualification requires arguments about the correctness of the C code model transformation generators. However, the guarantees that mbeddr’s generated C code is correct are currently not enough for mbeddr’s industrial users.

DSM-TP 2016 Component calls in mbeddr An abstraction used in mbeddr is the notion of component. Components provide and require services. Is this abstraction correctly translated into C?

DSM-TP 2016 What can go wrong in a method call (mbeddr)?

DSM-TP 2016 What can go wrong in a method call (C)? C code complexity required to realize OO paradigm Several levels of indirection (pointers)

DSM-TP 2016 DSLTrans mbeddr -> C Transformation

DSM-TP 2016 Example contract for mbeddr Shows that the interface of the provided port is assigned to operations of the right requiring component type. Is proved in under 2 mins!

DSM-TP 2016 A Correctness Argument is Missing Several SyVOLT Contracts more, e.g.: The assignment is made prior to any method call; The correct component instance is passed to the method call (both for the source instance as well as for the target instance) etc…

DSM-TP 2016 SyVOLT Optimizations for analyzing the C generator for mbeddr Parallelization of path condition (symbolic execution) construction Saved space on path condition representation (trimmed and zipped to disk) Contract-based slicing of DSLTrans model transformations Path condition elimination based on EMF containment constraints 21

DSM-TP 2016 DSLTrans and SyVOLT: From Eclipse to MPS MPS (Meta Programming System), from JetBrains Meta editing facilities for DSL construction Model transformation languages (model-to-model, model-to-text) Base languages (Java, C, others) Projectional editing Part of the cert-mbeddr project Integrate DSLTrans in MPS Integrate SyVOLT in MPS 22

DSM-TP 2016 DSLs in MPS Highlight projectional editing 23

DSM-TP Live Demo of MPS

DSM-TP 2016 Something (a bit) different: The IETS3 Project Requirement management is difficult for critical systems Especially critical for the Aerospace and Automotive industry Compliance with standards is required (e.g. DO-178C in aerospace) Traceability is required from High Level Requirements to Low Level requirements to code There is space for improvement wrt. currently used tools: DOORS, Word, Excel, Enterprise Architect,… 25

DSM-TP 2016 Examples of what can be Improved We received a requirements document from Diehl for a Fan Unit system to cool down door controllers in the A380 Thousands of pages Manually built traceability along different abstraction levels Many requirements are just text Parts of the requirements documents are reversed engineered from code 26

DSM-TP 2016 Examples of what can be Improved 27

DSM-TP Live Demo of IETS3

DSM-TP 2016 IETS3: How can Modeling Technology Help in Requirements Engineering? Requirements can be written more formally than just text and pictures / tables A requirements document becomes an interconnected model where traceability is provided by construction Static checks for correctness-by-construction Support for requirements’ refinement Support for documentation or code generation Support for automated analyses 29

DSM-TP 2016 Conclusion Model transformation verification ( and Model-Driven technologies in general) are in demand in industry Good abstractions allow correctness-by-construction and verification The theory is mature enough, but the tools are not Add to that the difficulties of adoption One way to move forward are focused industrial projects and… 30

DSM-TP We are looking for partners for new projects! Drop me a line at:

DSM-TP 2016 Model-Driven Development: Challenges 32 Challenges Insufficient higher-order model transformation technology (AToM3) models are not built for memory-intensive applications Transformations and code have to be developed together in an interleaved fashion

DSM-TP 2016 Model-Driven Development: Advantages 33 Advantages (Surprisingly) speed! Adapted to the domain Models simplify the usage of complex data types

DSM-TP 2016 Model-Driven Development: Ambivalent 34 Ambivalent Right level of abstraction through the usage of metamodels and model transformations Visual edition and debugging of metamodels, models and model transformations

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.