CATSY: Catalogue of System and Software Properties

Slides:



Advertisements
Similar presentations
[ §4 : 1 ] 4. Requirements Processes I Overview 4.1Fundamentals 4.2Elicitation 4.3Specification 4.4Verification 4.5Validation Requirements Definition Document.
Advertisements

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
® IBM Software Group © 2006 IBM Corporation Rational Software France Object-Oriented Analysis and Design with UML2 and Rational Software Modeler 04. Other.
Architectural Design Principles. Outline  Architectural level of design The design of the system in terms of components and connectors and their arrangements.
Major Exam II Reschedule 5:30 – 7:30 pm in Tue Dec 5 th.
1 REQUIREMENTS ENGINEERING and SYSTEMS ANALYSIS Elements and Definitions.
The Software Product Life Cycle. Views of the Software Product Life Cycle  Management  Software engineering  Engineering design  Architectural design.
SOFTWARE DESIGN (SWD) Instructor: Dr. Hany H. Ammar
WXGE6103 Software Engineering Process and Practice Formal Specification.
Fall 2004EE 3563 Digital Systems Design EE 3563 VHSIC Hardware Description Language  Required Reading: –These Slides –VHDL Tutorial  Very High Speed.
Deriving Operational Software Specification from System Goals Xin Bai EEL 5881 Course Fall, 2003.
Software Requirements: A More Rigorous Look 1. Features and Use Cases at a High Level of Abstraction  Helps to better understand the main characteristics.
© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.
MEMORY GENERATORS MEMPRO Instructor: Dr. Anthony Johnson Presented by: Rajesh Natarajan Motheeswara Salla.
Architecture Analysis and Design Language: An Overview Drew Gardner.
Formal Verification. Background Information Formal verification methods based on theorem proving techniques and model­checking –To prove the absence of.
Motivation FACE architecture encourages modularity of components on data boundaries Transport Services Segment interface is centered on sending and receiving.
OOD OO Design. OOD-2 OO Development Requirements Use case analysis OO Analysis –Models from the domain and application OO Design –Mapping of model.
Complexity Relief Techniques for Model Checking METU, Aug SOFTWARE VERIFICATION WORKSHOP Hüsnü Yenigün Sabanci University Informatics Institute,
Principles of Programming & Software Engineering
Formal Specification.
Software Testing.
Chapter3:Software Processes
Group mambers: Maira Naseer (BCS ).
CompSci 280 S Introduction to Software Development
Chapter 1: Introduction to Systems Analysis and Design
Software Testing.
LPV: a new technique, based on linear programming, to formally prove or disprove safety properties J-L Lambert, valiosys.
Business System Development
Software Process Activities.
Chapter ? Quality Assessment
Architecture Concept Documents
TIM 58: Systems Analysis and Design Winter Quarter 2017 Tuesday/Thursday 1:30 – 3:05 pm, Classroom Unit 1.
Input Space Partition Testing CS 4501 / 6501 Software Testing
Lecture 9- Design Concepts and Principles
Principles of Programming and Software Engineering
Graph Coverage for Specifications CS 4501 / 6501 Software Testing
IEEE Std 1074: Standard for Software Lifecycle
Part 3 Design What does design mean in different fields?
Software Design AITI GP John Paul Vergara.
HCI in the software process
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
The design process Software engineering and the design process for interactive systems Standards and guidelines as design rules Usability engineering.
Recall The Team Skills Analyzing the Problem (with 5 steps)
Introduction to Software Engineering
Component-Level Design
Component-Level Design
Introduction to Software Testing
Logical architecture refinement
Test Planning Mike O’Dell (some edits by Vassilis Athitsos)
Thursday’s Lecture Chemistry Building Musspratt Lecture Theatre,
Chapter 20 Object-Oriented Analysis and Design
ECE 553: TESTING AND TESTABLE DESIGN OF DIGITAL SYSTES
Lecture 9- Design Concepts and Principles
John D. McGregor Session 6 Preparing for Architecture V & V
HCI in the software process
John D. McGregor Session 5 Error Modeling
An Introduction to Software Architecture
Graph Coverage for Specifications CS 4501 / 6501 Software Testing
Chapter 1: Introduction to Systems Analysis and Design
Introduction to Requirements Modeling
Requirements Document
Design Yaodong Bi.
Human Computer Interaction Lecture 14 HCI in Software Process
Chapter 8, Design Patterns Introduction
Software Development Cycle
Enabling Prediction of Performance
Chapter 7 Software Testing.
Chapter 1: Introduction to Systems Analysis and Design
Software Development Process Using UML Recap
Presentation transcript:

CATSY: Catalogue of System and Software Properties Harold Bruintjes (RWTH) Fondazione Bruno Kesseler (FBK) Space Systems Finland (SSF)

Introduction CSSP Catalogue of System and Software Properties Objective: Define a catalogue of the properties used for early Verification and Validation activities; Provide a systematic way for derivation, specification and flow-down through different architectural levels and across different design phases, and provide technologies for a cohesive environment for the specification and validation activities CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Methodology Three phases: Informal Analysis: Classification of requirements. Given a requirement taxonomy (in CATSY based on ECSS standards), determine class of individual requirements (not necessarily 1:1 mapping). Formalization: Based on properties (design attributes) associated with taxonomy classes, determine formalization. Formal Validation: Use formal techniques to validate the formalized requirements using formal verification engines. This may find errors in requirements specification or formalization. CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Informal Analysis: Requirement Taxonomy Derived from ECSS standards For each class, design attributes (properties) are defined Focus is on Technical requirements CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Informal Analysis: Requirement Taxonomy Derived from ECSS standards For each class, design attributes (properties) are defined Focus is on Technical requirements CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Informal Analysis: Requirement Taxonomy Three types of attributes Non-formalized Formalized in design model (modes/configuration, subcomponents) SLIM Formalized by property (behavior)  CSSP AADL properties CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Formalization Design attributes are encoded as property values from the CSSP property set One or more property values make up a formal property Formal property can be validated directly, or embedded into a contract CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Formalization: CSSP Property set example -- Monitoring properties. -- for every input event data port p of numeric type -- if MonitorRange(p) and MonitorResponse(p) are defined, -- the following formal property is defined -- MonitorProperty(p) := "G ((p & mode in MonitorEnabled(p) & -- !(data(p) in MonitorRange(p))) -> F_I MonitorResponse(p))" -- if MonitorEnabled(p) is defined -- where I=[0,MonitorDelay(p)] if MonitorDelay(p) is defined -- else I=[0,+infinity) MonitorRange: range of aadlinteger applies to (event data port); MonitorResponse: reference(event port, event data port) MonitorDelay: Time MonitorEnabled: list of reference(mode) CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Formalization: Contract Based Refinement Formal properties are specified at component interface level (event and data ports). This allows for a neat definition of refinement, which can be specified at the implementation in terms of subcomponent contracts Contracts: Pair of assumption and guarantee Contract refinements: List of subcomponent contracts CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Formalization: Pattern Based & Generic Properties Pattern based properties: Formulate property based on patterns using 5 scopes and 8 classes Scopes: Global, Existence, Before, After, Between, After-Until Classes: Universality, Absence, Existence, Recurrence, Precedence, Response, Response Invariance, Until Optionally timed Optionally probabilistic Generic properties: Enter properties directly CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

CSSP Formalization: Summary of Possible Properties CSSP property set Generic and pattern properties Contracts and Contract Refinements CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example EagleEye: System structure CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example CSSP Properties CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example CSSP Properties CSSP::PeriodInterval => 10 Sec applies to send_picture_to_ground; CSSP::Function => "compress(picture(EarthImage(AboveEspoo)))" applies to send_picture_to_ground; Trigger send_picture_to_ground every 10 seconds. The value of send_picture_to_ground matches a compressed picture CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Generic Properties CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Generic Properties SLIMpropset::GenericProperties => ([Name => "system_assumption"; Formula => "always (attitude=EarthAttitude(position) implies image=EarthImage(position))"; ]); CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Contracts CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Contracts SLIMpropset::Contracts => ([Name => "system_contract"; Assumption => " system_assumption"; Guarantee => "FunctionProperty(send_picture_to_ground)"; ]); Reuse of both the generic property and CSSP property CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Contract Refinements SLIMpropset::ContractRefinements => ([Contract => "system_contract"; SubContracts => ("aocs.control_attitude", "obc.send_picture", "payload.take_picture"); ]); CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Pattern Properties CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Example Pattern Properties Patterns => ( [ Name => "Property 2"; Pattern => "Globally, {sensors.sensor1.error = error:Dead} holds eventually between 1 and 50 with probability > 0"; ], [ Name => "Property 3"; Pattern => "Globally, {sensors.sensor2.error = error:Dead} holds eventually between 1 and 5 with probability > 0"; ], [ Name => "Property 4"; Pattern => "Globally, {sensors.sensor2.error = error:OK} holds without interruption until {sensors.sensor2.error = error:Glitched} holds between 0 and 10 with probability > 0"; ], [ Name => "Property 5"; Pattern => "Globally, it is always the case that {sensors.sensor2.error = error:OK} holds between 0 and 1 with probability > 0"; ], [ Name => "Property 6"; Pattern => "Globally, if {sensors.sensor2.error = error:OK} holds then it must be the case that {sensors.sensor2.error = error:Glitched} has occurred before between 0 and 10 with probability > 0"; ], [ Name => "Property 7"; Pattern => "Globally, if {sensors.sensor1.error = error:Dead} has occurred then in response {sensors.sensor2.error = error:OK} eventually holds between 0 and 10 with probability > 0"; ] ); CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Changes in SLIM Modes and States system Car end Car;   system implementation Car.Impl subcomponents -- subcomponent configuration determined by modes battery : device Battery.Impl in modes (nominal); battery2 : device Battery.Impl in modes (backup); modes -- mode transitions describe configuration changes nominal : initial mode; backup : mode; nominal –[ battery.discharged ]-> backup; end Car.Impl; device Battery features discharged : event port; end Battery; device implementation Battery.Impl charge : data continuous default 100.0; states -- states describe behaviour discharge : initial state while charge’ := -1 and charge >= 0; empty : state; transitions discharge –[ discharged when charge == 0 ]-> empty; end Battery.Impl; Modes and States Separation of configuration and behavior Modes closer to AADL (no invariants, No guards on transitions) States closer to BA CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

Changes in SLIM Abstract components Input enabled Provide any possible output (Can also be selected as root) system Car features battery_status : out data port enum(OK, DEAD); end Car;   system implementation Car.Impl subcomponents battery : device Battery; flows battery_status := case battery.output > 0 : OK otherwise DEAD end; end Car.Impl; device Battery output : data port real {Default => “12.8”;}; end Battery; CATSY: Catalogue of System and Software Properties | Harold Bruintjes | RWTH Aachen, FBK, SSF | 26.07.2016

End of Presentation See also http://compass.informatik.rwth-aachen.de

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.