SDRL & RTG University of Pennsylvania 8/3/2001 Formalization of CARA system requirements Oleg Sokolsky Department of Computer and Information Science University.

Slides:



Advertisements
Similar presentations
Making the System Operational
Advertisements

WS-JDML: A Web Service Interface for Job Submission and Monitoring Stephen M C Gough William Lee London e-Science Centre Department of Computing, Imperial.
André Augustinus 15 March 2003 DCS Workshop Safety Interlocks.
Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 5: Process Synchronization.
Grey Box testing Tor Stålhane. What is Grey Box testing Grey Box testing is testing done with limited knowledge of the internal of the system. Grey Box.
Analysis Concepts, Principles, and Modeling
Nir Piterman Department of Computer Science TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: AAAAA Bypassing Complexity.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Requirements Engineering n Elicit requirements from customer  Information and control needs, product function and behavior, overall product performance,
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Pair of Wires Box 1Box 2 A Communication Example "Two missile electrical boxes manufactured by different contractors were joined together by a pair of.
6/22/011 Case Study: Computer Assisted Resuscitation Algorithm (CARA) System Insup Lee Department of Computer and Information Science University of Pennsylvania.
Infusion Pump Controller Requirements Definition A Decision-Table Approach by Richard Riehle.
Component-Level Design
Computer Science Lecture 12, page 1 CS677: Distributed OS Last Class Distributed Snapshots –Termination detection Election algorithms –Bully –Ring.
Chapter 14: Object-Oriented Design
Chapter 14 Chapter 14: Server Monitoring and Optimization.
Requirements Analysis Concepts & Principles
Reliability on Web Services Pat Chan 31 Oct 2006.
CIS 700-3: Selected Topics in Embedded Systems Insup Lee University of Pennsylvania June 24, 2015 Introduction.
Department of CIS University of Pennsylvania 1/31/2001 Specification-based Protocol Testing Hyoung Seok Hong Oleg Sokolsky CSE 642.
8/3/011 Formal methods for CARA development Insup Lee (Univ. of Pennsylvania) Rance Cleaveland (SUNY at Stony Brook) Elsa Gunter (NJIT)
How do we make sense of modeling and model analysis? Oleg Sokolsky Department of Computer and Information Science University of Pennsylvania Workshop on.
Electric Liquid Level Sensing System Abstract: The Wayside Top of Rail system disburses a lubricant, which reduces the curving forces, rail wear, and energy.
Computer Science Lecture 12, page 1 CS677: Distributed OS Last Class Vector timestamps Global state –Distributed Snapshot Election algorithms.
5/24/011 Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania.
 Wireless, Web-Based Monitoring System  Alarm/Event Notifications by Text Message and or  VPN Connection for Fast Response to Alarms and Events.
1 CSc Senior Project Software Testing. 2 Preface “The amount of required study of testing techniques is trivial – a few hours over the course of.
LSU 10/09/2007System Design1 Project Management Unit #2.
CEN Fourth Lecture Introduction to Software Engineering (CEN-4010) Instructor: Masoud Sadjadi Project Organization.
FDR Presentation Personal Health Monitoring Device Bassam Noaman Dina El-Eissa Mentor: Prof Zhenyu Guo Instructor: Prof J Silverman 4/12/00.
What is the It is the Next Generation, Calibration Station for the GasBadge ® Plus Personal Monitor
Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.
Viking Pump Flow Manager - Phase 2 Senior Design May
S/W Project Management
Timed UML State Machines Ognyana Hristova Tutor: Priv.-Doz. Dr. Thomas Noll June, 2007.
Managing Software Quality
AMOST Experimental Comparison of Code-Based and Model-Based Test Prioritization Bogdan Korel Computer Science Department Illinois Institute of Technology.
Chapter 4 – Requirements Engineering
Topics Covered: Software requirement specification(SRS) Software requirement specification(SRS) Authors of SRS Authors of SRS Need of SRS Need of SRS.
1 Object-Oriented Modeling Using UML (2) CS 3331 Fall 2009.
A Proposal of Application Failure Detection and Recovery in the Grid Marian Bubak 1,2, Tomasz Szepieniec 2, Marcin Radecki 2 1 Institute of Computer Science,
CERN IT Department CH-1211 Genève 23 Switzerland t Internet Services Job Monitoring for the LHC experiments Irina Sidorova (CERN, JINR) on.
Computer Science Lecture 12, page 1 CS677: Distributed OS Last Class Vector timestamps Global state –Distributed Snapshot Election algorithms –Bully algorithm.
SFWR ENG 3KO4 Software Development for Computer/Electrical Engineering Fall 2009 Instructor: Dr. Kamran Sartipi Software Requirement Specification (SRS)
Grey Box testing Tor Stålhane. What is Grey Box testing Grey Box testing is testing done with limited knowledge of the internal of the system. Grey Box.
Interactive CARA Simulation Prof. Insup Lee. Hierarchical EFSM Specification for CARA.
Time Management.  Time management is concerned with OS facilities and services which measure real time, and is essential to the operation of timesharing.
Bernd Bruegge & Allen Dutoit Object-Oriented Software Engineering: Conquering Complex and Changing Systems 1 Software Engineering November 7, 2001 Project.
CS4730 Real-Time Systems and Modeling Fall 2010 José M. Garrido Department of Computer Science & Information Systems Kennesaw State University.
Configuration Mapper Sonja Vrcic Socorro,
Capturing Requirements. Questions to Ask about Requirements 1)Are the requirements correct? 2)Consistent? 3)Unambiguous? 4)Complete? 5)Feasible? 6)Relevant?
1 Specification A broad term that means definition Used at different stages of software development for different purposes Generally, a statement of agreement.
CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur
Application architectures Advisor : Dr. Moneer Al_Mekhlafi By : Ahmed AbdAllah Al_Homaidi.
Dillon: CSE470: ANALYSIS1 Requirements l Specify functionality »model objects and resources »model behavior l Specify data interfaces »type, quantity,
IPEmotion License Management PM (V1.2).
Fundamentals of Fault-Tolerant Distributed Computing In Asynchronous Environments Paper by Felix C. Gartner Graeme Coakley COEN 317 November 23, 2003.
I&C Lab Seminar Procedure for the Software Requirements Specification for Safety Critical Systems Seo Ryong Koo Korea Advanced Institute Science.
Defects of UML Yang Yichuan. For the Presentation Something you know Instead of lots of new stuff. Cases Instead of Concepts. Methodology instead of the.
Luca Pazzi, Marco Pradelli University of Modena and Reggio Emilia
An Overview of Requirements Engineering Tools and Methodologies*
The 8085 Microprocessor Architecture
Structured Analysis and Dataflow Diagrams
BPMN - Business Process Modeling Notations
Department of Computer Science Abdul Wali Khan University Mardan
Sylnovie Merchant, Ph.D. MIS 161 Spring 2005
Project Management Unit #2
Portable Digital Blood Pressure Monitor
Presentation transcript:

SDRL & RTG University of Pennsylvania 8/3/2001 Formalization of CARA system requirements Oleg Sokolsky Department of Computer and Information Science University of Pennsylvania

SDRL & RTG University of Pennsylvania 8/3/ People Dave Arney (Penn) Alwyn Goodloe (Penn) Prof. Elsa Gunter (NJIT) Prof. Insup Lee (Penn) Dr. Oleg Sokolsky (Penn) Dr. Jitka Stribrna (Penn) Jiaxiang Zhou (Penn)

SDRL & RTG University of Pennsylvania 8/3/ Roadmap Pass 1: –Understanding of requirements, clarifications –Informal requirements  extended finite state machines (EFSM) Pass 2: –EFSM  SCR* SCR* analysis of consistency and completeness –Identification of assumptions and interfaces between components Pass 3: –Use design specification Use PARAGON and Hermes for behavioral analysis Test generation Pass 4: …

SDRL & RTG University of Pennsylvania 8/3/ Progress to date Pass 1 is completed –Obtained a better understanding of the system –Asked a lot of questions –Formed a basis for a more precise specification Pass 2 is under way –Most EFSMs are translated

SDRL & RTG University of Pennsylvania 8/3/ Pass 1: Getting organized Translated parts of informal requirements to EFSMs –Obtain an unbiased generic description that can serve as a reference model Our analysis of the requirements and the Questions/Answers document generated 30 questions of the following types: –Identifying Inconsistencies (5) –Identifying Incompleteness (10) –Clarification of specific terms (15)

SDRL & RTG University of Pennsylvania 8/3/ Sample Questions Clarifications of specific terms –What is an infusate ( Req16 ) Infusate is the ‘stuff’ usually a saline solution that is being pumped into the person Identifying Incompleteness –Is hardware setting on pump active in Auto-Control mode? What happens if the user meddles with the hardware flow knob in Auto-Control mode? The computer can take control of the pumping rate and thus lock out the hardware flow knob. The pump can still be shut off though.

SDRL & RTG University of Pennsylvania 8/3/ More Sample Questions Identifying Inconsistencies –There were several exchanges requesting clarification on the fact that the requirements indicate that a beat-to-beat source is lost after 3 minutes (Req42 and 43), but the Q/A document says it should be 2 minutes (Q120).

SDRL & RTG University of Pennsylvania 8/3/ Overall System Pump –The hardware Cara system –The software Environment –The user Patient –The object

SDRL & RTG University of Pennsylvania 8/3/ Overall System Structure Environment Pump Hardware CARA System h/w flow setting Air alarm Occ alarm dialog box buttons control voltage #2 (SysGRD) #6 (Ext_Speed_control) AirOK OccOK Back EMF Pump Wires infused fluidBP signals Pump status Current mode BP value BP source Flow rate Infused volume Messages Dialog boxes

SDRL & RTG University of Pennsylvania 8/3/ The Cara System Components: –Pump Monitor –Blood Pressure Detector –Control Algorithm –Display/Alarm

SDRL & RTG University of Pennsylvania 8/3/ The CARA System Display/Alarm Algorithm Pump Monitor Blood Pressure Monitor Manual BPSource BPValue Start A/C Terminate A/C Set BP Reset alarms Mode Infused Volume Flow rate Pumping Polling Failure Exit A/C BPSource BPValue BPAlarms* PluggedIn Air OK Occ OK Impedance Continuity Back EMF

SDRL & RTG University of Pennsylvania 8/3/ Blood Pressure Monitor Read BP –Read & Check Cuff Pressure –Read & Check Beat-to-Beat BP Select BP Source –Several sources: cuff pressure, arterial line, pulse wave transmission, etc) –Select control BP Corroborate BP –Corroboration Algorithm –Re-Corroboration Monitor BP Level –Check with BP Set Point –Check BP falls

SDRL & RTG University of Pennsylvania 8/3/ Example: ReadCuffData Wait to do a cuff reading Read cuff data into var. Cuffdat Set frequency Check data End of check First check failed source != cuff source == cuff source != cuff  SampleCuff:=0 CRTimer:=0 InvalidCuffData  CuffNotValid2:=1 CuffLostSource:=1 ValidCuffData SampleCuff==0 && source==cuff && CRTimer!=CuffFreq

SDRL & RTG University of Pennsylvania 8/3/ Pass 2: Detailed formalization Translate EFSMs into tabular notation using SCR* toolset

SDRL & RTG University of Pennsylvania 8/3/ Example: ReadCuffData Translation of EFSMs is mostly mechanical Mode transition graphs correspond to EFSMs Additional details are needed to provide complete specifications

SDRL & RTG University of Pennsylvania 8/3/ SCR* analysis SCR provides a number of consistency and completeness checks In this example, same event is used to trigger two transitions in ReadCuffData

SDRL & RTG University of Pennsylvania 8/3/ SCR* analysis Using SCR* has forced us to disambiguate many details that were not explicitly defined in the EFSMs Several inconsistencies were identified, mostly in EFSMs, but also in the requirements: If corroboration fails, two additional readings should be made. Req specifies what to do if both of these readings are within 10% of the cuff reading, or both are not. –It does not seem to be specified what to do if one is within 10% and the other is not.

SDRL & RTG University of Pennsylvania 8/3/ Conclusions Pass 1: –Obtained a working knowledge of CARA requirements –Constructed a more precise and structured requirements specification Pass 2: –Construct a formal requirements specification –Perform consistency analysis We are preparing a list of additional questions to the CARA team based on the SCR* modeling effort

SDRL & RTG University of Pennsylvania 8/3/ Discussion What we provide: –EFSMs as a reference model to facilitate coordination between groups –SCR* models and analysis results What we need: –Identify the properties –Better understanding of the fault model

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.