6 Feb 08 Deploying Rodin Michael Butler Dependable Systems and Software Engineering University of Southampton

6 Feb 08 Overview RODIN Project (€5M) –Event-B and Rodin philosophy –Tool platform and plug-ins –Rodin case studies and –Methodological results DEPLOY Project (€18M) –Project goals and partners –Deployment strategies and outcomes –Why was it funded?

6 Feb 08 EU Goal: methodology and open tool platform for development of dependable software systems. –Formal methods + fault tolerance Partners rodin.cs.ncl.ac.uk ClearSy Nokia Praxis-CS ATEC Newcastle Åbo Akademi Southampton ETH Zürich

6 Feb 08 Rodin Philosophy System level modelling is essential for understanding and reasoning about complex systems (Event-B) Development requires formal modelling at multiple levels of abstraction forming refinement chains Importance of proof: helps to improve understanding and improve models Construction and proof of refinement chains requires strong incremental tool support

6 Feb 08 Key Tool Decisions (I) Support incremental development –Support strong interplay between modelling and proof – model can be changed during a proof –Reactive: analysis tools are automatically invoked in the background whenever a change is made –Differential: analytical impact of changes is minimised as much as possible

6 Feb 08 Key Tool Decisions (II) The platform provides a repository of structured modelling elements –the only concrete language is set theory and logic Extensibility support: –extend modelling elements –extend functionality through plugins

6 Feb 08 Rodin platform development team –Jean-Raymond Abrial (ETH) –Laurent Voisin (Systerel) –Stefan Hallerstede (Southampton) –Farhad Mehta (ETH) –Thai Son Hoang (ETH) –Francois Terrier (ETH)

6 Feb 08 Rodin Open Tool Platform Extension of Eclipse IDE (Java based) Repository of structured modelling elements (Java objects and XML files) Rodin Eclipse Builder manages: –Well-formedness + type checker –Consistency/refinement PO generator –Proof manager –Propagation of changes Extension points

6 Feb 08 RODIN Plug-ins UML-B: linking UML and Event-B –Colin Snook (Southampton) ProB: consistency and refinement checking –Michael Leuschel + team (Düsseldorf) Brama: graphical model animation –Clearsy B2latex –Kriangsak Damchoom + Pasha Jam (Southampton)

6 Feb 08 Rodin case studies failure management system for an engine controller (ATEC) part of a platform for mobile Internet technology (NOKIA) engineering of communications protocols (NOKIA) air-traffic display system (Praxis) ambient campus application (Newcastle)

6 Feb 08 Methodological Results Methods for formal development of fault tolerance Layering of requirements and specifications Complex data types in layered refinement Mixing UML and formal notation Proof and invariant discovery guidelines

6 Feb 08 RODIN results summary Rodin tool platform Plug-ins Case studies Methodological results

6 Feb 08 Rodin Coordination Committee Ensure the coordinated evolution of the Rodin platform at a strategic level Ensure that the platform releases and platform website are properly managed Support users and plug-in developers –Tutorials –Library of developments –Plug-in developer support Provide stability for industrial users

6 Feb 08 DEPLOY Integrated Project Industrial deployment of advanced system engineering methods for high productivity and dependability Strategic Objective ICT : Service and Software Architectures, Infrastructures and Engineering

6 Feb 08 The industrial deployment will be in five sectors Bosch: automotive Siemens: rail transportation Space Systems Finland: space systems SAP: business information NOKIA: pervasive telecoms Industrial deployment partners

6 Feb 08 Technology providers Newcastle University (Coordinator) Aabo Akademi University ETH Zurich Heinrich-Heine Universität Düsseldorf University of Southampton Systerel (FR) CETIC (BE) ClearSy (FR)

6 Feb 08 Understand and justify the role of formal engineering methods in building dependable software-intensive systems Address the barriers to deploying formal engineering methods in industry Scale and professionalise Rodin technology DEPLOY Challenges

6 Feb 08 Training of the engineers involved in the deployment Identification of the specific projects Close integration of methods into company development processes Devoting significant resources to early development phases Define and collect of the metrics for evaluation of productivity and dependability Ensuring resilience and security by application of the appropriate development patterns Provision of expert support in deployment of advanced engineering technologies and in analysis of results Strategies for deployment

6 Feb 08 Success factors Have provided engineering solutions to specific problems experienced by the industrial deployment partners. Problems include: –Difficulty of requirements validation –The impossibility of comprehensive system testing because of rapidly growing complexity –Difficulty of maintaining quality and safety of systems under evolution –Difficulties caused by trying to reuse and integrate components of diverse origin Demonstrate successful deployment of the methods and tools in developing real industrial systems

6 Feb 08 Success factors Achieve acceptance of the DEPLOY methods and tools by the industrial deployment partners, both research and business units. Acceptance requires convincing evidence that the proposed development approach: –Solves real engineering problems –Is economically viable –Integrates with existing industrial engineering practice (strategies for deployment) Acceptance will mean that the competencies built up during the project by each industrial partner will be maintained and spread beyond DEPLOY

6 Feb 08 WP1Deployment in the automotive sector WP2Deployment in the transportation sector WP3Deployment in the space sector WP4Deployment in the business information sector WP5Deployment in the pervasive telecom sector WP6Requirements validation and evolution WP7Productivity through reuse WP8Achieving and demonstrating dependability WP9Tooling research and development WP10 Technology transfer WP11 Measurements WP12 Consortium management WP13 Assessment and quality control WP14 Dissemination of the results WP15 Exploitation of the results Workpackages

6 Feb 08 DEPLOY outcomes Real deployment of formal engineering methods Each industrial partner will become self sufficient in the use of formal engineering methods Provide scientifically valuable artefacts and a thorough assessment of formal engineering methods research advances in complex systems engineering methods professional open development platform based on Rodin

6 Feb 08 Why was DEPLOY funded? Success of RODIN Industrial partners recognise the need to improve their design processes –Focus on early stage development / system level modelling and analysis Balance of technology transfer and technology development driven by industry Clear, justified collaboration between industry and academia Key sectors and players