一种面向嵌入式实时软件的需求建模语言

针对嵌入式实时系统复杂动态交互行为和严格实时的领域特征,提出了一种软件需求规约语言RTRSM。该语言以扩充的层次并发有穷状态机HCA为核心,以支持合成的模板为基本组成单元．利用转换有效期和事件预定机制来描述时间限制,既具有较强的时间限制描述能力,又能自然而直接地支持交互行为的建模,可执行且具有良好的形式语义。给出了该语言的形式化语法,举例说明了其时间描述机制,并通过执行步算法和基于HCA项的结构化操作规则定义了该语言的形式化操作语义。     

DFA模型及其语言的结构化代数规约

本文首先阐述了利用ＤＦＡ模型技术进行状态转换系统描述存在的主要问题,提出了利用代数规约技术解决这些问题的可行性,然后介绍了新一代具有松散语义的代数规约语言ＳＰＥＣＴＲＵＭ及其主要规约操作符的语法和语义,并根据ＤＦＡ模型及其语言的数学定义,给出了它们的结构化代数规约,为基于ＤＦＡ模型的状态转换系统的形式化设计和开发奠定了基础。     

基于回答集语义复杂信息系统表单驱动需求规约的描述与验证

高品质的复杂信息系统软件设计与开发源自合理的、完整的和准确的软件需求.为了描述需求领域的非确定问题,并在需求获取不完全的情况下对需求规约进行非单调推理,本文将回答集逻辑程序和基于因果关系的动作理论应用于需求描述与验证.针对复杂信息系统需求问题空间规模较大的特点,将动作描述语言C与动作查询语言Q结合形成动作语言Lo,作为需求描述的基础;通过分析需求领域各个元素及其相互关系,以表单驱动引导需求,并作为需求描述依据与核心,提出了描述需求问题空间静态关系和动态行为关系的“主谓宾状”需求模型MRspoa.利用回答集逻辑程序求解器SMODELS,可以对需求规约进行多层次规划与检测.本文的研究来自工程项目实践的总结与提高,研究成果得到具体应用.     

基于模拟关系的精化检测方法

精化检测是一种重要的形式化验证方法,将系统实现和性质规约用相同形式化语言进行建模,如能证明两者间存在某种精化关系且该关系能够维持性质,可得出系统实现满足性质规约.为验证不同类型的系统性质, traces、stable failures和failures-divergence精化检测方法已被提出.精化检测算法依赖于子集构造,因而其面临状态空间爆炸问题.近年来,已有学者针对NFA语言包含问题提出了基于模拟关系的状态空间消减方法,大大提高了算法性能,且该方法能直接用于traces精化检测.在此基础上,本文提出了基于模拟关系的stable failures和failures-divergence精化检测方法.此外,本文还将精化检测扩展到了时间系统的验证中,提出了基于模拟关系的时间自动机traces精化检测方法.实验结果表明,基于模拟关系的算法效率有很大提高.     

软件库调用规约挖掘

软件库调用规约是一种描述软件库提供函数正确调用顺序的规约.客户代码应按此规约描述的内容调用函数,否则可能引入缺陷,从而降低软件的可信性.由于能够描述可信软件应该满足的性质,软件库调用规约在可信软件、模型检测等研究中扮演特殊的角色.但是,受制于编写规约的巨大代价,软件库通常并不提供已编写好的调用规约.为此,研究者提出了各种自动挖掘此种规约的方法.阐述了其中代表性的方法及其最新的研究进展,并在此基础上探讨了将来的研究方向.     

UML状态机模型元素的RSL形式化定义

UML状态机作为UML动态描述机制的重要组成部分,在描述系统及模型的动态行为时扮演着重要的角色,但已有的UML动态语义缺乏准确的形式化描述。首先将UML状态机抽象成图;再将图通过传统的有穷自动机进行语义扩展,同时增加状态分层,形成一个基于UML状态机的有穷自动机;然后用RAISE规约语言RSL对扩展后的自动机进行形式化定义,使UML状态机中的模型元素的语义更加清晰、精确,为后期的UML状态机的操作语义形式化研究打下基础。     

模拟执行操作目标的方法研究

模拟执行的检测方法是检测需求规格说明书的一种重要手段。在目标和场景相结合的需求建模方法的基础上,提出了对操作目标集合的模拟执行方法。该方法为代理的层次划分提供了理论支持,并将操作目标集合转换成了基于规则的层次式有穷状态自动机,通过对基于规则的层次式有穷状态自动机的模拟执行,达到了对操作目标集合的模拟执行。     

基于π演算的反射式需求规约描述方法

目前,大多数学者都意识到需求演化的重要性,然而依然缺乏有效的方法指导需求演化。反射式需求规约通过描述支持OWL-S需求规约演化的元信息,并支持以合理的方式使用这些元信息,实现OWL-S需求规约的演化。本文提出了一种基于π演算的反射式需求规约演化模型,使得反射式需求规约的演化能够以一种正确的方式实现。针对OWL-S需求规约的特点,给出了OWL-S需求规约的π演算描述方法;使用高阶π演算的进程传递机制,描述了支持演化的反射式需求规约;给出了反射式需求规约演化正确性的推理与验证方法。同时,我们采用交通出行的例子论证了本文的观点。     

基于进程代数规约生成软件体系结构模型的方法

需求规约到软件体系结构(SA)模型的转换是软件工程领域的一个研究热点,UML-RT广泛用于实时系统软件体系结构建模,然而基于自然语言规约建立的UML-RT模型往往是不精确的,存在二义性,为了解决这一问题,需要赋予UML-RT模型形式化语义.进程代数是一种用来解决并发系统通信问题的形式化方法,具有精确的语法和语义,并且便于机器自动检验与验证.TCSP是进程代数CSP的实时扩展,适合于规约实时系统带有时间约束的行为.提出一种基于进程代数规约生成SA模型的方法.首先建立了自然语言规约到SA模型的转换框架;然后使用时间通信顺序进程(TCSP)描述实时系统需求规约,通过建立TCSP到UML-RT的转换机制,从而实现进程代数规约到SA模型的转换;最后通过一个实例来验证该方法在实时软件建模过程中的有效性.实验分析表明通过该方法建立的UML-RT模型能够从整体上提高实时系统SA设计的可信性.     

基于软件工程的规约方法分类

本文从软件工程角度,对软件的规约方法进行了分类,得到两类规约方法:一类是基于逻辑规约方法,此方法一般是给出系统应该满足的性质集合,其代表是时序逻辑方法;另一类方法是基于模型规约方法,此方法一般是给出一个抽象模型,这个抽象模型指出程序应该如何活动,其代表是通信系统演算(CCS)。本文进一步从软件工程原理,对这两类规约方法进行了比较和讨论,得到的结论是:两种类型的规约方法在系统开发的整个过程中都起着不同而重要的作用,它们相辅相成,缺一不可.最后,我们指出了今后的研究工作.在软件开发中,应该考虑多种规约方法和多种语义相结合的开发过程.     

关于软件需求中的不一致性管理

复杂软件系统开发的一个关键问题是分析和处理可能存在的不一致的需求描述.这个问题解决得好坏直接影响到需求规格说明的质量,进而影响到最终软件产品的质量.在目前公认的一个不一致需求管理框架的基础上,就需求不一致性管理方面的有代表性的工作,进行了较为系统的分析,以期建立对当前需求工程中,关于不一致的需求管理方法和技术的全面认识.最后,对需求不一致性管理方面的研究进行了展望.     

Overlaps in Requirements Engineering

Although overlap between specifications—that is the incorporation of elements which designate common aspects of the system of concern—is a precondition for specification inconsistency, it has only been a side concern in requirements engineering research. This paper is concerned with overlaps. It defines overlap relations in terms of specification interpretations, identifies properties of these relations which are derived from the proposed definition, shows how overlaps may affect the detection of inconsistency; shows how specifications could be rewritten to reflect overlap relations and still be amenable to consistency checking using theorem proving; analyses various methods that have been proposed for identifying overlaps with respect to the proposed definition; and outlines directions for future research.     

A method to help end-users validate the functional specification for a computer system

Abstract. Described is a method to help users for a proposed computer system validate the functional specification for that system. Users construct an objectoriented model of the proposed functionality from the specification. The process of building the model improves users' understanding of the system and helps them identify any deficiencies in the specification. The method is applied to a real specification and a number of serious anomalies are found which would probably have been missed by a traditional review or walk-through. It is concluded that the method is probably helpful, robust and reproducible for 'transformational' computer systems of low or moderate complexity.     

Graphical scenarios for specifying temporal properties: an automated approach

Temporal logics are commonly used for reasoning about concurrent systems. Model checkers and other finite-state verification techniques allow for automated checking of system model compliance to given temporal properties. These properties are typically specified as linear-time formulae in temporal logics. Unfortunately, the level of inherent sophistication required by these formalisms too often represents an impediment to move these techniques from “research theory” to “industry practice”. The objective of this work is to facilitate the nontrivial and error prone task of specifying, correctly and without expertise in temporal logic, temporal properties. In order to understand the basis of a simple but expressive formalism for specifying temporal properties we critically analyze commonly used in practice visual notations. Then we present a scenario-based visual language called Property Sequence Chart (PSC) that, in our opinion, fixes the highlighted lacks of these notations by extending a subset of UML 2.0 Interaction Sequence Diagrams. We also provide PSC with both denotational and operational semantics. The operational semantics is obtained via translation into Büchi automata and the translation algorithm is implemented as a plugin of our Charmy tool. Expressiveness of PSC has been validated with respect to well known property specification patterns. Preliminary results appeared in (Autili et al. 2006a).     

基于领域的需求规格生成工具的设计与实现

需求分析是软件开发过程中的重要环节。该文探讨需求分析过程中存在的问题,提出一个需求规格元模型,对用户功能性需求的获取、分析方法的规范和改进具有指导作用。基于该元模型实现了一个面向领域的需求规格生成工具,给出一个基于物流领域的定单管理系统的应用实例。     

MOQARE: misuse-oriented quality requirements engineering

This work presents MOQARE (misuse-oriented quality requirements engineering), a method to explore quality requirements. The aim of MOQARE is to support intuitive and systematic identification of quality requirements. It was developed by integrating and adapting concepts from other methods (like Misuse Cases). It provides a general conceptual model of quality requirements, and a checklist-based process for deriving them in a top-down fashion. This derivation starts from business goals and vague quality requirements and delivers detailed requirements. MOQARE applies to requirements on the system to be developed requirements, but also derives requirements on the development process, including administration and maintenance. It considers normal and extreme use. The relationships among these requirements are modeled in a Misuse Tree. MOQARE has shown its merits in several case studies, one of which is presented here.     

需求分析与获取的方法学与技术

本文给出需求工程的一般框架，在对需求分类的基础上主要讨论非功能性（即非行为性）需求，提出对软件需求规范和分析技术的要求，并强调对现有相关工作评价的其中两个方面。     

Integrated safety analysis of requirements specifications

This paper describes an integrated approach to safety analysis of software requirements and demonstrates the feasibility and utility of applying the individual techniques and the integrated approach on the requirements specification of a guidance system for a high-speed civil transport being developed at NASA Ames. Each analysis found different types of errors in the specification; thus together the techniques provided a more comprehensive safety analysis than any individual technique. We also discovered that the more the analyst knew about the application and the model, the more successful they were in finding errors. Our findings imply that the most effective safety-analysis tools will assist rather than replace the analyst. A shorter version of this paper appeared in the Proceedings of the 3rd International Symposium on Requirements Engineering, Annapolis, Maryland, January 1997. The research described has been partly funded by NASA/Langley Grant NAG-1-1495, NSF Grant CCR-9396181, and the California PATH Program of the University of California     

Automatic layout of statecharts

Graphical notations are widely used for system specification. The usefulness of these notations depends primarily on their readability. Hence, automatic methods are needed to obtain efficient and understandable graphical representations of requirements. In this paper, we present an algorithm that automatically generates layouts of statecharts. We assume that relevant information is stored in a structure that we call a decomposition tree, and we draw the graph that models a statechart in a hierarchical fashion. Our approach excludes diagrams with inter‐level transitions. Copyright © 2001 John Wiley & Sons, Ltd.     

基于虚拟组织的网格安全需求分析模型

网格环境下多用户参与的协同计算是网格计算的重要应用方向。网格计算的复杂性导致网格安全需求复杂。该文提出一种基于虚拟组织的网格计算多用户协同关系描述模型,在其基础上构建网格安全需求分析模型,实现了网格环境下多用户协同计算的安全需求形式化描述,把网格协同计算环境下的不同安全需求统一在同一种理论体系中。