采用形式化技术的软件再工程

形式化技术为软件再工程提供了完备的理论基础,该文对基于软件再工程的形式化方法进行了探讨,提出了一个统一的面向软件再工程的形式化方法。     

需求工程的形式化途径

1.引言需求工程是软件工程的初始阶段,其总的目标是从用户的模糊而又不完整的要求生成准确的、完整的规格说明。需求工程的研究主要有形式化途径和非形式化途径,后者的出发点是认为需求主要是用作系统开     

MPLS流量工程及其形式化研究

MPLS被认为是下一代IP骨干网络技术，而流量工程是合理使用网络资源保障QoS的关键．支持MPLS的路由器可以使用新的机制实现流量工程，通过在线或离线的算法计算LSP确保QoS．在综述了MPLS应用于流量工程的优势、QoS路由、接纳控制、重新路由、容量设计和部署等问题及其形式化研究等方面的最新工作的基础上，对几种MPLS QoS路由的算法进行了对比和总结，并分析了进一步的研究方向和问题．     

基于CFSM的协议形式化技术研究

本文主要了基于通信有限状态机的协议形式化技术。     

协作机器人逆运动学形式化建模与验证

在机器人迅速发展的时代,人机协作型机器人安全性问题是人们关注的焦点.机器人逆运动学的建模与求解是决定其安全性的必要因素之一.旋量法是一种机器人逆运动学建模的常用方法,它可以解决传统D-H参数法的奇异性问题.然而,在建模过程中,旋量法会因人为因素或软件系统缺陷导致模型出现漏洞,从而威胁操作人员安全.因此,本文在旋量高阶逻...     

基于语义层软件理解的形式化格局识别技术

目前国内外学者在软件理解的研究上多注重于程序的词法层和语法层技术的探索,相应的有程序切片、程序类跟随踪、程序依赖性分析、反汇编与反编译等。但对程序的语义层理解方法进行研究的甚少。该文正是基于上述分析研究了一种软件理解新认识水平——形式化格局识别技术,以行为层状结构的变换来表述程序的语义,进而采用近人类的思维方式来理解并抽取软件的设计决策与体系结构。     

航空机载嵌入式控制软件需求建模的形式化工程方法

嵌入式控制软件是现代航空飞行器的核心部件之一。构建软件需求的形式化规约精确地刻画人们对软件期望的功能和运行场景,是确保此类安全攸关软件质量的根本途径。在工业界,形式化需求建模的大规模应用尽管有成功的案例,但仍面临众多的困难。其根本性难点在于缺少一种系统化的工程方法来引导工业界软件实践者,从原始需求开始最终完成形式化需求规约,并能确认该规约真实、充分地反映了人们对软件期望的功能。针对上述挑战,提出了一种面向机载控制软件需求建模的形式化工程方法ACSDL-MV,以形式化方法为理论基础,结合软件需求工程的基本原理,引导工程人员从原始需求出发以演化式的过程逐步完成需求规约的构建;定制了航空控制软件的形式化描述语言ACSDL,用以构建形式化规约;为了确认软件需求规约准确、充分地描述了人们对软件期望的功能,该方法给出了基于图形的静态审查和基于模型的动态模拟技术。在航空发动机公司中的实验结果表明,该方法相比传统方法探测到了更多的潜在错误。     

软件需求的形式化转换模型

需求规范错误是软件设计错误的一大类。该文提出了一个软件需求的形式化转换模型,用来将软件需求分析直接、自动地转换为形式化描述,为需求验证提供帮助,避免软件在需求规范上可能产生的错误。     

基于程序运行形式化分析的软件故障监控技术

关键软件要求极高的可靠性和安全性,然而当前的技术途径尚不能完全消除软件故障——软件测试不能保证软件正确性,模型检查等形式化验证技术也存在着诸多局限。文章提出了基于监控程序运行途径来捕获软件故障和验证程序性质正确性,构建了基于程序运行形式化分析的软件故障监控（SFMRFA）模型,在监控逻辑表达、程序插桩、multi-agent设计等关键技术的基础上开发计算机辅助工具来监控、分析和引导程序执行,使软件运行当中可测、可控,避免软件失效。     

Introduction to formal methods of software design

The potential benefits of using formal methods in the design of software are discussed. Concepts are illustrated by several small examples, with the objective of helping to bridge the gap between theory and practice. The paper introduces and explains some of the terminology, symbols and notation for the discrete mathematics used in the formal methods literature, intended to assist the reader in further study.     

逆向工程发展现状研究

随着软件产业的发展,越来越多的遗产系统需要维护和改善,逆向工程已经成为遗产系统维护与演化的关键技术之一。介绍了逆向工程的定义,综述了逆向工程的研究进展。通过对现有工具的分析探讨了逆向工程研究中的不足之处,给出了未来的发展趋势。     

Integrated reverse engineering and rapid prototyping

Reverse engineering is a methodology for constructing CAD models of physical parts by digitizing an existing part, creating a computer model and then using it to manufacture the component. When a digitized part is to be manufactured by means of rapid prototyping machines such as stereolithography apparatus (SLA) and selective laser sintering equipments (SLS), etc., it is not necessary to construct the CAD model of a digitized part. This will be described by the proposed novel method which can construct STL file (the de facto file format for rapid prototyping machines) directly from digitized part data. Further more, the STL file can even be constructed in a way that significant data reduction can be achieved at the users' discretion.     

加密通信协议的一种逆向分析方法

研究未知通信协议逆向解析技术在网络安全中具有重要意义,现有方法局限于分析明文的通信协议。基于此,提出一种基于动态污点分析的加密通信协议逆向分析方法,以动态二进制插桩平台Pin为支撑,跟踪记录程序的指令轨迹,采用数据流分析构建指令级和函数级的污点传播流图,再根据解密过程的特征定位数据包解密后的明文,最后解析协议明文的格式。实验表明,该方法能够准确定位加密协议数据解密后的明文,还原加密协议原有的格式。     

rCOS: a formal model-driven engineering method for component-based software

Model-driven architecture (MDA) has become a main stream technology for software-intensive system design. The main engineering principle behind it is that the inherent complexity of software development can only be mastered by building, analyzing and manipulating system models. MDA also deals with system complexity by providing component-based design techniques, allowing independent component design, implementation and deployment, and then system integration and reconfiguration based on component interfaces. The model of a system in any stage is an integration of models of different viewpoints. Therefore, for a model-driven method to be applied effectively, it must provide a body of techniques and an integrated suite of tools for model construction, validation, and transformation. This requires a number of modeling notations for the specification of different concerns and viewpoints of the system. These notations should have formally defined syntaxes and a unified theory of semantics. The underlying theory of the method is needed to underpin the development of tools and correct use of tools in software development, as well as to formally verify and reason about properties of systems in mission-critical applications. The modeling notations, techniques, and tools must be designed so that they can be used seamlessly in supporting development activities and documentation of artifacts in software design processes. This article presents such a method, called the rCOS, focusing on the models of a system at different stages in a software development process, their semantic integration, and how they are constructed, analyzed, transformed, validated, and verified.     

Web逆向工程中交互设计模式的抽取方法改进

为了提高Web交互设计模式抽取的准确性,增加现有方法对中文站点的分析能力,提出了一种基于HTML词法分析的改进方法.利用设计的HTML词法分析器将Web页面表示成语法树,抽取Web交互设计模式的特征,并对特征的词条内容进行语义扩展,细化了特征抽取的粒度.实验结果表明,改进的方法在召回率和准确率等方面明显优于现有的方法,并在中文站点交互模式抽取方面取得了很好的效果.     

An empirical study of a reverse engineering method for the aggregation relationship based on operation propagation

One of the major obstacles in reverse engineering legacy object-oriented systems is the identification of aggregation relationships. An aggregation relationship, also called whole–part relationship, is a form of association relationship where an object is considered as a part of another object. This characteristic is mostly of semantic nature; therefore, it is difficult to distinguish aggregation from association relationships by implementation mechanism. Most reverse engineering methods for aggregation relationships are based on the lifetime dependence of an object on another object since many implementations of aggregation relationships result in such dependence. However, research literature shows that lifetime dependence is not really a primary property of the aggregation relationships. A reverse engineering approach is proposed on the basis of a primary characteristic for aggregation relationship—propagation of operations. To compare the propagation-based method with the lifetime-based method, we apply both methods to ten class libraries, collect their output, and perform statistical analysis to determine the effectiveness of the two methods. The analysis results show that the propagation-based method performs significantly better than the lifetime-based method and by combining both methods simultaneously the complete aggregation relationships can be uncovered for the class libraries in our experiment.

Integrating a formal method into a software engineering process with UML and Java

We describe how CSP-OZ, a formal method combining the process algebra CSP with the specification language Object-Z, can be integrated into an object-oriented software engineering process employing the UML as a modelling and Java as an implementation language. The benefit of this integration lies in the rigour of the formal method, which improves the precision of the constructed models and opens up the possibility of (1) verifying properties of models in the early design phases, and (2) checking adherence of implementations to models. The envisaged application area of our approach is the design of distributed reactive systems. To this end, we propose a specific UML profile for reactive systems. The profile contains facilities for modelling components, their interfaces and interconnections via synchronous/broadcast communication, and the overall architecture of a system. The integration with the formal method proceeds by generating a significant part of the CSP-OZ specification from the initially developed UML model. The formal specification is on the one hand the starting point for verifying properties of the model, for instance by using the FDR model checker. On the other hand, it is the basis for generating contracts for the final implementation. Contracts are written in the Java Modeling Language (JML) complemented by CSP_jassda, an assertion language for specifying orderings between method invocations. A set of tools for runtime checking can be used to supervise the adherence of the final Java implementation to the generated contracts. This research was partially supported by the DFG project ForMooS (grants OL 98/3-2 and WE 2290/5-1). C. B. Jones     

基于软件工程技术的网络安全方法研究

近几年来,网络在人们日常生活中扮演的角色越来越重要,人们的生活逐渐离不开网络。与他人的联系、资料的查询、新闻的获取等等,都是通过网络进行的。想要使网络向健康的方向不断发展,就要保证计算机网络安全。首先,要对网络安全的常见问题、特性以及危害进行分析,将安全防御作为基本目标,综合考虑技术以及管理的各个方面,基于软件工程技术,提出了保护计算机安全的合理方案。     

Using formal specifications to support software testing

Formal specifications become more and more important in the development of software, especially but not only in the area of high integrity system design. In this paper it is demonstrated, how, apart from the specification phase, further benefits may be drawn from formal specifications for checking the implementation against the specification. It is shown how the specification can be used for systematically deriving test input data and for automatically evaluating test results. The approach is illustrated using the specification language Z. The same principles may be applied to other specification languages. The approach allows a high degree of automation, drastically improving productivity and quality of the testing process.