航空机载嵌入式控制软件需求建模的形式化工程方法

嵌入式控制软件是现代航空飞行器的核心部件之一。构建软件需求的形式化规约精确地刻画人们对软件期望的功能和运行场景,是确保此类安全攸关软件质量的根本途径。在工业界,形式化需求建模的大规模应用尽管有成功的案例,但仍面临众多的困难。其根本性难点在于缺少一种系统化的工程方法来引导工业界软件实践者,从原始需求开始最终完成形式化需求规约,并能确认该规约真实、充分地反映了人们对软件期望的功能。针对上述挑战,提出了一种面向机载控制软件需求建模的形式化工程方法ACSDL-MV,以形式化方法为理论基础,结合软件需求工程的基本原理,引导工程人员从原始需求出发以演化式的过程逐步完成需求规约的构建;定制了航空控制软件的形式化描述语言ACSDL,用以构建形式化规约;为了确认软件需求规约准确、充分地描述了人们对软件期望的功能,该方法给出了基于图形的静态审查和基于模型的动态模拟技术。在航空发动机公司中的实验结果表明,该方法相比传统方法探测到了更多的潜在错误。     

An architecture-driven software mobility framework

Software architecture has been shown to provide an appropriate level of granularity for assessing a software system’s quality attributes (e.g., performance and dependability). Similarly, previous research has adopted an architecture-centric approach to reasoning about and managing the run-time adaptation of software systems. For mobile and pervasive software systems, which are known to be innately dynamic and unpredictable, the ability to assess a system’s quality attributes and manage its dynamic run-time behavior is especially important. In the past, researchers have argued that a software architecture-based approach can be instrumental in facilitating mobile computing. In this paper, we present an integrated architecture-driven framework for modeling, analysis, implementation, deployment, and run-time migration of software systems executing on distributed, mobile, heterogeneous computing platforms. In particular, we describe the framework’s support for dealing with the challenges posed by both logical and physical mobility. We also provide an overview of our experience with applying the framework to a family of distributed mobile robotics systems. This experience has verified our envisioned benefits of the approach, and has helped us to identify several avenues of future work.     

Modeling and simulating software acquisition process architectures

In this paper, we describe our efforts to support the modeling and simulation of processes associated with software system acquisition activities. Software acquisition is generally a multi-organization endeavor concerned with the funding, management, engineering, system integration, deployment and long-term support of large software systems. We first describe our approach supporting the modeling and simulation of software acquisition processes using a software process architecture (SPA). We then introduce how we support the distribution, concurrent execution and interoperation of multiple software process simulations using the high-level architecture (HLA) and run-time infrastructure (RTI) to address the complexity of software acquisition process architectures. To illustrate this, we provide examples from the design and prototyping of a Web-based environment that supports the modeling and simulation of acquisition process architectures. This environment thus serves as a new kind of software process test-bed that can demonstrate and support experiments incorporating multiple software process simulation systems that interoperate in a distributed and concurrent manner across a network.     

A scalable architecture for concurrent online auctions

Online auction systems are characterised by a number of functional and performance management requirements, caused by the potentially very large numbers of distributed concurrent bidders, as well as by the auction rules. Such systems are typically implemented as three tier, thread‐based architectures, whose performance does not scale up well with an increase in the number of concurrent bidders. Nor such systems can take advantage of new Cloud based environments. In this paper, we propose an architectural framework for online auctions developed on top of a soft real‐time platform (Open Telecom Platform) using a concurrent language (Erlang) and an embedded Web server (Yaws). The proposed framework can scale up to hundreds of thousands of concurrent users while its performance can benefit from multicore and symmetric multiprocessing computer architectures. We demonstrate the capabilities of the framework by developing prototypes for two auction types known as ‘unique bid’ and ‘penny’, analyse their performance characteristics and compare them with that of existing auction systems. Copyright © 2013 John Wiley & Sons, Ltd.     

Integrating behavior analysis into architectural modeling

Architectural modeling and behavior analysis are two important concerns in the software development. They are often implemented separately, and specified by their own supporting notations. Architectural modeling helps to guarantee the system design to satisfy the requirement, and behavior analysis can ensure the interaction correctness. To improve the trustworthiness, methods trying to combine architectural modeling and behavior analysis notations together have been proposed, e.g., establishing a one-way mapping relation. However, the one-way relation cannot ensure updating one notation specifications in accordance with the other one, which results in inconsistency problems. In this paper, we present an approach to integrating behavior analysis into architectural modeling, which establishes the interoperability between architectural modeling notation and behavior analysis notation by a bidirectional mapping. The architecture is specified by the modeling language, architecture analysis and design language (AADL), and then mapped to behavior analysis notation, Darwin/FSP (finite state process) through the bidirectional transformation. The bidirectional transformation provides traceability, which makes behavior analysis result provided by a model checker can be traced and reflected back to the original AADL specifications. In this way, the behavior analysis is integrated into architectural modeling. The feasibility of our approach is shown by a control system example.     

Experience of building an architecture-based generator using GenVoca for distributed systems

Selecting the architecture that meets the requirements, both functional and non-functional, is a challenging task, especially at the early stage when more uncertainties exist. Architectural prototyping is a useful approach in supporting the evaluation of alternative architectures and balancing different architectural qualities. Generative programming has gained increasing attention, but it mostly deals with lower-level artifacts; hence, it usually supports lower degrees of software automation. This paper proposes an architecture-centric generative approach in facilitating architectural prototyping and evaluation. We also present our empirical experience in raising the level of abstraction to the architecture layer for distributed and concurrent systems using GenVoca. GenVoca is a generative programming approach that is used here to support the generation or instantiation of a particular architectural pattern in distributed computing based on user’s selection. As a result, it can support rapid architectural prototyping and evaluation of both functional and non-functional requirements and encourage greater degrees of software automation and reuse. Lessons learned from the empirical study are also reported and could be applied to other areas.     

An object-oriented approach to the management of distributed application systems

General purpose distributed object-oriented environments exist to allow for the efficient construction of client/server software systems. Standard network and distributed systems management environments exist for the efficient operation of heterogeneous networked hardware and software systems. As distributed software systems get larger, the economies of systems development and the economies of software operation demand that we find an efficient way of integrating these two technologies. While the use of standardized distributed systems management for the management of distributed software applications seems reasonable, very little research has been done to confirm this. In this paper, we propose the integration of standardized distributed resource management technologies and distributed application software. In our work we have facilitated this integration using techniques based on mainstream object-oriented dynamic modeling. We will describe our techniques of integration as well as discuss the need for methodical engineered approaches when working in this area.     

基于进程代数规约生成软件体系结构模型的方法

需求规约到软件体系结构(SA)模型的转换是软件工程领域的一个研究热点,UML-RT广泛用于实时系统软件体系结构建模,然而基于自然语言规约建立的UML-RT模型往往是不精确的,存在二义性,为了解决这一问题,需要赋予UML-RT模型形式化语义.进程代数是一种用来解决并发系统通信问题的形式化方法,具有精确的语法和语义,并且便于机器自动检验与验证.TCSP是进程代数CSP的实时扩展,适合于规约实时系统带有时间约束的行为.提出一种基于进程代数规约生成SA模型的方法.首先建立了自然语言规约到SA模型的转换框架;然后使用时间通信顺序进程(TCSP)描述实时系统需求规约,通过建立TCSP到UML-RT的转换机制,从而实现进程代数规约到SA模型的转换;最后通过一个实例来验证该方法在实时软件建模过程中的有效性.实验分析表明通过该方法建立的UML-RT模型能够从整体上提高实时系统SA设计的可信性.     

Semi-automated architectural abstraction specifications for supporting software evolution

In this paper we present an approach for supporting the semi-automated architectural abstraction of architectural models throughout the software life-cycle. It addresses the problem that the design and implementation of a software system often drift apart as software systems evolve, leading to architectural knowledge evaporation. Our approach provides concepts and tool support for the semi-automatic abstraction of architecture component and connector views from implemented systems and keeping the abstracted architecture models up-to-date during software evolution. In particular, we propose architecture abstraction concepts that are supported through a domain-specific language (DSL). Our main focus is on providing architectural abstraction specifications in the DSL that only need to be changed, if the architecture changes, but can tolerate non-architectural changes in the underlying source code. Once the software architect has defined an architectural abstraction in the DSL, we can automatically generate architectural component views from the source code using model-driven development (MDD) techniques and check whether architectural design constraints are fulfilled by these models. Our approach supports the automatic generation of traceability links between source code elements and architectural abstractions using MDD techniques to enable software architects to easily link between components and the source code elements that realize them. It enables software architects to compare different versions of the generated architectural component view with each other. We evaluate our research results by studying the evolution of architectural abstractions in different consecutive versions of five open source systems and by analyzing the performance of our approach in these cases.     

Documenting electronic commerce systems and software using the unified modeling language

Electronic commerce (EC) systems are complex systems consisting of cooperating heterogeneous software, hardware and database subsystems that are distributed among processing nodes [1]. They are reactive, real-time and concurrent distributed systems. They are financially critical systems since they perform distributed business functions, the success of which is very critical for the business operation. The use of well-defined specification and documentation techniques is very essential for the effective development and maintenance of these systems. In this paper, we propose the use of the unified modeling language (UML) [2] as a technique for documenting and specifying EC systems at various levels of abstractions and from different views. We believe that the use of UML ensures a better reliability and reusability of these systems.     

一个基于构件的分布式软件构架开发环境

针对分布式软件和软件构架日益复杂的特点，本文首先提出并建立了一个基于构件的分布式软件构架描述语言DSADL，然后介绍了基于DSADL的分布式软件构架开发集成环境EDAD．实践证明，EDAD能够有效辅助分布式软件设计人员在构架层次上对系统进行分析和设计，从而提高系统的开发效率．     

Application Portability Profile (APP)—The US government's Open System Environment profile OSE/1 version 2.0

Federal information systems initially developed from isolated islands of computing. Through progressive changes, these individual systems became connected by common users and common information needs. These systems are now well on the way to migrating toward computing environments that consist of distributed, heterogeneous, networked applications, databases, and hardware. The concept of a Federal computing environment that is built on an infrastructure defined by open, consensus-based standards is well on its way to becoming a de facto means of organizing these systems. Such an infrastructure is called an Open System Environment (OSE).

An Open System Environment encompasses the functionality needed to provide interoperability, portability, and scalability of computerized applications across networks of heterogeneous, multi-vendor hardware/software/communications platforms. The OSE forms an extensible framework that allows services, interfaces, protocols, and supporting data formats to be defined in terms of nonproprietary specifications that evolve through open (public), consensus-based forums.

A selected suite of specifications that defines the interfaces, services, protocols, and data formats for a particular class or domain of applications is called a profile. The Application Portability Profile (APP) integrates industry.     

Automated Compositional Abstraction Refinement for Concurrent C Programs: A Two-Level Approach

The state space explosion problem in model checking remains the chief obstacle to the practical verification of real-world distributed systems. We attempt to address this problem in the context of verifying concurrent (message-passing) C programs against safety specifications. More specifically, we present a fully automated compositional framework which combines two orthogonal abstraction techniques (operating respectively on data and events) within a counterexample-guided abstraction refinement (CEGAR) scheme. In this way, our algorithm incrementally increases the granularity of the abstractions until the specification is either established or refuted. Our explicit use of compositionality delays the onset of state space explosion for as long as possible. To our knowledge, this is the first compositional use of CEGAR in the context of model checking concurrent C programs. We describe our approach in detail, and report on some very encouraging preliminary experimental results obtained with our tool MAGIC.