面向嵌入式软件开发的UML到Simulink模型转换方法

模型驱动开发及其关键技术模型转换是近年来软件工程领域研究的热点。在嵌入式软件开发早期,不仅需要对设计模型进行静态分析,更需要对其进行动态仿真,验证系统设计的正确性。如何把设计模型和仿真模型无缝连接起来是工业部门亟待解决的问题。深入调研了UML和Simulink模型转换研究现状,详细分析了模型驱动开发中模型转换的相关技术,提出了一种UML到Simulink的模型转换方法,设计了UML元模型、Simulink元模型,撰写了UML元模型到Simulink元模型的映射规则。最后选取自动驾驶仪系统的飞行控制软件作为案例,验证了该方法的正确性。该方法能实现UML和Simulink两种异构模型同构化,提高嵌入式软件开发效率,丰富并且完善模型驱动开发,也为飞行控制系统、高速铁路控制、机载航电系统等嵌入式软件开发提供了技术支持。     

基于MDA的模型转换研究与应用

模型驱动方法解决了软件开发的效率低、可移植性差等问题,其中的模型转换是开发基于模型驱动构架(MDA)应用工具的关键技术。为此,在模型驱动方法的基础上,提出基于模式的平台无关模型到平台相关模型的模型转换方法,并根据该转换方法确立转换规则,在一个MDA应用系统开发实例中进行验证,实现从平台无关层模型到J2EE平台相关层EJB模型的转换。     

基于模型的预警无人机飞控系统开发与验证

为应对城市低空预警任务对固定翼无人机飞控系统自主飞行需求,采用基于模型设计方法完成无人机飞控系统开发与验证;开发过程中以飞控算法模型为中心,逐级开展飞控算法模型设计与数学仿真、算法快速原型验证以及飞控系统硬件产品实现;飞控算法模型在Matlab/Simulink平台中完成了构建及数学仿真验证,结合Higale系统提供的实时仿真环境完成算法快速原型验证,基于代码自动生成方式将算法模型自动转换为可在DSP中运行的实时代码,下载到飞控计算机中,进行硬件在回路仿真验证,并进一步进行整机地面验证;经过实践,所提出的飞控系统开发与验证流程可以将系统设计中存在的问题缺陷在开发早期暴露出来并及时修正,保证了系统研制进度、成本和品质。     

某型导弹系统仿真模型的静态验证

仿真模型验证是仿真可信性研究的重要组成部分,有着及其重要的意义.模型验证就是比较仿真系统输出和实际系统输出的一致性,分为静态性能验证和动态性能验证.该文在分析研究各种仿真模型验证方法的基础上,采用工程上常用的置信区间法、bayes方法对某型导弹系统仿真模型进行了定量的静态验证,结果表明,所研究模型具有较好的可信度.最后讨论了这两种方法的不足之处.     

SMV的观察迁移系统的模型检测分析

模型检验技术是开发高可信系统的重要途径.提出了一种基于定理证明的模型验证方法,并实现了工具验证.它以代数规约语言CafeOBJ描述系统的无限状态并把它转换成有限状态的SMV规约.通过观察迁移系统,证明产生的SMV规约的反例即CafeOBJ规约的反例,来找出开发早期阶段的系统的潜在错误,从而避免时间、金钱的耗费及重复性的劳动.     

PHM模型的工程化验证方法研究

模型验证技术在故障预测与健康管理(PHM)系统研制中受到高度重视,特别是如何将验证方法在具体的工程应用中体现规范性、系统性、通用性和实用性,已成为亟待解决的技术问题;在分析国内外相关研究现状的基础上,对PHM模型验证方法进行了系统深入的研究,阐述了故障数据获取方法和故障诊断和预测性能指标体系,并以机载诊断模型为例,对PHM模型验证流程作了详细介绍;最后,将此方法应用到了PHM验证平台的设计、开发和具体实现中,充分体现了PHM模型验证方法的工程化特点。     

信息系统中PIM功能元模型的构建研究

为了解决传统信息系统不能随着需求的改变而及时改变的问题,OMG提出了模型驱动体系(MDA)。平台无关模型(PIM)是模型驱动体系中最重要的一环,为了更好地建立信息系统的平台无关模型,提出了从信息系统的功能角度入手构建PIM。首先介绍了MDA框架下的信息系统开发过程,然后从模型构建的一般性要求出发,结合MDA框架下的信息系统开发的特点,提出了MDA框架下的信息系统开发过程的PIM功能元模型构建方法。为了验证了构建方法的正确性,最后基于XML语言实现了PIM功能元模型的构建。     

支持MDA的Web报表系统开发模型及其应用

依据模型驱动体系结构（MDA）的开发理念,并遵循应用程序与用户界面设计相分离的思想,以系统功能和界面描述的高层次抽象为基础,提出一种支持MDA的Web报表系统开发模型。以ASRNET为目标平台进行实验验证,表明该方法遵循了MDA开发的实质、过程和要求,能较好地与系统应用开发模型组合在一起,提高Web报表系统的质量和开发效率。     

嵌入式数控系统模型层验证设计策略研究

在分析传统嵌入式数控的开发方法上的不足,以及目前对其开发方法的诸多变革的基础上,提出并实现将特定领域模型驱动开发融入到嵌入式数控系统的开发,构建了嵌入式数控系统模型层验证框架.该方法为嵌入式数控系统的开发提升了相应的抽象层次,提高了模型在系统开发中的作用,并利于提高系统的可操作性、可靠性、开发效率.通过对数控系统不同工作模式在第三方工具(StateFlow)的仿真实例,详述了该方法在特定领域建模语言的构建、模型转换的实现等方面的细节,并给出了转换后的对应StateFlow模型图.     

一个非确定系统的不干扰模型

提出系统动作对信息域的不干扰概念,并在此基础上将不干扰模型推广到非确定系统.由于基于系统动作的不干扰概念简化了系统动作序列的提取操作,该模型的单步展开条件具有简洁的形式并易于理解和使用.推广后的不干扰模型不仅能够验证静态信息流策略,还可以验证各种动态信息流策略.最后设计了一个基于动态标记的访问控制模型,并在该模型中定义了读、写、执行等操作的具体语义,然后利用不干扰模型对其安全性进行了形式化验证.     

Checking the reliability of socket based communication software

Locating potential execution errors in software is gaining more attention due to the economical and social impact of software crashes. For this reason, many software engineers are now in need of automatic debugging tools in their development environments. Fortunately, the work on formal method technologies during the past 25 years has produced a number of techniques and tools that can make the debugging task almost automatic, using standard computer equipment and with a reasonable response time. In particular, verification techniques like model-checking that were traditionally employed for formal specifications of the software can now be directly employed for real source code. Due to the maturity of model-checking technology, its application to real software is now a promising and realistic approach to increase software quality. There are already some successful examples of tools for this purpose that mainly work with self-contained programs (programs with no system-calls). However, verifying software that uses external functionality provided by the operating system via API s is currently a challenging trend. In this paper, we propose a method for using the tool spin to verify C software systems that use services provided by the operating system thorough a given API. Our approach consists in building a model of the underlying operating system to be joined with the original C code in order to obtain the input for the model checker spin. The whole modeling process is transparent for the C programmer, because it is performed automatically and without special syntactic constraints in the input C code. Regarding verification, we consider optimization techniques suitable for this application domain, and we guarantee that the system only reports potential (non-spurious) errors. We present the applicability of our approach focusing on the verification of distributed software systems that use the API Socket and the network protocol stack TCP/IP for communications. In order to ensure correctness, we define and use a formal semantics of the API to conduct the construction of correct models.     

A behavioral analysis and verification approach to pattern-based design composition

Integrating software components to produce large-scale software systems is an effective way to reuse experience and reduce cost. However, unexpected interactions among components when integrated into software systems are often the cause of failures. Discovering these composition errors early in the development process could lower the cost and effort in fixing them. This paper introduces a rigorous analysis approach to software design composition based on automated verification techniques. We show how to represent, instantiate and integrate design components, and how to find design composition errors using model checking techniques. We illustrate our approach with a Web-based hypermedia case study.     

Heuristics for model checking Java programs

Model checking of software programs has two goals – the verification of correct software and the discovery of errors in faulty software. Some techniques for dealing with the most crucial problem in model checking, the state space explosion problem, concentrate on the first of these goals. In this paper we present an array of heuristic model checking techniques for combating the state space explosion when searching for errors. Previous work on this topic has mostly focused on property-specific heuristics closely related to particular kinds of errors. We present structural heuristics that attempt to explore the structure (branching structure, thread interdependency structure, abstraction structure) of a program in a manner intended to expose errors efficiently. Experimental results show the utility of this class of heuristics. In contrast to these very general heuristics, we also present very lightweight techniques for introducing program-specific heuristic guidance.     

A set of complexity metrics for guiding the software test process

Software verification and validation is a domain which is covered by many dynamic test, static analysis, and formal verification techniques. This presents a problem to practitioners with respect to selecting those suitable techniques which can be used successfully. The basic idea of the methodology presented here is to select test techniques which fit the software under test. A dynamic test technique requires that certain program elements are covered, will be sensitive to errors associated with these elements, because executing an error location is a precondition for revealing the error. Furthermore, it is likely that the probability of errors increases with complexity. Complexity can be characterized in terms of several properties which can be used to suggest various testing strategies. The complexity of the various software properties can be measured using appropriate complexity metrics. Properties with unusual high complexity measures should be tested very throughly. The approach described in this paper permits the selection of test techniques based on the values of the metrics with respect to a particular software product.     

Formal analysis of correctness of behavioral transformations

Much has been said about the importance of formal verification in hardware synthesis, but little has been done. Where it has been applied at all, it has only been used on simple, idealized examples. This paper describes the application of formal semantic analysis and verification to part of a working high-level synthesis system. The process revealed several significant errors in that system, errors that had previously been undetected. This experience leads to some reflections on the need for a rigorous, formal basis for hardware specification and synthesis, and on the value of formal techniques.     

Scenario-based verification in presence of variability using a synchronous approach

This paper presents a new model of scenarios, dedicated to the specification and verification of system behaviours in the context of software product lines (SPL). We draw our inspiration from some techniques that are mostly used in the hardware community, and we show how they could be applied to the verification of software components. We point out the benefits of synchronous languages and models to bridge the gap between both worlds.     

Escort: an environment for specifying communication requirements

A prototype specification support system, Escort, is described that incorporates novel validation, verification, and simplification methods for telecommunications software specifications. Unix was adapted as the operating system for Escort, and many of Escort's tools were designed and implemented by making full use of the Unix facilities. Escort identifies three kinds of specification errors: errors in the grammar of the specification language, called syntax errors; those that degrade consistency and completeness, called logical errors; and those that degrade correctness, called semantic errors. It detects these errors using syntax analysis, validation, and verification, respectively     

Design verification in model-based?��-controller development using an abstract component

Component-based software development is a promising approach for controlling the complexity and quality of software systems. Nevertheless, recent advances in quality control techniques do not seem to keep up with the growing complexity of embedded software; embedded systems often consist of dozens to hundreds of software/hardware components that exhibit complex interaction behavior. Unanticipated quality defects in a component can be a major source of system failure. To address this issue, this paper suggests a design verification approach integrated into the model-driven, component-based development methodology Marmot. The notion of abstract components—the basic building blocks of Marmot—helps to lift the level of abstraction, facilitates high-level reuse, and reduces verification complexity by localizing verification problems between abstract components before refinement and after refinement. This enables the identification of unanticipated design errors in the early stages of development. This work introduces the Marmot methodology, presents a design verification approach in Marmot, and demonstrates its application on the development of a μ-controller-based abstraction of a car mirror control system. An application on TinyOS shows that the approach helps to reuse models as well as their verification results in the development process.     

嵌入式系统虚拟开发环境的设计与实现

在嵌入式系统虚拟开发环境中为软件与硬件分别设计了ＥＳＤＬ语言和ＥＨＤＬ语言．ＥＳＤＬ是ＡＮＳＩＣ的超集,它为嵌入式编程增加了一些数据类型．ＥＨＤＬ是一种硬件描述语言．开发人员可以利用由嵌入式软件调度器和嵌入式硬件模拟器组成的协同验证环境调试嵌入式系统．利用这个虚拟的集成环境,软件开发人员可以在设计初期发现与硬件相关的错误,硬件开发人员可以获得系统功能的真实描述．硬件、软件的设计错误可以在系统制造之