Software monitoring through formal specification animation

This paper presents a formal specification-based software monitoring approach that can dynamically and continuously monitor the behaviors of a target system and explicitly recognize undesirable behaviors in the implementation with respect to its formal specification. The key idea of our approach is in building a monitoring module that connects a specification animator with a program debugger. The requirements information about expected dynamic behaviors of the target system are gathered from the formal specification animator, while the actual behaviors of concrete implementations of the target system are obtained through the program debugger. Based on the information obtained from both sides, the judgement on the conformance of the concrete implementation with respect to the formal specification is made timely while the target system is running. Furthermore, the proposed formal specification-based software monitoring technique does not embed any instrumentation codes to the target system nor does it annotate the target system with any formal specifications. It can detect implementation errors in a real-time manner, and help the developers and users of the system to react to the problems before critical failure occurs.     

Understanding and exploring formal specifications

Formal methods is seen as a means of applying scientific knowledge to software construction, thereby legitimating the use of mathematics within software engineering. However, the software engineering community faces numerous challenges before an effective transfer of this formal methods technology can take place because of the level of skill, expertise and effort required in their application. It is argued that at present the use of formal notations for system specification is a mature technology offering the greatest leverage. The relative benefits of a declarative approach with a getting it right the first time maxim versus an imperative approach coupled with an exploratory trial and error flavour are explored. Detailed characteristics of a teaching and learning environment developed to support the latter approach are provided. Its varied uses in the context of teaching and learning within undergraduate and postgraduate courses in software engineering are discussed. Exemplars from these uses show how users of the environment explore formal specifications to improve their understanding of specification and thereby illustrate the effectiveness of the environment. Implications of our approach on technology transfer and training are briefly explored.     

Feature interactions and formal specifications intelecommunications

The feature-interaction problem found in complex software systems that support telecommunications is reviewed. The relationship between feature interactions and formal specifications is examined. Several important ways telecommunications has evolved beyond plain old telephone service (POTS) are described. It is shown how many feature interactions can be eliminated by applying known techniques of formal specification. A glossary that explains telecommunications terms not defined in the text and acronyms used throughout the article is included     

Industrial integration of graphical and formal specifications

This paper discusses an approach to formal methods technology exploitation which introduces formal notations into critical systems development processes. The provision of “Ω functions” that map graphical specifications into axiomatic formal specifications, which can then be subjected to proof, is explored as a means of achieving this goal. Such functions must treat a useful subset of the graphical language and be compatible with industrialized tools. Experiences in developing this approach for industrial application are discussed by means of an example mapping function known as Ω1. This function maps a subset of statecharts into Real Time Logic.     

Verifying timing consistency in formal specifications

The authors' algorithm formally verifies the rule set that expresses timing discipline in digital system specifications. Their algorithm is based on a higher level behavioral specification model and concerns formal consistency verification at the design level of the system specification development procedure     

Using units of measurement in formal specifications

In the physical sciences and engineering, units of measurement provide a valuable aid to both the exposition and comprehension of physical systems. In addition, they provide an error checking facility comparable to static type checking commonly found with programming languages. It is argued that units of measurement can provide similar benefits in the specification and design of software and computer systems.To demonstrate this, we present an extension of the Z specification notation with support for the incorporation of units in specifications and demonstrate the feasibility of static dimensional analysis of the resulting language.     

Applying formal specifications to real-world software development

While formal methods are gaining acceptance in the software industry, there is a need for practical guidelines for making the best use of formal specifications. The author provides a few such pragmatic tips for people involved in the industrial use of formal specifications. The 15 guidelines are split into two areas, dealing with process and content. The author also includes a full-page reference for literature available over the Web     

Towards quality requirements via animated formal specifications

Assuring a high quality requirements specification document involves both an early validation process and an increased level of participation. An approach and its supporting environment which combines the benefits of a formal system specification and its subsequent execution via a rapid prototype is reported. The environment assists in the construction, clarification, validation and visualisation of a formal specification. An illustrative case study demonstrates the consequences of assertions about system properties at this early stage of software development. Our approach involves the pragmatic combination of technical benefits of formal systems engineering based techniques with the context‐sensitive notions of increased participation of both developer and user stakeholders to move us closer towards a quality requirements specification document.     

Two-dimensional pinpointing: debugging with formal specifications

Debugging techniques and tools that draw on both the high-level concepts (defined as functions) used in formal specifications and the abstraction and information-hiding constructs used in modern languages are described. The technique is based on two components. One is a novel specification language with support tools. Ada programs are specified with a language that the authors created called Anna. Their tool set is used to check the Ada program's runtime behavior for consistency with the Anna specifications. The other technique uses the tool set to find missing specifications by comparing the specification with program prototypes and to test and debug Ada programs after an accepted specification has been developed. The approach, called two-dimensional pinpointing, locates inconsistencies in software that is structured in levels     

Using formal specifications to support software testing

Formal specifications become more and more important in the development of software, especially but not only in the area of high integrity system design. In this paper it is demonstrated, how, apart from the specification phase, further benefits may be drawn from formal specifications for checking the implementation against the specification. It is shown how the specification can be used for systematically deriving test input data and for automatically evaluating test results. The approach is illustrated using the specification language Z. The same principles may be applied to other specification languages. The approach allows a high degree of automation, drastically improving productivity and quality of the testing process.     

Using formal specifications for functional validation of hardwaredesigns

Formal specifications can help resolve both ambiguity issues and correctness problems in verifying complex hardware designs. This new methodology shows how specifications can also help design productivity by automating many procedures that are now done manually. Input sequences, output assertions, and a simulation coverage metric for the design under verification are all generated directly from the specification     

Towards UML-based formal specifications of component-based real-time software

UML-RT is achieving increasing popularity as a modeling language for real-time applications. Unfortunately UML-RT is not formally well defined and it is not well suited for supporting the specification stage: e.g., it does not provide native constructs to represent time and non-determinism. UML+ is an extension of UML that is formally well defined and suitable for expressing the specifications of real-time systems (e.g., the properties of a UML+ model can be formally verified). However, UML+ does not support design and development. This article addresses the translation of UML+ into UML-RT, thus posing the basis for a development framework where UML+ and UML-RT are used together, in order to remove each other’s limitations. Specifications are written using UML+, they are automatically verified by means of formal methods, and are then converted – through a semi-automatic process – in an equivalent UML-RT model that becomes the starting point for the implementation.     

Synthesizing structured analysis and object‐based formal specifications

Structured Analysis (SA) is a widely‐used software development method. SA specifications are based on Data Flow Diagrams (DFD's), Data Dictionaries (DD's) and Process Specifications (P‐Specs). As used in practice, SA specifications are not formal. Seemingly orthogonal approaches to specifications are those using formal, object‐based, abstract model specification languages, e.g., VDM, Z, Larch/C++ and SPECS. These languages support object‐based software development in that they are designed to specify abstract data types (ADT's). We suggest formalizing SA specifications by: (i) formally specifying flow value types as ADT's in DD's, (ii) formally specifying P‐Specs using both the assertional style of the aforementioned specification languages and ADT operations defined in DD's, and (iii) adopting a formal semantics for DFD “execution steps”. The resulting formalized SA specifications, DFD‐SPECS, are well‐suited to the specification of distributed or concurrent systems. We provide an example DFD‐SPEC for a client‐server system with a replicated server. When synthesized with our recent results in the direct execution of formal, model‐based specifications, DFD‐SPECS will also support the direct execution of specifications of concurrent or distributed systems.     

Prototyping realistic programming languages based on formal specifications

The specification of realistic programming languages is difficult and expensive. One approach to make language specification more attractive is the development of techniques and systems for the generation of language–specific software from specifications. To contribute to this approach, a tool–based framework with the following features is presented: It supports new techniques to specify more language aspects in a static fashion. This improves the efficiency of generated software. It provides powerful interfaces to generated software components. This facilitates the use of these components as parts of language–specific software. It has a rather simple formal semantics. In the framework, static semantics is defined by a very general attribution technique enabling e.g. the specification of flow graphs. The dynamic semantics is defined by evolving algebra rules, a technique that has been successfully applied to realistic programming languages. After providing the formal background of the framework, an object–oriented programming language is specified to illustrate the central specification features. In particular, it is shown how parallelism can be handled. The relationship to attribute grammar extensions is discussed using a non-trivial compiler problem. Finally, the paper describes new techniques for implementing the framework and reports on experiences made so far with the implemented system. Received: 20 November 1995 / 20 January 1997     

Object oriented concepts identification from formal B specifications

This paper addresses the graphical representation of static aspects of B specifications, using UML class diagrams. These diagrams can help understand the specification for stakeholders who are not familiar with the B method, such as customers or certification authorities. The paper first discusses some rules for a preliminary derivation of a class diagram. It then studies the consistency of the concepts preliminarily identified from an object oriented point of view. A formal concept analysis technique is used to distinguish between consistent classes, attributes, associations and operations. The proposed technique is to incrementally add operations to the formal specification which automatically result in evolutions of the class diagram.