Generating Natural Language specifications from UML class diagrams

Early phases of software development are known to be problematic, difficult to manage and errors occurring during these phases are expensive to correct. Many systems have been developed to aid the transition from informal Natural Language requirements to semi-structured or formal specifications. Furthermore, consistency checking is seen by many software engineers as the solution to reduce the number of errors occurring during the software development life cycle and allow early verification and validation of software systems. However, this is confined to the models developed during analysis and design and fails to include the early Natural Language requirements. This excludes proper user involvement and creates a gap between the original requirements and the updated and modified models and implementations of the system. To improve this process, we propose a system that generates Natural Language specifications from UML class diagrams. We first investigate the variation of the input language used in naming the components of a class diagram based on the study of a large number of examples from the literature and then develop rules for removing ambiguities in the subset of Natural Language used within UML. We use WordNet, a linguistic ontology, to disambiguate the lexical structures of the UML string names and generate semantically sound sentences. Our system is developed in Java and is tested on an independent though academic case study.     

Formal specifications and analysis of the computer-assisted resuscitation algorithm (CARA) Infusion Pump Control System

Reliability of medical devices such as the CARA Infusion Pump Control System is of extreme importance given that these devices are being used on patients in critical condition. The Infusion Pump Control System includes embedded processors and accompanying embedded software for monitoring as well as controlling sensors and actuators that allow the embedded systems to interact with their environments. This nature of the Infusion Pump Control System adds to the complexity of assuring the reliability of the total system. The traditional methods of developing embedded systems are inadequate for such safety-critical devices. In this paper, we study the application of formal methods to the requirements capture and analysis of the Infusion Pump Control System. Our approach consists of two phases. The first phase is to convert the informal design requirements into a set of reference specifications using a formal system, in this case EFSMs (Extended Finite State Machines). The second phase is to translate the reference specifications to the tools supporting formal analysis, such as SCR and Hermes. This allows us to conclude properties of the reference specifications. Our research goal is to develop a framework and methodology for the integrated use of formal methods in the development of embedded medical systems that require high assurance and confidence .     

Compositional Comparison of Formal Software Specifications Using Transformation Systems

In a model-based software systems development formal specifications of the components of the system are developed. Thereby different specifications are used to represent the different aspects or views of the components, possibly following different paradigms. These heterogeneous viewpoint specifications have to be integrated in order to obtain a consistent global specification of the whole system. In this paper transformation systems are introduced as a common semantic domain where specifications written in different languages can be interpreted and formally compared. A transformation system is a transition system where the transitions are labelled by sets of actions and the states are labelled by algebras representing the data states. Development relations and composition operations for transformation systems are investigated, and it is shown that compatible local developments of components induce a global development of their composition. As an application two specifications of the alternating bit protocol are formally compared component-wise, one given in the process calculus CCS, the other one in the parallel programming language UNITY. Received September 2000 / Accepted in revised form June 2001     

A Knowledge-Based Software Engineering Environment for reusable software requirements and architectures

This paper describes a prototype Knowledge-Based Software Engineering Environment used to demonstrate the concepts of reuse of software requirements and software architectures. The prototype environment, which is application-domain independent, is used to support the development of domain models and to generate target system specifications from them. The prototype environment consists of an integrated set of commercial-off-the-shelf software tools and custom developed software tools.The concept of reuse is prevalent at several levels of the domain modeling method and prototype environment. The environment itself is domain-independent thereby supporting the specification of diverse application domain models. The domain modeling method specifies a family of systems rather than a single system; features characterize the variations in functional requirements supported by the family and individual family members are specified by the features they are to support. The knowledge-based approach to target system generation provides the rules for generating target system specifications from the domain model; target system specifications, themselves, may be stored in an object repository for subsequent retrieval and reuse.     

Integrated static code analysis and runtime verification

Static code analysis tools automatically generate alerts for potential software faults that can lead to failures. However, these tools usually generate a very large number of alerts, some of which are subject to false positives. Because of limited resources, it is usually hard to inspect all the alerts. As a complementary approach, runtime verification techniques verify dynamic system behavior with respect to a set of specifications. However, these specifications are usually created manually based on system requirements and constraints. In this paper, we introduce a noval approach and a toolchain for integrated static code analysis and runtime verification. Alerts that are generated by static code analysis tools are utilized for automatically generating runtime verification specifications. On the other hand, runtime verification results are used for automatically generating filters for static code analysis tools to eliminate false positives. The approach is illustrated for the static analysis and runtime verification of an open‐source bibliography reference manager software. Copyright © 2014 John Wiley & Sons, Ltd.     

Toward automatic detection of software failures

To date, no method has explicitly and cost effectively dealt with failure detection in software systems whose specifications are nondeterministic. In such systems, the specification permits multiple outputs for the same input sequence and system state. Nondeterminism in specifications is advantageous because the specification writer can avoid stating irrelevant behavior as mandatory, freeing the software designer to choose a behavioral alternative that would yield a more desirable implementation. Unfortunately, this flexibility comes at a cost to the failure detection mechanism. It must accommodate all the target system's legal behavioral alternatives and avoid favoring one of them. The article describes a hierarchical supervisor whose failure detection mechanism explicitly addresses systems with nondeterministic specifications. The supervisor, a unit separate from the target system, observes the system's external inputs and outputs and reports any failures. Its hierarchical structure results from splitting the task of identifying the behavioral alternative the target system chooses from the task of checking the details of system behavior. This structure makes it possible to efficiently trade off detection accuracy and computational cost. To evaluate their approach, the authors created a prototype supervisor and used it to supervise the execution of the control program of a small telephone exchange. Results indicate that the hierarchical supervisor can significantly reduce the computational cost of considering the target system's behavioral alternatives. However, although the supervisor's computational cost is significantly reduced, it is still higher than that for the target system     

用UML与Petri网为智能代理建模

统一建模型语言（UML）已经成为软件系统的分析与设计的标准工具，但由它扩充而成的代理统一建模型语言（AUML）还没变成一个标准，目前的AUML规格说明还有很多的局限性，还不能胜任多代理系统的开发．Petri网是仿真、验证软件系统执行的正确性与有效性的形式化工具．本文主要分析当前AUML规格说明和Petri网概念．找出它们之间的结合点，提出用Petri网扩充AUML的方法．将其应用于多代理系统的开发，就能实施之前运用Petri网进行系统的正确性与有效性验证．     

Executable formal specifications of complex distributed systems with CoreASM

Formal specifications play a crucial role in the design of reliable complex software systems. Executable formal specifications allow the designer to attain early validation and verification of design using static analysis techniques and accurate simulation of the runtime behavior of the system-to-be. With increasing complexity of software-intensive computer-based systems and the challenges of validation and verification of abstract software models prior to coding, the need for interactive software tools supporting executable formal specifications is even more evident. In this paper, we discuss how CoreASM, an environment for writing and running executable specifications according to the ASM method, provides flexibility and manages the complexity by using an innovative extensible language architecture.     

An approach to the formal specification of computer graphics systems

This paper discusses the approach to formal specification of computer graphics systems developed by the ANSI X3H3 committee (Computer Graphics Programming Languages) in the United States. ANSI's specification philosophy aims to gradually replace existing informal English language specifications with more formal ones without sacrificing the readibility and usefulness of standards documents. The specification techniques used are derived from those presently employed in the specification of computer communication protocols and the specification of software systems, not those used for the specification of programming languages. The specifications consist of three parts: the interface between both graphics and the host language and graphics and the graphical display device, the structure of the graphics system, and the functions that are performed by the graphics system. The specifications are based on abstract data types. These data types, together with the operations which can be performed on them, are used to describe the structure and functions of the graphics system. Using these techniques, X3H3 has developed a complete formal specification for a minimal graphics system. Extracts from this specification are included here.     

Testing Formal Specifications to Detect Design Errors

Formal specification and verification techniques are now apused to increase the reliability of software systems. However, these proaches sometimes result in specifying systems that cannot be realized or that are not usable. This paper demonstrates why it is necessary to test specifications early in the software life cycle to guarantee a system that meets its critical requirements and that also provides the desired functionality. Definitions to provide the framework for classifying the validity of a functional requirement with respect to a formal specification tion are also introduced. Finally, the design of two tools for testing formal specifications is discussed.     

A logical approach to systems engineering artifacts: semantic relationships and dependencies beyond traceability—from requirements to functional and architectural views

Not only system assurance drives a need for semantically richer relationships across various artifacts, work products, and items of information than are implied in the terms “trace and traceability” as used in current standards and textbooks. This paper deals with the task of working out artifacts in software and system development, their representation, and the analysis and documentation of the relationships between their logical contents—herein referred to as tracing and traceability; this is a richer meaning of traceability than in standards like IEEE STD 830. Among others, key tasks in system development are as follows: capturing, analyzing, and documenting system-level requirements, the step to functional system specifications, the step to architectures given by the decomposition of systems into subsystems with their connections and behavioral interactions. Each of these steps produces artifacts for documenting the development, as a basis for a specification and a design rationale, for documentation, for verification, and impact analysis of change requests. Crucial questions are how to represent and formalize the content of these artifacts and how to relate their content to support, in particular, system assurance. When designing multi-functional systems, key artifacts are system-level requirements, functional specifications, and architectures in terms of their subsystem specifications. Links and traces between these artifacts are introduced to relate their contents. Traceability has the goal to relate artifacts. It is required for instance in standards for functional system safety such as the ISO 26262. An approach to specifying semantic relationships is shown, such that the activity of creating and using (navigating through) these relationships can be supported with automation.     

Rigorous embedded design: challenges and perspectives

The design of embedded systems radically differs from pure software design in that it should take into account not only the functional, but also extra-functional specifications regarding the use of resources of the execution platform such as processing time, memory, and energy. Meeting extra-functional specifications is essential for the design of embedded systems. It requires predictability of the impact of design choices on the overall behavior of the designed system. It also implies a deep understanding of the interaction between application software and the underlying execution platform. We currently lack approaches for modeling mixed hardware–software systems. There are currently no established rigorous techniques for deriving global models of a given system from models of its application software and its execution platform. However, many researchers and industrials are nowadays working in this area and proposing solutions. The Rigorous Embedded Design Red workshop which took place at EUROSYS11 provided an unique opportunity to discuss several new methodologies for the rigorous design of embedded systems. Through a series of invited talks, the workshop appraised some of the challenges and emerging approaches in the area. A series of design flows has been presented and the workshop discussions focused on performance analysis, correctness (high confidence and security), code generation, and modeling aspects (including timed scheduling and software/hardware interactions). Those concepts have been illustrated with examples coming from the aeronautic, automotive, and robotic areas. The aim of this introduction paper is to briefly present the challenges for Embedded system design surveyed by Red.     

基于时态认知逻辑的Web服务模型检测

传统模型检测技术主要采用时态逻辑描述被验证的规范,人们较少注意多智能体认知逻辑的模型检测问题.而在分布式系统领域,系统和协议的规范很适合用认知逻辑来描述.Web服务是一个典型的分布式系统.把Web服务组合建模为多智能体系统,并成功采用我们实现的时态认知逻辑符号模型检测工具MCTK验证了SAS股票分析服务实例.同时采用WSAT,WS-Engineer和SPIN 3个模型检测工具在相同实验环境下验证了该实例,实验结果表明我们的Web服务模型检测方法不仅比这3个模型检测工具更高效,而且支持认知逻辑规范的验证,这是这3个模型检测工具所不具备的.     

KBMS: a knowledge-based system for modeling software systemspecifications

Recent research results in software engineering have shown that the process of formalizing and automating software specification activity is moving towards knowledge-based specification systems. A modeling approach and a knowledge-based system that assist in the requirement acquisition, development, and maintenance of such software system specifications are presented     

Synthesizing structured analysis and object‐based formal specifications

Structured Analysis (SA) is a widely‐used software development method. SA specifications are based on Data Flow Diagrams (DFD's), Data Dictionaries (DD's) and Process Specifications (P‐Specs). As used in practice, SA specifications are not formal. Seemingly orthogonal approaches to specifications are those using formal, object‐based, abstract model specification languages, e.g., VDM, Z, Larch/C++ and SPECS. These languages support object‐based software development in that they are designed to specify abstract data types (ADT's). We suggest formalizing SA specifications by: (i) formally specifying flow value types as ADT's in DD's, (ii) formally specifying P‐Specs using both the assertional style of the aforementioned specification languages and ADT operations defined in DD's, and (iii) adopting a formal semantics for DFD “execution steps”. The resulting formalized SA specifications, DFD‐SPECS, are well‐suited to the specification of distributed or concurrent systems. We provide an example DFD‐SPEC for a client‐server system with a replicated server. When synthesized with our recent results in the direct execution of formal, model‐based specifications, DFD‐SPECS will also support the direct execution of specifications of concurrent or distributed systems.     

Comparing the top-down and bottom-up approaches of function point analysis: a case study

Function point analysis is a widely cited method for estimating software project size, which is an important activity of project management. At the beginning stage of planning, the top-down approach can be applied. Having obtained more systems specifications at later stages, the bottom-up approach might also be used to improve the accuracy of the estimation. However, the bottom-up approach is not a conventional way of function point analysis. There was no empirical evidence showing the difference between the fully informed top-down approach and the bottom-up approach. Through the implementation of a function point analysis system in an in-house software development department, this paper compares the results of the two approaches. This comparison study shows that the bottom-up approach does not contribute a significant added value to a fully-informed top-down approach. Therefore, the fully-informed top down approach has been chosen as a method for building a software metric database in the organization. More important, the observations and experience gained from this project may help in-house development organizations to establish their own function point analysis systems.