基于用例的需求建模方法

传统的软件需求规约是采用功能分解的方式来描述系统功能,而采用用例的方法进行需求获取和建模,是以用户为中心的建模方法.用例模型是由用例图和用例规约所组成的.用例图用来规定系统的行为,用例规约是用文档的形式对每个用例进行描述的.通过对银行系统进行基于用例的需求分析和建模,可以了解用例模型的益处.     

基于RUCM的软件安全性需求描述方法

随着软件在安全关键系统中的应用越来越广泛、承担的安全关键功能越来越多,软件的安全性需求变得越来越重要,成为系统安全性的一个重要的决定性因素。软件安全性需求的正确描述是整个软件安全性工作的关键,它是开展后续软件安全性设计、实现与测试工作的依据。然而现有的安全性需求通常被混同于一般功能性描述中,缺乏独立、规范和明确的描述,缺乏对于故障、失效与安全性需求之间相互关系的描述机制,导致在实际应用中缺乏对安全性需求进行准确描述的方法。设计了一种基于结构化模版和约束规则的安全性需求规约,即基于RUCM的安全性需求描述方法Safety RUCM,该方法以RUCM建模方法为基础,通过扩展用例规约模板和限制规则,添加故障描述模版以及数据描述模版,使其能够支持故障相关描述以及相应的安全性需求描述并形成安全性需求规约,最后通过某机载操作系统的案例研究验证了Safety RUCM建模方法的可行性。     

基于用例的软件需求建模研究

需求建模和用例技术是软件需求工程研究的热点,文中旨在通过讨论二者的作用及相互关系,得到如何使用用例分析技术为捕获的软件需求建立简洁明了的逻辑模型的一般方法。文章首先介绍了用例、软件需求、需求建模等基本概念,然后探讨了软件需求建模的一般过程,最后结合实际案例给出了使用用例进行需求建模的实现方法。整个过程侧重于需求的获取、用例分析和建模的实现,并提供了一个简单的用于描述软件需求的用例规约。     

用例分析技术在需求建模中的应用

用例分析技术通过用例、执行者以及用例之间的关系来描绘系统外在可见的需求情况。文中介绍了用例分析技术易于软件开发人员与用户之间开展沟通与交流的特点,阐明了用例分析技术有助于提高需求分析的效率和质量。通过高炉开炉装料系统的开发实践,从执行者、用例和用例规约三方面,探讨了用例分析技术的建模步骤,从而描述了一种使用用例分析技术开展需求建模的有效的实现方法。     

用例分析技术在需求建模中的应用

用例分析技术通过用例、执行者以及用例之间的关系来描绘系统外在可见的需求情况。文中介绍了用例分析技术易于软件开发人员与用户之间开展沟通与交流的特点，阐明了用例分析技术有助于提高需求分析的效率和质量。通过高炉开炉装料系统的开发实践，从执行者、用例和用例规约三方面，探讨了用例分析技术的建模步骤，从而描述了一种使用用例分析技术开展需求建模的有效的实现方法。     

轨道交通控制软件中基于场景的需求分析方法

针对轨道交通控制软件的形式化方法,在实际工程应用中存在形式化建模和系统级场景验证困难的问题。提出一种面向轨道交通领域的形式化建模和需求确认及验证方法。通过非形式化、半形式化到形式化规约三步演化过程,为形式化规约构建提供模板。在对需求的确认和验证中,根据形式化规范建立需求模型,导出相关图表,基于此检查领域专家关注的场景。同时制定场景描述规则,使场景可以在需求模型中正确执行。在此基础上,从特殊变量、效率、场景质量三方面对场景进行优化,更充分地验证需求的正确性。实验结果表明,对于典型车载控制软件,该方法较传统分析方法可多探测到10%的潜在缺陷,效率提升80%以上。     

基于SWRL的软件需求一致性验证方法

需求质量已经成为确保软件项目成功的一个重要因素,对复杂软件系统的需求进行检查和验证,是需求工程中非常重要的工作。在基于领域本体的需求获取和分析等相关工作基础上,提出了一种基于本体和语义规则的需求一致性验证方法,将自然语言描述的需求分解成若干结构良好的最小需求项,使用领域本体的概念模型对其进行形式化和结构化的表示。通过领域本体中的知识来映射需求语义,采用语义万维网规则语言（SWRL）来定义需求一致性验证的推理规则,并通过实例对此方法进行了分析和验证。     

基于有向生成图的需求验证方法

软件工程中的需求具有抽象性和复杂性,未经验证的需求会给项目带来较大需求风险。该文提出一种基于有向生成图的需求验证方法,论述UML对话图建模和模型映射规则、任务分解策略和形式化描述,以及需求验证过程涉及的转化模型和算法。该方法有效克服了需求验证过程中的复杂性和经验操作。从理论上分析该方法的可用性,通过实例验证了该方法的有效性。     

SPVT:一个有效的安全协议验证工具

描述了基于Objective Caml开发的一个安全协议验证工具SPVT(security protocol verifying tool).在SPVT中,以扩展附加项的类(演算作为安全协议描述语言,以扩展附加项的Horn逻辑规则描述协议攻击者的Dolev-Yao模型,通过一组抽象规则将安全协议的类(演算模型转换为逻辑程序模型,基于安全协议逻辑程序的不动点计算验证安全性质,从安全协议逻辑程序的不动点计算和安全性质的验证过程中构造不满足安全性质的安全协议反例.以简化的Needham-Schroeder公钥认证协议为例,描述了使用SPVT自动验证安全协议的过程,表明了SPVT用于安全协议验证的有效性.     

一种基于Petri网化简的工作流过程语义验证方法

过程验证是保证工作流过程定义正确性的重要手段.针对过程定义中控制流、数据流和资源三维元信息相结合的冲突检测问题,研究了过程的语义验证方法.首先根据语义验证的需求,定义3DWFN网作为过程描述的形式化模型,然后基于该模型阐述了完成语义验证的化简规则.并通过与其他相关化简规则的比较,说明了这些规则在语义验证层面的优势.     

一种获得形式化功能需求的方法

用例图在面向对象的软件开发过程中起着重要的作用。它用于描述系统的功能需求 ,但是它缺乏如Object -Z形式规格说明语言的精确性。本文结合一个实例给出了一种如何使用UML捕获系统的功能需求 ,并将该功能需求形式化的方法。本文定义了从UML用例图到Object -Z的转换规则 ,实现了用例图的形式化、获得了形式化的功能需求。     

From use cases to test cases via meta model-based reasoning

In Use cases considered harmful, Simons has analyzed the logical weaknesses of the UML use case notation and has recommended to “fix the faulty notion of dependency” (Simons: Use cases considered harmful. 29th Conference on Techn. of OO Lang. and Syst., pp 194–203, 1999). The project sketched in this position paper is inspired by Simons’ critique. The main contribution of this paper is a detailed meta model of possible relations between use cases. Later in the project this meta model is then to be formalized in a natural deduction calculus which shall be implemented in the Prolog. As a result of such formalization a use case specification can be queried for inconsistencies as well as for test cases which must be observable after a software system is implemented based on such a use case specification. Software tool support for this method is also under development.     

A formal approach for the development of reactive systems

Context

This paper deals with the development and verification of liveness properties on reactive systems using the Event-B method. By considering the limitation of the Event-B method to invariance properties, we propose to apply the language TLA⁺ to verify liveness properties on Event-B models.

Objective

This paper deals with the use of two verification approaches: theorem proving and model-checking, in the construction and verification of safe reactive systems. The theorem prover concerned is part of the Click_n_Prove tool associated to the Event-B method and the model checker is TLC for TLA⁺ models.

Method

To verify liveness properties on Event-B systems, we extend first the expressivity and the semantics of a B model (called temporal B model) to deal with the specification of fairness and eventuality properties. Second, we propose semantics of the extension over traces, in the same spirit as TLA⁺ does. Third, we give verification rules in the axiomatic way of the Event-B method. Finally, we give transformation rules from a temporal B model into a TLA⁺ module. We present in particular, our prototype system called B2TLA⁺, that we have developed to support this transformation; then we can verify liveness properties thanks to the model checker TLC on finite state systems. For the verification of infinite-state systems, we propose the use of the predicate diagrams and its associated tool DIXIT. As the B refinement preserves invariance properties through refinement steps, we propose some rules to get the preservation of liveness properties by the B refinement.

Results

The proposed approach is applied for the development of some reactive systems examples and our prototype system B2TLA⁺ is successfully used to transform a temporal B model into a TLA⁺ module.

Conclusion

The paper successfully defines an approach for the specification and verification of safety and liveness properties for the development of reactive systems using the Event-B method, the language TLA⁺ and the predicate diagrams with their associated tools. The approach is illustrated on a case study of a parcel sorting system.     

Coupling Use Cases and Class Models as a Means for Validation and Verification of Requirements Specifications

In many applications, especially from the business domain, the requirements specification mainly deals with use cases and class models. Unfortunately, these models are based on different modelling techniques and aim at different levels of abstraction, such that serious consistency and completeness problems are induced. To overcome these deficiencies, we refine activity graphs to meet the needs for a suitable modelling element for use case behaviour. The refinement in particular supports the proper coupling of use cases via activity graphs and the class model. The granularity and semantics of our approach allow for a seamless, traceable transition of use cases to the class model and for the verification of the class model against the use case model. The validation of the use case model and parts of the class model is supported as well. Experience from several applications has shown that the investment in specification, validation and verification not only pays off during system and acceptance testing but also significantly improves the quality of the final product.       

基于Hoare逻辑的密码软件形式化验证系统

在Hoare逻辑理论和ACSL语法规范的基础上,设计一种针对密码软件的形式化验证系统,由程序规范、验证推理规则、可靠性策略、验证推理等模块组成。以OpenSSL中RC4算法的软件实现为例,对其功能正确性、保险性和信息流安全性进行验证,结果表明,该系统具有较高的自动化水平,可在一定程度上降低形式化验证方法的复杂度。     

基于多视角卡牌模型的需求缺陷检测

需求来源于不同利益相关方对现实系统的认识和期望。需求获取在整个软件产品的研发过程中至关重要,往往决定着软件产品的质量甚至成败。然而,由于各种复杂因素的影响,获取到的需求中往往存在不完整、不准确甚至冲突等缺陷。需求表达上的二义性、需求描述的不完整和不一致等是最常见的需求缺陷。文中提出一种基于多视角需求获取的卡牌模型和需求缺陷检测规则。在需求获取过程中,特别是在其初期,其能够发现来自各方需求信息中常见的不完整和不一致需求缺陷。最后,通过3组项目案例验证了方法的有效性。     

基于设计演算的形式化用例分析建模框架

提出一种形式化用例分析建模框架,引入类图、用例顺序图、用例状态图、功能规约函数和系统不变式从多个角度为需求建模.通过定义这些视图的形式化语义,为需求的各个方面定义了准确的形式化描述.利用该框架,可以从方法的交互行为规约和功能规约合成描述方法全部行为的全规约;也可以定义用例模型的性质,并通过设计演算中的证明来分析验证这些性质.作为应用,研究了检查用例模型一致性的规则.给出一个实例说明建模框架的可行性.     

XYZ／SE程序的验证

ＸＹＺ／Ｅ的好处之一在于高级和低级的说明能够在同一框架下表示，因而使得软件的说明和实现变得容易一些．在这同时，开发验证工具以验证不同层次的说明是否满足所期望的关系是很重要的．谢洪亮等同志曾研究过ＸＹＺ／ＳＥ程序的验证规则．本篇文章增加了有关使用数组、过程说明和过程调用的规则．同时着重说明ＸＹＺ／ＳＥ程序验证的自动化方面的问题，且实现了一些化简验证条件的规则．     

Experiences with software specification and verification using LP,the Larch proof assistant

We sketch a method for deduction-oriented software and system development. The method incorporates formal machine-supported specification and verification as activities in software and systems development. We describe experiences in applying this method. These experiences have been gained by using the LP, the Larch proof assistant, as a tool for a number of small and medium size case studies for the formal development of software and systems. LP is used for the verification of the development steps. These case studies include

? quicksort

? the majority vote problem

? code generation by a compiler and its correctness

? an interactive queue and its refinement into a network.

The developments range over levels of requirement specifications, designs and abstract implementations. The main issues are questions of a development method and how to make good use of a formal tool like LP in a goal-directed way within the development. We further discuss the value of advanced specification techniques, most of which are deliberately not supported by LP and its notation, and their significance in development, Furthermore, we discuss issues of enhancement of a support system like LP and the value and the practicability of using formal techniques such as specification and verification in the development process in practice.