混成系统的描述和设计与Timed RAISE项目

1 引言混成系统是包含连续部件和离散部件的实时系统。其中连续部件是满足一定微分方程的物理设备,离散部件是运行程序的计算机及受程序控制的感应器和主动器。混成系统的典型例子有:机器人控制系统、计算机辅助制造设备、飞行控制系统等。     

两种形式语言:RSL与Z的分析比较

RSL(RAISE规格说明语言)和Z是目前广泛应用的软件规格说明语言,本文从软件开发生命周期的角度对两种语言进行了比较,提出了将不同规格说明语言结合形式地描述系统的设想。     

可信软件实时性测试用例集生成方法研究*

基于RAISE规范语言（RSL）的一个变体——时间化RAISE规范语言（TRSL）,提出一种可信软件实时性测试用例集生成方法。该方法首先去除基于TRSL软件规约中的抽象时间因素;然后使用划分分析的方法构造测试单元;再利用动态约束求解方法动态构造具有时间约束的构造项和观测项,并在此基础上构建完整的基于TRSL规约的实时性测试用例集。     

RAISE规范语言及其语义特征

本文简要介绍了RAISE规范语言的基本概念,并描述了其语义特征。从而为准确地理解RAISE规范语言、正确地描述其形式语义奠定良好的基础。     

Specification,proof, and model checking of the Mondex electronic purse using RAISE

This paper describes how the communication protocol of Mondex electronic purses can be specified and verified against desired security properties. The specification is developed by stepwise refinement using the RAISE formal specification language, RSL, and the proofs are made by translation to PVS and SAL. The work is part of a year-long project contributing to the international grand challenge in verified software engineering. J. C. P. Woodcock     

Model checking RAISE applicative specifications

Ensuring the correctness of a given software component has become a crucial aspect in software engineering and model checking provides an almost fully automatic way of achieving this goal. Due to the scalability problems of the model checking technique, it has become popular to apply it at early stages in the development process, when the size of the model is much smaller than the final code. Properties proved in this way can be shown to hold at the implementation level provided that the final code refines the original specification. In this paper we focus on the main issues for adding model checking functionality to the RAISE specification language (RSL) and present the semantic foundations of our current approach for doing so. We also describe a way to use model checking to verify RAISE confidence conditions, ensuring the soundness and completeness of the results checked in this way. We then present the most interesting details of the implementation of a tool that follows the described approach. Finally, we illustrate the application of the technique with two case studies: a Digital Multiplexed Radio Telephone System and the Mondex electronic purse.     

Formalising natural language specifications using a cognitive linguistic/configuration based approach

This paper addresses the problem of transforming business specifications written in natural language into formal models suitable for use in information systems development. It proposes a method for transforming controlled natural language specifications based on the Semantics of Business Vocabulary and Business Rules standard. This approach is unique in combining techniques from Model-Driven Engineering (MDE), Cognitive Linguistics, and Knowledge-based Configuration, which allows the reliable semantic processing of specifications and integration with existing MDE tools to improve productivity, quality, and time-to-market in software development. The method first learns the vocabulary of the specification from glossary-like definitions then parses the rules of the specification and outputs the resulting formal SBVR model. Both aspects of the method are tested separately, with the system correctly learning 98% of the vocabulary and correctly interpreting 98% of the rules of an SBVR SE based example. Finally, the proposed method is compared to state-of-the-art approaches for creating formal models from natural language specifications, arguing that it meets the criteria necessary to fulfil the three goals of (1) shifting control of specification to non-technical business experts, (2) reducing the manual effort involved in formalising specifications, and (3) supporting business experts in creating well-formed sets of business vocabularies and rules.     

基于Web的形式化方法工具RRTChecker的研究与设计

形式化方法工具通常是在UNIX/Linux系统下设计开发的,难于使用阻碍了形式化方法的进一步推广.本文针对形式化方法RAISE,提出了一种研究和开发基于Web的工具的方法.该方法以原有的RAISE工具为基础,通过Shell管道拦截技术、ASP技术、ActiveX DLL技术及路径重写技术,将工具的所有功能集成整合到统一的、用户友好的Web界面上,用户可通过鼠标在浏览器中进行不同的操作.原有的RAISE工具的所有功能,在基于浏览器的集成化工具中得到全面支持.该方法也为开发其它形式化方法基于Web的工具提供了新思路.     

A System for Generating Reverse Engineering Tools: A Case Study of Software Modularisation

The paper presents a case study in the development of software modularisation tools. The tools are produced by using a system for developing code analysers that uses a database to store both a no-loss fine-grained intermediate representation and the analyses' results. The analysers are automatically generated from a high-level specification of the desired analyses expressed in a domain-oriented language. We use a program intermediate representation, called F(p), as the user-visible data base conceptual model. Analysers are specified in a declarative language, called F(p) – , which allows the specification of an analysis in the form of a traversal of an algebraic expression, with accesses to, and stores of, the database information the algebraic expression indexes. A foreign language interface allows the analysers to be embedded into C programs. This is useful, for example, to implement the user interface of an analyser or to facilitate interoperation of the generated analysers with pre-existing tools.     

结合UML和RAISE的软件开发方法研究

面向对象方法形象、直观、使用方便,但难以消除二义性。形式化方法严密、可靠、可验证,但软件规约不直观,不符合开发人员的使用习惯,探讨一种结合面向对象方法UML和形式化方法RAISE的软件开发方法。     

形式描述语言COOZ的集成支撑环境COOZ—Tools

介绍支持面向对象的形式描述语言ＣＯＯＺ的集成支撑环境ＣＯＯＺ－Ｔｏｏｌｓ的设计原则、系统结构、功能、特点和关键的实现技术。ＣＯＯＺ是Ｚ语言的面向对象扩充,从而将形式化语言和面向对象机制有机结合起来。ＣＯＯＺ－Ｔｏｏｌｓ支持基于ＣＯＯＺ的软件开发,它主要由如下工具组成：规格说明编辑、浏览工具、语法语义检查工具、联机帮助工具、项目管理工具。     

Checking Cache-Coherence Protocols with TLA+

We have a great deal of experience using the specification language TLA⁺ and its model checker TLC to analyze protocols designed at Digital and Compaq (both now part of HP). The tools and techniques we have developed apply equally well to software and hardware designs. In this paper, we describe our experience using TLA⁺ and TLC to verify cache-coherence protocols.     

CSDPL—一种基于CMM的软件过程定义语言

软件过程是人和计算机化的工具交互完成的可能持续长时间的复杂实体。软件过程比商业过程自动化程度要低,因为需要更多的人的参与和软件工具的支持,也有更多不断持续改进的需求。软件过程首先要建模,因此建模语言扮演了一个非常关键的角色。从管理的角度出发,CMM提出了一个软件过程概念框架。既要支持软件过程语言的要求的特性,又要支持CMM,基于CMM的软件过程定义语言必须把这个一般性和特殊性的要求结合起来。本文描述的软件过程定义语言CSPDL采用了图形和XML文本相结合的表示方式。同时,软件过程定义工具是支持建模的必需的支持。要尽量地支持软件过程语言的特性,还需要很多工作要做。     

形式语言B与RSL的比较

本文介绍了形式化方法中B方法和RAISE方法,从软件开发生命周期的角度对B语言和RSL进行了比较,归纳了这两种形式化语言的异同和各自的适用范围。     

A Knowledge-Based Software Engineering Environment for reusable software requirements and architectures

This paper describes a prototype Knowledge-Based Software Engineering Environment used to demonstrate the concepts of reuse of software requirements and software architectures. The prototype environment, which is application-domain independent, is used to support the development of domain models and to generate target system specifications from them. The prototype environment consists of an integrated set of commercial-off-the-shelf software tools and custom developed software tools.The concept of reuse is prevalent at several levels of the domain modeling method and prototype environment. The environment itself is domain-independent thereby supporting the specification of diverse application domain models. The domain modeling method specifies a family of systems rather than a single system; features characterize the variations in functional requirements supported by the family and individual family members are specified by the features they are to support. The knowledge-based approach to target system generation provides the rules for generating target system specifications from the domain model; target system specifications, themselves, may be stored in an object repository for subsequent retrieval and reuse.     

Design, construction, and application of a generic visual languagegeneration environment

The implementation of visual programming languages (VPLs) and their supporting environments is time-consuming and tedious. To ease the task, researchers have developed some high-level tools to reduce the development effort. None of these tools, however, can be easily used to create a complete visual language in a seamless way as the lex/yacc tools do for textual language constructions. This paper presents the design, construction and application of a generic visual language generation environment, called VisPro. The VisPro design model improves the conventional model-view-controller framework in that its functional modules are decoupled to allow independent development and integration. The VisPro environment consists of a set of visual programming tools. Using VisPro, the process of VPL construction can be divided into two steps: lexicon definition and grammar specification. The former step defines visual objects and a visual editor, and the latter step provides language grammars with graph rewriting rules. The compiler for the VPL is automatically created according to the grammar specification. A target VPL is generated as a programming environment which contains the compiler and the visual editor. The paper demonstrates how VisPro is used by building a simple visual language and a more complex visual modeling language for distributed programming     

Alliance of model-driven engineering with a proof-based formal approach

Model-driven engineering (MDE) promotes the use of models throughout the software development cycle in order to increase abstraction and reduce software complexity. It favors the definition of domain-specific modeling languages (DSMLs) thanks to frameworks dedicated to meta-modeling and code generation like EMF (Eclipse Modeling Framework). The standard semantics of meta-models allows interoperability between tools such as language analysers (e.g., XText), code generators (e.g., Acceleo), and also model transformation tools (e.g., ATL). However, a major limitation of MDE is the lack of formal reasoning tools allowing to ensure the correctness of models. Indeed, most of the verification activities offered by MDE tools are based on the verification of OCL constraints on instances of meta-models. However, these constraints mainly deal with structural properties of the model and often miss out its behavioral semantics. In this work, we propose to bridge the gap between MDE and the rigorous world of formal methods in order to guarantee the correctness of both structural and behavioral properties of the model. Our approach translates EMF meta-models into an equivalent formal B specification and then injects models into this specification. The equivalence between the resulting B specification and the original EMF model is kept by proven design steps leading to a rigorous MDE technique. The AtelierB prover is used to guarantee the correctness of the model’s behavior with respect to its invariant properties, and the ProB model-checker is used to animate underlying execution scenarios which are translated back to the initial EMF model. Besides the use of these automatic reasoning tools in MDE, proved B refinements are also investigated in this paper in order to gradually translate abstract EMF models to concrete models which can then be automatically compiled into a programming language.