Abstract
Systems are naturally constructed in hierarchies in which design choices made at higher levels of abstraction ``flow down'' to requirements on system components at lower levels of abstraction. Thus, whether an aspect of the system is a design choice or a requirement depends largely on one's vantage point within the hierarchy of system components. Furthermore, systems are often constructed middle-out rather than top-down; compatibility with existing systems and architectures, or availability of specific components influences high-level requirements. We believe that requirements and architectural design should be more closely aligned: that requirements models must account for hierarchical system construction, and that architectural design notations must better support specification of requirements for system components.
In this presentation, I describe tools supporting iterative development of architecture and verification based on software models. We represent the hierarchical composition of the system in the Architecture Analysis & Design Language (AADL), and use an extension to the AADL language to describe requirements at different levels of abstraction for compositional verification. To describe and verify component-level behavior, we use Simulink and Stateflow and multiple analysis tools.
- D. D. Cofer, A. Gacek, S. P. Miller, M. W. Whalen, B. LaValley, and L. Sha. Compositional verification of architectural models. In A. E. Goodloe and S. Person, editors, Proceedings of the 4th NASA Formal Methods Symposium (NFM 2012), volume 7226, pages 126--140, Berlin, Heidelberg, April 2012. Springer-Verlag. Google Scholar
Digital Library
- G. Devaraj, M. Heimdahl, and D. Liang. Coverage-directed test generation with model checkers: Challenges and opportunities. Computer Software and Applications Conference, Annual International, 1:455--462, 2005. Google Scholar
Digital Library
- Esterel-Technologies. SCADE Suite product description. http://www.esterel-technologies.com/v2/scadeSuiteForSafetyCriticalSoftwareDevelopment/index.html, 2004.Google Scholar
- Mathworks Inc. Simulink product web site. http://www.mathworks.com/products/simulink.Google Scholar
- K. L. McMillan. Circular compositional reasoning about liveness. Technical Report 1999-02, Cadence Berkeley Labs, Berkeley, CA 94704, 1999.Google Scholar
Cross Ref
- S. P. Miller, M. W. Whalen, and D. D. Cofer. Software model checking takes off. Commun. ACM, 53(2):58--64, 2010. Google Scholar
Digital Library
- A. Rajan, M. Whalen, and M. Heimdahl. The Effect of Program and Model Structure on MC/DC Test Adequacy Coverage. In Proceedings of 30th International Conference on Software Engineering (ICSE), 2008. Available at http://crisys.cs.umn.edu/ICSE08.pdf. Google Scholar
Digital Library
Index Terms
Up and out: scaling formal analysis using model-based development and architecture modeling
Recommendations
Up and out: scaling formal analysis using model-based development and architecture modeling
HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technologySystems are naturally constructed in hierarchies in which design choices made at higher levels of abstraction ``flow down'' to requirements on system components at lower levels of abstraction. Thus, whether an aspect of the system is a design choice or ...
Compositional verification of a medical device system
HILT '13Complex systems are by necessity hierarchically organized. Decomposition into subsystems allows for intellectual control, as well as enabling different subsystems to be created by distinct teams. This decomposition affects both requirements and ...
Compositional verification of a medical device system
HILT '13: Proceedings of the 2013 ACM SIGAda annual conference on High integrity language technologyComplex systems are by necessity hierarchically organized. Decomposition into subsystems allows for intellectual control, as well as enabling different subsystems to be created by distinct teams. This decomposition affects both requirements and ...







Comments