Pub Date : 2014-11-20DOI: 10.14279/tuj.eceasst.70.982
M. Mohaqeqi, M. Mousavi, Walid Taha
For systematic and automatic testing of cyber-physical systems, in which a set of test cases is generated based on a formal specification, a number of notions of conformance testing have been proposed. In this paper, we review two existing theories of conformance testing for cyber-physical systems and compare them. We point out their fundamental differences, and prove under which assumptions they
{"title":"Conformance Testing of Cyber-Physical Systems: A Comparative Study","authors":"M. Mohaqeqi, M. Mousavi, Walid Taha","doi":"10.14279/tuj.eceasst.70.982","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.982","url":null,"abstract":"For systematic and automatic testing of cyber-physical systems, in which a set of test cases is generated based on a formal specification, a number of notions of conformance testing have been proposed. In this paper, we review two existing theories of conformance testing for cyber-physical systems and compare them. We point out their fundamental differences, and prove under which assumptions they","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129826876","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-20DOI: 10.14279/tuj.eceasst.70.983
Petr Ročkai, J. Barnat, L. Brim
We present an extension of the DIVINE software model checker to support programs with exception handling. The extension consists of two parts, a language-neutral implementation of the LLVM exception-handling instructions, and an adaptation of the C++ runtime for the DIVINE/LLVM exception model. This constitutes an important step towards support of both the full C++ specification and towards verification of real-world C++ programs using a software model checker. Additionally, we show how these extensions can be used to elegantly implement other features with non-local control transfer, most importantly the longjmp function in C.
{"title":"Model Checking C++ with Exceptions","authors":"Petr Ročkai, J. Barnat, L. Brim","doi":"10.14279/tuj.eceasst.70.983","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.983","url":null,"abstract":"We present an extension of the DIVINE software model checker to support programs with exception handling. The extension consists of two parts, a language-neutral implementation of the LLVM exception-handling instructions, and an adaptation of the C++ runtime for the DIVINE/LLVM exception model. This constitutes an important step towards support of both the full C++ specification and towards verification of real-world C++ programs using a software model checker. Additionally, we show how these extensions can be used to elegantly implement other features with non-local control transfer, most importantly the longjmp function in C.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132744262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-20DOI: 10.14279/tuj.eceasst.70.984
Ali Jafari, E. Khamespanah, M. Sirjani, H. Hermanns
Many real-time distributed applications exhibit probabilistic and non-deterministic behaviors. In this paper, we introduce Probabilistic Timed Rebeca (PTRebeca) as an actor-based language for modeling probabilistic distributed real-time systems with asynchronous message passing. We pro- pose the semantics of PTRebeca model in Timed Markov Decision Process (TMDP), the integral semantics of probabilistic timed automaton (PTA) with one digital clock. To analyze PTRebeca models, we develop a tool set to au- tomatically generate a TMDP model from a PTRebeca model in the form of the input language of PRISM model checker. We use PRISM for performance analysis of PTRebeca models against expected reachability and probabilistic reachability properties. We show the applicability of our approach using a few case studies and experimental results.
{"title":"Performance Analysis of Distributed and Asynchronous Systems using Probabilistic Timed Actors","authors":"Ali Jafari, E. Khamespanah, M. Sirjani, H. Hermanns","doi":"10.14279/tuj.eceasst.70.984","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.984","url":null,"abstract":"Many real-time distributed applications exhibit probabilistic and non-deterministic behaviors. In this paper, we introduce Probabilistic Timed Rebeca (PTRebeca) as an actor-based language for modeling probabilistic distributed real-time systems with asynchronous message passing. We pro- pose the semantics of PTRebeca model in Timed Markov Decision Process (TMDP), the integral semantics of probabilistic timed automaton (PTA) with one digital clock. To analyze PTRebeca models, we develop a tool set to au- tomatically generate a TMDP model from a PTRebeca model in the form of the input language of PRISM model checker. We use PRISM for performance analysis of PTRebeca models against expected reachability and probabilistic reachability properties. We show the applicability of our approach using a few case studies and experimental results.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121167133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-20DOI: 10.14279/tuj.eceasst.70.981
R. D. Landtsheer, C. Ponsard, Nicolas Devos
Smartcards are security critical devices requiring a high assurance verification approach. Although formal techniques can be used at design or even at development stages, such systems have to undergo a traditional hardware-in-the-loop testing phase. This phase is subject to two key requirements: achieving exhaustive transition coverage of the behavior of the system under test, and minimizing the testing time. In this context, testing time is highly bound to a specific hardware reset operation. Model-based testing is the adequate approach given the availability of a precise model of the system behavior and its ability to produce high quality coverage while optimizing some cost criterion. %l'argument n'est pas convainquant. This paper presents an original algorithm addressing this problem by reformulating it as an integer programming problem to make a graph Eulerian. The associated cost criterion captures both the number of resets and the total length of the test suite, as an auxiliary objective. The algorithm ensures transition coverage. An implementation of the algorithm was developed, benchmarked, and integrated into an industrial smartcard testing framework. A validation case study from this domain is also presented. The approach can of course be applied to any other domains with similar reset-related testing constraints.
{"title":"A Constraint-Solving Approach for Achieving Minimal-Reset Transition Coverage of Smartcard Behaviour","authors":"R. D. Landtsheer, C. Ponsard, Nicolas Devos","doi":"10.14279/tuj.eceasst.70.981","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.981","url":null,"abstract":"Smartcards are security critical devices requiring a high assurance verification approach. Although formal techniques can be used at design or even at development stages, such systems have to undergo a traditional hardware-in-the-loop testing phase. This phase is subject to two key requirements: achieving exhaustive transition coverage of the behavior of the system under test, and minimizing the testing time. In this context, testing time is highly bound to a specific hardware reset operation. Model-based testing is the adequate approach given the availability of a precise model of the system behavior and its ability to produce high quality coverage while optimizing some cost criterion. %l'argument n'est pas convainquant. This paper presents an original algorithm addressing this problem by reformulating it as an integer programming problem to make a graph Eulerian. The associated cost criterion captures both the number of resets and the total length of the test suite, as an auxiliary objective. The algorithm ensures transition coverage. An implementation of the algorithm was developed, benchmarked, and integrated into an industrial smartcard testing framework. A validation case study from this domain is also presented. The approach can of course be applied to any other domains with similar reset-related testing constraints.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133544173","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.973
Sven Reimer, M. Sauer, Paolo Marin, B. Becker
QBF formulae are usually considered in prenex form, i.e. the quantifierblock is completely separated from the propositional part of the QBF.Among others, the semantics of the QBF is defined by the sequence ofthe variables within the prefix, where existentially quantifiedvariables depend on all universally quantified variables stated to theleft. In this paper we extend that classical definition and consider a newquantification type which we call soft variable. The idea is toallow a flexible position and quantifier type for these variables.Hence the type of quantifier of the soft variable can also bealtered. Based on this concept, we present an optimization problemseeking an optimal prefix as defined by user-given preferences. We statean algorithm based on MaxQBF, and present several applications – mainlyfrom verification area – which can be naturally translated into theoptimization problem for QBF with soft variables. We further implementeda prototype solver for this formalism, and compare our approach toprevious work, that differently from ours does not guarantee optimalityand completeness.
{"title":"QBF with Soft Variables","authors":"Sven Reimer, M. Sauer, Paolo Marin, B. Becker","doi":"10.14279/tuj.eceasst.70.973","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.973","url":null,"abstract":"QBF formulae are usually considered in prenex form, i.e. the quantifierblock is completely separated from the propositional part of the QBF.Among others, the semantics of the QBF is defined by the sequence ofthe variables within the prefix, where existentially quantifiedvariables depend on all universally quantified variables stated to theleft. In this paper we extend that classical definition and consider a newquantification type which we call soft variable. The idea is toallow a flexible position and quantifier type for these variables.Hence the type of quantifier of the soft variable can also bealtered. Based on this concept, we present an optimization problemseeking an optimal prefix as defined by user-given preferences. We statean algorithm based on MaxQBF, and present several applications – mainlyfrom verification area – which can be naturally translated into theoptimization problem for QBF with soft variables. We further implementeda prototype solver for this formalism, and compare our approach toprevious work, that differently from ours does not guarantee optimalityand completeness.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116735445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.977
J. Sproston
A stochastic hybrid system contains a collection of interacting discrete and continuous components, subject to random behaviour. The formal verification of a stochastic hybrid system often comprises a method for the generation of a finite-state probabilistic system which either represents exactly the behaviour of the stochastic hybrid system, or which approximates conservatively its behaviour. We extend such abstraction-based formal verification of stochastic hybrid systems in two ways. Firstly, we generalise previous results by showing how bisimulation-based abstractions of non-probabilistic hybrid automata can be lifted to the setting of probabilistic hybrid automata, a subclass of stochastic hybrid systems in which probabilistic choices can be made with respect to finite, discrete alternatives only. Secondly, we consider the problem of obtaining approximate abstractions for discrete-time stochastic systems in which there are continuous probabilistic choices with regard to the slopes of certain system variables. We restrict our attention to the subclass of such systems in which the approximate abstraction of such a system, obtained using the previously developed techniques of Fraenzle et al., results in a probabilistic rectangular hybrid automaton, from which in turn a finite-state probabilistic system can be obtained. We illustrate this technique with an example, using the probabilistic model checking tool PRISM.
{"title":"Exact and Approximate Abstraction for Classes of Stochastic Hybrid Systems","authors":"J. Sproston","doi":"10.14279/tuj.eceasst.70.977","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.977","url":null,"abstract":"A stochastic hybrid system contains a collection of interacting discrete and continuous components, subject to random behaviour. The formal verification of a stochastic hybrid system often comprises a method for the generation of a finite-state probabilistic system which either represents exactly the behaviour of the stochastic hybrid system, or which approximates conservatively its behaviour. We extend such abstraction-based formal verification of stochastic hybrid systems in two ways. Firstly, we generalise previous results by showing how bisimulation-based abstractions of non-probabilistic hybrid automata can be lifted to the setting of probabilistic hybrid automata, a subclass of stochastic hybrid systems in which probabilistic choices can be made with respect to finite, discrete alternatives only. Secondly, we consider the problem of obtaining approximate abstractions for discrete-time stochastic systems in which there are continuous probabilistic choices with regard to the slopes of certain system variables. We restrict our attention to the subclass of such systems in which the approximate abstraction of such a system, obtained using the previously developed techniques of Fraenzle et al., results in a probabilistic rectangular hybrid automaton, from which in turn a finite-state probabilistic system can be obtained. We illustrate this technique with an example, using the probabilistic model checking tool PRISM.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"73 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116933176","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.975
L. Hatvani, Alexandre David, C. Seceleanu, P. Pettersson
Adjusting to resource changes, dynamic environmental conditions, or new usage modes are some of the reasons why real-time embedded systems need to be adaptive. This requires a rigorous framework for designing such systems, to ensure that the adaptivity does not result in invalidating the system's real-time constraints. To address this need, we have recently introduced adaptive task automata, a frame- work for modeling, verification, and schedulability analysis in adaptive, hard real-time embedded systems, assuming a fixed-priority scheduler. In this work, we extend the adaptive task automata framework to incorporate the earliest-deadline-first scheduling policy, as well as enable implementation of any other dynamic scheduling policy. To prove the decidability of our model, and at the same time maintain a manageable degree of conciseness, we show an encoding of our model as a network of timed automata with clock updates. To support this, we also show that reachability in our class of timed automata with updates is decidable. Our contribution helps to streamline the process of designing safety critical adaptive embedded systems.
{"title":"Adaptive Task Automata with Earliest-Deadline-First Scheduling","authors":"L. Hatvani, Alexandre David, C. Seceleanu, P. Pettersson","doi":"10.14279/tuj.eceasst.70.975","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.975","url":null,"abstract":"Adjusting to resource changes, dynamic environmental conditions, or new usage modes are some of the reasons why real-time embedded systems need to be adaptive. This requires a rigorous framework for designing such systems, to ensure that the adaptivity does not result in invalidating the system's real-time constraints. To address this need, we have recently introduced adaptive task automata, a frame- work for modeling, verification, and schedulability analysis in adaptive, hard real-time embedded systems, assuming a fixed-priority scheduler. In this work, we extend the adaptive task automata framework to incorporate the earliest-deadline-first scheduling policy, as well as enable implementation of any other dynamic scheduling policy. To prove the decidability of our model, and at the same time maintain a manageable degree of conciseness, we show an encoding of our model as a network of timed automata with clock updates. To support this, we also show that reachability in our class of timed automata with updates is decidable. Our contribution helps to streamline the process of designing safety critical adaptive embedded systems.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133179507","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.970
Paolo Arcaini, A. Gargantini, E. Riccobene
In runtime verification, operational models describing the expected system behavior offer some advantages with respect to declarative specifications of properties, especially when designers are more accustomed to them. However, nondeterminism in the specification usually affects performances of those operational methods that explicitly represent all the possible conformant states. In this paper, we tackle the problem of dealing with nondeterminism in an operational runtime verification approach based on the use of Abstract State Machines (ASMs). We propose an SMT-based technique in which ASM computations are symbolically represented and conformance verification is performed by means of satisfability checking. Experiments show that, in most of the cases, the symbolic approach performs better than a technique for ASM-based runtime verification explicitly representing the conformant states.
{"title":"Using SMT for dealing with nondeterminism in ASM-based runtime verification","authors":"Paolo Arcaini, A. Gargantini, E. Riccobene","doi":"10.14279/tuj.eceasst.70.970","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.970","url":null,"abstract":"In runtime verification, operational models describing the expected system behavior offer some advantages with respect to declarative specifications of properties, especially when designers are more accustomed to them. However, nondeterminism in the specification usually affects performances of those operational methods that explicitly represent all the possible conformant states. In this paper, we tackle the problem of dealing with nondeterminism in an operational runtime verification approach based on the use of Abstract State Machines (ASMs). We propose an SMT-based technique in which ASM computations are symbolically represented and conformance verification is performed by means of satisfability checking. Experiments show that, in most of the cases, the symbolic approach performs better than a technique for ASM-based runtime verification explicitly representing the conformant states.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"86 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128377521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.968
E. M. Hahn, A. Hartmanns, H. Hermanns
Stochastic timed automata are an expressive formal model for hard and soft real-time systems. They support choices and delays that can be deterministic, nondeterministic or stochastic. Stochastic choices and delays can be based on arbitrary discrete and continuous distributions. In this paper, we present an analysis approach for stochastic timed automata based on abstraction and probabilistic model checking. It delivers upper/lower bounds on maximum/minimum reachability probabilities and expected cumulative reward values. Based on theory originally developed for stochastic hybrid systems, it is the first fully automated model checking technique for stochastic timed automata. Using an implementation as part of the Modest Toolset and four varied examples, we show that the approach works in practice and present a detailed evaluation of its applicability, its efficiency, and current limitations.
{"title":"Reachability and Reward Checking for Stochastic Timed Automata","authors":"E. M. Hahn, A. Hartmanns, H. Hermanns","doi":"10.14279/tuj.eceasst.70.968","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.968","url":null,"abstract":"Stochastic timed automata are an expressive formal model for hard and soft real-time systems. They support choices and delays that can be deterministic, nondeterministic or stochastic. Stochastic choices and delays can be based on arbitrary discrete and continuous distributions. In this paper, we present an analysis approach for stochastic timed automata based on abstraction and probabilistic model checking. It delivers upper/lower bounds on maximum/minimum reachability probabilities and expected cumulative reward values. Based on theory originally developed for stochastic hybrid systems, it is the first fully automated model checking technique for stochastic timed automata. Using an implementation as part of the Modest Toolset and four varied examples, we show that the approach works in practice and present a detailed evaluation of its applicability, its efficiency, and current limitations.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130639736","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2014-11-18DOI: 10.14279/tuj.eceasst.70.969
Adisak Intana, M. Poppleton, G. Merrett
This paper proposes a Formal Co-simulation (FoCoSim-WSN) framework to provide a good software engineering practice for wireless sensor networks (WSNs) including high-level abstraction, separation of concerns, strong verification and validation (V&V) techniques. This provides an iterative interworking framework which combines the benefits of existing simulation and proof-based formal verification approaches. The complexity of software development for the sensor node controller is reduced by separating the controller model from the simulation environment. Controller algorithms from application through network and MAC layers can be formally developed and verified in a layered manner using the refinement method of the Event-B language and its RODIN toolkit. The absence of certain classes of faults in controller models which cannot be guaranteed by simulation testing techniques, can be proved by formal methods. On the other hand, the MiXiM simulation of physical environment provides full confidence about reliability and performance analysis through long running simulation via wireless channels. Our prototype development confirms the flexibility of the framework for interworking between formal, simulation and co-simulation modelling.
{"title":"A Formal Co-Simulation Approach for Wireless Sensor Network Development","authors":"Adisak Intana, M. Poppleton, G. Merrett","doi":"10.14279/tuj.eceasst.70.969","DOIUrl":"https://doi.org/10.14279/tuj.eceasst.70.969","url":null,"abstract":"This paper proposes a Formal Co-simulation (FoCoSim-WSN) framework to provide a good software engineering practice for wireless sensor networks (WSNs) including high-level abstraction, separation of concerns, strong verification and validation (V&V) techniques. This provides an iterative interworking framework which combines the benefits of existing simulation and proof-based formal verification approaches. The complexity of software development for the sensor node controller is reduced by separating the controller model from the simulation environment. Controller algorithms from application through network and MAC layers can be formally developed and verified in a layered manner using the refinement method of the Event-B language and its RODIN toolkit. The absence of certain classes of faults in controller models which cannot be guaranteed by simulation testing techniques, can be proved by formal methods. On the other hand, the MiXiM simulation of physical environment provides full confidence about reliability and performance analysis through long running simulation via wireless channels. Our prototype development confirms the flexibility of the framework for interworking between formal, simulation and co-simulation modelling.","PeriodicalId":115235,"journal":{"name":"Electron. Commun. Eur. Assoc. Softw. Sci. Technol.","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130680701","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: