The paper describes the application of an automated verification tool to a software model developed at Ford Motor Company. Ford already has in place an advanced model-based software development framework that employs the Matlab(R), Simulink(R), and Stateflow(R) modeling tools. During this project, we applied the invariant checker Salsa to a Simulink(R)/Stateflow(R) model of automotive software to check for nondeterminism, missing cases, dead code, and redundant code. During the analysis, a number of anomalies were detected that had not been found during manual review. We argue that the detection and correction of these problems demonstrates a cost-effective application of formal verification that elevates our level of confidence in the model.
{"title":"Automated validation of software models","authors":"Steve Sims, R. Cleaveland, K. Butts, S. Ranville","doi":"10.1109/ASE.2001.989794","DOIUrl":"https://doi.org/10.1109/ASE.2001.989794","url":null,"abstract":"The paper describes the application of an automated verification tool to a software model developed at Ford Motor Company. Ford already has in place an advanced model-based software development framework that employs the Matlab(R), Simulink(R), and Stateflow(R) modeling tools. During this project, we applied the invariant checker Salsa to a Simulink(R)/Stateflow(R) model of automotive software to check for nondeterminism, missing cases, dead code, and redundant code. During the analysis, a number of anomalies were detected that had not been found during manual review. We argue that the detection and correction of these problems demonstrates a cost-effective application of formal verification that elevates our level of confidence in the model.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"336 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122328165","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The paper proposes a novel approach to locating software components from a large component repository: context-aware browsing. Without any explicit input from software developers, this approach automatically locates and presents a list of software components that could possibly be used in the current development situation. This automation of the component location process not only greatly reduces the search space of components so that software developers can easily browse and choose the desired components, but also enables software developers to use components whose existence they do not even anticipate. A software agent that supports context-aware browsing has been developed and evaluated.
{"title":"Context-aware browsing of large component repositories","authors":"Y. Ye, G. Fischer","doi":"10.1109/ASE.2001.989795","DOIUrl":"https://doi.org/10.1109/ASE.2001.989795","url":null,"abstract":"The paper proposes a novel approach to locating software components from a large component repository: context-aware browsing. Without any explicit input from software developers, this approach automatically locates and presents a list of software components that could possibly be used in the current development situation. This automation of the component location process not only greatly reduces the search space of components so that software developers can easily browse and choose the desired components, but also enables software developers to use components whose existence they do not even anticipate. A software agent that supports context-aware browsing has been developed and evaluated.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"69 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116446959","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Detecting symmetries in the structure of systems is a well known technique falling in the class of bisimulation (strongly) preserving state space reductions. Previous work in applying symmetries to aid model checking focuses mainly on process topologies and user specified data types. We applied the symmetry framework to model checking object-based programs that manipulate dynamically created objects, and developed a linear-time heuristic for finding the canonical representative of a symmetry equivalence class. The strategy was implemented in the object-based model checker dSPIN and some experiments, yielding encouraging results, have been carried out.
{"title":"Exploiting heap symmetries in explicit-state model checking of software","authors":"Radu Iosif","doi":"10.1109/ASE.2001.989811","DOIUrl":"https://doi.org/10.1109/ASE.2001.989811","url":null,"abstract":"Detecting symmetries in the structure of systems is a well known technique falling in the class of bisimulation (strongly) preserving state space reductions. Previous work in applying symmetries to aid model checking focuses mainly on process topologies and user specified data types. We applied the symmetry framework to model checking object-based programs that manipulate dynamically created objects, and developed a linear-time heuristic for finding the canonical representative of a symmetry equivalence class. The strategy was implemented in the object-based model checker dSPIN and some experiments, yielding encouraging results, have been carried out.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134286161","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Although formal methods have been successfully applied in various industrial applications, their use in software development is still restricted to individual case studies. To overcome this situation we aim at a methodology for an evolutionary formal software development which allows for a stepwise and incremental development process along the line of rapid prototyping. The approach is based on work on a formal management of change for formal developments which is able to maintain proofs when changing specifications.
{"title":"Towards an evolutionary formal software development","authors":"D. Hutter, Axel Schairer","doi":"10.1109/ASE.2001.989842","DOIUrl":"https://doi.org/10.1109/ASE.2001.989842","url":null,"abstract":"Although formal methods have been successfully applied in various industrial applications, their use in software development is still restricted to individual case studies. To overcome this situation we aim at a methodology for an evolutionary formal software development which allows for a stepwise and incremental development process along the line of rapid prototyping. The approach is based on work on a formal management of change for formal developments which is able to maintain proofs when changing specifications.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125956309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Summary form only given. System level design is nowadays a complex process due to heterogeneity of domains of components in a single system. The language standard, Rosetta, was proposed as a means to help in such designs. An important feature in Rosetta is known as domain interaction and involves the analysis of interaction between models from domain to domain. The resulting iteration models can then be used to ensure correctness of the system at the design level. The goal of my doctoral dissertation is therefore to implement the semantics of domain interactions in Rosetta and to apply it in the specification of real world examples.
{"title":"Implementation of specification conjunction and domain interaction in Rosetta","authors":"Cindy Kong","doi":"10.1109/ASE.2001.989848","DOIUrl":"https://doi.org/10.1109/ASE.2001.989848","url":null,"abstract":"Summary form only given. System level design is nowadays a complex process due to heterogeneity of domains of components in a single system. The language standard, Rosetta, was proposed as a means to help in such designs. An important feature in Rosetta is known as domain interaction and involves the analysis of interaction between models from domain to domain. The resulting iteration models can then be used to ensure correctness of the system at the design level. The goal of my doctoral dissertation is therefore to implement the semantics of domain interactions in Rosetta and to apply it in the specification of real world examples.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127826127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Generative programming methods provide some significant advantages for the repeated deployment of product line architectures. The paper considers XML as a tool for building and describing applications that use generative programming methods. It describes techniques for the creation of a generative framework, presents a case study and discusses the results of practical application of these methods in a real world, enterprise scale, product line architecture. The paper presents the advantages of using an XML descriptor that can be easily transformed to generate both static and dynamically configurable software components for direct deployment in an application framework. Two implementation approaches are considered: an indirect approach using XSL for the transformations; and a direct approach where the XML descriptor is parsed and dealt with programmatically. The relative advantages of these two approaches are discussed. The paper provides practical examples and presents lessons learned from the application of the techniques.
{"title":"Developing generative frameworks using XML","authors":"Iain McLaren, Tony Wicks","doi":"10.1109/ASE.2001.989831","DOIUrl":"https://doi.org/10.1109/ASE.2001.989831","url":null,"abstract":"Generative programming methods provide some significant advantages for the repeated deployment of product line architectures. The paper considers XML as a tool for building and describing applications that use generative programming methods. It describes techniques for the creation of a generative framework, presents a case study and discusses the results of practical application of these methods in a real world, enterprise scale, product line architecture. The paper presents the advantages of using an XML descriptor that can be easily transformed to generate both static and dynamically configurable software components for direct deployment in an application framework. Two implementation approaches are considered: an indirect approach using XSL for the transformations; and a direct approach where the XML descriptor is parsed and dealt with programmatically. The relative advantages of these two approaches are discussed. The paper provides practical examples and presents lessons learned from the application of the techniques.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130789418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
For a number of years, members of the artificial intelligence (AI) in design community have studied design rationale (DR), the reasons behind decisions made while designing. A record of what decisions were made, and why, is especially valuable for software maintenance. One reason for this is that the software lifecycle is a long one. Large projects may take years to complete and spend even more time out in the field being used (and maintained). The combination of a long lifecycle and the typically high personnel turnover in the software industry increases the probability that the original designer is unlikely to be available for consultation when problems arise. J. Lee's survey (1997) presents an excellent overview of DR research. There has also been work specific to software design, such as Boehm's WinWin (1994).
{"title":"Design rationale for software maintenance","authors":"J. Burge, David C. Brown","doi":"10.1109/ASE.2001.989846","DOIUrl":"https://doi.org/10.1109/ASE.2001.989846","url":null,"abstract":"For a number of years, members of the artificial intelligence (AI) in design community have studied design rationale (DR), the reasons behind decisions made while designing. A record of what decisions were made, and why, is especially valuable for software maintenance. One reason for this is that the software lifecycle is a long one. Large projects may take years to complete and spend even more time out in the field being used (and maintained). The combination of a long lifecycle and the typically high personnel turnover in the software industry increases the probability that the original designer is unlikely to be available for consultation when problems arise. J. Lee's survey (1997) presents an excellent overview of DR research. There has also been work specific to software design, such as Boehm's WinWin (1994).","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126525885","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Scenario-based specifications offer an intuitive and visual way of describing design requirements of distributed software systems. For the communication paradigm based on messages, message sequence charts (MSC) offer a standardized and formal notation amenable to formal analysis. In this paper we define shared variables interaction diagrams (SVID) as the counterpart of MSCs when processes communicate via shared variables. After formally defining SVIDs, we develop an intuitive as well as formal definition of refinement for SVIDs. This notion provides a basis for systematically adding details to SVID requirements.
{"title":"Shared variables interaction diagrams","authors":"R. Alur, R. Grosu","doi":"10.1109/ASE.2001.989814","DOIUrl":"https://doi.org/10.1109/ASE.2001.989814","url":null,"abstract":"Scenario-based specifications offer an intuitive and visual way of describing design requirements of distributed software systems. For the communication paradigm based on messages, message sequence charts (MSC) offer a standardized and formal notation amenable to formal analysis. In this paper we define shared variables interaction diagrams (SVID) as the counterpart of MSCs when processes communicate via shared variables. After formally defining SVIDs, we develop an intuitive as well as formal definition of refinement for SVIDs. This notion provides a basis for systematically adding details to SVID requirements.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116773214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Most distributed system specifications have performance benchmark requirements. However, determining the likely performance of complex distributed system architectures during development is very challenging. We describe a system where software architects sketch an outline of their proposed system architecture at a high level of abstraction, including indicating client requests, server services, and choosing particular kinds of middleware and database technologies. A fully working implementation of this system is then automatically generated, allowing multiple clients and servers to be run. Performance tests are then automatically run for this generated code and results are displayed back in the original high-level architectural diagrams. Architects may change performance parameters and architecture characteristics, comparing multiple test run results to determine the most suitable abstractions to refine to detailed designs for actual system implementation. We demonstrate the utility of this approach and the accuracy of our generated performance test-beds for validating architectural choices during early system development.
{"title":"Generation of distributed system test-beds from high-level software architecture descriptions","authors":"J. Grundy, Yuhong Cai, Anna Liu","doi":"10.1109/ASE.2001.989805","DOIUrl":"https://doi.org/10.1109/ASE.2001.989805","url":null,"abstract":"Most distributed system specifications have performance benchmark requirements. However, determining the likely performance of complex distributed system architectures during development is very challenging. We describe a system where software architects sketch an outline of their proposed system architecture at a high level of abstraction, including indicating client requests, server services, and choosing particular kinds of middleware and database technologies. A fully working implementation of this system is then automatically generated, allowing multiple clients and servers to be run. Performance tests are then automatically run for this generated code and results are displayed back in the original high-level architectural diagrams. Architects may change performance parameters and architecture characteristics, comparing multiple test run results to determine the most suitable abstractions to refine to detailed designs for actual system implementation. We demonstrate the utility of this approach and the accuracy of our generated performance test-beds for validating architectural choices during early system development.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115176879","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Reverse engineering a program constructs a high-level representation suitable for various software development purposes such as documentation or reengineering. Unfortunately however, there are no established guidelines to assess the adequacy of such a representation. We propose two such criteria, completeness and accuracy, and show how they can be determined during the course of reversing the representation. A representation is successfully reversed when it is given as input to a suitable code generator, and a program equivalent to the original is produced. To explore this idea, we reverse engineer a small but complex numerical application, represent our understanding using algebraic specifications, and then use a code generator to produce code from the specification. We discuss the strengths and weaknesses of the approach as well as alternative approaches to reverse engineering adequacy.
{"title":"Adequate reverse engineering","authors":"S. Rugaber, T. Shikano, R. Stirewalt","doi":"10.1109/ASE.2001.989809","DOIUrl":"https://doi.org/10.1109/ASE.2001.989809","url":null,"abstract":"Reverse engineering a program constructs a high-level representation suitable for various software development purposes such as documentation or reengineering. Unfortunately however, there are no established guidelines to assess the adequacy of such a representation. We propose two such criteria, completeness and accuracy, and show how they can be determined during the course of reversing the representation. A representation is successfully reversed when it is given as input to a suitable code generator, and a program equivalent to the original is produced. To explore this idea, we reverse engineer a small but complex numerical application, represent our understanding using algebraic specifications, and then use a code generator to produce code from the specification. We discuss the strengths and weaknesses of the approach as well as alternative approaches to reverse engineering adequacy.","PeriodicalId":433615,"journal":{"name":"Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001)","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2001-11-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124874303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: