scispace - formally typeset
Search or ask a question
Dissertation

Formal Verification of UML-RT Capsules using Model Checking

TL;DR: It is established that it is possible to automate generation of verification models that can be used to demonstrate properties of the original UML-RT capsules, and this is demonstrated with example models created in RSARTE.
Abstract: Formal verification methods have successfully been used to ensure correctness of both hardware and software systems. In contrast to testing methods, that can demonstrate the presence of faults in a system, formal methods can prove their absence. A department of the telecommunications company Ericsson AB in Gothenburg, Sweden, uses the UML-RT language to model software used in WCDMA radio base stations. These concurrent and reactive systems can be modeled in the Eclipse-based RSARTE environment. Previous work underlines a need of narrowing the gap between software development tools used in industry and formal verification tools. This thesis examines the feasibility of using model checking to verify properties of UMLRT capsules. We present a prototype tool for generating verification models in the Promela language for the model checker Spin. The tool is implemented as a model-to-text transformation using the JET tool and is integrated into RSARTE. The result of the work establishes that it, for a subset of constructs in UML-RT, is possible to automate generation of verification models that can be used to demonstrate properties of the original UML-RT capsules. We demonstrate this with example models created in RSARTE.

Content maybe subject to copyright    Report

Citations
More filters
Journal ArticleDOI
TL;DR: An algorithm is introduced to automatically generate a colored Petri net model associated with a state machine description, so as to provide a formal specification of UML state machines.
Abstract: UML state machines are an interesting graphical language to express dynamic systems behavior. However, using the different features available (hierarchy, internal/external transitions, entry/exit/do activities, history pseudostates, etc.) may yield quite complex behaviors that are difficult to inspect and check visually. We introduce an algorithm to automatically generate a colored Petri net model associated with a state machine description, so as to provide a formal specification. In this proposal, although we do not consider concurrent aspects (such as fork and join), we take into ac- count all the above mentioned features in a thorough and integrated way. This is illustrated on some examples.

14 citations

Journal ArticleDOI
TL;DR: This paper proposes a formalisation of UML state machines using coloured Petri nets, and considers in particular concurrent aspects, the hierarchy induced by composite states and their associated activities, external, local or inter-level transitions, entry/exit/do behaviours, transition priorities, and shallow history pseudostates.
Abstract: With the increasing complexity of dynamic concurrent systems, a phase of formal specification and formal verification is needed. UML state machines are widely used to specify dynamic systems behaviours. However, the official semantics of UML is described in a semi-formal manner, which renders the formal verification of complex systems delicate. In this paper, we propose a formalisation of UML state machines using coloured Petri nets. We consider in particular concurrent aspects (orthogonal regions, forks, joins, variables), the hierarchy induced by composite states and their associated activities, external, local or inter-level transitions, entry/exit/do behaviours, transition priorities, and shallow history pseudostates. We use a CD player as a motivating example, and run various verifications using CPN Tools.

10 citations

01 Jan 2011
TL;DR: The direction of this thesis has been to introduce development guidelines into the development of the system at Ericsson to decrease the need to do large refactorings and instead focus on more frequent and smaller refactoring.
Abstract: A large software system is not a static product that can be planned, implemented and then forgotten when finished Software systems are rather evolving entities that need continuous maintenance and refactoring to improve their structure This is a large and common problem in the software industry, as products age they accumulate more features and large amounts of code that the initial architecture were not designed for This leads to a fragmented code base and a slower development processOvercoming software complexity can not be directly solved by a single solution As the problem itself is not caused by a single issue or property, it rather consists of multiple issues that in combination cause the larger problem This thesis goes through some of the problems that where found in a large software system at Ericsson and different types of solutions that might improve the overall structure and development efficiency of the systemThe direction of this thesis has been to introduce development guidelines into the development of the system at Ericsson The main goal of these guidelines is to decrease the need to do large refactorings and instead focus on more frequent and smaller refactorings The guidelines touch on different areas of the development to improve the structure and the development efficiency of the system The areas that are mainly focused on are the architecture, the visual UML diagrams and the source code The main recommendations that have been concluded are the importance of using modern and iterative development processes that include refactoring as an integral part of its phases and to use a more extensible architecture for the system itself As these recommendations are part of a long term solution they are complemented by guidelines for the more daily development to improve the current source code from getting fragmented

1 citations


Cites background from "Formal Verification of UML-RT Capsu..."

  • ...the queue and processes it by generating appropriate responses, and due to the run-to-completion semantic of the capsule only one message will be processed at a time[12]....

    [...]

  • ...This gives the capsules an outside view of a black box[12]....

    [...]

References
More filters
Journal ArticleDOI
TL;DR: It is intended to demonstrate here that statecharts counter many of the objections raised against conventional state diagrams, and thus appear to render specification by diagrams an attractive and plausible approach.

7,184 citations

01 Jan 2007
TL;DR: In this paper, the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc.
Abstract: This paper gives the main definitions relating to dependability, a generic concept including a special case of such attributes as reliability, availability, safety, integrity, maintainability, etc. Security brings in concerns for confidentiality, in addition to availability and integrity. Basic definitions are given first. They are then commented upon, and supplemented by additional definitions, which address the threats to dependability and security (faults, errors, failures), their attributes, and the means for their achievement (fault prevention, fault tolerance, fault removal, fault forecasting). The aim is to explicate a set of general concepts, of relevance across a wide range of situations and, therefore, helping communication and cooperation among a number of scientific and technical communities, including ones that are concentrating on particular types of system, of system failures, or of causes of system failures.

4,335 citations

Journal ArticleDOI
Gerard J. Holzmann1
01 May 1997
TL;DR: An overview of the design and structure of the verifier, its theoretical foundation, and an overview of significant practical applications are given.
Abstract: SPIN is an efficient verification system for models of distributed software systems. It has been used to detect design errors in applications ranging from high-level descriptions of distributed algorithms to detailed code for controlling telephone exchanges. The paper gives an overview of the design and structure of the verifier, reviews its theoretical foundation, and gives an overview of significant practical applications.

4,159 citations


"Formal Verification of UML-RT Capsu..." refers background or methods in this paper

  • ...For reasons of verification efficiency, Spin does not attempt to prove that a behavior is guaranteed; instead Spin attempts to show how a behavior claimed to be impossible can in fact be achieved (Holzmann 1997, p. 97)....

    [...]

  • ...Although it is not impossible to write stutter invariant properties that make use of the next operator (Holzmann 2003), an LTL formula which does not contain the next operator is guaranteed to be stutter invariant (Peled et al. 1995)....

    [...]

  • ...A design is transformed into a description suitable for the model 4LTL is described in more detail in Section 2.3.3....

    [...]

  • ...For a complete description of Spin, Promela and further examples see, e.g., Holzmann (2003), Ben-Ari (2008) and Holzmann (1997)....

    [...]

  • ...8 2.3.3 Property specification in Spin using LTL . . . . . . . . . 10 2.3.4 LTL property verification . . . . . . . . . . . . . . . . . . 11 2.3.5 Problem space reduction . . . . . . . . . . . . . . . . . . . 11...

    [...]

Book
01 Jan 1992
TL;DR: Temporal logic is a formal tool/language which yields excellent results in specifying reactive systems, and this volume (the first two), offers an introduction to temporal logic and to the computational model for reactive programs which has been developed by the authors as mentioned in this paper.
Abstract: Reactive systems are computing systems which are interactive, such as real-time systems, operating systems, concurrent systems and control systems. These are among the most difficult computing systems to program. Temporal logic is a formal tool/language which yields excellent results in specifying reactive systems, and this volume (the first of two), offers an introduction to temporal logic and to the computational model for reactive programs which has been developed by the authors.

2,650 citations