Publications

Consider a requirements model with a set of interfaces representing use cases, and a set of system sequence diagrams specifying the scenarios of the interfaces, this paper discusses how to automatically transform such a model into an inial design model by generating a protocol state machine for each interface from its sequence diagrams, and deriving a controller class as an implementation of the interface. The generated model can be severed as the starting point for the detailed object-oriented design. The contracts of the controller class ensure that the behaviour defined by the sequence diagrams is fully complied with through pre/post-conditions. The transformation takes into account the concurrency and critical area of the respective diagrams. We present the design and implementation of the transformation, which is specified using the graphical notation of QVT Relations and integrated into a CASE tool.

 Deadlocks are a common error in programs with lock-based concurrency and are hard to avoid or even to detect. One way for deadlock prevention is to statically analyze the program code to spot sources of potential deadlocks. Often static approaches try to confirm that the lock-taking adheres to a given order, or, better, to infer that such an order exists. Such an order precludes situations of cyclic waiting for each other’s resources, which constitute a deadlock.

In contrast, we do not enforce or infer an explicit order on locks. Instead we use a behavioral type and effect system that, in a first stage, checks the behavior of each thread or process against the declared behavior, which captures potential interaction of the thread with the locks. In a second step on a global level, the state space of the behavior is explored to detect potential deadlocks. We define a notion of deadlock-sensitive simulation to prove the soundness of the abstraction inherent in the behavioral description. Soundness of the effect system is proven by subject reduction, formulated such that it captures deadlock-sensitive simulation.

Delta-oriented programming allows software developers to define software product lines as variations of a common code base, where variations are expressed as so-called program deltas. Monitor-oriented programming (MOP) provides a mechanism to execute functionality based on the program's execution history; this is useful, e.g., for the purpose of runtime verification and for enforcing security policies.

Integrating formal methods into UML opens up a way to complement UML-based software development with precise semantics, development methodologies, as well as rigorous verification and refinement techniques. In this paper, we present an approach to integrate a formal method to practical component-based model driven development through defining a UML profile that maps the concepts of the formal method as UML stereotypes, and implementing the profile into a CASE tool. Unlike most of the previous works in this vein, which concentrate on verifying the correctness of the models built in the development process, we focus on how the full development process can be driven by applying the refinement rules of the formal method in an incremental and interactive manner. The formal method we adopt in this work is the refinement for Component and Object Systems (rCOS). We demonstrate the development activities in the CASE tool using an example.

We extend our previous approach to run-time verification of a single finite path against a formula in next-free Linear-Time Logic (LTL) with free variables and quantification. We discuss the design space of quantification and introduce a binary operator that binds values based on the current state. The binding semantics of propositions containing quantified variables is a pure top-down evaluation. The alternating binding automaton corresponding to a formula is evaluated in a breadth-first manner, allowing us to detect refuted formulae during execution.

 Preliminary proceedings of the papers presented at the TTSS'08 workshop for the convenience of the workshop participants. A selection of revised papers will be published in Electronic Notes in Theoretical Computer Science by Elsevier.

 Complexity of software development has to be dealt with by dividing the different aspects and different views of the system and separating different concerns in the design. This implies the need of different modelling notations and tools to support more and more phases of the entire development process. To ensure the correctness of the models produced, the tools therefore need to integrate sophisticated checkers, generators and transformations. A feasible approach to ensure high quality of such add-ins is to base them on sound formal foundations. This paper reports our experience in the work on the Common Component Modelling Example (CoCoME) and shows where such add-ins will fit. In particular, we show how the formal techniques developed in rCOS can be integrated into a component-based development process, and where it can be integrated in and provide extension to an existing successful commercial tool for adding formally supported checking, transformation and generation modules. This is published in Formal Methods and Hybrid Real-Time Systems, Essays in Honour of Dines Bjorner and Zhou Chaochen on the Occasion of Their 70th Birthdays Lecture Notes in Computer Science 4700. Keywords: Software development tool, software process, formal methods, tool design.