Your search keyword '"software/program verification"' showing total 19 results

1. Traceability and SysML design slices to support safety inspections: A controlled experiment

Author

Mehrdad Sabetzadeh, Davide Falessi, Lionel C. Briand, Tao Yue, Shiva Nejati, and Publica

Subjects

Requirements Specification, Correctness, Design, Traceability, Requirements traceability, Settore ING-INF/05, business.industry, Computer science, Empirical software engineering, Software requirements specification, Context (language use), Software and system safety, Systems modeling, Reliability engineering, Software, Systems Modeling Language, Software/program verification, Software engineering, business

Abstract

Certifying safety-critical software and ensuring its safety requires checking the conformance between safety requirements and design. Increasingly, the development of safety-critical software relies on modeling, and the System Modeling Language (SysML) is now commonly used in many industry sectors. Inspecting safety conformance by comparing design models against safety requirements requires safety inspectors to browse through large models and is consequently time consuming and error-prone. To address this, we have devised a mechanism to establish traceability between (functional) safety requirements and SysML design models to extract design slices (model fragments) that filter out irrelevant details but keep enough context information for the slices to be easy to inspect and understand. In this article, we report on a controlled experiment assessing the impact of the traceability and slicing mechanism on inspectors' conformance decisions and effort. Results show a significant decrease in effort and an increase in decisions' correctness and level of certainty.

Published

2014

2. Alignment Practices Affect Distances in Software Development: A Theory and a Model

Author

Per Runeson, Elizabeth Bjarnason, Emelie Engström, and Kari Smolander

Subjects

Knowledge management, Computer science, 02 engineering and technology, Documentation, computer.software_genre, Software sizing, 0202 electrical engineering, electronic engineering, information engineering, Theory, distance, development, Requirements/Specifications, Social software engineering, business.industry, Software development, Software/Program Verification, 020207 software engineering, Data science, Management, Extreme programming practices, Software construction, Personal software process, Computer Science, Package development process, 020201 artificial intelligence & image processing, business, empirical, computer, Human factors, Software project management, software engineering

Abstract

Coordinating a software project across distances is challenging. Even without geographical and time zone distances, other distances within a project can cause communication gaps. For example, organisational and cognitive distances between product owners and development-near roles such as developers and testers can lead to weak alignment of the software and the business requirements. Applying good software development practices, known to enhance alignment, can alleviate these challenges. We present a theoretical model called the Gap Model of how alignment practices affect different types of distances. This model has been inductively generated from empirical data. We also present an initial version of a theory based on this model that explains, at a general level, how practices affect communication within a project by impacting distances between people, activities and artefacts. The presented results provide a basis for further research and can be used by software organisations to improve on software practice.

Published

2014

3. Formal Methods: applying {logics in, theoretical} computer science

Author

Tiziana Margaria and Stefania Gnesi

Subjects

Theoretical computer science, Semantics (computer science), business.industry, Computer science, Formal methods, Software/Program Verification, Petri net, Software, Mathematical aspects of software engineering, State (computer science), Algebra over a field, business

Abstract

An Introduction to Formal Methods is given within the scope of the book "Formal Methods for Industrial Critical Systems: A Survey of Applications Formal Methods for Industrial Critical Systems: A Survey of Applications"

Published

2013

4. A tool for the synthesis of cryptographic orchestrators

Author

José Antonio Martín, Ernesto Pimentel, Fabio Martinelli, Vincenzo Ciancia, Ilaria Matteucci, Marinella Petrocchi, and Matteucci, Ilaria

Subjects

Model checking, Cryptographic primitive, business.industry, Computer science, Process (engineering), computer.internet_protocol, Distributed computing, Process calculus, Formal methods, Software/Program Verification, 020207 software engineering, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Service-oriented architecture, Cryptographic protocol, 01 natural sciences, 010201 computation theory & mathematics, Validation, 0202 electrical engineering, electronic engineering, information engineering, Temporal logic, business, computer, ComputingMilieux_MISCELLANEOUS

Abstract

Security is one of the main challenges of service oriented computing. Services need to be loosely coupled, easily ac- cessible and yet provide tight security guarantees enforced by cryptographic protocols. In this paper, we address how to automatically synthesize an orchestrator process able to guarantee the secure composition of electronic services, sup- porting different communication and cryptographic proto- cols. We present a theoretical model based on process alge- bra, partial model checking and logical satisfiability, plus an automated tool implementing the proposed theory.

Published

2012

5. Dependability in dynamic, evolving and heterogeneous systems

Author

Bertolino A., Di Giandomenico F., Masci P., Sabetta A., Issarny V., Saadi R., Martinelli F., Matteucci I., and Di Marco A.

Subjects

Dependability analysis, Engineering, Emerging technologies, Adaptive monitoring, 0211 other engineering and technologies, C.2 COMPUTER-COMMUNICATION NETWORKS, 02 engineering and technology, Dependability, Computer security, computer.software_genre, 0202 electrical engineering, electronic engineering, information engineering, Resilience (network), Enforcement, Performance of systems, Workflow process, 021110 strategic, defence & security studies, Computer-communication networks, business.industry, Software/Program Verification, Interoperability, C.4 PERFORMANCE OF SYSTEMS, Risk analysis (engineering), 020201 artificial intelligence & image processing, business, Connectors, computer

Abstract

The EU Future and Emerging Technologies (FET) Project Connect aims at dropping the heterogeneity barriers that prevent the eternality of networking systems through a revo- lutionary approach: to synthesise on-the- y the Connectors via which networked systems communicate. The Connect approach, however, comes at risk from the standpoint of de- pendability, stressing the need for methods and tools that ensure resilience to faults, errors and malicious attacks of the dynamically Connected system. We are investigat- ing a comprehensive approach, which combines dependabil- ity analysis, security enforcement and trust assessment, and is centred around a lightweight adaptive monitoring frame- work. In this project paper, we overview the research that we are undertaking towards this objective and propose a uni- fying work ow process that encompasses all the Connect dependability/security/trust concepts and models.

Published

2010

6. The Metrô Rio ATP Case Study

Author

Daniele Grasso, Alessio Ferrari, Gianluca Magnani, Alessandro Fantechi, and Matteo Tempestini

Subjects

Model-based testing, Correctness, Programming language, Computer science, business.industry, Software/Program Verification, Industrial Case Study, Code coverage, Automatic Train Protection, Stateflow, computer.software_genre, SOFTWARE ENGINEERING, Formal Methods, System under test, Model-based design, Code generation, Software engineering, business, computer, Automatic train protection, computer.programming_language

Abstract

This paper reports on the Simulink/Stateflow based development of the on-board equipment of the Metro Rio Automatic Train Protection system. Particular focus is given to the strategies followed to address formal weaknesses and certification issues of the adopted tool-suite. On the development side, constraints on the Simulink/Stateflow semantics have been introduced and design practices have been adopted to gradually achieve a formal model of the system. On the verification side, a two-phase approach based on model based testing and abstract interpretation has been followed to enforce functional correctness and runtime error freedom. Quantitative results are presented to assess the overall strategy: the effort required by the design activities is balanced by the effectiveness of the verification tasks enabled by model based development and automatic code generation.

Published

2010

7. Evaluating web site quality: a statistical approach

Author

Fabrizio Fabbrini, Mario Fusani, Gianluca Trentanni, Giuseppe Lami, Isabella Biscoglio, and Alessandro Coco

Subjects

medicine.medical_specialty, business.industry, Computer science, Process (engineering), media_common.quotation_subject, Software/Program Verification, Quality Models, Usability, E-commerce, Quality, Software quality, Construction industry, Systems engineering, medicine, Quality (business), Web Sites Quality Evaluation, business, Software engineering, Web modeling, 62Hxx, media_common, Web site

Abstract

The paper introduces a general approach to the construction of a Quality Model for Web Sites. The process for constructing such a newly conceived model is presented and discussed, and examples of its application are shown.

Published

2010

8. An industrial application of formal model based development: the Metro Rio ATP case

Author

Mario Papini, Alessio Ferrari, Daniele Grasso, and Alessandro Fantechi

Subjects

Flexibility (engineering), Engineering, business.industry, Formal semantics (linguistics), Simulink, Software/Program Verification, Industrial Case Study, Stateflow, Design strategy, Certification, SOFTWARE ENGINEERING, Formal Methods, Model-based design, Systems engineering, Code generation, Software engineering, business, Automatic train protection, computer, computer.programming_language

Abstract

The railway and metro signaling industries are currently investigating strategies for the introduction of formal model based development within their development processes. Among the various platforms supporting this technology, the Simulink/Stateflow tool-suite has been adopted in various safety-critical domains for modeling and code generation of controlsystems. Despite their flexibility and ease of use, introduction of these tools for developing dependable software, and in particular signaling applications, has been often hampered by the lack of a rigorous formal semantic sand by the absence of a certified code generator. This paper reports on the Simulink/Stateflow based development of the on-board equipment of the Metro Rio Automatic Train Protection system, describing the design strategy and the approach followed in addressing weaknesses and certification issues related to the adopted tool-suite.

Published

2010

9. Analysis of wireless sensor network protocols in dynamic scenarios

Author

Cinzia Bernardeschi, Paolo Masci, and Holger Pfeifer

Subjects

Protocol (science), Computer science, business.industry, media_common.quotation_subject, Distributed computing, Software/Program Verification, Network Protocols, Performance Analysis and Design Aids, Reverse path forwarding, Key distribution in wireless sensor networks, Mobile wireless sensor network, Computer Science::Networking and Internet Architecture, Quality (business), business, Wireless sensor network, media_common, Computer network, Prototype Verification System (PVS)

Abstract

We describe an approach to the analysis of protocols for wireless sensor networks in scenarios with mobile nodes and dynamic link quality. The approach is based on the theorem proving system PVS and can be used for formal specification, automated simulation and verification of the behaviour of the protocol. In order to demonstrate the applicability of the approach, we analyse the reverse path forwarding algorithm, which is the basic technique used for diffusion protocols for wireless sensor networks.

Published

2009

10. Provable protection against web application vulnerabilities related to session data dependencies

Author

Wouter Joosen, Lieven Desmet, Pierre Verbaeten, and Frank Piessens

Subjects

reliability, Computer science, business.industry, data sharing, Runtime verification, Vulnerability, Data security, web technologies, security, software/program verification, Application software, computer.software_genre, Data sharing, Security engineering, web-based services, Software bug, Web application, Overhead (computing), Session (computer science), Web service, business, Software engineering, computer, Software

Abstract

Web applications are widely adopted and their correct functioning is mission critical for many businesses. At the same time, Web applications tend to be error prone and implementation vulnerabilities are readily and commonly exploited by attackers. The design of countermeasures that detect or prevent such vulnerabilities or protect against their exploitation is an important research challenge for the fields of software engineering and security engineering. In this paper, we focus on one specific type of implementation vulnerability, namely, broken dependencies on session data. This vulnerability can lead to a variety of erroneous behavior at runtime and can easily be triggered by a malicious user by applying attack techniques such as forceful browsing. This paper shows how to guarantee the absence of runtime errors due to broken dependencies on session data in Web applications. The proposed solution combines development-time program annotation, static verification, and runtime checking to provably protect against broken data dependencies. We have developed a prototype implementation of our approach, building on the JML annotation language and the existing static verification tool ESC/Java2, and we successfully applied our approach to a representative J2EE-based e-commerce application. We show that the annotation overhead is very small, that the performance of the fully automatic static verification is acceptable, and that the performance overhead of the runtime checking is limited. ispartof: IEEE transactions on software engineering vol:34 issue:1 pages:50-64 status: published

Published

2008

11. Efficient fault tolerance: an approach to deal with transient faults in multiprocessor architectures

Author

S. Chiaradonna, F. Di Giandomenico, and Andrea Bondavalli

Subjects

Markov chain, Computer science, business.industry, Fault tolerance, Markov process, Multiprocessing, Reliability engineering, symbols.namesake, Embedded system, Software/program verification, Redundancy (engineering), symbols, Dependability, business

Abstract

Dynamic error processing approaches are an important mechanism to increase the reliability in a multiprocessor system, while making efficient use of the available resources. To this end, dynamic error processing must be integrated with a fault treatment approach aiming at optimising resource utilisation. In this paper we propose a diagnosis approach that, accounting for transient faults, tries to remove units very cautiously and to balance between two conflicting requirements. The first is to avoid the removal of units that have experienced transient faults and can be still useful for the system and the other is to avoid to keep failed units whose usage may lead to a premature failure of the system. The proposed fault treatment approach is integrated with a mechanism for dynamic error processing in a complete fault tolerance strategy. Reliability analyses based on the Markov approach and an efficiency evaluation performed by simulation are carried out.

Published

2002

12. Reasoning about interactive systems with stochastic models

Author

Gavin Doherty, Mieke Massink, and Giorgio P. Faconti

Subjects

Model checking, Computer science, business.industry, Stochastic modelling, User modeling, Process calculus, Formal method, Usability, computer.software_genre, Machine learning, Expert system, Nondeterministic algorithm, Hybrid system, Software/program verification, Probability distribution, Artificial intelligence, Set (psychology), business, computer

Abstract

Several techniques for specification exist to capture certain aspects of user behaviour, with the goal of reasoning about the usability of the system and other human-factors related issues. One such approach is to encode a set of assumptions about user behaviour in a user model. A difficulty with this approach is that human behaviour is inherently nondeterministic; humans make errors, perform unexpected actions, and, taken individually, both the occurrence of errors and response times can be unpredictable. Such factors, however can be expected to follow probability distributions, and so an interesting possibility is to apply stochasticor probabilistictec hniques that allow the modelling of uncertainty in user models. Recently, a number of process algebra based approaches to specifying stochastic systems have been proposed and in this paper we examine the possibility of applying these stochastic modelling techniques to reasoning about performance aspects of interactive systems.

Published

2001

13. Towards Integrated Cognitive and Interface Analysis

Author

Howard Bowman, Mieke Massink, Giorgio P. Faconti, and Bowman, Howard

Subjects

Cognitive model, Interface analysis, General Computer Science, business.industry, Computer science, Interface (Java), Formal methods, Computer programming, Usability, Cognition, Notation, LOTOS syndetic modelling language, LOTOS, Theoretical Computer Science, QA76, Human–computer interaction, Software/program verification, Information interfaces and presentation, Syndesis, business, Computer Science(all)

Abstract

Using cognitive architectures to analyse the usability of human-computer interfaces is an extensively investigated strategy. A particularly powerful way to perform such analysis is through syndetic modelling, where both the interface and the chosen cognitive model are described in the same specification framework; allowing the combined behaviour of the two to be analysed. This paper proposes LOTOS as a syndetic modelling language. We highlight four reasons why syndetic modelling is so difficult and show how the LOTOS notation addresses each of these four reasons.

Published

2000

14. A Formal Specification and Validation of a Critical System in Presence of Byzantine Errors

Author

Gnesi, S., Latella, D., Lenzini, G., Abbaneo, C., Amendola, A., Marmo, P., Graf, Susanne, and Schwartzbach, Michael

Subjects

Model checking, Computer science, Safety critical systems, computer.software_genre, Linear temporal logic, Formal specification, SPIN model checker, Temporal logic, Formal verification, computer.programming_language, Programming language, business.industry, Software development, Fault tolerance, Life-critical system, Promela, Software/program verification, Fault tolerant behavior, Formal verifications, business, Algorithm, computer

Abstract

This paper describes an experience in formal specification and fault tolerant behavior validation of a railway critical system. The work, performed in the context of a real industrial project, had the following main targets: (a) to validate specific safety properties in the presence of byzantine system components or of some hardware temporary faults; (b) to design a formal model of a critical railway system at a right level of abstraction so that could be possible to verify certain safety properties and at the same time to use the model to simulate the system. For the model specification we used the Promela language, while the verification was performed using the Spin model checker. Safety properties were specified by means of both assertions and temporal logic formulae. To make the problem of validation tractable in the Spin environment, we used ad hoca abstraction techniques.

Published

2000

15. The changing face of standardization: a place for formal methods?

Author

Ivan Herman, Giorgio P. Faconti, David J. Duke, and David A. Duce

Subjects

Standards, Database, Standardization, Computer science, business.industry, media_common.quotation_subject, PREMO, computer.software_genre, Formal methods, Theoretical Computer Science, Presentation, Documentation, Risk analysis (engineering), Multimedia, New product development, Object-Z, Software/program verification, Quality (business), business, computer, Implementation, Software, media_common

Abstract

Many of the reported experiences in the industrial use of formal methods concern the development of products or product families, where the utility of the method is linked to direct savings in development costs or improved assurance of quality. However, one other area in which formal description techniques make a valuable contribution is in the development and documentation of International Standards, where the cost of using formal methods can be paid off both through increased quality of products that implement a given standard, and through the improved inter-operability of different implementations that comes from having a precise definition of the expected behaviour of a conforming implementation. Standards development, however, has some significant differences from product development, and comes with specific needs and constraints that affect the use of formal description techniques. This paper describes the role that formal methods played in the development of a new standard for distributed multimedia presentation. It describes a number of issues that arose from this experience, and which have longer term importance for formal methods in standards, particularly given the changes that are taking place in the way that standards are developed.

Published

1999

16. An industrial application for the JACK environment

Author

Alessandro Fantechi, Stefania Gnesi, and Cinzia Bernardeschi

Subjects

Engineering, Correctness, business.industry, Formal method, Software/Program Verification, Formal methods, Formal verification, Life-critical system, Hardware and Architecture, Formal specification, Systems engineering, Systems architecture, User interface, business, Software, Information Systems, Graphical user interface

Abstract

JACK, Just Another Concurrency Kit, is a new environment integrating a set of formal verification tools, supported by a graphical interface offering facilities to use these tools separately or in combination. The environment proposes several functionalities for the design, analysis and verification of concurrent systems specified using formal methods. In this paper we outline an experience on formal specification of a real railway interlocking system using JACK. Then we verify, by using JACK'S checking capabilities, the correctness of the specification with respect to safety requirements. Our experience shows that the JACK environment can be applied successfully in the verification of real safety critical systems. © 1997 Elsevier Science Inc.

Published

1997

17. Graphics by a logic database management system

Author

Patrizia Asirelli, F. Nicodemi, D. Di Grande, and Paola Inverardi

Subjects

Graphical data, Iterative and incremental development, Database, Computer science, Programming language, business.industry, CAD, computer.software_genre, Language and Linguistics, Computer Science Applications, Human-Computer Interaction, Software/program verification, Mathematical logic, Logic database, Element (category theory), Graphics, Application of DBMS, business, computer, Graphical user interface

Abstract

The GEDBLOG system allows applications which manipulate graphic objects to be developed following a declarative definitional style. GEDBLOG supports the consistent design and prototyping of graphic applications through an incremental development and makes it possible to guarantee automatically that the application meets its specifications. Typical GEDBLOG applications have graphics as their characterizing element and can be found, for example, in the CAD/CAM, visual languages or graphical interface areas. The system is obtained by integrating a graphical data language in an existing logic database management system, EDBLOG, so that graphic and non-graphic information is handled in a uniform declarative way. © 1994 Academic Press, Inc.

Published

1994

18. Formal Verification in the Design of Gestural Interaction

Author

Giorgio P. Faconti, Gavin Doherty, and Mieke Massink

Subjects

Model checking, General Computer Science, Computer science, business.industry, Programming language, Object language, Formal methods, Formal equivalence checking, Usability, Abstraction model checking, computer.software_genre, Theoretical Computer Science, Software/program verification, business, Formal verification, computer, Gesture, Abstraction (linguistics), Computer Science(all)

Abstract

This paper shows how formal modelling can be used in the design of a dynamic gesture language defined by sequences of poses. It discusses two models at different levels of abstraction dealing with important usability issues of the language such as ambiguity and overlap in the recognition of gestures. An approach to make the language more resilient to intermediate poses is evaluated based on a timed extension of the model. A tool providing model checking for hybrid automata is used to perform systematic and automatic analysis.

19. Verifying mobile processes in the HAL environment

Author

Gioia Ristori, Stefania Gnesi, Marco Pistore, Ugo Montanari, and Gian Luigi Ferrari

Subjects

business.industry, Computer science, Embedded system, Software tool, Mobile station, Formal method, Software/Program Verification, business

Abstract

An abstract is not available.