L. Jagadeesan, J. Von Olnhausen, and C. Puchol. A formal approach to reactive system software: A telecommunications application in Esterel. Journal of Formal Methods in Systems Design, 8(2), March 1996.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....NON DETERMINISM 11 ffl Communication protocols, or more precisely the control part that concerns connection, disconnection, failure recovery, quality of service control, etc. The stimuli are either physical signals sent by line handler devices or logical signals generated by packet decoding. See [13, 43, 35, 36, 22] for examples. ffl Peripheral drivers that control disks, printers, or other computer peripherals. ffl Hardware glue logic and controllers. Glue logic is a common name for protocols and drivers in hardware design. A typical glue logic device is an interface between two busses. Controllers are ....

L. Jagadeesan, J. Von Olnhausen, and C. Puchol. A formal approach to reactive system software: A telecommunications application in Esterel. Journal of Formal Methods in Systems Design, 8(2), March 1996.

....NON DETERMINISM 11 ffl Communication protocols, or more precisely the control part that concerns connection, disconnection, failure recovery, quality of service control, etc. The stimuli are either physical signals sent by line handler devices or logical signals generated by packet decoding. See [13, 43, 35, 36, 22] for examples. ffl Peripheral drivers that control disks, printers, or other computer peripherals. ffl Hardware glue logic and controllers. Glue logic is a common name for protocols and drivers in hardware design. A typical glue logic device is an interface between two busses. Controllers are ....

L. Jagadeesan, J. Von Olnhausen, and C. Puchol. A formal approach to reactive system software: A telecommunications application in Esterel. Journal of Formal Methods in Systems Design, 8(2), March 1996.

....follows through the use of parenthesis. Note that, the general parallel compo11 sitions S 1 S 2 , where S 1 , S 2 themselves may be hMSC references, can also be represented in this way. 3. 4 A Simple Example To illustrate the above features, we shall use the example of a simple Microwave Oven [16]. Here, we shall consider a part of the microwave oven which is relevant to this section. The microwave oven is used for heating food for a specific time duration. The oven does nothing until a START signal is received (e.g. pressing a start button on a panel) it turns on HEAT for the duration ....

Lalita J. Jagadeesan, Carlos Puchol, and James Von Olnhausen. A Formal Approach to Reactive System Software: A Telecommunications Application in Esterel. International Workshop on Industrial-Strength Formal Methods, Boca Raton, FL, April 1995.

....through the use of parenthesis. Note that, the general parallel compositions S 1 k S 2 , where S 1 ; S 2 themselves may be hMSC references, can also represented in this way. D. A Simple Example To illustrate the features discussed above, we shall use the example of a simple Microwave Oven [11]. For lack of space, we shall consider a part of the microwave oven which is relevant to this section. The microwave oven is used for heating food for specific time duration. The oven does nothing until a START signal is received (e.g. pressing a start button on a panel) it turns on HEAT for the ....

Lalita J. Jagadeesan, Carlos Puchol, and James Von Olnhausen. A Formal Approach to Reactive System Software: A Telecommunications Application in Esterel. International Workshop on Industrial-Strength Formal Methods, Boca Raton, FL, April 1995.

....at a higher abstraction level; in our model, object creation and deletion can be observed at the process level (see Section 3.3) 3.2. Property specification with LTL For the specification of behavioral constraints we advocate the use of LTL. In several (industrial) projects like [17,19]and[20], temporal logic has been successfully used for the specification of behavioral constraints that should be satisfied by some executable specification. We feel that LTL especially with its well understood theoretical foundations has the potential to serve as a suitable vehicle for expressing ....

.... [5] N A DS D yes yes [35]N A DB yes yes [2]TChimera DB yes no [3]TROLL IS A yesyes [4]TRIO IS A yesyes [7]OSL IS A yesyes [9] Templar DS AD no yes [36]Rapide DS ADyes no Our model DS D yes yes Even though there are a few success stories of temporal logic in the industry, e.g. 19]and[20]) a survey on the use of formal methods [32] revealed that temporal logic receives only marginal attention. Most current temporal logic based proposals for the design stage of software development (e.g. 34] do not consider object systems. The application of research stemming from protocol ....

Jagadeesan L, Puchol C, Olnhausen J. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Journal of Formal Methods in System Design 1995.

....lies not only in the style, but in their seamless integration with existing software development practices through the programming environments with which they are provided. A short overview of the marketed environments that support each language, and some industrial applications, can be found in [2, 19]. In addition to project management facilities, and editing facilities that mix text and graphics, the commercial environments provide advanced features for design validation, and back end compilation to various languages like C or VHDL. The SYNCHRONIE THE SYNCHRONOUS APPROACH TO DESIGNING ....

L. J. Jagadeesan, C. Puchol, and J. E. von Olnhausen. A formal approach to reactive systems software: A telecommunicationsapplication in ESTEREL. Formal Methods in System Design, 8(2):123--151,Mar. 1996.

....from SMV, while simpler than the output from STeP, still required decoding. In the case of STeP and SMV, the semantics of the temporal logic require the exhibition of an appropriate infinite behaviour. This requires the identification of a suitable loop in the original program. The tool TempEst [JPO95] was used to convert the bounded safety temporal formula to an Esterel program. This had the advantage that the user can run the generated program to get an operational understanding of the the formula. The program associated with the formula can be run in parallel with the original automaton. A ....

L. J. Jagadeesan, C. Puchol, and J. E. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in Esterel. In Workshop on Industrial-Strength Formal Specification Techniques, April 1995.

....lies not only in the style, but in their seamless integration with existing software development practices through the programming environments with which they are provided. A short overview of the marketed environments that support each language, and some industrial applications, can be found in [4, 17]. In addition to project management facilities, and editing facilities that mix text and graphics, the commercial environments provide advanced features for design validation, and back end compilation to various languages like C or VHDL. The Synchronie workbench also provides such features, but ....

L. J. Jagadeesan, C. Puchol, and J. E. V. Olnhausen. A formal approach to reactive systems software: A telecommunications application in Esterel. Formal Methods in System Design, 8(2):123--151, Mar. 1996.

....explicitly requested to do so. The reaction is also required to be deterministic: for any state of the program and any input event, there is exactly one possible output event. In perfectly synchronous languages, a reaction is also called an instant. 1 For a detailed treatment, please refer to [30, 96, 36, 26, 20] 110 A.1 Statements Esterel has two kinds of statements: the primitive or kernel statements, and the derived statements that can be expanded into primitive ones by macro expansion and make the language more user friendly. Derived statements are not semantically meaningful and will not be ....

C. Puchol et al. A formal approach to reactive systems software: A telecommunications application in Esterel. In Proceedings of the Workshop on Industrial Strength Formal Specification Techniques, April 1995.

.... something bad will not happen ) For bounded response properties (i.e. something good will happen within x steps ) formulas of temporal logic are easier to specify. Though there exists a system which gives an automatic translation of such a property in temporal logic to a synchronous observer [12]. In [34] we report on whether the proof of a property of the system should be proved on a model of the composition of its subsystems, or that it should be split into different properties of the subsystems and proved separately for each subsystem. The study of the compositional versus ....

L.J. Jagadeesan, C. Puchol, and J.E. Von Olnhausen. A Formal Approach to Reactive Systems Software: A Telecommunications Application in Esterel. Formal Methods in System Design, 8:123--151, 1996.

....through a driver routine. The driver routine executes the state machine whenever there is an input from the external environment. Thus, our problem is to execute the state machine under certain conditions(namely when give step is emitted) even when there is no external input. The trick here (as in [11]) is to set a bit for every occurrence of give step that is checked by the driver routine; the bit indicates that the driver routine must generate a tick (and supply a STEP ) 7 . Thus, due to the presence of await STEP in the translation for transitions, although the actions are activated in ....

Puchol, C. et al. A Formal Approach to Reactive Systems Software: A Telecommunications Application in Esterel. In Proc. of the Workshop on Industrial Strength Formal Specification Techniques (April 1995).

....lies not only in the style, but in their seamless integration with existing software development practices through the programming environments with which they are provided. A short overview of the marketed environments that support each language, and some industrial applications, can be found in [2, 19]. In addition to project management facilities, and editing facilities that mix text and graphics, the commercial environments provide advanced features for design validation, and back end compilation to various languages like C or VHDL. The SYNCHRONIE ######### ### ### ####### ### ### # # # # ....

L. J. Jagadeesan, C. Puchol, and J. E. von Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Formal Methods in System Design, 8(2):123--151, Mar. 1996.

....level; in our model, object creation and deletion can be observed at the process level (See Section 3.3) 3. 2 Property specification with LTL For the specification of behavioral constraints we advocate the use of Linear time Temporal Logic (LTL) In several (industrial) projects like [4] 20] and [22], temporal logic has been successfully used for the specification of behavioral constraints that should be satisfied by some executable specification. We feel that LTL especially with its well understood theoretical foundations has the potential to serve as a suitable vehicle for expressing ....

....are believed to cover the majority of properties one would ever wish to specify (and verify) safety (2p) response (2(p 3q) and precedence (2(p q U r) Holzmann [20] followed the argumentation of Manna and Pnueli and considers only the three abovementioned classes. In a similar project [22], only safety properties were considered. In our work it turned out that safety and precedence properties cover a multitude of properties as they are stated upon industrial systems. However, the complexity of the system we had to deal with was such that some properties we needed to express, did ....

[Article contains additional citation context not shown here]

L. Jagadeesan, C. Puchol, and J. Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Journal of Formal Methods in System Design, 1995.

....specification language to express behavioral constraints that the service should satisfy, and validation techniques (like model checking) Unless otherwise stated, the formal technique listed in Table 2 indicates the modelling language. Company Formal technique Ref. Lucent SDL [4] Lucent Esterel [5] Dutch PTT ACTL [6] SNI FSM [7] BT Z [8] CSELT Promela [9] Table 2: Formal techniques in the comm. domain At Lucent, several formal method projects aimed at designing and implementing software for the Lucent 5ESS (Electronic Switching System) and several formal methods have been applied over a ....

....FSM [7] BT Z [8] CSELT Promela [9] Table 2: Formal techniques in the comm. domain At Lucent, several formal method projects aimed at designing and implementing software for the Lucent 5ESS (Electronic Switching System) and several formal methods have been applied over a longer time period, e.g. [4, 5]. The NewCoRe project described in [4] ran over a two year period. A specification of 7,500 lines of (noncommented) SDL code was written and about 150 correctness properties were formally specified and verified for the SDL model. As a result, a total of 112 serious design errors were detected in ....

[Article contains additional citation context not shown here]

L. Jagadeesan, C. Puchol, and J. Olnhausen, "A formal approach to reactive systems software: A telecommunications application in ESTEREL," Journal of Formal Methods in System Design, 1995.

....j; oe; k) j= p (oe; j) j= 3p ( 9k j; oe; k) j= p and finally (oe; j) j= p U q ( 9k j; oe; k) j= q and 8i; j i k; oe; i) j= p. Linear time temporal logic has already been used in several industrial projects to express properties that the software under construction should satisfy [6] [7]. However, there is only limited information in the literature about the complexity of the properties as they arise from industrial software development. In most papers, the complexity of the properties expressed in real systems remains unclear. In [8] Manna and Pnueli give three classes of ....

L. Jagadeesan, C. Puchol, and J. Olnhausen, "A formal approach to reactive systems software: A telecommunications application in ESTEREL," Journal of Formal Methods in System Design, 1995.

....in formal models. Thus, the extension of established foundations in the temporal logic domain still needs deeper investigation for industrial strength object oriented distributed systems (OODS) Even though there are a few success stories of temporal logic in the industry, e.g. 19] and [21]) a survey on the use of formal methods [38] revealed that temporal logic receives only marginal attention. After twenty years of research, the overall impact of temporal logic on mainstream software design has been limited. In this paper we present a formal model for the design stage of ....

....discipline discriminates between requirements and implementations. While many formal description techniques like LOTOS or SDL allow to write (executable) formal specifications, they provide no support to express correctness requirements. In several (industrial) projects like [5] 19] and [21], temporal logic has been successfully used for the specification of behavioral constraints that should be satisfied by some executable specification. We feel that especially LTL with its well understood theoretical foundations has the potential to serve as a suitable vehicle for expressing ....

[Article contains additional citation context not shown here]

L. Jagadeesan, C. Puchol, and J. Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Journal of Formal Methods in System Design, 1995.

....limited attention from the (tele ) communications community. Table 2: Formal techniques Table 2 lists some of the most frequently used formal techniques. Almost every formal method has been applied to communication services: Finite State Machines (FSM) 34] Petri nets [68] Promela [29] Esterel [50] and many others. However, the (tele )communications community has been paying special attention to the three standardized FDTs: LOTOS [45] Estelle [46] and SDL [15] These FDTs, originally developed to unambiguously specify protocol standards, became standardized about 15 years ago and they have ....

....the specification and validation of communication services. Temporal logic (TL) also seems to have attracted some interest from the industry and has been used in connection with other FDTs such as SDL [42] TL is also integrated in commercial products [77] 79] Company FM References AT T Esterel [50] AT T SDL [5] 43] 41] AT T SDL, TL [42] AT T Z [83] AT T Promela, Z [84] Bellcore Promela, LTL [60] BT Z [2] BT SDL [54] 28] CSELT Promela [9] Deutsche Telekom et al. 1 Petri nets, SDL [14] Dutch PTT, Telia SDL, ACTL [12] 66] France T el ecom Z [53] Nortel SDL [81] Score 2 SDL, Z, ACTL ....

[Article contains additional citation context not shown here]

L. Jagadeesan, C. Puchol, and J. Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Journal of Formal Methods in System Design, 1995.

....considered in formal models. Thus, the extension of established foundations in the temporal logic domain still needs deeper investigation for industrial strength object oriented distributed systems (OODS) Even though there are a few success stories of temporal logic in the industry, e.g. 18] and [20], a survey on the use of formal methods [37] revealed that temporal logic receives only marginal attention. After twenty years of research, the overall impact of temporal logic on mainstream software design has been limited. In this paper we present a formal model for the design stage of ....

....out that a major engineering discipline discriminates between requirements and implementations. While many FDTs like LOTOS or SDL allow to write (executable) formal specifications, they provide no support to express correctness requirements. In several (industrial) projects like [4] 18] and [20], temporal logic has been successfully used for the specification of behavioral constraints that should be satisfied by some executable specification. We feel that especially LTL with its well understood theoretical foundations has the potential to serve as a suitable vehicle for expressing ....

[Article contains additional citation context not shown here]

L. Jagadeesan, C. Puchol, and J. Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Journal of Formal Methods in System Design, 1995.

No context found.

L.J. Jagadeesan, C. Puchol, and J.E. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. In Proc. Workshop on Industrialstrength Formal Spec. Techniques, April 1995.

....large portions of the 5ESS switching system satisfy the synchrony hypothesis for these reasons. Even when existing switch software is not compatible with our testing technique, it may still be possible to upgrade the software to satisfy the tool s requirements. For example, in a separate study [11], we re wrote part of the 5ESS software. This new system satisfied the synchrony hypothesis and would have met our testing tool s interface requirements. Modular Design Our testing technique involves a form of black box testing. Therefore, it is appropriate for modules that have clear entry and ....

L. Jagadeesan, C. Puchol, and J. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in Esterel. Formal Methods in System Design, 8(2), March 1996.

....violate this assumption. The benefits that accrue from integrating these two paradigms are illustrated by the telecommunications case study of [8] In this case study, the entire functionality of the software was implemented in Triveni. In contrast, the Esterel implementation of the same software [17] had to rely on external implementations to realize the full functionality e.g. an autonomously evolving timer process and asynchronous communication between loosely coupled components via operating system calls. The flexibility of Triveni comes at a price; synchronous programming languages ....

L. Jagadeesan, C. Puchol, and J. E. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. Formal Methods in System Design, 8(2):123--152, March 1996.

....the stages described can be more or less improved, however, the theoretical bottleneck lies in the ESTEREL compilation step, since the resulting state space of the system can be, in the worst case, exponential on the size of the program. We have also performed verification in several problems (see [6] for a more detailed description of a real world application) and it has been found to be highly effective in practice. 5 Discussion We have presented a solution to the Generalized Railroad Crossing within the environment of ES TEREL. The solution includes the formal verification of the two ....

L.J. Jagadeesan, C. Puchol, and J.E. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. In Workshop on Industrial-strength Formal Specification Techniques, April 1995.

....had re written larger portions of the 5ESS software in these languages. In particular, VFSM has been used in the design of many 5ESS software modules, including applications in call processing and signaling [FHOS95] We have written an ESTEREL version of some alarms software in the 5ESS switch [JPVO95a] ; this feature was also written in Modechart. We have used LOTOS to specify various parts of telecommunications switching systems, including call processing and maintenance facilities [Ard94] Many real time switching protocols in 5ESS signaling and call processing applications have been ....

L.J. Jagadeesan, C. Puchol, and J.E. Von Olnhausen. A formal approach to reactive systems software: A telecommunications application in ESTEREL. In Proc. Workshop on Industrial-strength Formal Specification Techniques, April 1995.

No context found.

L. Jagadeesan, J. Von Olnhausen, and C. Puchol. A formal approach to reactive system software: A telecommunications application in Esterel. Journal of Formal Methods in Systems Design, 8(2), March 1996.

No context found.

L. Jagadeesan, J. Von Olnhausen, and C. Puchol. A formal approach to reactive system software: A telecommunications application in Esterel. Journal of Formal Methods in Systems Design, 8(2), March 1996.

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC