Results 1 -
8 of
8
A case study on the automated verification of groupware protocols
- IN PROC. OF THE 27 TH INT. CONF. ON SOFTWARE ENGINEERING (ICSE05
, 2005
"... We report on a fruitful combination of applying academic experience with formal modelling and verification techniques to an industrial case study. The goal of the case study was to investigate a priori, i.e. before implementation, the effects of adding a lightweight and easy-to-use publish/subscribe ..."
Abstract
-
Cited by 6 (1 self)
- Add to MetaCart
We report on a fruitful combination of applying academic experience with formal modelling and verification techniques to an industrial case study. The goal of the case study was to investigate a priori, i.e. before implementation, the effects of adding a lightweight and easy-to-use publish/subscribe (event) notification service to thinkteam r ○ —an asynchronous and dispersed groupware system which was developed by think3. Researchers from the Formal Methods and Tools (FM&&T) group of ISTI–CNR—with a longstanding experience in research on the development and application of formal methods, notations, and software tools for the specification, design, and verification of complex computer systems— therefore teamed up with think3—a global provider of integrated product development solutions that provides mechanical design and Product Data Management (PDM) software catering the product management needs of design processes in the manufacturing industry. The technical details of this joint research effort have been documented elsewhere, here we report on the lessons learned from this experience.
Counterexample-based refinement for a boundedness test for CFSM languages
- In Model Checking Software, 12th International SPIN Workshop, Proceedings, volume 3639 of Lecture Notes in Computer Science
, 2005
"... Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determin ..."
Abstract
-
Cited by 5 (4 self)
- Add to MetaCart
(Show Context)
Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determining boundedness, but may return inconclusive ”counterexamples ” when boundedness cannot be established. In this paper we turn to the question how to effectively determine the spuriousness of these counterexamples, and how to refine the abstraction based on the analysis. We employ methods from program analysis and illustrate the application of our refinement method to a number of Promela examples. 1
Towards Model Checking Stochastic Aspects of the thinkteam User Interface
- IN PROC. 12TH INTERNATIONAL WORKSHOP ON DESIGN, SPECIFICATION AND VERIFICATION OF INTERACTIVE SYSTEMS (DSVIS’05
, 2005
"... Stochastic model checking is a recent extension of traditional modelchecking techniques for the integrated analysis of both qualitative and quantitative system properties. In this paper we show how stochastic model checking can be conveniently used to address a number of usability concerns that inv ..."
Abstract
-
Cited by 4 (2 self)
- Add to MetaCart
(Show Context)
Stochastic model checking is a recent extension of traditional modelchecking techniques for the integrated analysis of both qualitative and quantitative system properties. In this paper we show how stochastic model checking can be conveniently used to address a number of usability concerns that involve quantitative aspects of a user interface for the industrial groupware system thinkteam. thinkteam is a ready-to-use Product Data Management application developed by think3. It allows enterprises to capture, organise, automate, and share engineering product information and it is an example of an asynchronous and dispersed groupware system. Several aspects of the functional correctness, such as concurrency aspects and awareness aspects, of the groupware protocol underlying thinkteam and of its planned publish/subscribe notification service have been addressed in previous work by means of a traditional model-checking approach. In this paper we investigate the trade-off between two different design options for granting users access to files in the database: a retrial approach and a waiting-list approach and show how stochastic model checking can be used for such analyses.
Integer Linear Programming Based Property Checking for Asynchronous Reactive Systems
- IEEE TRANSACTIONS ON SOFTWARE ENGINEERING
, 2010
"... Asynchronous reactive systems form the basis of a wide range of software systems, for instance in the telecommunications domain. It is highly desirable to rigorously show that these systems are correctly designed. However, traditional formal approaches to the verification of these systems are often ..."
Abstract
-
Cited by 1 (0 self)
- Add to MetaCart
Asynchronous reactive systems form the basis of a wide range of software systems, for instance in the telecommunications domain. It is highly desirable to rigorously show that these systems are correctly designed. However, traditional formal approaches to the verification of these systems are often difficult because asynchronous reactive systems usually possess extremely large or even infinite state spaces. We propose an Integer Linear Program (ILP) solving based property checking framework that concentrates on the local analysis of the cyclic behavior of each individual component of a system. We apply our framework to the checking of the buffer boundedness and livelock freedom properties, both of which are undecidable for asynchronous reactive systems with an infinite state space. We illustrate the application of the proposed checking methods to Promela, the input language of the SPIN model checker. While the precision of our framework remains an issue, we propose a counterexample guided abstraction refinement procedure based on the discovery of dependencies among control flow cycles. We have implemented prototype tools with which we obtained promising experimental results on real life system models.
Assisting the design of a groupware system -- Model checking usability aspects of thinkteam
- THE JOURNAL OF LOGIC AND ALGEBRAIC PROGRAMMING
, 2009
"... ..."
DRAFT Copyright © by the authors 2005 Counterexample Refinement for a Boundedness Test for CFSM Languages
"... Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determin ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determining boundedness, but may return inconclusive ”counterexamples ” when boundedness cannot be established. In this paper we turn to the question how to effectively determine the spuriousness of these counterexamples, and how to refine the abstraction based on the analysis. We employ methods from program analysis and illustrate the application of our refinement method to a number of Promela examples. 1
Counterexample Refinement for a Boundedness Test for CFSM Languages
"... Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determin ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. In precursory work we suggested an abstraction-based highly scalable semi-test for the boundedness of Communicating Finite State Machine (CFSM) based modelling and programming languages. We illustrated its application to Promela and UML-RT models. The test is sound with respect to determining boundedness, but may return inconclusive ”counterexamples ” when boundedness cannot be established. In this paper we turn to the question how to effectively determine the spuriousness of these counterexamples, and how to refine the abstraction based on the analysis. We employ methods from program analysis and illustrate the application of our refinement method to a number of Promela examples. 1
A Fluid Flow Approach to Usability Analysis of Multi-user Systems -Full Version
"... Abstract. The analysis of usability aspects of multi-user systems, such as cooperative work systems and pervasive systems, pose particular problems because the group behaviour of their users may have considerable impact on usability. Model-based analysis of such features is difficult because of the ..."
Abstract
- Add to MetaCart
(Show Context)
Abstract. The analysis of usability aspects of multi-user systems, such as cooperative work systems and pervasive systems, pose particular problems because the group behaviour of their users may have considerable impact on usability. Model-based analysis of such features is difficult because of the sheer number of entities that need to be modelled, leading easily to state-space explosion problems when automatic techniques such as model checkers are used. In this paper we explore the use of a recently proposed scalable model-based technique based on solving sets of Ordinary Differential Equations (ODEs). Starting from a formal model specified using the Performance Evaluation Process Algebra (PEPA), we show how different groupware usage patterns may be modelled and analysed using this approach. To illustrate how the approach can contribute to get more insight in the suitability of different design options and their impact on group behaviour we compare two different file access policies in the context of the industrial groupware application thinkteam.
