Colin Snook

UML-B: Formal modeling and design aided by UML

The emergence of the UML as a de facto standard for object-oriented modeling has been mirrored by the success of the B method as a practically useful formal modeling technique. The two notations have much to offer each other. The UML provides an accessible visualization of models facilitating communication of ideas but lacks formal precise semantics. B, on the other hand, has the precision to support animation and rigorous verification but requires significant effort in training to overcome the mathematical barrier that many practitioners perceive. We utilize a derivation of the B notation as an action and constraint language for the UML and define the semantics of UML entities via a translation into B. Through the UML-B profile we provide specializations of UML entities to support model refinement. The result is a formally precise variant of UML that can be used for refinement based, object-oriented behavioral modeling. The design of UML-B has been guided by industrial applications.

Practitioners' views on the use of formal methods: an industrial survey by structured interview

The recognised deficiency in the level of empirical investigation of software engineering methods is particularly acute in the area of formal methods, where reports about their usefulness vary widely. We interviewed several formal methods users about the use of formal methods and their impact on various aspects of software engineering including the effects on the company, its products and its development processes as well as pragmatic issues such as scalability, understandability and tool support. The interviews are a first stage of empirical assessment. Future work will investigate some of the issues raised using formal experimentation and case studies.

An Introduction to Formal Methods

This chapter begins with an introduction to the main concepts of formal methods. Languages and tools for developing formal System modeis are also described, while the use of semi formal notations and their integration with formal methods is covered as well. At the end of the chapter, an overview of the current Status of formal methods in embedded System design is presented.

A Generic Model for Assessing Process Quality

Process assessment and process improvement are both very difficult tasks since we are either assessing or improving a concept rather than an object. A quality process is expected to produce quality products efficiently. Most of the existing models such as CMM, ISO 9001/9000-3 etc. intend to enhance the maturity or the quality of an organization with the assumption that a matured organization will put its processes in place which in turn will produce matured products. However, matured processes do not necessarily produce quality products [21, 6]. The primary reasons are: (i) In the process quality models, the relationship between the process quality and product quality is far from clear, and (ii) many of the process models take a monolithic view of the whole life-cycle process, and as a result, the idiosyncrasies of the individual processes do not receive proper attention. In this paper, we first define an internal process model in a formal manner. Next, we define a generic quality model whose scope covers all the development processes and most of the supporting processes associated with the development phase. The generic quality model is a parametric template and could be instantiated in a systematic manner to produce the quality model for any individual process. We then show such a customization for the formal specification process and use this customized model to formulate a GQM-based measurement plan for the same process. We then discuss how the generic model would be useful in process assessment and process improvement.

UML-B Specification for Proven Embedded Systems Design

1 An Introduction to Formal Methods.- 2 Formally Unified System Specification Environment with UML, B and SystemC.- 3 Embedded System Design Using the PUSSEE Method.- 4 System Level Modelling and Refinement with EventB.- 5 The UML-B Profile for Formal Systems Modelling in UML.- 6 U2B.- 7 BHDL.- 8 Towards a Conceptual Framework for UML to Hardware Description Language Mappings.- 9 Interface-Based Synthesis Refinement in B.- 10 Refinement of Finite State Machines with Complementary Model Checking.- 11 Adaptive Cruise Control Case Study Design Experiment.- 12 Adaptive Cruise Controller Case Study.- 13 Formal Modelling of Electronic Circuits Using Event-B.- 14 The Echo Cancellation Unit Case Study.- 15 Results of the Mobile Design System Experiment.- 16 UML-B Specification and Hardware Implementation of a Hamming Coder/Decoder.- 17 The PUSSEE Method in Practice.- A1 Evaluation Criteria for Embedded System Design Methods.

Refinement of statemachines using event b semantics

While refinement gives a formal underpinning to the development of dependable control systems, such models are difficult to communicate and reason about in a non-formal sense, particularly for validation by non-specialist industrial partners. Here we present a visualisation of, and guidance for, event B refinement using a specialisation of UML statemachines. Furthermore, we introduce design patterns and process rules that are aimed at assisting in the software development process leading to correct refinements. The specialisation will be incorporated into the UML-B notation to be integrated with the Event B platform developed by the RODIN project.

The UML-B Profile for formal systems modelling in UML

The UML is a popular modelling notation that has a natural appeal to hardware and Software engineers and is adaptable through extension mechanisms. Formal (mathematical) modelling languages, on the other hand, are seen as difficult and costly to use and have achieved only limited use despite the benefits that they offer. In previous work, we have proposed an Integration of UML and the formal notation, B and provided an automatic translator that produces a B specification. The integrated modelling notation, UML-B, inherits from both UML and B but primarily, is a specialisation of the UML. To achieve this Integration we have specialised UML modelling elements via stereotypes, added tagged values to represent B modelling features and imposed constraints to ensure that UML-B modeis are translated into usable B. Here we describe ongoing work to define UML-B as a profile in accordance with the UML extensibility mechanisms.

A method of refinement in UML-B

UML-B is a ‘UML-like’ graphical front-end for Event-B that provides support for object-oriented and state machine modelling concepts, which are not available in Event-B. In particular, UML-B includes class diagram and state machine diagram editors with automatic generation of corresponding Event-B. In Event-B, refinement is used to relate system models at different abstraction levels. The same refinement concepts are also applicable in UML-B but require special consideration due to the higher-level modelling concepts. In previous work, we described a case study to introduce support for refinement in UML-B. We now provide a more complete presentation of the technique of refinement in UML-B including a formalisation of the refinement rules and a definition of the extensions to the abstract syntax of UML-B notation. The provision of gluing invariants to discharge the proof obligations associated with a refinement is a significant step in providing verifiable models. We discuss and compare two approaches for constructing gluing invariants in the context of UML-B refinement.

Validating the Requirements and Design of a Hemodialysis Machine Using iUML-B, BMotion Studio, and Co-Simulation

We present a formal specification of a hemodialysis machine HD machine using Event-B. We model the HD machine using iUML-B state-machines and class diagrams and build a corresponding BMotion Studio visualisation. We focus on validation using i diagrams to aid the modelling of the sequential properties of the requirements, and ii ProB-based animation and visualisation tools to explore the systems behaviour. Some of the safety properties involve dynamic behaviour which is difficult to verify in Event-B. For these properties we use co-simulation tools to validate against a continuous model of the physical behaviour.

TIMING DIAGRAMS REQUIREMENTS MODELING USING EVENT-B FORMAL METHODS

Timing diagrams provide an intuitive graphical specification for time constraints and causal dependencies between a system’s objects. Such a view can provide useful insight during Requirements Engineering (RE). Formal Modeling techniques allow abstract system level models to be explored in revealing detail and provide feedback via verification and validation methods such as proofs of consistency, model checking and animation. Here, we bring these two modelling approaches together. In particular we present techniques to extend a graphical modeling capability for formal modeling into the real-time domain by developing a Timing diagram view for the Event-B formal method and its graphical front-end, UML-B. Translation schemes to Event-B and UML-B are proposed and presented. A case study of a lift system is used to demonstrate the translation in practice.