Luigia Petre

Analysing UML use cases as contracts

The Unified Modeling Language (UML) consists in a set of diagrams that describe a system under development. A use case diagram specifies the required functionality of the system, showing the collaboration among a set of actors that are to perform certain tasks. We complement the use case diagrams by providing formal documents (like specifications or programs), called contracts that regulate the behaviour of the actors involved. The contract is written in a language with a precise semantics and logic for reasoning - the refinement calculus - and thus it can be analysed. To express contracts we need to specify the problem domain of the system; we describe classes and UML class diagrams using also the refinement calculus. Thereby, we integrate the functional view of a system, described by the use case diagram with the object-oriented view for the same system, described by the class diagram.

Generalizing Action Systems to Hybrid Systems

Action systems have been used successfully to describe discrete systems, i.e., systems with discrete control acting upon a discrete state space. In this paper we extend the action system approach to hybrid systems by defining continuous action systems. These are systems with discrete control over a continuously evolving state, whose semantics is defined in terms of traditional action systems. We show that continuous action systems are very general and can be used to describe a diverse range of hybrid systems. Moreover, the properties of continuous action systems are proved using standard action systems proof techniques.

Formal Modeling of Multicast Communication in 3D NoCs

A reliable approach to designing systems is by applying formal methods, based on logics and set theory. In formal methods refinement based, we develop the system models stepwise, from an abstract level to a concrete one by gradually adding details. Each detail-adding level is proved to still validate the properties of the more abstract level. Due to the high complexity and the high reliability requirements of 3D NoCs, formal methods provide promising solutions for modeling and verifying their communication schemes. In this paper, we present a general model for specifying the 3D NoC multicast communication scheme. We then refine our model to two communication schemes, : unicast and multicast, via the XYZ routing algorithm in order to put forward the correct-by-construction concrete models.

A Topological Approach to Distributed Computing

In several state-based approaches to distributed computing, e.g., action systems, or UNITY, the computing nodes are commonly left unspecified or implicit. For instance, an action system comes with an informal description on how the system is supposed to be mapped into the network. The purpose of this paper is to make this mapping explicit so that, e.g., in the action system formalism we are provided with means on the language level to reason about the location of a system in a network. Hence, we define the notion of a topological action system that carries with it information about its location within the network. The action system itself can model some active execution or merely a repository of data or any combination of these. We also show how our approach leads to action systems with data and/or code mobility.

Formal development of wireless sensor-actor networks

Wireless sensor-actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. In this paper we introduce several, increasingly more detailed, formal models for this type of wireless networks. These models formalise a recently introduced algorithm for recovering actor-actor coordination links via the existing sensor infrastructure. We prove via refinement that this recovery is correct and that it terminates in a finite number of steps. In addition, we propose a generalisation of our formal development strategy, which can be reused in the context of a wider class of networks. We elaborate our models within the Event-B formalism, while our proofs are carried out using the RODIN platform - an integrated development framework for Event-B.

A language for modeling network availability

Computer networks have become ubiquitous in our society and thus, the various types of resources hosted by them are becoming increasingly important. In this paper we study the resource availability in networks by defining a dedicated middleware language. This language is a conservative extension of the action system formalism, a general state-based approach to modeling and analyzing distributed systems. Our language formally treats aspects such as resource accessibility, replicated and homonym resources, their mobility, as well as node failure and maintenance in networks. The middleware approach motivates the separation of the views and formalisms used by the various roles such as the network user, the application developer, and the network manager.

Formal analysis of proactive, distributed routing

As (network) software is such an omnipresent component of contemporary mission-critical systems, formal analysis is required to provide the necessary certification or at least formal assurances for these systems. In this paper we focus on modelling and analysing the Optimised Link State Routing (OLSR) protocol, a distributed, proactive routing protocol. It is recognised as one of the standard ad-hoc routing protocols for Wireless Mesh Networks (WMNs). WMNs are instrumental in critical systems, such as emergency response networks and smart electrical grids. We use the model checker Uppaal for analysing safety properties of OLSR as well as to point out a case of OLSR malfunctioning.

Self-Recovering Sensor-Actor Networks

Wireless sensor-actor networks are a recent development of wireless networks where both ordinary sensor nodes and more sophisticated and powerful nodes, called actors, are present. In this paper we formalize a recently introduced algorithm that recovers failed actor communication links via the existing sensor infrastructure. We prove via refinement that the recovery is terminating in a finite number of steps and is distributed, thus self-performed by the actors. Most importantly, we prove that the recovery can be done at different levels, via different types of links, such as direct actor links or indirect links between the actors, in the latter case reusing the wireless infrastructure of sensors. This leads to identifying coordination classes e.g., for delegating the most security sensitive coordination to the direct actor-actor coordination links, the least real-time constrained coordination to indirect links, and the safety critical coordination to both direct actor links and indirect sensor paths between actors. Our formalization is done using the theorem prover in the RODIN platform.

Energy-Aware Middleware

Computer networks have become a critical part of our society as we, as users, need our networked world to function continually and at full capacity. One of the basic and often overlooked factors required for such qualities is that of energy. Energy consumption is a non-functional property that needs to be addressed by a network manager, at the more specialized level of middleware. In this paper we model resource energy using a middleware language called MIDAS. This language is resource-centric and based on a formal framework for location-aware computing. By taking a device energy into consideration we reach a new approach regarding the resource locations. We distinguish between two networks types and further distinguish software resources from hardware devices. We obtain a unitary approach of considering co-located resources that can be exploited for efficiency in context-oriented applications. Hence, better availability and reliability of the energy-aware MIDAS resources can be ensured.

Coordination Among Mobile Objects

When designing distributed object-based systems one is often faced with the problem of modelling the movement of objects from site to site in a distributed network. In order to model such an activity, some supervising or coordination mechanisms are needed, to insure correctness of both movement and communication in the network. In this paper we propose distributed object-based action systems as a basis for (coordinated) mobile computing. In order to model mobility and coordination we extend the action systems and OO-action systems formalisms with so called mobile objects and coordinator objects. The mobile objects move in some domain whereas the coordinator objects control the actions of the mobile objects within their respective domains. We show the applicability of the proposed framework with a small though nontrivial example.