Véronique Viguié Donzeau-Gouge

Reasoning about Airport Security Regulations Using the Focal Environment

We present the validation of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the proofs of correctness/completeness for two standards, one at the international level and the other at the European level, and we show how the properties of the European level refines those of the international level. These models are expressed using the Focal environment, an object- oriented specification and proof system, and the proofs described by means of a declarative-like language are processed by the automated theorem prover Zenon. We show how Zenon appears quite appropriate when dealing with abstract specifications like our case study, but also how it should be controlled to present readable proofs.

Certifying airport security regulations using the Focal environment

We present the formalization of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the formal models of two standards, one at the international level and the other at the European level. These models are expressed using the Focal environment, which is also briefly presented. Focal is an object-oriented specification and proof system, where we can write programs together with properties which can be proved semi-automatically. We show how Focal is appropriate for building a clean hierarchical specification for our case study using, in particular, the object-oriented features to refine the international level into the European level and parameterization to modularize the development.

Producing UML Models from Focal Specifications: An Application to Airport Security Regulations

We propose an automatic transformation of focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze regulations in the domain of airport security. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also provide a concrete example coming from the EDEMOI project.

Adopting a situational requirements engineering approach for the analysis of civil aviation security standards

The security of civil aviation, likemany human activities, is regulated by a series of international standards and recommended practices. The quality of these documents is a prerequisite to reach an acceptable security level. The EDEMOI project aims at investigating different techniques to analyse these standards. The techniques that we have used, such as Requirements Engineering (RE) and formal methods, have been fruitfully tried and tested in computer science. During the first step of the project, properties were extracted from standards written in natural language and a conceptual model of the underlying system was elaborated. Since none of the existing requirements engineering methods were able to consider the specifics of our project, we turned to situational method engineering, and have defined a new RE method based on this approach. The standard considered in the article is Annex 17 of the Convention of the International Civil Aviation Organization (ICAO). We present several adaptations/extensions to relevant RE techniques necessary to take into account the specific features of our project. Finally, we describe how we have applied this new method to the analysis of Annex 17.

Formal Modeling of Airport Security Regulations using the Focal Environment

We present the formalization of regulations intended to ensure airport security in the framework of civil aviation. In particular, we describe the formal models of two standards, one at the international level and the other at the European level. These models are expressed using the Focal environment, which is an object-oriented specification and proof system. In addition, we show that these models are correct and complete thanks to the Zenon automated theorem prover, which is the dedicated reasoning support of Focal. Finally, we propose an automatic transformation of Focal specifications to UML class diagrams, in order to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities.

A methodological process for the design of a large system: two industrial case-studies

Abstract This paper presents two examples taken from industrial case-studies that have been specified using an event system approach. Component specifications, taking the form of pre-post formula, have been derived. Constraints which ensure the correctness of the whole process are given.

A formal and sound transformation from Focal to UML: an application to airport security regulations

We propose an automatic transformation of Focal specifications to UML class diagrams. The main motivation for this work lies within the framework of the EDEMOI project, which aims to integrate and apply several requirements engineering and formal methods techniques to analyze airport security regulations. The idea is to provide a graphical documentation of formal models for developers, and in the long-term, for certification authorities. The transformation is formally described and an implementation has been designed. We also show how the soundness of our approach can be achieved.

Deriving Software Specifications from Event Based Models

We present a method to derive sequential program specifications from system models. We use an event based approach to model systems, as it allows us to specify parallel, concurrent and distributed systems. We refine the specification of a system until we have introduced all the events needed by its components to interact with the environment. Then, we derive an environment specification and a specification for each component. We use pre-conditions and post-conditions in these specifications, so that they can be implemented using the classical refinement relation for sequential programs. The derived components share the environment module to interact with each other.

Formal Techniques for Networked and Distributed Systems - FORTE 2006

Invited Talks.- Modelling of Complex Software Systems: A Reasoned Overview.- The ?+?CAL Algorithm Language.- Semantic-Based Development of Service-Oriented Systems.- Services.- JSCL: A Middleware for Service Coordination.- Analysis of Realizability Conditions for Web Service Choreographies.- Web Cube.- Presence Interaction Management in SIP SOHO Architecture.- Middleware.- Formal Analysis of Dynamic, Distributed File-System Access Controls.- Analysing the MUTE Anonymous File-Sharing System Using the Pi-Calculus.- Towards Fine-Grained Automated Verification of Publish-Subscribe Architectures.- A LOTOS Framework for Middleware Specification.- Composition and Synthesis.- Automatic Synthesis of Assumptions for Compositional Model Checking.- Refined Interfaces for Compositional Verification.- On Distributed Program Specification and Synthesis in Architectures with Cycles.- Generalizing the Submodule Construction Techniques for Extended State Machine Models.- Logics.- Decidable Extensions of Hennessy-Milner Logic.- Symbolic Verification - Slicing.- Symbolic Verification of Communicating Systems with Probabilistic Message Losses: Liveness and Fairness.- A New Approach for Concurrent Program Slicing.- Reducing Software Architecture Models Complexity: A Slicing and Abstraction Approach.- Unified Modeling Languages.- Branching Time Semantics for UML 2.0 Sequence Diagrams.- Formalizing Collaboration Goal Sequences for Service Choreography.- Composition of Use Cases Using Synchronization and Model Checking.- Petri Nets.- PN Standardisation: A Survey.- Resource Allocation Systems: Some Complexity Results on the S4PR Class.- Optimized Colored Nets Unfolding.- Parameterized Verification.- Liveness by Invisible Invariants.- Real Time.- Extending EFSMs to Specify and Test Timed Systems with Action Durations and Timeouts.- Scenario-Based Timing Consistency Checking for Time Petri Nets.- Effective Representation of RT-LOTOS Terms by Finite Time Petri Nets.- Testing.- Grey-Box Checking.- Integration Testing of Distributed Components Based on Learning Parameterized I/O Models.- Minimizing Coordination Channels in Distributed Testing.- Derivation of a Suitable Finite Test Suite for Customized Probabilistic Systems.