Timing analysis and validation with UML: the case of the embedded MARS bus manager

  • Iulian OberEmail author
  • Susanne Graf
  • Yuri Yushtein
  • Ileana Ober
Original Paper


This paper presents a case study in UML-based modeling and validation of the intricate timing aspects arising in a small but complex component of the airborne Medium-Altitude Reconnaissance System produced by the Netherlands National Aerospace Laboratory. The purpose is to show how automata-based timing analysis and verification tools can be used by field engineers for solving isolated hard points in a complex real-time design, even if the press-button verification of entire systems remains a remote goal. We claim that the accessibility of such tools is largely improved by the use of an UML profile with intuitive features for modeling timing and related properties.


Model Check Concrete Syntax Timing Aspect Reception Window Message Loss 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Arons T, Hooman J, Kugler H, Pnueli A, van der Zwaag M (2004) Deductive verification of UML models in TLPVS. In: Proceedings UML 2004, pp 335–349. LNCS 3273, Springer, HeidelbergGoogle Scholar
  2. 2.
    Behrmann G, David A, Larsen KG, Håkansson J, Pettersson P, Yi W, Hendriks M (2006) Uppaal 4.0. In: QEST, pp 125–126. IEEE Computer Society, New YorkGoogle Scholar
  3. 3.
    Bozga M, Graf S, Mounier L (2002) If-2.0: a validation environment for component-based real-time systems. In: Brinksma ED, Larsen KG (eds) CAV, vol 2404. Lecture notes in computer science, pp 343–348. Springer, HeidelbergGoogle Scholar
  4. 4.
    Del Bianco V, Lavazza L, Mauri M (2002) Model checking UML specifications of real time software. In: Proceedings of 8th international conference on engineering of complex computer systems. IEEE, New YorkGoogle Scholar
  5. 5.
    Bornot S, Sifakis J (2000) An algebraic framework for urgency. Inf Comput 163(1): 172–202zbMATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Burns A, Wellings A (2001) Real-time systems and programming languages, 3rd edn. Addison Wesley, ReadingGoogle Scholar
  7. 7.
    Chaochen Z, Hoare CAR, Ravn AP (1992) A calculus of durations. Informa Process Lett 40(5): 269–276CrossRefMathSciNetGoogle Scholar
  8. 8.
    Damm W, Josko B, Pnueli A, Votintseva A (2005) A discrete-time uml semantics for concurrency and communication in safety-critical applications. Sci Comput Program 55(1–3): 81–115zbMATHCrossRefMathSciNetGoogle Scholar
  9. 9.
    del Mar Gallardo M, Merino P, Pimentel E (2002) Debugging UML designs with model checking. J Object Technol 1(2): 101–117Google Scholar
  10. 10.
    David A, Möller, Yi W (2002) Formal verification UML statecharts with real time extensions. In: Proceedings of FASE 2002 (ETAPS 2002), vol 2306, LNCS. Springer, HeidelbergGoogle Scholar
  11. 11.
    Graf S, Ober I, Ober I (2006) A real-time profile for uml. STTT 8(2): 113–127CrossRefGoogle Scholar
  12. 12.
    Harbour MG, Gutiérrez García JJ, Palencia Gutiérrez JC, Drake Moyano JM (2001) MAST: modeling and analysis suite for real time applications. In: ECRTS, pp 125–134. IEEE Computer Society, New YorkGoogle Scholar
  13. 13.
    Har’El Z, Kurshan RP (1988) Software for analysis of coordination. In: Conference on system science engineering. Pergamon Press, New YorkGoogle Scholar
  14. 14.
    Harel D, Kugler H (2004) The Rhapsody semantics of statecharts (or, on the executable core of the UML)—preliminary version. In: Ehrig H, Damm W, Desel J, Große-Rhode M, Reif W, Schnieder E, Westkämper E (eds) SoftSpez final report, vol 3147, LNCS, pp 325–354. Springer, HeidelbergGoogle Scholar
  15. 15.
    Holzmann GJ (1997) The model-checker SPIN. IEEE Trans Softw Eng 23(5): 279–295CrossRefMathSciNetGoogle Scholar
  16. 16.
    Knapp A, Merz S, Rauh C (2002) Model checking timed UML state machines and collaborations. In: Damm W, Olderog ER (eds) FTRTFT 2002, vol 2469 of LNCS, pp 395–414. Springer, HeidelbergGoogle Scholar
  17. 17.
    Latella D, Majzik I, Massink M (1999) Automatic verification of a behavioral subset of UML statechart diagrams using the SPiN model-checker. Formal Aspects of Computing (11)Google Scholar
  18. 18.
    Lilius J, Paltor IP (1999) Formalizing UML state machines for model checking. In: France R (ed) Proceedings of UML’1999, vol 1723, LNCS. Springer, HeidelbergGoogle Scholar
  19. 19.
    Ober I, Graf S, Ober I (2006) Validating timed UML models by simulation and verification. STTT 8(2): 128–145CrossRefGoogle Scholar
  20. 20.
    The Object Management Group. UML profile for modeling and analysis of real-time and embedded systems. OMG document ptc/07-08-04, 2007Google Scholar
  21. 21.
    Xie F, Levin V, Browne JC (2001) Model checking for an executable subset of UML. In: Proceedings of 16th IEEE international conference on automated software engineering (ASE’01). IEEEGoogle Scholar
  22. 22.
    Yovine S (1997) Kronos: a verification tool for real-time systems. STTT 1(1–2): 123–133zbMATHGoogle Scholar

Copyright information

© Springer-Verlag London Limited 2008

Authors and Affiliations

  • Iulian Ober
    • 1
    Email author
  • Susanne Graf
    • 2
  • Yuri Yushtein
    • 3
    • 4
  • Ileana Ober
    • 1
  1. 1.Université Toulouse, IRITToulouseFrance
  2. 2.CNRS, VERIMAGGièresFrance
  3. 3.National Aerospace Laboratory NLR, Embedded System DepartmentAmsterdamThe Netherlands
  4. 4.Systems, Software and Technology DepartmentEuropean Space Agency/ESTECNoordwijkThe Netherlands

Personalised recommendations