Abstract
A significant impediment to the uptake of formal refinement-based methods among practitioners is the challenge of validating that the formal specifications of these methods capture the desired intents. Animation of specifications is widely recognized as an effective way of addressing such validation. However, animation tools are unable to directly execute (and thus animate) the typical uses of several of the specification constructs often found in ideal formal specifications. To address this problem, we have developed transformation heuristics that, starting with an ideal formal specification, guide its conversion into an animatable form. We show several of these heuristics and address the need to prove that the application of these transformations preserves the relevant behavior of the original specification. Portions of several case studies illustrate this approach.
Similar content being viewed by others
Notes
References
Heitmeyer CL, Jeffords RD, Labaw BG (1996) Automated consistency checking of requirements specifications. ACM Trans Softw Eng Methodol (TOSEM) 5(3):231–261
Kaufmann M, Moore JS (1996) ACL2: an industrial strength version of Nqthm. In: Proceedings of the eleventh annual conference on computer assurance (COMPASS-96)
Owre S, Rushby JM, Shankar N (jun 1992) PVS: a prototype verification system. In: Kapur D (ed) 11th international conference on automated deduction (CADE), ser. lecture notes in artificial intelligence, vol 607. Springer, Saratoga, pp 748–752
Gordon MJC, Melham TF (1993) Introduction to HOL: a theorem-proving environment for higher-order logic. Cambridge University Press, New York
Paulson LC (1994) Isabelle: a generic theorem prover, ser. lecture notes in computer science. Springer, Berlin
Beyer D, Henzinger TA, Jhala R, Majumdar R (2007) The software model checker BLAST: applications to software engineering. Int J Softw Tools Technol Transf 9(5):505–525
Cimatti A, Clarke E, Giunchiglia E, Giunchiglia F, Pistore M, Roveri M, Sebastiani R, Tacchella A (2002) NuSMV 2: an open source tool for symbolic model checking. In: Brinksma E, Larsen K (eds) Computer aided verification, ser. lecture notes in computer science, vol 2404. Springer, Berlin, pp 359–364
Hinton A, Kwiatkowska M, Norman G, Parker D (2006) PRISM: a tool for automatic verification of probabilistic systems. In: Hermanns H, Palsberg J (eds) Tools and algorithms for the construction and analysis of systems, ser. lecture notes in computer science, vol 3920. Springer, Berlin, pp 441–444
Holzmann GJ (1997) The model checker SPIN. IEEE Trans Softw Eng 23(5):279–295
Butler R, Caldwell J, Carreno V, Holloway C, Miner PS, Di Vito B (1995) NASA Langley’s research and technology-transfer program in formal methods. In: Computer assurance, 1995. COMPASS ’95. Systems integrity, software safety and process security. Proceedings of the tenth annual conference on June 1995, pp 135–149
Kaufmann M, Moore J (1997) An industrial strength theorem prover for a logic based on Common Lisp. Softw Eng IEEE Trans 23(4):203–213
Cimatti A (2001) Industrial applications of model checking. In: Cassez F, Jard C, Rozoy B, Ryan M (eds) Modeling and verification of parallel processes, ser. lecture notes in computer science, vol 2067. Springer, Berlin, pp 153–168. doi: 10.1007/3-540-45510-8_6
Bormann J, Lohse J, Payer M, Venzl G (1995) Model checking in industrial hardware design. In: Proceedings of the 32Nd annual ACM/IEEE design automation conference, ser. DAC ’95. ACM, New York, pp 298–303. doi: 10.1145/217474.217545
Spivey JM (1988) Understanding Z: a specification language and its formal semantics. Cambridge University Press, New York
Abrial J-R (1996) The B book. Cambridge University Press, New York
Abrial J-R (2010) Modeling in event-B: system and software engineering. Cambridge University Press, New York
Farahbod R, Gervasi V, Glässer U (2007) CoreASM: an extensible ASM execution engine. Fundam Inf 77(1–2):71–103
Gargantini A, Riccobene E, Scandurra P (2008) Model-driven language engineering: the asmeta case study. In: Software engineering advances, 2008. ICSEA ’08. The third international conference on, pp 373–378
Fitzgerald J, Larsen PG, Sahara S (2008) VDMTools: advances in support for formal modeling in VDM. ACM SIGPLAN Not 43(2):3–11. doi:10.1145/1361213.1361214
Leuschel M, Butler M (2008) ProB: an automated analysis toolset for the B method. J Softw Tools Technol Transf 10(2):185–203
Jackson D (2006) Software abstractions: logic, language, and analysis. The MIT Press, London
Mashkoor A, Jacquot J-P, Souquières J (2009) Transformation heuristics for formal requirements validation by animation. In: 2nd international workshop on the certification of safety-critical software controlled systems (SafeCert’09). York
Mashkoor A, Jacquot J-P (2011) Stepwise validation of formal specifications. In: 18th Asia-Pacific software engineering conference (APSEC’11). Ho Chi Minh City, Vietnam
Mashkoor A, Jacquot J-P (2011) Utilizing Event-B for domain engineering: a critical analysis. Requir Eng 16(3):191–207
Mashkoor A, Jacquot J-P (2015) Observation-level-driven formal modeling. In: High-assurance systems engineering (HASE), 2015 IEEE 16th international symposium, pp 158–165
Meyer B (1985) On formalism in specifications. Softw IEEE 2(1):6–26
Mashkoor A, Jacquot J-P (2011) Guidelines for formal domain modeling in Event-B. In: High-assurance systems engineering (HASE), 2011 IEEE 13th international symposium, pp 138–145
Cousot P, Cousot R (1977) Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL ’77: proceedings of the 4th ACM SIGACT-SIGPLAN symposium on principles of programming languages. ACM, New York, pp 238–252
Servat T (2006) BRAMA: a new graphic animation tool for B models. In: B 2007: Formal specification and development in B. Springer, pp 274–276
Mashkoor A (2011) Formal domain engineering: from specification to validation. Ph.D. dissertation, Université de Lorraine. http://tel.archives-ouvertes.fr/tel-00614269/en/
Abrial J-R, Butler M, Hallerstede S, Hoang T, Mehta F, Voisin L (2010) Rodin: an open toolset for modelling and reasoning in Event-B. Int J Softw Tools Technol Transf 12(6):447–466
Mashkoor A, Jacquot J-P, Souquières J (2009) B Evénementiel pour la Modélisation du Domaine: application au transport. In: Approches formelles dans l’Assistance au Développement de Logiciels (AFADL’09). France, Toulouse, pp 1–19
Mashkoor A, Jacquot J-P (2010) Domain engineering with Event-B: some lessons we learned. In: Requirements engineering conference (RE), 2010 18th IEEE international, pp 252–261
Boniol F, Wiels V (2014) The landing gear system case study. In: Schewe K-D, Boniol F, Wiels V, Ait Ameur Y (eds) ABZ 2014: the landing gear case study, vol 433. Springer, New York, pp 1–18. doi:10.1007/978-3-319-07512-9_1
Lanoix A (2008) Event-B specification of a situated multi-agent system: study of a platoon of vehicles. In: 2nd international symposium on theoretical aspects of software engineering (TASE’08). Nanjing
Daviet P, Parent M (1996) Longitudinal and lateral servoing of vehicles in a platoon. In: Proceedings of the IEEE intelligent vehicles symposium, pp 41–46
Scheuer A, Simonin O, Charpillet F (2008) Safe longitudinal platoons of vehicles without communication. INRIA, research report RR-6741. http://hal.inria.fr/inria-00342719/en/
Colin S, Lanoix A, Kouchnarenko O, Souquières J (2008) Towards validating a platoon of cristal vehicles using CSP||B. In: Meseguer J, Rosu G (eds) 12th International Conference on Algebraic Methodology and Software Technology (AMAST 2008), ser. LNCS, vol 5140. Springer, pp 139–144
Colin S, Lanoix A, Kouchnarenko O, Souquières J (2008) Using CSP||B components: application to a platoon of vehicles. In: 13th International ERCIM Wokshop on Formal Methods for Industrial Critical Systems (FMICS 2008), ser. LNCS. Springer
Breuer P, Bowen J (1994) Towards correct executable semantics for Z. In: Bowen J, Hall J (eds) Z User Workshop, Cambridge 1994, ser. Workshops in computing. Springer, London, pp 185–209
Utting M (1995) Animating Z: interactivity, transparency and equivalence. In: Software engineering conference, 1995. Proceedings, 1995 Asia Pacific, pp 294–303
Clemons E, Greenfield A (1985) The sage system architecture: a system for the rapid development of graphics interfaces for decision support. IEEE Comput Gr Appl 5:38–50
Roman G-C, Cox KC (1989) A declarative approach to visualizing concurrent computations. Computer 22(10):25–36
Hayes I, Jones C (1989) Specifications are not (necessarily) executable. Softw Eng J 4:330–338
Fuchs NE (1992) Specifications are (preferably) executable. Softw Eng J 7:323–334
Partsch HA (1990) Specification and transformation of programs: a formal approach to software development. Springer, New York
Yang F, Jacquot J-P, Souquières J (2012) The case for using simulation to validate Event-B specifications. In: Proceedings of the 2012 19th Asia-Pacific software engineering conference-Volume 01, ser. APSEC’12. IEEE Computer Society, Washington, pp 85–90
Author information
Authors and Affiliations
Corresponding author
Additional information
The writing of this article is partly supported by the Austrian Ministry for Transport, Innovation and Technology, the Federal Ministry of Science, Research and Economy, and the Province of Upper Austria in the frame of the COMET center SCCH.
Rights and permissions
About this article
Cite this article
Mashkoor, A., Jacquot, JP. Validation of formal specifications through transformation and animation. Requirements Eng 22, 433–451 (2017). https://doi.org/10.1007/s00766-016-0246-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-016-0246-6