Safety Contracts for Timed Reactive Components in SysML

  • Iulia Dragomir
  • Iulian Ober
  • Christian Percebois
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8327)


A variety of system design and architecture description languages, such as SysML, UML or AADL, allows the decomposition of complex system designs into communicating timed components. In this paper we consider the contract-based specification of such components. A contract is a pair formed of an assumption, which is an abstraction of the component’s environment, and a guarantee, which is an abstraction of the component’s behavior given that the environment behaves according to the assumption. Thus, a contract concentrates on a specific aspect of the component’s functionality and on a subset of its interface, which makes it relatively simpler to specify. Contracts may be used as an aid for hierarchical decomposition during design or for verification of properties of composites. This paper defines contracts for components formalized as a variant of timed input/output automata, introduces compositional results allowing to reason with contracts and shows how contracts can be used in a high-level modeling language (SysML) for specification and verification, based on an example extracted from a real-life system.


Reactive Component Visible Action Contract Theory Proof Obligation Combinatorial Explosion 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alur, R., Dill, D.L.: A Theory of Timed Automata. Theor. Comput. Sci. 126(2), 183–235 (1994)CrossRefzbMATHMathSciNetGoogle Scholar
  2. 2.
    Basu, A., Bozga, M., Sifakis, J.: Modeling Heterogeneous Real-time Components in BIP. In: SEFM 2006, pp. 3–12 (2006)Google Scholar
  3. 3.
    Bauer, S.S., David, A., Hennicker, R., Guldstrand Larsen, K., Legay, A., Nyman, U., Wąsowski, A.: Moving from Specifications to Contracts in Component-Based Design. In: de Lara, J., Zisman, A. (eds.) FASE 2012. LNCS, vol. 7212, pp. 43–58. Springer, Heidelberg (2012)Google Scholar
  4. 4.
    Bauer, S., Hennicker, R., Legay, A.: Component Interfaces with Contracts on Ports. In: Păsăreanu, C.S., Salaün, G. (eds.) FACS 2012. LNCS, vol. 7684, pp. 19–35. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  5. 5.
    Benvenuti, L., Ferrari, A., Mangeruca, L., Mazzi, E., Passerone, R., Sofronis, C.: A contract-based formalism for the specification of heterogeneous systems. In: FDL 2008. Forum on, pp. 142–147. IEEE (2008)Google Scholar
  6. 6.
    Bourke, T., David, A., Larsen, K.G., Legay, A., Lime, D., Nyman, U., Wąsowski, A.: New Results on Timed Specifications. In: Mossakowski, T., Kreowski, H.-J. (eds.) WADT 2010. LNCS, vol. 7137, pp. 175–192. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  7. 7.
    Bozga, M., Graf, S., Ober, I., Ober, I., Sifakis, J.: The IF toolset. In: Bernardo, M., Corradini, F. (eds.) SFM-RT 2004. LNCS, vol. 3185, pp. 237–267. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Cariou, E., Ballagny, C., Feugas, A., Barbier, F.: Contracts for model execution verification. In: France, R.B., Kuester, J.M., Bordbar, B., Paige, R.F. (eds.) ECMFA 2011. LNCS, vol. 6698, pp. 3–18. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  9. 9.
    Cariou, E., Belloir, N., Barbier, F., Djemam, N.: OCL contracts for the verification of model transformations. ECEASST 24 (2009)Google Scholar
  10. 10.
    Chilton, C., Jonsson, B., Kwiatkowska, M.: Assume-Guarantee Reasoning for Safe Component Behaviours. In: Păsăreanu, C.S., Salaün, G. (eds.) FACS 2012. LNCS, vol. 7684, pp. 92–109. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  11. 11.
    Chilton, C., Kwiatkowska, M., Wang, X.: Revisiting Timed Specification Theories: A Linear-Time Perspective. In: Jurdziński, M., Ničković, D. (eds.) FORMATS 2012. LNCS, vol. 7595, pp. 75–90. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  12. 12.
    David, A., Guldstrand Larsen, K.G., Legay, A., Møller, M.H., Nyman, U., Ravn, A.P., Skou, A., Wasowski, A.: Compositional verification of real-time systems using ECDAR. STTT 14(6), 703–720 (2012)CrossRefGoogle Scholar
  13. 13.
    David, A., Larsen, K.G., Legay, A., Nyman, U., Wąsowski, A.: ECDAR: An Environment for Compositional Design and Analysis of Real Time Systems. In: Bouajjani, A., Chin, W.-N. (eds.) ATVA 2010. LNCS, vol. 6252, pp. 365–370. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  14. 14.
    David, A., Larsen, K.G., Legay, A., Nyman, U., Wąsowski, A.: Methodologies for Specification of Real-Time Systems Using Timed I/O Automata. In: de Boer, F.S., Bonsangue, M.M., Hallerstede, S., Leuschel, M. (eds.) FMCO 2009. LNCS, vol. 6286, pp. 290–310. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  15. 15.
    David, A., Larsen, K.G., Legay, A., Nyman, U., Wasowski, A.: Timed I/O automata: a complete specification theory for real-time systems. In: HSCC 2010, pp. 91–100. ACM (2010)Google Scholar
  16. 16.
    Dragomir, I., Ober, I., Lesens, D.: A case study in formal system engineering with SysML. In: ICECCS 2012, pp. 189–198. IEEE Computer Society (2012)Google Scholar
  17. 17.
    Dragomir, I., Ober, I., Percebois, C.: Integrating verifiable Assume/Guarantee contracts in UML/SysML. In: ACES-MB 2013. CEUR Workshop Proceedings (2013)Google Scholar
  18. 18.
    Dragomir, I., Ober, I., Percebois, C.: Safety Contracts for Timed Reactive Components in SysML. Technical report, IRIT (2013),
  19. 19.
    Emerson, E.A., Clarke, E.M.: Characterizing Correctness Properties of Parallel Programs Using Fixpoints. In: de Bakker, J.W., van Leeuwen, J. (eds.) ICALP 1980. LNCS, vol. 85, pp. 169–181. Springer, Heidelberg (1980)CrossRefGoogle Scholar
  20. 20.
    Hoare, C.A.R.: An Axiomatic Basis for Computer Programming. Commun. ACM 12(10), 576–580 (1969)CrossRefzbMATHGoogle Scholar
  21. 21.
    Kaynar, D.K., Lynch, N., Segala, R., Vaandrager, F.: The Theory of Timed I/O Automata, 2nd edn. Morgan & Claypool Publishers (2010)Google Scholar
  22. 22.
    RTCA Inc. Software Considerations in Airborne Systems and Equipment Certification. Document RTCA/DO-178C (2011)Google Scholar
  23. 23.
    OMG. Object Management Group – Systems Modeling Language (SysML), v1.1 (2008),
  24. 24.
    Parnas, D., Weiss, D.: Active Design Reviews: Principles and Practices. In: ICSE 1985. IEEE Computer Society (1985)Google Scholar
  25. 25.
    Queille, J.-P., Sifakis, J.: Specification and verification of concurrent systems in CESAR. In: Dezani-Ciancaglini, M., Montanari, U. (eds.) Programming 1982. LNCS, vol. 137, pp. 337–351. Springer, Heidelberg (1982)CrossRefGoogle Scholar
  26. 26.
    Quinton, S.: Design, vérification et implémentation de systèmes à composants. PhD thesis, Université de Grenoble (2011)Google Scholar
  27. 27.
    Quinton, S., Graf, S.: Contract-Based Verification of Hierarchical Systems of Components. In: SEFM 2008, pp. 377–381 (2008)Google Scholar
  28. 28.
    Weis, T., Becker, C., Geihs, K., Plouzeau, N.: A UML Meta-model for Contract Aware Components. In: Gogolla, M., Kobryn, C. (eds.) UML 2001. LNCS, vol. 2185, pp. 442–456. Springer, Heidelberg (2001)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Iulia Dragomir
    • 1
  • Iulian Ober
    • 1
  • Christian Percebois
    • 1
  1. 1.IRITUniversité de ToulouseToulouseFrance

Personalised recommendations