Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Formal Architecture Modeling of Sequential Non-Recursive C Programs
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics. (Inbyggda kontrollsystem)ORCID iD: 0000-0002-9655-7326
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.ORCID iD: 0000-0002-0074-8786
2017 (English)In: Science of Computer Programming, ISSN 0167-6423, E-ISSN 1872-7964, Vol. 146, 2-27 p.Article in journal (Refereed) Published
Abstract [en]

To manage the complexity of C programs, architecture models are used as high-level descriptions, allowing developers to understand, assess, and manage the C programs without having to understand the intricate complexity of the code implementations. However, for the architecture models to serve their purpose, they must be accurate representations of the C programs. In order to support creating accurate architecture models, the present paper presents a mapping from the domain of sequential non-recursive C programs to a domain of formal architecture models, each being a hierarchy of components with well-defined interfaces. The hierarchically organized components and their interfaces, which capture both data and function call dependencies, are shown to both enable high-level assessment and analysis of the C program and provide a foundation for organizing and expressing specifications for compositional verification.

Place, publisher, year, edition, pages
Elsevier, 2017. Vol. 146, 2-27 p.
Keyword [en]
C program, Modeling, Architecture, Component, Interfaces
National Category
Mechanical Engineering
Research subject
Machine Design
Identifiers
URN: urn:nbn:se:kth:diva-192375DOI: 10.1016/j.scico.2017.03.007Scopus ID: 2-s2.0-85017154649OAI: oai:DiVA.org:kth-192375DiVA: diva2:968033
Projects
ESPRESSO
Funder
VINNOVA, 2011-04446
Note

QC 20170814

Available from: 2016-09-11 Created: 2016-09-11 Last updated: 2017-08-14Bibliographically approved
In thesis
1. Specifying Safety-Critical Heterogeneous Systems Using Contracts Theory
Open this publication in new window or tab >>Specifying Safety-Critical Heterogeneous Systems Using Contracts Theory
2016 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Requirements engineering (RE) is a well-established practice that is also emphasized in safety standards such as IEC 61508 and ISO 26262. Safety standards advocate a particularly stringent RE where requirements must be structured in an hierarchical manner in accordance with the system architecture; at each level, requirements must be allocated to heterogeneous (SW, HW, mechanical, electrical, etc.) architecture elements and trace links must be established between requirements. In contrast to the stringent RE in safety standards, according to previous studies, RE in industry is in general of poor quality. Considering a typical RE tool, other than basic impact analysis, the tool neither gives feedback nor guides a user  when specifying, allocating, and structuring requirements. In practice, for industry to comply with the stringent RE in safety standards, better support for RE is needed, not only from tools, but also from principles and methods.

Therefore, a foundation is presented consisting of an underlying theory for specifying heterogeneous systems and complementary principles and methods to specifically support the stringent RE in safety standards. This foundation is indeed suitable as a base for implementing guidance- and feedback-driven tool support for such stringent RE; however, the fact is that the proposed theory, principles, and methods provide essential support  regardless if tools are used or not.

The underlying theory is a formal compositional contracts theory for heterogeneous systems. This contracts theory embodies the essential RE property of separating requirements on a system from assumptions on its environment. Moreover, the contracts theory formalizes the stringent RE effort of structuring requirements hierarchically with respect to the system architecture. Thus, the proposed principles and methods for supporting the stringent RE in safety standards are well-rooted in formal concepts and conditions, and are thus, theoretically sound. Not only that, but the foundation is indeed also tailored to be enforced by both existing and new tools considering that the support is based on precise mathematical expressions that can be interpreted unambiguously by machines. Enforcing the foundation in a tool entails support that guides and gives feedback when specifying heterogeneous systems in general, and safety-critical ones in particular.

Abstract [sv]

Kravhantering är en väletablerad praxis som ocksåbetonas i säkerhetsstandarder såsom IEC 61508 och ISO 26262. Säkerhetsstandarder förespråkar en särskilt noggrann kravhantering där krav skall struktureras på ett hierarkiskt sätt i enlighet med systemarkitekturen; på varje nivå så skall krav allokeras till heterogena (SW, HW, mekaniska, elektriska, etc.) arkitekturelement och spårlänkar skall upprättas mellan kraven. I motsats till den noggranna kravhanteringen i säkerhetsstandarder så är kravhantering i industrin av allmänt dålig kvalitet enligt tidigare studier. Ett typisk kravverktyg ger inte mycket mer stöd än grundläggande konsekvensanalyser, d.v.s.\ verktyget ger varken återkoppling eller vägledning för att formulera, allokera, och strukturera krav. Bättre stöd behövs för att industrin i praktiken skall kunna förverkliga den noggranna kravhanteringen i säkerhetsstandarder -- inte bara stöd från verktyg, men också från kravhanteringsprinciper och metoder.

Därför presenteras ett fundament bestående av en underliggande teori för specifiering av heterogena system, samt kompletterande principer och metoder för att stödja den noggranna kravhanteringen i säkerhetsstandarder. Detta fundament är lämplig som en bas för att kunna implementera verktyg som ger återkoppling och vägledning för kravhantering; likväl så ger den föreslagna teorin, principerna och metoderna essentiellt stöd oavsett om verktyg används eller inte.

Den underliggande teorin är en kompositionell och formell kontraktsteori för heterogena system. Denna kontraktsteori ger konkret form åt den centrala kravhanteringsegenskapen att separera kraven på ett system från antaganden på dess omgivning. Dessutom så formaliserar kontraksteorin den noggranna uppgiften att hierarkiskt strukturera krav i enlighet med systemarkitekturen. Således så är de föreslagna principerna och metoderna för att stödja den noggranna kravhanteringen i säkerhetsstandarder välförankrade i formella begrepp och villkor och är därmed också teoretiskt sunda. Det erbjudna stödet är dessutom välanpassat för att kunna verkställas av såväl befintliga som nyaverktyg med tanke på att stödet är grundat på exakta matematiska uttryck som kan tolkas entydigt av maskiner. Verkställandet av fundamentet av ett verktyg medför stöd i form av vägledning och återkoppling vid specifiering av heterogena system i allmänhet, och säkerhetskritiska sådana i synnerhet.

Place, publisher, year, edition, pages
KTH Royal Institute of Technology, 2016. 237 p.
Series
TRITA-MMK, ISSN 1400-1179 ; 2016:05
Keyword
Contracts, Heterogeneous Systems, Safety, Architecture, Requirements, Specification, Elements, Compositional, IEC 61508, ISO 26262, Kontrakt, Heterogena System, Säkerhet, Arkitektur, Kravhantering, Specifiering, Element, Kompositionell, IEC 61508, ISO 26262
National Category
Mechanical Engineering Mathematics
Research subject
Machine Design
Identifiers
urn:nbn:se:kth:diva-192150 (URN)978-91-7729-106-0 (ISBN)
External cooperation:
Public defence
2016-09-29, Kollegiesalen, Brinellvägen 8, Stockholm, 09:00 (English)
Opponent
Supervisors
Projects
ESPRESSO
Funder
VINNOVA
Note

QC 20160909

Available from: 2016-09-11 Created: 2016-09-06 Last updated: 2016-09-11Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Westman, JonasNyberg, MattiasGustavsson, JoakimGurov, Dilian
By organisation
MechatronicsTheoretical Computer Science, TCS
In the same journal
Science of Computer Programming
Mechanical Engineering

Search outside of DiVA

GoogleGoogle Scholar

Altmetric score

Total: 85 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf