Change search
ReferencesLink to record
Permanent link

Direct link
Formal Architecture Modeling of Sequential Non-Recursive C Programs
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics. (Inbyggda kontrollsystem)ORCID iD: 0000-0002-9655-7326
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.
KTH, School of Industrial Engineering and Management (ITM), Machine Design (Dept.), Mechatronics.
KTH, School of Computer Science and Communication (CSC), Theoretical Computer Science, TCS.
2016 (English)In: Science of Computer Programming, ISSN 0167-6423, E-ISSN 1872-7964Article in journal (Other academic) Submitted
Abstract [en]

To manage the complexity of C programs, architecture models are used as high-level descriptions, allowing developers to understand, assess, and manage the C programs without having to understand the intricate complexity of the code implementations. However, for the architecture models to serve their purpose, they must be accurate representations of the code implementations. In order to achieve this in practice, support is needed in the form of a stringent mapping from the C language to an architecture modeling formalism.Considering that there exists no such uniform mapping from the C language to Modeling Languages (MLs) such as SysML or UML and Architecture Description Languages (ADLs) such as AADL, modeling C programs using such languages is essentially ad-hoc.Therefore, a unique mapping is established from the domain of sequential non-recursive C programs to a domain of formal architecture models.

Place, publisher, year, edition, pages
2016.
National Category
Mechanical Engineering
Research subject
Machine Design
Identifiers
URN: urn:nbn:se:kth:diva-192375OAI: oai:DiVA.org:kth-192375DiVA: diva2:968033
Projects
ESPRESSO
Funder
VINNOVA
Note

QC 20160911

Available from: 2016-09-11 Created: 2016-09-11 Last updated: 2016-09-11Bibliographically approved
In thesis
1. Specifying Safety-Critical Heterogeneous Systems Using Contracts Theory
Open this publication in new window or tab >>Specifying Safety-Critical Heterogeneous Systems Using Contracts Theory
2016 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Requirements engineering (RE) is a well-established practice that is also emphasized in safety standards such as IEC 61508 and ISO 26262. Safety standards advocate a particularly stringent RE where requirements must be structured in an hierarchical manner in accordance with the system architecture; at each level, requirements must be allocated to heterogeneous (SW, HW, mechanical, electrical, etc.) architecture elements and trace links must be established between requirements. In contrast to the stringent RE in safety standards, according to previous studies, RE in industry is in general of poor quality. Considering a typical RE tool, other than basic impact analysis, the tool neither gives feedback nor guides a user  when specifying, allocating, and structuring requirements. In practice, for industry to comply with the stringent RE in safety standards, better support for RE is needed, not only from tools, but also from principles and methods.

Therefore, a foundation is presented consisting of an underlying theory for specifying heterogeneous systems and complementary principles and methods to specifically support the stringent RE in safety standards. This foundation is indeed suitable as a base for implementing guidance- and feedback-driven tool support for such stringent RE; however, the fact is that the proposed theory, principles, and methods provide essential support  regardless if tools are used or not.

The underlying theory is a formal compositional contracts theory for heterogeneous systems. This contracts theory embodies the essential RE property of separating requirements on a system from assumptions on its environment. Moreover, the contracts theory formalizes the stringent RE effort of structuring requirements hierarchically with respect to the system architecture. Thus, the proposed principles and methods for supporting the stringent RE in safety standards are well-rooted in formal concepts and conditions, and are thus, theoretically sound. Not only that, but the foundation is indeed also tailored to be enforced by both existing and new tools considering that the support is based on precise mathematical expressions that can be interpreted unambiguously by machines. Enforcing the foundation in a tool entails support that guides and gives feedback when specifying heterogeneous systems in general, and safety-critical ones in particular.

Abstract [sv]

Kravhantering är en väletablerad praxis som ocksåbetonas i säkerhetsstandarder såsom IEC 61508 och ISO 26262. Säkerhetsstandarder förespråkar en särskilt noggrann kravhantering där krav skall struktureras på ett hierarkiskt sätt i enlighet med systemarkitekturen; på varje nivå så skall krav allokeras till heterogena (SW, HW, mekaniska, elektriska, etc.) arkitekturelement och spårlänkar skall upprättas mellan kraven. I motsats till den noggranna kravhanteringen i säkerhetsstandarder så är kravhantering i industrin av allmänt dålig kvalitet enligt tidigare studier. Ett typisk kravverktyg ger inte mycket mer stöd än grundläggande konsekvensanalyser, d.v.s.\ verktyget ger varken återkoppling eller vägledning för att formulera, allokera, och strukturera krav. Bättre stöd behövs för att industrin i praktiken skall kunna förverkliga den noggranna kravhanteringen i säkerhetsstandarder -- inte bara stöd från verktyg, men också från kravhanteringsprinciper och metoder.

Därför presenteras ett fundament bestående av en underliggande teori för specifiering av heterogena system, samt kompletterande principer och metoder för att stödja den noggranna kravhanteringen i säkerhetsstandarder. Detta fundament är lämplig som en bas för att kunna implementera verktyg som ger återkoppling och vägledning för kravhantering; likväl så ger den föreslagna teorin, principerna och metoderna essentiellt stöd oavsett om verktyg används eller inte.

Den underliggande teorin är en kompositionell och formell kontraktsteori för heterogena system. Denna kontraktsteori ger konkret form åt den centrala kravhanteringsegenskapen att separera kraven på ett system från antaganden på dess omgivning. Dessutom så formaliserar kontraksteorin den noggranna uppgiften att hierarkiskt strukturera krav i enlighet med systemarkitekturen. Således så är de föreslagna principerna och metoderna för att stödja den noggranna kravhanteringen i säkerhetsstandarder välförankrade i formella begrepp och villkor och är därmed också teoretiskt sunda. Det erbjudna stödet är dessutom välanpassat för att kunna verkställas av såväl befintliga som nyaverktyg med tanke på att stödet är grundat på exakta matematiska uttryck som kan tolkas entydigt av maskiner. Verkställandet av fundamentet av ett verktyg medför stöd i form av vägledning och återkoppling vid specifiering av heterogena system i allmänhet, och säkerhetskritiska sådana i synnerhet.

Place, publisher, year, edition, pages
KTH Royal Institute of Technology, 2016. 237 p.
Series
TRITA-MMK, ISSN 1400-1179 ; 2016:05
Keyword
Contracts, Heterogeneous Systems, Safety, Architecture, Requirements, Specification, Elements, Compositional, IEC 61508, ISO 26262, Kontrakt, Heterogena System, Säkerhet, Arkitektur, Kravhantering, Specifiering, Element, Kompositionell, IEC 61508, ISO 26262
National Category
Mechanical Engineering Mathematics
Research subject
Machine Design
Identifiers
urn:nbn:se:kth:diva-192150 (URN)978-91-7729-106-0 (ISBN)
External cooperation:
Public defence
2016-09-29, Kollegiesalen, Brinellvägen 8, Stockholm, 09:00 (English)
Opponent
Supervisors
Projects
ESPRESSO
Funder
VINNOVA
Note

QC 20160909

Available from: 2016-09-11 Created: 2016-09-06 Last updated: 2016-09-11Bibliographically approved

Open Access in DiVA

No full text

Search in DiVA

By author/editor
Westman, JonasGustavsson, JoakimGurov, Dilian
By organisation
MechatronicsTheoretical Computer Science, TCS
In the same journal
Science of Computer Programming
Mechanical Engineering

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 5 hits
ReferencesLink to record
Permanent link

Direct link