2010 8th IEEE International Conference on Software Engineering and Formal Methods最新文献

{"title":"Time and Data-Aware Analysis of Graphical Service Models in Reo","authors":"N. Kokash, Christian Krause, E. Vink","doi":"10.1109/SEFM.2010.26","DOIUrl":"https://doi.org/10.1109/SEFM.2010.26","url":null,"abstract":"Reo is a graphical channel-based coordination language that enables the modeling of complex behavioral protocols using a small set of channel types with well-defined behavior. Reo has been developed for the coordination of stand-alone components and services, which makes it suitable for the modeling of service-based business processes. The formal semantic models for Reo lay the grounds for computer-aided analysis of different aspects of Reo diagrams, including their animation, simulation and verification of control ???ow and data ???ow by means of model checking techniques. In this paper, we discuss the verification of data aware Reo process models using the mCRL2 model checking toolset including time analysis. We also show how behavior abstraction can be used to minimize Reo process models and generate smaller mCRL2 specifications. A detailed auction example illustrates our approach to time-aware modeling and verification of data-centric service models.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"196 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133811016","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Toolkit for Generating Sentences from Context-Free Grammars","authors":"Zhiwu Xu, Lixiao Zheng, H. Chen","doi":"10.1109/SEFM.2010.21","DOIUrl":"https://doi.org/10.1109/SEFM.2010.21","url":null,"abstract":"Producing sentences from a grammar, according to various criteria, is required in many applications. It is also a basic building block for grammar engineering. This paper presents a toolkit for context-free grammars, which mainly consists of several algorithms for sentence generation or enumeration and for coverage analysis for context-free grammars. The toolkit deals with general context-free grammars. Besides providing implementations of algorithms, the toolkit also provides a simple graphical user interface, through which the user can use the toolkit directly. The toolkit is implemented in Java and is available at http://lcs.ios.ac.cn/ hiwu/toolkit.php. In the paper, the overview of the toolkit and the description of the GUI are presented, and experimental results and preliminary applications of the toolkit are also contained.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128574211","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Refinement-Friendly Bigraphs and Spygraphs","authors":"M. Goldsmith, S. Creese","doi":"10.1109/SEFM.2010.25","DOIUrl":"https://doi.org/10.1109/SEFM.2010.25","url":null,"abstract":"Over the past decade the successful approach to specification and mechanical analysis of correctness and security properties using CSP and its refinement checker FDR has been extended to contexts including mobile ad-hoc networks and pervasive systems. But the more scope for network reconfiguration the system exhibits, the more intricate and less obviously accurate the models must become in order to accommodate such dynamic behaviour in a language with a basically static process and communication graph. Milner's Bigraph framework, on the other hand, and in particular Blackwell's Spygraph specialisation, are ideally suited for describing intuitively such dynamic reconfigurations of a system and support notions of locality and adjacency which fit them well for reasoning, for instance, about the interface between physical and electronic security; but they lack powerful analytic tool support. Our long-term goal is to combine the best of both approaches. Unfortunately the canonical labelled transition system induced by the category-theoretic semantics of a bigraphical reactive system present a number of challenges to the refinement-based approach. Prominent amongst these is the feature that the label on a transition is the 'borrowed context' required to make the redex of some reaction rule appear in the augmented source bigraph; this means that any reaction which can already take place entirely within a given bigraph gives rise to a transition labelled only with the trivial identity context, equivalent to a tau transition in CCS or CSP, with the result that neither the reaction rule nor the agents involved can be distinguished. This makes it quite impossible for an observer of the transition system to determine whether such a reaction was desirable with respect to any specification. We are investigating ways to remedy this situation. Here we present a systematic transformation of a bigraphical reactive system, both its rules and the underlying bigraphs, with the effect that every transition becomes labelled with the specific rule that gave rise to it and the set of agents involved. We also consider how that now possibly over-precise labelling can be restricted through selective hiding and judicious forgetful renaming.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114666400","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adaptive Software Needs Continuous Verification","authors":"C. Ghezzi","doi":"10.1109/SEFM.2010.8","DOIUrl":"https://doi.org/10.1109/SEFM.2010.8","url":null,"abstract":"Extended abstract of keynote presentation","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124062835","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Verification of Dynamic Data Tree with mu-calculus Extended with Separation","authors":"M. Gallardo, David Sanán","doi":"10.1109/SEFM.2010.34","DOIUrl":"https://doi.org/10.1109/SEFM.2010.34","url":null,"abstract":"The problem of verifying software systems that use dynamic data structures (such as linked lists, queues, or binary trees) has attracted increasing interest over the last decade. Dynamic structures are barely supported by verification techniques because among other reasons, it is difficult to efficiently manage the pointer-based internal representation. This is a key aspect when the goal is to construct a verification tool based on model checking techniques, for instance. In addition, since new nodes may be dynamically inserted or extracted from the structure, the shape of the dynamic data (and other more specific properties) may vary at runtime, it being difficult to detect errors such as, for instance, the non desirable sharing between two nodes. In this paper, we propose to use mu-calculus to describe and analyze, using model checking techniques, dynamic data such as lists, and non-linear data structures like trees. The expressiveness of mu-calculus makes it possible to naturally describe these structures. In addition, following the ideas of separation logic, the logic has been extended with a new operator able to describe the non-sharing property which is essential when analyzing data structures of this type.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114633350","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Structured Counterexamples for the Temporal Description Logic ALCCTL","authors":"Franz Weitl, S. Nakajima, B. Freitag","doi":"10.1109/SEFM.2010.36","DOIUrl":"https://doi.org/10.1109/SEFM.2010.36","url":null,"abstract":"A new algorithm for generating counterexamples for the temporal description logic ALCCTL is presented. ALCCTL is a decidable combination of the description logic ALC and computation tree logic CTL. It extends CTL by first order quantified expressions over unary and binary predicates. Predicates and quantified expressions are required for representing properties in application domains such as structured web documents and they are frequently used in software and hardware specifications which are verified by model checking. In the case of a specification violation, existing algorithms generate counterexamples that tend to be complex yet imprecise if specifications range over sets of objects. The presented algorithm is the first algorithm for generating counterexamples for a temporal description logic that considers first order predicates and quantification. The algorithm is sound and semi-complete for ALCCTL. The generated counterexamples are both more precise and comprehensible than counterexamples generated by the previous algorithms.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130417841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Architecture Recovery Using Latent Semantic Indexing and K-Means: An Empirical Evaluation","authors":"G. Scanniello, M. Risi, G. Tortora","doi":"10.1109/SEFM.2010.19","DOIUrl":"https://doi.org/10.1109/SEFM.2010.19","url":null,"abstract":"A number of clustering based approaches and tools have been proposed in the past to partition a software system into subsystems. The greater part of these approaches is semiautomatic, thus requiring human decision to identify the best partition of software entities into clusters among the possible partitions. In addition, some approaches are conceived for software systems implemented using a particular programming language (e.g., C and C++). In this paper we present an approach to automate the partitioning of a given software system into subsystems. In particular, the approach first analyzes the software entities (e.g., programs or classes) and then using Latent Semantic Indexing the dissimilarity between these entities is computed. Finally, software entities are grouped using iteratively the k-means clustering algorithm. The approach has been implemented in a prototype of a supporting software system as an Eclipse plug-in. Finally, to assess the approach and the plug-in, we have conducted an empirical investigation on three open source software systems implemented using the programming languages Java and C/C++.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130022253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The Unreasonable Ineffectiveness of Security Engineering: An Overview","authors":"Dusko Pavlovic","doi":"10.1109/SEFM.2010.10","DOIUrl":"https://doi.org/10.1109/SEFM.2010.10","url":null,"abstract":"In his 1960 essay, EugeneWigner raised the question of ”the unreasonable effectiveness of mathematics in natural sciences” [32]. After several decades of security research, we are tempted to ask the opposite question: Are we not unreasonably ineffective? Why are we not more secure from all the security technologies? I sketch a conceptual landscape of security that may provide some answers, on the background of ever increasing dynamics and pervasiveness of software and computation.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131904485","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Safety Assessment Using Behavior Trees and Model Checking","authors":"P. Lindsay, Kirsten Winter, Nisansala Yatapanage","doi":"10.1109/SEFM.2010.23","DOIUrl":"https://doi.org/10.1109/SEFM.2010.23","url":null,"abstract":"This paper demonstrates the use of Behavior Trees and model checking to assess system safety requirements for a system containing substantial redundancy. The case study concerns the hydraulics systems for the Airbus A320 aircraft, which are critical for aircraft control. The system design is supposed to be able to handle up to 3 different components failing individually, without loss of all hydraulic power. Verifying the logic of such designs is difficult for humans because of the sheer amount of detail and number of different cases that need to be considered. The paper demonstrates how model checking can yield insights into what combinations of component failures can lead to system failure.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127813411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"\"Fly Me to the Moon\": Verification of Aerospace Systems","authors":"D. Giannakopoulou","doi":"10.1109/SEFM.2010.9","DOIUrl":"https://doi.org/10.1109/SEFM.2010.9","url":null,"abstract":"The safety-critical nature of aerospace systems mandates the development of advanced formal verification techniques that provide desired correctness guarantees. In this paper, we present two inherently different approaches towards achieving this goal. The first approach aims at scaling exhaustive verification techniques by applying divide-and-conquer principles. It involves automated compositional verification algorithms for model checking both finite and infinite-state software components. The second approach does not perform exhaustive verification but it is more versatile. It uses a model checker to automatically generate tests for aerospace algorithms and only requires knowledge of the types of inputs that the algorithms process. We will discuss our experience with formal verification of aerospace systems and analyze the applicability of the two approaches in several settings.","PeriodicalId":211760,"journal":{"name":"2010 8th IEEE International Conference on Software Engineering and Formal Methods","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133951063","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}