Formal Verification of AADL Specifications in the Topcased Environment

Berthomieu, Bernard; Bodeveix, Jean-Paul; Chaudet, Christelle; Zilio, Silvano Dal; Filali, Mamoun; Vernadat, François

doi:10.1007/978-3-642-01924-1_15

Cited by 56 publications

(47 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Then, the LNT AST is scanned by the LNT code printer in order to produce code source files 4 https://github.com/OpenAADL/ocarina (*.lnt). To obtain a modular specification, we generate a set of LNT modules which corresponds to the construction of a set of LNT LTSs.…”

Section: Model Transformationmentioning

confidence: 99%

“…In addition, Ocarina can be easily integrated as a backend for other AADL editors (already used through OSATE and AADL Inspector tools), which increases the visibility of our work. AADL Formal approaches are often based on model transformation into different languages such as Lustre [13], TLA+ [22], Signal [5], ACSR [24], TASM [25], Fiacre [4], Real-time Maude [20] and BIP [8]. As examples: many work [5,26] are around the Polychrony platform and Signal language for synchronous verification of AADL models where behavior is specified by BA or Simulink.…”

Section: Related Workmentioning

confidence: 99%

“…As examples: many work [5,26] are around the Polychrony platform and Signal language for synchronous verification of AADL models where behavior is specified by BA or Simulink. The transformations are implemented within OSATE and the analyses are performed by Polychrony and SynDEx tools; authors in [25] transform a synchronous AADL subset (periodic threads, data port connections, modes and BA) to the TASM language, in order to verify behavioral properties (deadlock and reachability) with TASM tool suite and UPPAAL; the transformation of AADL model into the Fiacre language is addressed in the TOPCASED environment [4]. This work supports periodic/sporadic thread and event/data port connections, but it is restricted to the non-preemptive scheduling.…”

Section: Related Workmentioning

confidence: 99%

“…Many projects and tool-chains are dedicated to AADL processing, that often adopt model transformation techniques to allow formal analyses. Several AADL formal semantics are defined using different formalisms such as Petri nets [21,23], timed automata [12,14] and different process algebras [4,5,8,20,25]. These approaches are implemented within platforms such as OSATE and TOPCASED aiming the convenient reuse of existing tools like UPPAAL, Tina and Polychrony.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An ocarina extension for AADL formal semantics generation

Mkaouar

Zalila

Hugues

et al. 2018

Proceedings of the 33rd Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

The formal verification has become a recommended practice in safety-critical software engineering. The hand-written of the formal specification requires a formal expertise and may become complex especially with large systems. In such context, the automatic generation of the formal specification seems helpful and rewarding, particularly for reused and generic mapping such as hardware representations and real-time features. In this paper, we aim to formally verify real-time systems designed by AADL language. We propose an extension AADL2LNT of the Ocarina tool suite allowing the automatic generation of an LNT specification to draw a gateway for the CADP formal analysis toolbox. This work is illustrated with the Pacemaker case study.

show abstract

Section: Model Transformationmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An ocarina extension for AADL formal semantics generation

Mkaouar

Zalila

Hugues

et al. 2018

Proceedings of the 33rd Annual ACM Symposium on Applied Computing

View full text Add to dashboard Cite

show abstract

“…Work in class (iii) includes [3,4,17] and our own work. The main difference between [3,4] and our work is that we give a formal executable semantics to an AADL model with a behavior annex specification of its thread behavior, associating to it a real-time rewrite theory.…”

Section: Related Workmentioning

confidence: 99%

Formal Semantics and Analysis of Behavioral AADL Models in Real-Time Maude

Ölveczky

Boronat

Meseguer

2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. AADL is a standard for modeling embedded systems that is widely used in avionics and other safety-critical applications. However, AADL lacks a formal semantics, and this severely limits both unambiguous communication among model developers, and the development of simulators and formal analysis tools. In this work we present a formal object-based real-time concurrent semantics for a behavioral subset of AADL in rewriting logic, which includes the essential aspects of its behavior annex. Our semantics is directly executable in Real-Time Maude and provides an AADL simulator and LTL model checking tool called AADL2Maude. AADL2Maude is integrated with OSATE, so that OS-ATE's code generation facility is used to automatically transform AADL models into their corresponding Real-Time Maude specifications. Such transformed models can then be executed and model checked by RealTime Maude. We present our semantics, and two case studies in which safety-critical properties are analyzed in AADL2Maude.

show abstract

5.4.1 Simulation and Verification of [Dys]functional Behavior Models: Model Checking for SE

Seidner

Lerat

Roux³

2010

INCOSE International Symp

View full text Add to dashboard Cite

Verification is a key process in the dependability engineering of complex systems. As we have shown in earlier works, formal verification techniques such as model checking can be efficiently used in a Systems Engineering (SE) context, despite their inherent complexity. Considering the widely used Enhanced Function Flow Block Diagrams (EFFBDs), we have indeed developed a formal simulation and verification tool for these functional behavior models. Moreover, great care has been taken to conceal the processing complexity from the tool end-user. In this paper, we present our latest developments as well as an extension of both method and tool to the case of dysfunctional models, to take into account failures affecting the model elements. By addressing both fault removal and fault forecasting problems with formal methods, we thus hope to improve the dependability analysis practice in SE.

show abstract

Formal Verification of AADL Specifications in the Topcased Environment

Cited by 56 publications

References 13 publications

An ocarina extension for AADL formal semantics generation

An ocarina extension for AADL formal semantics generation

Formal Semantics and Analysis of Behavioral AADL Models in Real-Time Maude

5.4.1 Simulation and Verification of [Dys]functional Behavior Models: Model Checking for SE

Contact Info

Product

Resources

About