Chunyan Fu,Kougen Zheng

DOI: https://doi.org/10.1109/icsess.2018.8663926

2018-01-01

Abstract:Specification and verification of timing properties is a critical but error-prone issue in the development of real-time systems. Event-B is a formalism with the aim of modeling and analyzing systems. But it does not directly support the modeling of timing properties. Several studies have extended Event-B to formalize timing properties. These works are mainly concerned with timing constraints between events without the consideration of task-level timing constraints. In this paper, we propose patterns for task-level timing constraints precedence and coincidence. Firstly, we introduce the pattern for task deadline that states timing properties within a task. Then patterns for precedence and coincidence are built on top of this one. Furthermore, we illustrate the application of proposed patterns through the formal development of an example. It shows that the patterns can be integrated with Event-B models smoothly by the refinement. Our patterns can be potentially applicable to a wide range of modeling safety critical real-time systems. Additionally, our work provides a reference for the specification of other task-level timing constraints, e.g., exclusion and sub-occurrence.

Chunyan Fu,Kougen Zheng

DOI: https://doi.org/10.1109/IMCEC.2018.8469225

2018-01-01

Abstract:R177-time systems rely on components that have time constraints to be met. Specification and verification of time constraints is a critical issue of developing such systems. Event-B is a formalism for system modeling and analysis with advantages of mechanized proof and refinement scheme. But it does not directly support the modeling of timing properties. There have been some researches that introduce time concepts to the Event-B language or construct patterns facilitating the specification of timing properties. However, these are mainly concerned with the logical relations between events without the consideration of task-level time constraints. In this paper we identify some task-level time constraints, i.e., coincidence, exclusion and precedence, in real-time systems. For each constraint, we build its pattern from abstract to concrete. Such patterns can be integrated with existing Event-B models smoothly without the adjustment of the Event-B language. Our patterns can potentially be applicable to a wide range of modeling safety critical real-time systems. Furthermore, our work provides a reference for the formal specification of some other task-level time constraints.

Inès Mouakher,Fatma Dhaou,J. Christian Attiogbé

DOI: https://doi.org/10.1007/s11390-021-1673-5

IF: 1.871

2022-01-31

Journal of Computer Science and Technology

Abstract:UML 2.X sequence diagrams (SD) are among privileged scenarios-based approaches dealing with the complexity of modeling the behaviors of some current systems. However, there are several issues related to the standard semantics of UML 2.X SD proposed by the Object Management Group (OMG). They mainly concern ambiguities of the interpretation of SDs, and the computation of causal relations between events which is not specifically laid out. Moreover, SD is a semi-formal language, and it does not support the verification of the modeled system. This justifies the considerable number of research studies intending to define formal semantics of UML SDs. We proposed in our previous work semantics covering the most popular combined fragments (CF) of control-flow alt, opt, loop and seq, allowing to model alternative, optional, iterative and sequential behaviors respectively. The proposed semantics is based on partial order theory relations that permit the computation of the precedence relations between the events of an SD with nested CFs. We also addressed the issue of the evaluation of the interaction constraint (guard) for guarded CFs, and the related synchronization issue. In this paper, we first extend our semantics, proposed in our previous work; indeed, we propose new rules for the computation of causal relations for SD with par and strict CFs (dedicated to modeling concurrent and strict behaviors respectively) as well as their nesting. Then, we propose a transformational semantics in Event-B. Our modeling approach emphasizes computation of causal relations, guard handling and transformational semantics into Event-B. The transformation of UML 2.X SD into the formal method Event-B allows us to perform several kinds of verification including simulation, trace acceptance, verification of properties, and verification of refinement relation between SDs.

computer science, software engineering, hardware & architecture

Ana Sofia Gomes,José Júlio Alferes

DOI: https://doi.org/10.48550/arXiv.1405.3790

IF: 14.4

2014-05-15

Artificial Intelligence

Abstract:This work deals with the problem of combining reactive features, such as the ability to respond to events and define complex events, with the execution of transactions over general Knowledge Bases (KBs). With this as goal, we build on Transaction Logic (TR), a logic precisely designed to model and execute transactions in KBs defined by arbitrary logic theories. In it, transactions are written in a logic-programming style, by combining primitive update operations over a general KB, with the usual logic programming connectives and some additional connectives e.g. to express sequence of actions. While TR is a natural choice to deal with transactions, it remains the question whether TR can be used to express complex events, but also to deal simultaneously with the detection of complex events and the execution of transactions. In this paper we show that the former is possible while the latter is not. For that, we start by illustrating how TR can express complex events, and in particular, how SNOOP event expressions can be translated in the logic. Afterwards, we show why TR fails to deal with the two issues together, and to solve the intended problem propose Transaction Logic with Events, its syntax, model theory and executional semantics. The achieved solution is a non-monotonic extension of TR, which guarantees that every complex event detected in a transaction is necessarily responded.

PP Yuan,G Chen,JX Dong,WL Han

DOI: https://doi.org/10.1109/cscwd.2001.942224

2001-01-01

Abstract:In distributed systems based on B/SM, events and event-condition-action rules are the fundamental metaphors for defining and enforcing the system. Processing entities execute behavior by reacting to and generating new events. It is important that event semantics is explicit. Although a lot of research has concentrated on event semantics, there still exists potential semantic ambiguity which is unacceptable in some circumstances. We propose an event model and incorporate an interaction group identifier into it. We emphasize that the semantics is a key to capture the actual meaning of events in real life, in which the same composite event patterns may imply totally different semantic meanings. Based on this observation, a graph-ESIG (Event and Service Interacting Graph) and ESIC (Event and Service Interacting Chain), which are constructed according to ECA-Rules, are proposed to trace events. ESIG greatly enhanced the expressive power to allow event detection correctly, which matches situations in reality. Finally, we develop a event detection algorithm that uses ESIG and ESIC

Paulius Stankaitis,Alexei Iliasov,David Adjepon-Yamoah,Alexander Romanovsky

DOI: https://doi.org/10.48550/arXiv.1611.02923

2016-11-09

Abstract:Event-B is one of more popular notations for model-based, proof driven specification. It offers a fairly high-level mathematical lan- guage based on FOL and ZF set theory and an economical yet expres- sive modelling notation. Model correctness is established by discharging proving a number conjectures constructed via a syntactic instantiation of schematic conditions. A large proportion of provable conjectures re- quires proof hints from a user. For larger models this becomes extremely onerous as identical or similar proofs have to be repeated over and over, especially after model refactoring stages. In the paper we briefly present a new Rodin Platform proof back-end based on the Why3 umbrella prover.

Software Engineering

Yongwang Zhao,David Sanan,Fuyuan Zhang,Yang Liu

DOI: https://doi.org/10.48550/arxiv.1810.07855

2018-01-01

Abstract:Reactive systems are composed of a well defined set of input events that the system reacts with by executing an associated handler to each event. In concurrent environments, event handlers can interact with the execution of other programs such as hardware interruptions in preemptive systems, or other instances of the reactive system in multicore architectures. State of the art rely-guarantee based verification frameworks only focus on imperative programs, being difficult to capture in the rely and guarantee relations interactions with possible infinite sequences of event handlers, and the input arguments to event handlers. In this paper, we propose the formalisation in Isabelle/HOL of an event-based rely-guarantee approach for concurrent reactive systems. We develop a Pi-Core language which incorporates a concurrent imperative and system specification language by `events', and we build a rely-guarantee proof system for Pi-Core and prove its soundness. Our approach can deal with multicore and interruptible concurrency. We use two case studies to show this: an interruptible controller for stepper motors and an ARINC 653 multicore kernel, and prove the functional correctness and preservation of invariants of them in Isabelle/HOL.

Valdemar Tang,Claudio Gomes,Daniel Lucani

2024-08-27

Abstract:We introduce a novel event-trigger threshold (ETT) regulation mechanism based on the quantitative semantics of propositional logic (PL). We exploit the expressiveness of the PL vocabulary to deliver a precise and flexible specification of ETT regulation based on system requirements and properties. Additionally, we present a modified ETT regulation mechanism that provides formal guarantees for satisfaction/violation detection of arbitrary PL properties. To validate our proposed method, we consider a convoy of vehicles in an adaptive cruise control scenario. In this scenario, the PL operators are used to encode safety properties and the ETTs are regulated accordingly, e.g., if our safety metric is high there can be a higher ETT threshold, while a smaller threshold is used when the system is approaching unsafe conditions. Under ideal ETT regulation conditions in this safety scenario, we show that reductions between 41.8 - 96.3% in the number of triggered events is possible compared to using a constant ETT while maintaining similar safety conditions.

Systems and Control,Logic in Computer Science

Carlos Olarte,Camilo Rocha,Daniel Osorio

DOI: https://doi.org/10.48550/arXiv.2206.05813

2022-06-13

Abstract:Probabilistic specifications are fast gaining ground as a tool for statistical modeling of probabilistic systems. One of the main goals of formal methods in this domain is to ensure that specific behavior is present or absent in the system, up to a certain confidence threshold, regardless of the way it operates amid uncertain information. This paper presents a rewriting logic semantics for a probabilistic extension of Event-B, a proof-based formal method for discrete systems modeling. The proposed semantics adequately captures the three sources of probabilistic behavior, namely, probabilistic assignments, parameters, and concurrency. Hence, simulation and probabilistic temporal verification become automatically available for probabilistic Event-B models. The approach takes as input a probabilistic Event-B specification, and outputs a probabilistic rewrite theory that is fully executable in PMaude and can be statistically tested against quantitative metrics. The approach is illustrated with examples in the paper.

Logic in Computer Science

Vítor Fernandes,Marc de Visme,Benoît Valiron

2024-10-19

Abstract:In this paper, we consider event structures and their probabilistic and quantum extensions as originally defined by Winskel. If these structures have already been part of sophisticated computational models, they have rarely been directly studied as an immediate model of execution traces of programs. This paper offers such an analysis. We propose a simple imperative operational framework and show how to derive soundness and adequacy results with event structures considered as a semantics. We show how event structures naturally handle non-deterministic, probabilistic and quantum effects.

Logic in Computer Science

Zhiyong Chen,Qing-Long Han,Zheng-Guang Wu,Yamin Yan

DOI: https://doi.org/10.1007/s11432-019-2703-3

2020-01-01

Science China Information Sciences

Abstract:With the rapid development of control and estimation techniques for handling complicated system dynamics but in resource-limited microprocessors and bandwidth-limited networks,there is a demanding request for advanced event-triggered techniques.In recent years,researchers have made extensive effort on event-triggered approaches in handling various engineering problems.This special focus seeks collection of these state-of-the-art achievements in the field.It is envisioned that the contributions on advanced techniques for design of event-triggered control and estimation strategies will increase the functionality of microprocessors and efficiency of network communication in modern industrial systems.

Steve Schneider,Helen Treharne,Heike Wehrheim,David Williams

DOI: https://doi.org/10.48550/arXiv.1406.6622

2014-07-02

Abstract:Refinement in Event-B supports the development of systems via proof based step-wise refinement of events. This refinement approach ensures safety properties are preserved, but additional reasoning is required in order to establish liveness and fairness properties. In this paper we present results which allow a closer integration of two formal methods, Event-B and linear temporal logic. In particular we show how a class of temporal logic properties can carry through a refinement chain of machines. Refinement steps can include introduction of new events, event renaming and event splitting. We also identify a general liveness property that holds for the events of the initial system of a refinement chain. The approach will aid developers in enabling them to verify linear temporal logic properties at early stages of a development, knowing they will be preserved at later stages. We illustrate the results via a simple case study.

Software Engineering

Georgiana Caltais

DOI: https://doi.org/10.48550/arXiv.1502.02910

2015-02-10

Abstract:The modelling, specification and study of the semantics of concurrent reactive systems have been interesting research topics for many years now. The aim of this thesis is to exploit the strengths of the (co)algebraic framework in modelling reactive systems and reasoning on several types of associated semantics, in a uniform fashion. In particular, we are interested in handling notions of behavioural equivalence/preorder ranging from bisimilarity for systems that can be represented as non-deterministic coalgebras, to decorated trace semantics for labelled transition systems and probabilistic systems, and testing semantics for labelled transition systems with internal behaviour. Moreover, we aim at deriving a suite of corresponding verification algorithms suitable for implementation in automated tools.

Logic in Computer Science,Formal Languages and Automata Theory

Ping-peng Yuan,Gang Chen,Jinxiang Dong,Weili Han

DOI: https://doi.org/10.1109/CSCWD.2002.1047657

2002-01-01

Abstract:In this paper, we propose an event specification language for event-based collaboration support software architecture, which incorporates some basic concepts, four event operators and four event-occurrence operators to conveniently allow complex event descriptions. The semantics of the language is also studied In the event specification language, we distinguish between event and event occurrence, identify primitive events, and introduce a small number of event operators for constructing composite (or complex) events. The novel aspect of our work lies in supporting a rich set of events and event expressions.

ZHOU Cong-Hua,TAO Zhi-Hong,CHEN Zhong,WANG Li-Fu

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.11.030

2007-01-01

Computer Science

Abstract:Specification languages for workflow need to combine practical algorithmic efficiency with high expressive power and the ability to reason about both states and events. We address this question by defining a new temporal logic E-CTL~* which integrates both state-based and event-based properties and allows us to represent properties precisely and naturally. The verification of throughness of workflow logic is very expensive both in time and space. The state ex- plosion is the main difficulty. Describing the throughness by E-CTL~* allows us to use symbolic model checkers to veri- fy the thronghness. Therefore the state explosion can be overcame efficiently. When the throughness is not satisfied by the workflow, model checking can give a counterexample which can guide us to correct the workflow. The change of workflow needs to keep thronghness. We discuss the correctness of change based on temporal logic E-CTL~* and obtain the character of correct change.

Michael Butler,Issam Maamria

DOI: https://doi.org/10.1007/978-3-642-39698-4_5

2013-01-01

Abstract:The Rodin tool for Event-B supports formal modelling and proof using a mathematical language that is based on predicate logic and set theory. Although Rodin has in-built support for a rich set of operators and proof rules, for some application areas there may be a need to extend the set of operators and proof rules supported by the tool. This paper outlines a new feature of the Rodin tool, the theory component, that allows users to extend the mathematical language supported by the tool. Using theories, Rodin users may define new data types and polymorphic operators in a systematic and practical way. Theories also allow users to extend the proof capabilities of Rodin by defining new proof rules that get incorporated into the proof mechanisms. Soundness of new definitions and rules is provided through validity proof obligations.

Tim Wahls

DOI: https://doi.org/10.48550/arXiv.1606.02669

2016-06-09

Abstract:The EventB2SQL tool translates Event-B models to persistent Java applications that store the state of the model in a relational database. Most Event-B assignments are translated directly to SQL database modification statements, which can then be executed against the database. In this work, we present a formal semantics for and prove the soundness of the translation of sets of assignment statements representing the actions of an Event-B event. This allows the generated code to be used with confidence in its correctness.

Software Engineering

Geguang Pu,Xiangpeng Zhao,Shuling Wang,Zongyan Qiu

DOI: https://doi.org/10.1016/j.entcs.2005.07.035

2006-01-01

Electronic Notes in Theoretical Computer Science

Abstract:In this paper, we discuss the semantics of BPEL4WS lan- guage which is a de facto standard for specifying and execution work∞ow speciflcation for web service composition and orchestration. For the con- venience, We propose the language called "-BPEL including all primitive and structured activities within BPEL4WS. Moreover, As the Timed Au- tomata (TA) (2) is powerful in designing real-time models with multiple clocks and has well developed automatic tool support the veriflcation, we deflne and map BPEL4WS constructs into composable Timed Au- tomata. Therefore, all the properties we want to check within BPEL4WS can be verifled in TA network correspondingly. Furthermore, we prove the mapping from "-BPEL to TA is a simulation which means the TA network simulates correctly the corresponding speciflcation written in BPEL4WS. The case study in Uppaal model checker shows that our method is efiective, and a Java supporting tool based on Uppaal model checker engine has been developed. Keywords: Work∞ow language, BPEL4WS, Operational Semantics, Ver- iflcation, Timed Automata, Web service, Uppaal.

Gao Hongjiang,He Ying,Qin Zheng,Shao Liping,Heng Xingchen

DOI: https://doi.org/10.1109/ICICT.2007.375374

2007-01-01

Abstract:With increasingly complexity in MAS, rigorous design practices are needed in case of critical applications. Event B, which provides an accessible and rigorous formal approach to development of such complex system, is ideal for the formal modelling of reactive systems. In this paper we present a part of ongoing work in this area. A practical approach for developing flexible and reliable formal specifications of MAS using Event B is described, exemplified on Contract Net Protocol (CNP) in the interaction of MAS, associating an intelligent shape and style design systems in automobile.

Chris Chilton,Marta Kwiatkowska,Xu Wang

DOI: https://doi.org/10.48550/arXiv.1304.7590

2013-04-29

Abstract:In this paper we present an assume-guarantee specification theory (aka interface theory from [14]) for modular synthesis and verification of real-time systems with critical timing constraints. It is a further step of our earlier work [10] which achieved an elegant algebraic specification theory for real-time systems endowed with the capability to freeze time. In this paper we relinquish such (unrealisable) capability and target more realistic systems without the ability to stop time. Our theory, in a combined process-algebraic and reactive-synthesis style, provides the operations of parallel composition for system integration, logical conjunction/disjunction for viewpoint fusion and independent development, and quotient for incremental synthesis. We show that a substitutive refinement preorder, which is a coarsening of the pre-congruence in [10], constitutes the weakest pre-congruence preserving freedom of incompatibility errors. The coarsening requires a shift in the focus of our theory to a more game-theoretical treatment, where the coarsening constitutes a reactive synthesis game named normalisation and is efficiently implementable by a novel local bot-backpropagation algorithm. Previously, timed concurrent games have been studied in [1,14,13], where one of the key concern is the removal of time-blocking strategies by applying blame assignment [13]. Our timed games also have the issue of time-blocking strategies, which may arise through the composition of specifications. However, due to our distinctively different formulation of timed games, we have discovered another elegant solution to the problem without blame assignment. Our solution utilises a second reactive synthesis game called realisation, which is dual to normalisation and implementable by the dual local top-backpropagation algorithm.

Logic in Computer Science,Software Engineering