Xiaopu Huang,Qingqing Sun,Jiangwei Li,Tian Zhang

DOI: https://doi.org/10.1007/978-3-642-35795-4_62

2012-01-01

Abstract:State Machine Diagram (SMD) is one of the SysML behavior diagrams, but it is a kind of semi-formal model language. As a consequence, models can not be verified conveniently and efficiently, especially in real-time embedded system (RTES) field as there are no descriptions of time and probability in SMD. To address these problems, we extend SMD with time and probability elements extracted from MARTE and propose a transformation algorithm based on MDE. With the algorithm, we transform the extended SMD to timed automata (TA) and then analyze and verify the transformation result using existing tools. So at the very beginning of system design, errors and deficiencies can be found. At last, we construct an instance to illustrate the validity of our approach.

Zhanjun Huang,Yiming Wang,Wenzhuo Shang,Jianing Yan,An Zhang

DOI: https://doi.org/10.1109/ICEI60179.2023.00072

2023-01-01

Abstract:Transforming semi-formal models with intuitive features into formal models with strict system behavior descriptions can effectively improve system development efficiency. This paper analyzes the characteristics and differences of the SysML state machine diagram (STM) model and the Timed Automata (TA) model. A corresponding conversion algorithm is proposed for the typical composite state structure of the SysML STM. Firstly, the internal structure of the composite state is represented by constructing a new TA template. Secondly, composite state self-transfers and internal transfers are added to represent the dynamic system behavior. Lastly, additional triggering conditions, enabling transfer conditions, and correspondences are added. An example is analyzed to realize structural conversion to the TA model. Finally, based on Bi-simulation, the correctness of the model before and after conversion is analyzed.

Kai Hu,Teng Zhang,YANG Zhi-bin,Bin Gu,Shu Jiang,JIANG Pan-chang,胡凯,张腾,杨志斌,顾斌,蒋树,姜泮昌

2012-01-01

Abstract:Timed abstract state machine (TASM) is a formal specification language used to specify and simulate the behavior of real-time systems. Formal verification of TASM model can be fulfilled through model checking activities by translating into UPPAAL. Firstly, the translational semantics from TASM to UPPAAL is presented through atlas transformation language (ATL). Secondly, the implementation of the proposed model transformation tool TASM2UPPAAL is provided. Finally, a case study is given to illustrate the automatic transformation from TASM model to UPPAAL model. Copyright © 2012 Editorial Department of Journal of Donghua University.

Yixiao Yang,Yu Jiang,Ming Gu,Jiaguang Sun

DOI: https://doi.org/10.1145/2970276.2970293

2016-01-01

Abstract:Simulink Stateflow is widely used for the model-driven development of software. However, the increasing demand of rigorous verification for safety critical applications brings new challenge to the Simulink Stateflow because of the lack of formal semantics. In this paper, we present STU, a self-contained toolkit to bridge the Simulink Stateflow and a well-defined rigorous verification. The tool translates the Simulink Stateflow into the Uppaal timed automata for verification. Compared to existing work, more advanced and complex modeling features in Stateflow such as the event stack, conditional action and timer are supported. Then, with the strong verification power of Uppaal, we can not only find design defects that are missed by the Simulink Design Verifier, but also check more important temporal properties. The evaluation on artificial examples and real industrial applications demonstrates the effectiveness.

Wenbo Zhou,Yujiao Zhao,Ye Zhang,Yiyuan Wang,Minghao Yin

DOI: https://doi.org/10.1002/spe.3372

2024-09-19

Software Practice and Experience

Abstract:UPPAAL is a formal modeling and verification tool based on timed automata, capable of effectively analyzing real‐time software and hardware systems. In this article, we investigate research on UPPAAL‐assisted formal modeling and verification. First, we propose four research questions considering tool characteristics, modeling methods, verification means and application domains. Then, the state‐of‐the‐art methods for model specification and verification in UPPAAL are discussed, involving model transformation, model repair, property specification, as well as verification and testing methods. Next, typical application cases of formal modeling and verification assisted by UPPAAL are analyzed, spanning across domains such as network protocol, multi‐agent system, cyber‐physical system, rail traffic and aerospace systems, cloud and edge computing systems, as well as biological and medical systems. Finally, we address the four proposed questions based on our survey and outline future research directions. By responding to these questions, we aim to provide summaries and insights into potential avenues for further exploration in this field.

computer science, software engineering

Li Qiuyan,Tian Jie,Pei Qiuhong,Wu Ji

DOI: https://doi.org/10.1109/iccsn.2011.6014264

2011-01-01

Abstract:AADL supports standard accurate modeling of embedded systems and has been widely used in the embedded field. However, as a new modeling language, modeling and analysis tools of AADL are not mature enough. In the field of software engineering, the method and tool about UML model have been developed widely, so we consider designing a transformation method. This method define a complete meta-model for AADL error model and implement the automatic transformation from the AADL model to UML model. Our research makes the method and tool for UML model reused in the AADL model, expands the application scope of AADL model, and reduces the development cost of AADL modeling. Finally, the potential research directions are discussed.

Andrey Morozov,Thomas Mutzke,Kai Ding

DOI: https://doi.org/10.1115/1.4051781

2021-07-14

Abstract:Abstract Modern technical systems consist of heterogeneous components, including mechanical parts, hardware, and the extensive software part that allows the autonomous system operation. The heterogeneity and autonomy require appropriate models that can describe the mutual interaction of the components. UML and SysML are widely accepted candidates for system modeling and model-based analysis in early design phases, including the analysis of reliability properties. UML and SysML models are semi-formal. Thus, transformation methods to formal models are required. Recently, we introduced a stochastic Dual-graph Error Propagation Model (DEPM). This model captures control and data flow structures of a system and allows the computation of advanced risk metrics using probabilistic model checking techniques. This article presents a new automated transformation method of an annotated State Machine Diagram, extended with Activity Diagrams, to a hierarchical DEPM. This method will help reliability engineers to keep error propagation models up to date and ensure their consistency with the available system models. The capabilities and limitations of transformation algorithm is described in detail and demonstrated on a complete model-based error propagation analysis of an autonomous medical patient table.

Martin Kardos,Yuhong Zhao

DOI: https://doi.org/10.1007/1-4020-8149-9_3

2004-01-01

Abstract:System level design incorporating system modeling and formal specification in combination with formal verification can substantially contribute to the correctness and quality of the embedded systems and consequently help reduce the development costs. Ensuring the correctness of the designed system is, of course, a crucial design criterion especially when complex distributed (realtime) embedded systems are considered. Therefore, this paper aims at presenting a verification framework designated for formal verification and validation of UML-based design of embedded systems. It first introduces an approach of using the AsmL language for acquiring formal models of the UML semantics and consequently presents an on-the-fly model checking technique designed to run the formal verification directly over those semantic models.

Miroslav Pajic,Zhihao Jiang,Insup Lee,Oleg Sokolsky,Rahul Mangharam

DOI: https://doi.org/10.1145/2584651

2014-01-01

ACM Transactions on Embedded Computing Systems

Abstract:Software-based control of life-critical embedded systems has become increasingly complex, and to a large extent has come to determine the safety of the human being. For example, implantable cardiac pacemakers have over 80,000 lines of code which are responsible for maintaining the heart within safe operating limits. As firmware-related recalls accounted for over 41% of the 600,000 devices recalled in the last decade, there is a need for rigorous model-driven design tools to generate verified code from verified software models. To this effect, we have developed the UPP2SF model-translation tool, which facilitates automatic conversion of verified models (in UPPAAL) to models that may be simulated and tested (in Simulink/Stateflow). We describe the translation rules that ensure correct model conversion, applicable to a large class of models. We demonstrate how UPP2SF is used in the model-driven design of a pacemaker whose model is (a) designed and verified in UPPAAL (using timed automata), (b) automatically translated to Stateflow for simulation-based testing, and then (c) automatically generated into modular code for hardware-level integration testing of timing-related errors. In addition, we show how UPP2SF may be used for worst-case execution time estimation early in the design stage. Using UPP2SF, we demonstrate the value of integrated end-to-end modeling, verification, code-generation and testing process for complex software-controlled embedded systems.

Miroslav Pajic,Zhihao Jiang,Insup Lee,Oleg Sokolsky,Rahul Mangharam

DOI: https://doi.org/10.1109/RTAS.2012.25

2012-01-01

Abstract:Model-Driven Design (MDD) of cyber-physical systems advocates for design procedures that start with formal modeling of the real-time system, followed by the model's verification at an early stage. The verified model must then be translated to a more detailed model for simulation-based testing and finally translated into executable code in a physical implementation. As later stages build on the same core model, it is essential that models used earlier in the pipeline are valid approximations of the more detailed models developed downstream. The focus of this effort is on the design and development of a model translation tool, UPP2SF, and how it integrates system modeling, verification, model-based WCET analysis, simulation, code generation and testing into an MDD based framework. UPP2SF facilitates automatic conversion of verified timed automata-based models (in UPPAAL) to models that may be simulated and tested (in Simulink/State flow). We describe the design rules to ensure the conversion is correct, efficient and applicable to a large class of models. We show how the tool enables MDD of an implantable cardiac pacemaker. We demonstrate that UPP2SF preserves behaviors of the pacemaker model from UPPAAL to State flow. The resultant State flow chart is automatically converted into C and tested on a hardware platform for a set of requirements.

Y Zhao,YS Fan,XM Bai,Y Wang,H Cai,W Ding

DOI: https://doi.org/10.1109/cec-east.2004.70

2004-01-01

Abstract:In this paper, a meta-level and highly automated technique that could formally transform UML diagrams for verification is presented. Firstly, the meta-model hierarchical structure of UML is reviewed and the relationships among different UML diagrams are analyzed from different views. An approach for transforming and verifying UML statechart diagrams is developed based on graph transformation. This approach can be used to transform UML diagrams to Petri-nets while preserving dynamic consistency properties. Finally, the approach is validated through a case study.

Shuhao Li,Yukan Hou,Na Li

DOI: https://doi.org/10.1117/12.3011579

2023-12-07

Abstract:SysML (System Modeling Language) has been widely used in the aviation field for the architecture design and the system modeling. However, the modeling of complex systems based on SysML requires significant time and effort. To reduce the workload of SysML modeling and improve the efficiency when designing, a new method is proposed to transform the SysML activity diagrams into the state machine diagrams. First, the activity diagrams and the state machine diagrams are defined. Second, mapping rules to transform the activity diagram elements into the state machine diagram ones are established, based on which the predefined state machine diagram is generated. Third, the diagram is transformed by modifying or adding elements as needed. Finally, the proposed method is demonstrated through a numerical case comes from the aircraft flap control system.

Engineering,Computer Science

Étienne André,Shuang Liu,Yang Liu,Christine Choppy,Jun Sun,Jin Song Dong

DOI: https://doi.org/10.1145/3579821

2024-07-24

Abstract:The Unified Modeling Language (UML) is a standard for modeling dynamic systems. UML behavioral state machines are used for modeling the dynamic behavior of object-oriented designs. The UML specification, maintained by the Object Management Group (OMG), is documented in natural language (in contrast to formal language). The inherent ambiguity of natural languages may introduce inconsistencies in the resulting state machine model. Formalizing UML state machine specification aims at solving the ambiguity problem and at providing a uniform view to software designers and developers. Such a formalization also aims at providing a foundation for automatic verification of UML state machine models, which can help to find software design vulnerabilities at an early stage and reduce the development cost. We provide here a comprehensive survey of existing work from 1997 to 2021 related to formalizing UML state machine semantics for the purpose of conducting model checking at the design stage.

Software Engineering,Logic in Computer Science

Kai Hu,Teng Zhang,Zhibin Yang,Wei-Tek Tsai

DOI: https://doi.org/10.1016/j.sysarc.2015.02.003

2015-01-01

Abstract:hitecture Analysis and Design Language (AADL) is often used to model safety-critical real-time systems. Model transformation is widely used to extract a formal specification so that AADL models can be verified and analyzed by existing tools. Timed Abstract State Machine (TASM) is a formalism not only able to specify behavior and communication but also timing and resource aspects of the system. To verify functional and nonfunctional properties of AADL models, this paper presents a methodology for translating AADL to TASM. Our main contribution is to formally define the translation rules from an adequate subset of AADL (including thread component, port communication, behavior annex and mode change) into TASM. Based on these rules, a tool called AADL2TASM is implemented using Atlas Transformation Language (ATL). Finally, a case study from an actual data processing unit of a satellite is provided to validate the transformation and illustrate the practicality of the approach.

LIU Xiao-jian,LI Zhan-huai

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2008.01.009

2008-01-01

Abstract:UML (Unifying Modeling Language) is a de-facto standard for the design of systems, and has been widely used to specify safety-critical reactive control systems. Incompleteness and inconsistency are two common specification flaws in UML State-machines models. The early checking of these errors is crucial for system development. This paper gives the definitions of completeness and consistency, proposing an approach to checking the completeness and consistency. Our approach firstly transforms State-machines formalism into a clearer and equivalent intermediate format Extended Hierarchical Automata (EHA), and then checks EHA model for these properties. The advantages of EHA allow us to develop an efficient and simple algorithm to check completeness and consistency.

Étienne André,Shuang Liu,Yang Liu,Christine Choppy,Jun Sun,Jin Song Dong

DOI: https://doi.org/10.1145/3579821

IF: 16.6

2023-01-17

ACM Computing Surveys

Abstract:The Unified Modeling Language (UML) is a standard for modeling dynamic systems. UML behavioral state machines are used for modeling the dynamic behavior of object-oriented designs. The UML specification, maintained by the Object Management Group (OMG), is documented in natural language (in contrast to formal language). The inherent ambiguity of natural languages may introduce inconsistencies in the resulting state machine model. Formalizing UML state machine specification aims at solving the ambiguity problem and at providing a uniform view to software designers and developers. Such a formalization also aims at providing a foundation for automatic verification of UML state machine models, which can help to find software design vulnerabilities at an early stage and reduce the development cost. We provide here a comprehensive survey of existing work from 1997 to 2021 related to formalizing UML state machine semantics for the purpose of conducting model checking at the design stage.

computer science, theory & methods

Chen Hai-yan,Dong Wei,Wang Ji,Chen Huo-wang

DOI: https://doi.org/10.1007/bf03160241

2001-01-01

Abstract:Formal verification has been widely needed in the development of safety critical systems. In order to introduce the design verification activity in UML developing process, we have developed a verifier of UML Statecharts by using the model checker SMV. The approach is to transform a system model in UML Statecharts to one in SMV input language via an intermediate language and then to verify the system properties specified in CTL by invoking SMV. The current experiences, including the formal verification of a simplified directory based cache coherence protocol in UML Statecharts, show that automatic verification can be integrated as a new step of the software process nicely.

Xiaomin Wei,Yunwei Dong,Hong Ye

DOI: https://doi.org/10.1109/TASE.2015.10

2015-01-01

Abstract:Quantitative verification is an effective technique for analyzing quantitative aspects of a safety critical system's design, and safety analysis is a significant aspect of safety critical system. However, they are often conducted separately. In this paper, we propose a new methodology, QaSten, fastens quantitative verification to safety analysis for Architecture Analysis and Design Language (AADL) model (including error model). QaSten formalizes a set of rigorous transformation rules that transform AADL model to PRISM model using formal method. In addition, QaSten can generate two safety property formulas automatically to check against the PRISM model for each hazardous state. Therefore, the occurrence probability of hazardous states can be calculated, which can help system designers understand the impact of parameters in the model. Furthermore, combining the probability and the severity of potential consequence of a hazardous state, QaSten determines the hazard risk acceptance level that can help engineers to identify critical hazard and modify or redesign architecture model to control it in an acceptable level. Two case studies, based on the Gas Leakage Alarm systems, are utilized to demonstrate QaSten's feasibility and effectiveness.

Yuqiang Guo,Yingxu Li,Jun Zhao,Hui Zhao,Junxian Guo

DOI: https://doi.org/10.1088/1742-6596/2755/1/012007

2024-05-15

Journal of Physics Conference Series

Abstract:UAFML or UPDM is the language for modeling System of System(SoS) architecture. While SysML is used to model system architecture with solid connections with requirements, multidisciplinary analysis, software development, verification, etc. Many companies export the SoS architecture model into an XMI file or even a Word document to the system-architecture-level design team to perform further development. It will cost more time and may cause information inconsistency in practice. To bridge the gap, studying a more economical way to perform the modeling information exchange is necessary. This paper studied architecture modeling language building and transformation mechanisms and proposed a unified SoSE and SE modeling approach, which will make the most of the architecture model, guarantee the different architecture level model consistency and save cost.

Xinguang Li,Jihong Liu

DOI: https://doi.org/10.3969/j.issn.1003-9775.2016.11.020

2016-01-01

Abstract:Aiming at the problem of weak simulation capability of the system design models described formally in model-based system engineering, by applying the meta-model transformation method, this paper presents a visual method of transforming system design models to executable simulation model based on SysML. According to the characteristics of model transformation, two transformation meta-models, transformation rules and trans-formation activities, are defined abstractly based on SysML and its extension mechanism. The mapping relation-ships between design meta-model and simulation meta-model are established firstly, and then the visual transfor-mation of the system design-simulation models is achieved by instantiating the transformation meta-model to re-duce the complexity of the model transformation. Finally, a case of simple mechanical system is used to verify the feasibility of the proposed method.