Shaobin Liu,Xiaohong Chen,Zhi Jin,Min Zhang

DOI: https://doi.org/10.1109/hpcc-dss-smartcity-dependsys57074.2022.00175

2022-01-01

Abstract:Many safety-critical systems need to meet increasing real-time requirements, which asks for formal inconsistency analysis. However, most of the current formal approaches are unfriendly to domain experts. It is a heavy burden for them to formalize the natural language requirements and use formal methods to analyze the inconsistency. To help the domain experts, in this paper, we define a real-time requirements pattern language, and propose an automated real-time requirements inconsistency analysis approach based on constraint solving. A case study on automotive lighting systems shows the feasibility of our approach.

Xiaohong Chen,Zhi Jin,Min Zhang,Frederic Mallet,Xiaoshan Liu,Tingliang Zhou

DOI: https://doi.org/10.1109/tits.2024.3418864

IF: 8.5

2024-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:Dealing with the ever-growing complexity of railway systems requires scalable approaches for detecting inconsistent safety requirements in practice. Despite significant efforts to automate the requirements consistency detection, current inconsistency analysis techniques of railway safety requirements still suffer from scalability issues. This paper proposes a two-layer approach for detecting inconsistencies in time-related safety requirements of railway systems, integrating two distinct formal methods from a pragmatic perspective. At the SafeNL layer, we employ an SMT-based approach to extract conflict patterns and use them to filter out inconsistent requirements descriptions, thus avoiding the more expensive general use of the SMT-based approach. At the CCSL layer, temporal dependencies in requirements are transformed into causal relations, which are then detected for circular inconsistencies using a graph search technique. Our evaluations demonstrate the utility and scalability of our approach.

Ting Wang,Jun Sun,Xinyu Wang,Yang Liu,Yuanjie Si,Jin Song Dong,Xiaohu Yang,Xiaohong Li

DOI: https://doi.org/10.1109/tse.2014.2359893

IF: 7.4

2014-01-01

IEEE Transactions on Software Engineering

Abstract:Zeno runs, where infinitely many actions occur within finite time, may arise in Timed Automata models. Zeno runs are not feasible in reality and must be pruned during system verification. Thus it is necessary to check whether a run is Zeno or not so as to avoid presenting Zeno runs as counterexamples during model checking. Existing approaches on non-Zenoness checking include either introducing an additional clock in the Timed Automata models or additional accepting states in the zone graphs. In addition, there are approaches proposed for alternative timed modeling languages, which could be generalized to Timed Automata. In this work, we investigate the problem of non-Zenoness checking in the context of model checking LTL properties, not only evaluating and comparing existing approaches but also proposing a new method. To have a systematic evaluation, we develop a software toolkit to support multiple non-Zenoness checking algorithms. The experimental results show the effectiveness of our newly proposed algorithm, and demonstrate the strengths and weaknesses of different approaches.

Xiaohong Chen,Kun Ruan,Zhi Jin,Junhu Li,Lingling Zheng

DOI: https://doi.org/10.1109/isssr58837.2023.00032

2023-01-01

Abstract:Formal methods have demonstrated tremendous potential for verifying requirements consistency, particularly for safety-critical systems. In our previous research, we included environment characteristics in the scope of formal specification verification for embedded systems and proposed a requirement consistency verification method based on an environment model. However, we found that this method was not sufficiently efficient. To address this issue, this paper defines this environment model introduced inconsistency as mutually exclusive inconsistency, based on its representation characteristics, and proposes an efficient static verification approach for embedded systems. We reduce the consistency verification problem to the traversal of a graph. To support the proposed approach, we implement a requirement consistency verification tool, called Env-Consistency, and apply it to industrial cases. To illustrate the advantages of this approach, several sets of comparative experiments are designed, which demonstrates our approach is both effective and efficient.

Chao Wu,Zhong Hua Huang,Yu Ting Yang,Yue Liu

DOI: https://doi.org/10.1088/1742-6596/1756/1/012002

2021-01-01

Journal of Physics: Conference Series

Abstract:Abstract In the iterative process of the update of the information service system, the continuous improvement of the system is restricted due to problems such as non-standard, incomplete, and strong ambiguity in the description of requirements. It makes it difficult to verify the consistency and integrity of requirements. In this paper, we focus on the huge requirements of complex information service system, and propose research on requirement itemized extraction and structured description technology based on natural language processing and requirement item keyword extraction and standardized expression technology. The library management system is used as the verification object to verify the effectiveness of the method proposed in this paper.

Yuhong Zhao,Franz J. Rammig

DOI: https://doi.org/10.1109/isorc.2012.28

2012-01-01

Abstract:This paper presents a lightweight verification technique, which is applicable to dependable real-time systems, provided that the (abstract) model and the (concrete) implementation of the system under test are given in advance. In addition to the usual quality assurance techniques at design time (e.g., formal verification) and at implementation time (e.g., testing), we provide a special form of model checking at run time. That is, we check the correctness of an actual system execution by means of exploring a partial model space covering the current execution trace. In doing so, concrete state information is observed from time to time while the system to be checked is running. This runtime information is used to guide model checking to reduce the model space to be explored. In this sense, we call this method online model checking. Since we do not directly check the execution trace itself, our online checking at model level is capable of checking a running system some steps ahead of the actual state of execution. In this paper, we describe online model checking as well as the underlying system architecture in general, explain the basic algorithm and its extension to improve performance, and provide experimental results.

XF Zhu,Z Jin

DOI: https://doi.org/10.1109/cit.2005.96

2005-01-01

Abstract:Management of requirements inconsistency is key to the development of complex trustworthy software system, and precise measurement is precondition for the management of requirements inconsistency properly. But at present, although there are a lot of work on the detection of requirements inconsistency, most of them are limited in treating requirements inconsistency according to heuristic rules, we still lacks of promising method for handling requirements inconsistency properly.Based on an abstract requirements refinement process model, this paper takes domain ontology as infrastructure for the refinement of software requirements, the aim of which is to get requirements descriptions that are comparable. Thus we can measure requirements inconsistency based on tangent plane of requirements refinement tree, after we have detected inconsistent relations of leaf nodes at semantic level.

Kexin WANG,Zhijiang SHAO,T.Biegler Lorenz

DOI: https://doi.org/10.3969/j.issn.0438-1157.2013.12.023

2013-01-01

Abstract:Simulation and optimization based on equation-oriented models benefit the most from advanced modeling and optimization methods. However, linearly dependent and inconsistent constraints that arise from poor models or nonlinear programming(NLP) algorithms result in failure in practice. A method to detect the inconsistent constraints in this case is proposed. The detection is based on the infeasible system identification of NLP solvers and takes advantage of the structure of linearly dependent systems. Efficiency of the detection process can be improved significantly through proper linear solver invocations. Numerical experiments on examples derived from CUTE and COPS test sets demonstrate the effectiveness of the proposed method. © All Rights Reserved.

Xiaohong Chen,Zhiwei Zhong,Zhi Jin,Min Zhang,Tong Li,Xiang Chen,Tingliang Zhou

DOI: https://doi.org/10.1109/re.2019.00040

2019-01-01

Abstract:Consistency verification of safety requirements is an important but still challenging task for safety-critical systems such as rail transit systems. That is mainly because requirements are typically written in natural language and with strong time constraints. Driven by the practical need from industry, in this paper we propose a systematic approach to specify safety requirements in a quasi-natural language and automatically verify their consistency using formal methods. Specifically, we define a domain specific language SafeNL to specify safety requirements, and then automatically transform them into formal constraints defined in the Clock Constraint Specification Language (CCSL). The transformed constraints can be automatically and efficiently verified by model checking. We conduct two practical case studies to analyze the safety requirements of an interlocking system in CASCO Signal Ltd. Results of the studies show the validity and utility of our approach can pragmatically contribute to industrial practice. We also report some lessons learned from case studies.

Xiaohong Chen,Juan Zhang,Zhi Jin,Min Zhang,Tong Li,Xiang Chen,Tingliang Zhou

DOI: https://doi.org/10.1109/tits.2023.3324022

IF: 8.5

2023-12-05

IEEE Transactions on Intelligent Transportation Systems

Abstract:Consistency verification of safety requirements is crucial for the success of safety-critical systems, particularly railway systems. However, this task often requires significant time spent on interaction and communication between domain experts, who possess in-depth knowledge of safety requirements in a specific domain, and formal experts, who have the necessary skills to apply verification tools and techniques. To enhance time efficiency and productivity, we propose an approach to empower domain experts with formal methods for verifying safety requirements' consistency. This involves transforming natural requirements into formal models and using formal methods for verification. The approach also localizes inconsistent requirements to provide feedback to domain experts. Communication between domain experts and formal experts can be facilitated through the pattern language SafeNL. By adopting this approach, domain experts can utilize formal verification without extensive consultation with formal experts. Two practical case studies with CASCO Signal Ltd. validate its effectiveness, practicality, as well as a significant reduction of time compared to traditional methods (at least 90% reduction). This reduction in time is primarily due to reduced communication needs and more efficient localization. Evaluations show that SafeNL is user-friendly and the approach performs well in modular systems while scalability is somewhat limited.

engineering, electrical & electronic,transportation science & technology, civil

Ming Zhang,Zonghua Gu,Hong Li,Nenggan Zheng

DOI: https://doi.org/10.1109/access.2018.2852805

IF: 3.9

2018-01-01

IEEE Access

Abstract:Safety-critical embedded systems in application domains, such as aerospace, automotive, and industrial automation, must satisfy dual requirements of fault-tolerance and real-time predictability. Control flow checking is an effective technique for improving embedded systems’ reliability by online monitoring and checking of software control flow to detect runtime deviations from the control flow graph. However, inserting instrumentation code in every basic block incurs significant execution time overhead, which may cause the program to violate its timing constraints. In this paper, we propose to selectively instrument a subset of code regions that are larger than basic blocks, called super-nodes, in order to make the program partially resilient to control flow errors while keeping the program worst-case execution time (WCET) below a given upper bound. WCET analysis is invoked to estimate the program WCET and to identify the corresponding worst-case execution path (WCEP). An ILP formulation is used to judiciously select a subset of super-nodes on the WCEP for instrumentation, so that the best fault detection coverage is achieved without violating the given WCET upper bound. The optimization is repeated for each identified WCEP until the program WCET satisfies the WCET upper bound. Experimental results demonstrate significant improvements of fault detection coverage compared with related work.

HU Jun,YU Xiao-Feng,ZHANG Yan,LI Xuan-Dong,ZHENG Guo-Liang

DOI: https://doi.org/10.1360/jos170048

2006-01-01

Journal of Software

Abstract:For real-time software systems, this paper considers the problem of checking component-based designs for timing scenario-based specifications, which is one of the challenges in real-time computing domain. Firstly the timing scenario-based specifications are specified by UML sequence diagrams with a set of boolean expressions, then the interface automata for modeling real time systems through adding time intervals on the actions is extened. The component-based designs are modeled by a real-time interface automaton network which contains a set of real-time interface automata synchronized by shared actions. Based on analyzing the compatible integer state space of a real-time interface automata network, a corresponding reachability graph is constructed and finally an algorithm for checking the consistency between the real-time component-based designs and the timing scenario-based specifications is developed.

Xiaoying Bai,Ming Wang,Hao Lu,Weitek Tsai

2012-01-01

Abstract:A systematic approach for modeling and verifying timing constraints was developed to ensure timing constraints in the real-time systems. The approach defines the basic time concepts and gives a timing constraint model based on the simple temporal problem-improved (STP-I) method. A verification algorithm is given for consistence checking of the constraint graph model using a constraint resolver. A transformation mechanism is also given to transform complex timing constraints to basic expressions. A case study of a real-time data process unit (DPU) system illustrates the approach. This approach gives a more systematic analysis of typical fault models for real-time systems than existing designs, hence it can model the constraints more accurately using the concepts of time points and time intervals that facilitate effective time defect detection.

Lian Yu,Shuang Su,Shan Luo,Yu Su

DOI: https://doi.org/10.1109/TASE.2008.46

2008-01-01

Abstract:For many event-driven systems, the completeness and consistency (C&C) are the most important characteristics of those software requirements. This paper presents a systematic approach to perform C&C analysis on the requirements, and an intelligent approach to correcting the inconsistencies identified. A formal scenario model is used to represent requirements such that scenario elements of condition guards, events and actions can be extracted automatically. Condition guards associated with a same event are constructed into a tree on which to perform completeness analysis and supplement missing specification. Consistency analysis focuses on three types of inconsistencies and is performed according to the intra-relations among condition guards and inter-relations with actions. An algorithm of inconsistent correction is proposed to guide eliminating the inconsistency identified interactively. Finally, we provide an example of car-alarm system to illustrate the proposed process and techniques.

Xiaohong Chen,Ling Yin,Yijun Yu,Zhi Jin

DOI: https://doi.org/10.1007/978-3-319-68690-5_4

2017-01-01

Abstract:The timing requirements of embedded cyber-physical systems (CPS) constrain CPS behaviors made by scheduling analysis. Lack of physical entity properties modeling and the need of scheduling analysis require a systematic approach to specify timing requirements of CPS at the early phase of requirements engineering. In this work, we extend the Problem Frames notations to capture timing properties of both cyber and physical domain entities into Clock Constraint Specification Language (CCSL) constraints which is more explicit that LTL for scheduling analysis. Interpreting them using operational semantics as finite state machines, we are able to transform these timing requirements into CCSL scheduling constraints, and verify their consistency on NuSMV. Our TimePF tool-supported approach is illustrated through the verification of timing requirements for a representative problem in embedded CPS.

Huihui Zhang,Tao Yue,Shaukat Ali,Ji Wu,Chao Liu

DOI: https://doi.org/10.1109/mise.2017.9

2017-01-01

Abstract:Time-related properties are a critical type of extra-functional requirements for designing real-time systems. Modeling and validating time-related properties at the requirements specification and analysis phases is important for the successful development of real-time systems in terms of cost, quality and productivity. In the literature and practice, timing analyses (e.g., Worst Case Execution Time) are often performed to ensure that the design of a real-time system fully conforms to its time-related constraints. However, such analyses are mostly performed at the design and implementation stages, but not at the requirements level. This paper presents a restricted, natural language based, use case modeling methodology (named as RUCM4RT) to specify functional requirements of real-time systems as use case models, along with associated time-related constraints. RUCM4RT was proposed based on the UML profile for Modeling and Analysis of Real-Time and Embedded Systems (MARTE). In addition, in this paper, we also propose a metamodel-based formalization mechanism named as UCMeta4RT to automatically formalize use case models. We have conducted two real-world case studies to evaluate our solution and 40 use cases were modeled, among which 27 real-time use cases, 118 time-related constraints and 47 other extra-functional (also commonly called non-functional) constraints were specified. Results show that RUCM4RT was able to handle all the real-time related elements (e.g., time-related constraints) of the use case models.

Cong Sun,Liyong Tang,Zhong Chen

DOI: https://doi.org/10.1109/ITNG.2011.63

2011-01-01

Abstract:The reactive computational model is pervasively used as a proper abstraction of web-based applications which receive inputs and generate outputs throughout execution. The present static enforcements of information flow security on reactive program are either based on type system or abstract interpretation. In this work we first propose an approach using automated verification to check conformance with information flow policy for reactive program. This approach utilizes our previous idea to incorporate self-composition with reach ability analysis. In order to reduce the state space of model, we propose the Store-Match Self-Composition (SMSC) to avoid duplicating the low channels. The result of preliminary experiments shows that our approach is more precise and efficient than existing work and also more efficient than our previous reach ability analysis.

Niklas Kochdumper,Stanley Bak

2024-04-08

Abstract:While reachability analysis is one of the most promising approaches for formal verification of dynamic systems, a major disadvantage preventing a more widespread application is the requirement to manually tune algorithm parameters such as the time step size. Manual tuning is especially problematic if one aims to verify that the system satisfies complicated specifications described by signal temporal logic formulas since the effect the tightness of the reachable set has on the satisfaction of the specification is often non-trivial to see for humans. We address this problem with a fully-automated verifier for linear systems, which automatically refines all parameters for reachability analysis until it can either prove or disprove that the system satisfies a signal temporal logic formula for all initial states and all uncertain inputs. Our verifier combines reachset temporal logic with dependency preservation to obtain a model checking approach whose over-approximation error converges to zero for adequately tuned parameters. While we in this work focus on linear systems for simplicity, the general concept we present can equivalently be applied for nonlinear and hybrid systems.

Logic in Computer Science,Systems and Control,Dynamical Systems

André Matos Pedro,Tomás Silva,Tiago Sequeira,João Lourenço,João Costa Seco,Carla Ferreira

DOI: https://doi.org/10.1007/s10009-024-00740-7

2024-02-23

International Journal on Software Tools for Technology Transfer

Abstract:The automotive industry is increasingly dependent on computing systems with different critical requirements. The verification and validation methods for these systems are now leveraging complex AI methods, for which the decision algorithms introduce non-determinism, especially in autonomous driving. This paper presents a runtime verification technique agnostic to the target system, which focuses on monitoring spatio-temporal properties that abstract the evolution of objects' behavior in their spatial and temporal flow. First, a formalization of three known traffic rules (from the Vienna convention on road traffic) is presented, where a spatio-temporal logic fragment is used. Then, these logical expressions are translated to a monitoring model written in first-order logic, where they are processed by a non-linear satisfiability solver. Finally, the translation allows the solver to check the validity of the encoded properties according to an instance of a specific traffic scenario (a trace). The results obtained from our tool, which automatically generates a monitor from a formula, show that our approach is feasible for online monitoring in a real-world environment.

computer science, software engineering

Ying XIONG,Wen-hui FAN,Guang-leng XIONG

DOI: https://doi.org/10.3969/j.issn.1000-3428.2009.20.008

2009-01-01

Abstract:An approach of distributed conflict detection supporting concurrent design is proposed.The distributed conflict detection system is designed and developed.The system which is based on consistent interval solving algorithm of constraint networks can detect conflicts in product design process effectively by computing feasible intervals of design parameters in constraint networks.The B/S architecture is adopted in the system,which can support design work of geographically distributed teams.An application of the approach in the engineering design of the bogie is introduced to show the validity.