SlideShare a Scribd company logo

OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL

Lionel Briand
Lionel Briand
Software
1 of 87
Download to read offline
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg SsoftwareV verificVation & va.lidlaution
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg SsoftwareV verificVation & va.lidlaution
CONTEXT
CTIE Centre des Technologies de l'Information de l'Etat
Model-driven Run-time Verification of eGovernment Business Processes
Specification
TEMPORAL PROPERTIES
Temporal Properties “If the registration at the conference is successful, Order then a confirmation email will be sent out.” 8
Temporal Properties “The registration reminder will be sent at least twice before the conference registration is closed.” Number of Occurrences 9
TEMPORAL LOGICS
Temporal Logics LTL CTL MTL ITL MITL … 11
Temporal Logics Practitioners Limited Tool Support Background in Formal Methods 12
Model-driven Engineering
MDE PERSPECTIVE
OCL
How to support temporal properties with OCL ? 16
STATE OF THE ART
State Of The Art Features: Timestamped event always, sometime Real-time deadline, timeout 18 FME 2003
Features: Past- and future-time Time bounds 19 SEFM 2004 State Of The Art
State Of The Art Features: Linear Temporal Logic Dwyer’s Pattern System Timeout 20 ECEASST 2008
21 Features: Linear Temporal Logic Dwyer’s Pattern System Bounded existence SLE 2012 State Of The Art
What is missing?
Specific occurrence of an event “A password reset email will be sent to the user after the third incorrect login attempt” 23
Time distance from a boundary “A speaker should be ready at most 10 minutes after the second keynote.” 24
(No) Tool support
OUR PROPOSAL
OCLR An Expressive, Pattern-Based Temporal Extension of OCL 27
Dwyer’s Pattern System Patterns in Property Specifications for Finite-State Verification* Matthew B. Dwyer George S. Avrunin James C. Corbett Kansas State University University of Massachusetts University of Hawai'i Department of Computing Department of Mathematics Department of Information and Information Sciences and Statistics and Computer Science Manhattan, KS 66506-2302 Amherst, MA 01003-4515 Honolulu, HI 96822 +1 785 532 6350 +1 808 956 6107 +1 413 545 4251 dwyer@cis.ksu.edu avrunin@mat h. umass. edu corbett @hawaii.edu ABSTRACT Model checkers and other finite-state verification tools allow developers to detect certain kinds of errors au-tomatically. Nevertheless, the transition of this tech-nology from research to practice has been slow. While there are a number of potential causes for reluctance to adopt such formal methods, we believe that a primary cause is that practitioners are unfamiliar with specifi-cation processes, notations, and strategies. In a recent paper, we proposed a pattern-based approach to the presentation, codification and reuse of property specifi-cations for finite-state verification. Since then, we have carried out a survey of available specifications, collect-ing over 500 examples of property specifications. We found that most are instances of our proposed patterns. Furthermore, we have updated our pattern system to accommodate new patterns and variations of existing patterns encountered in this survey. This paper reports the results of the survey and the current status of our pattern system. Keywords Patterns, finitestate verification, formal specification, concurrent systems 1 INTRODUCTION Although formal specification and verification methods offer practitioners some significant advantages over the current state-of-the-practice, they have not been widely adopted. Partly this is due to a lack of definitive ev-idence in support of the cost-saving benefits of formal methods, but a number of more pragmatic barriers to adoption of formal methods have been identified [22], including the lack of such things as good tool support, appropriate expertise, good training materials, and pro- 'This work was partially supported by NSF grants CCR- 9407182, CCR-9633388, CCR-9703094, and CCR-9708184 and by NASA grant NAG-02-1209. Permission to make digilal or hard copies of all or part ol'this work tbr personal or classroom usc is granted without fee provided that copies are ,lot lnade or distributed fflr profit or coinmercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, 10 republish, to post on servers or to redistribule to lists. requires prior specific permission andior a fee. LCSE '99 Los Angeles CA Copyn'ght ACM 1999 1-581 13-074-0/99/05 ... $5.00 cess support for formal methods. We believe that the recent availability of tool support for finite-state verification provides an opportunity to overcome some of these barriers. Finite-state verifica-tion refers to a set of techniques for proving properties of finite-state models of computer systems. Properties are typically specified with temporal logics or regular expressions, while systems are specified as finite-state transition systems of some kind. Tool support is avail-able for a variety of verification techniques including, for example, techniques based on model checking [19], bisimulation [4], language containment [14], flow anal-ysis [lo], and inequality necessary conditions [l]. In contrast to mechanical theorem proving, which often requires guidance by an expert, most finite-state verifi-cation techniques can be fully automated, relieving the user of the need to understand the inner workings of the verification process. Finite-state verification techniques are especially critical in the development of concurrent systems, where non-deterministic behavior makes test-ing especially problematic. Despite the automation, users of finite-state verification tools still must be able to specify the system require-ments in the specification language of the tool. This is more challenging than it might at first appear. For example, consider the following requirement for an ele-vator: Between the time an elevator is called at a poor and the time at opens its doors at that floor, the ele-vator can arrive at that floor at most twice. To verify this property with a linear temporal logic (LTL) model checker, a developer would have to translate this infor-mal requirement into the following LTL formula: D((cal1 A Oopen) + ((Tatfloor A lopen) U (open V ((atfloor A lopen) U (open V ((Tatfloor A Yopen) U (open V ((atfloor A Topen) U (open v (Tatfloor U OPe.)))))))))) Not only is this formula difficult to read and understand, it is even more difficult to write correctly without some expertise in the idioms of the specification language. 41 1 28
Dwyer’s Pattern System Pattern 29 Scope
30 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
31 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
32 {Before Dwyer’s Pattern System Globally After Between-and After-until Scope
33 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
Between-and vs. After-until Q P P Q Q P Q P Q P P Q Q Q P 34 P
Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 35
Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 36
Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 37
Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 38
OCLR
grammar [11]. An hOCLR blocki comprises a set of conjuncted hTemporalClausesi beginning with the keyword ‘temporal’. Each temporal clause contains a tempo-ral expression that consists of a hscopei and a hpatterni; the scope specifies the time slot(s) during which the property described by the pattern should hold. OCLR Syntax Excerpt hOCLRBlocki ::= ‘temporal’ hTemporalClausei+ hTemporalClausei ::= [hsimpleNameCSi] ‘:’ [hQuantif i] hTemporalExpi hQuantif i ::= ‘let’ hVariableDeclarationCSi ‘in’ hTemporalExpi ::= hScopei hPatterni hScopei ::= ‘globally’ | ‘before’ hBoundary1 i | ‘after’ hBoundary1 i | ‘between’ hBoundary2 i ‘and’ hBoundary2 i | ‘after’ hBoundary2 i ‘until’ hBoundary2 i hPatterni ::= ‘always’ hEventi | ‘eventually’ hRepeatableEventExpi | ‘never’ [‘exactly’ hIntegerLiteratureExpCSi] hEventi | hEventChainExpi ‘preceding’ [hTimeDistanceExpi] hEventChainExpi | hEventChainExpi ‘responding’ [hTimeDistanceExpi] hEventChainExpi hBoundary1 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [hTimeDistanceExpi] hBoundary2 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [‘at least’ IntegerLiteratureExpCS ‘tu’] hEventChainExpi ::= hEventi (‘,’ [‘#’ hTimeDistanceExpi] hEventi)* hTimeDistanceExpi ::= hComparingOpi hIntegerLiteratureExpCSi ‘tu’ hRepeatableEventExpi ::= [hComparingOpi hIntegerLiteratureExpCSi] hEventi hComparingOpi ::= ‘at least’ | ‘at most’ | ‘exactly’ hEventi ::= (hSimpleEventi | hComplexEventi) [‘|’ Event] hComplexEventi ::= ‘isCalled’ ‘(’ ‘anyOp’ [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] 40 ‘)’ [‘’ hEventi] hSimpleEventi ::= hSimpleCallEventi | hSimpleChangeEventi
hEventChainExpi hBoundary1 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [hTimeDistanceExpi] hBoundary2 i OCLR ::= [hIntegerLiteratureExpCSi] [‘at least’ - <IntegerLiteratureExpCS Event> hSimpleEventi ‘tu’] hEventChainExpi ::= hEventi (‘,’ [‘#’ hTimeDistanceExpi] hEventi)* hTimeDistanceExpi ::= hComparingOpi hIntegerLiteratureExpCSi ‘tu’ hRepeatableEventExpi ::= [hComparingOpi hIntegerLiteratureExpCSi] hEventi hComparingOpi ::= ‘at least’ | ‘at most’ | ‘exactly’ hEventi ::= (hSimpleEventi | hComplexEventi) [‘|’ Event] hComplexEventi ::= ‘isCalled’ ‘(’ ‘anyOp’ [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] ‘)’ [‘’ hEventi] hSimpleEventi ::= hSimpleCallEventi | hSimpleChangeEventi hSimpleChangeEventi ::= ‘becomesTrue’ ‘(’ hOCLExpressionCSi ‘)’ hSimpleCallEventi ::= ‘isCalled’ ‘(’ hOperationCallExpCSi [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] ‘)’ Fig. 1. Grammar of OCLR 41
OCLR - <SimpleEvent> <SimpleEvent> ::= <SimpleCallEvent> | <SimpleChangeEvent> 42
OCLR - <SimpleCallEvent> isCalled(P) isCalled(P, pre: N=0, post: N=1) 43
OCLR - <SimpleChangeEvent> becomesTrue(N=1) equivalent to isCalled(anyOp, N != 1, N = 1) 44
OCLR - <Event> Additional support for: • Disjunction • Exclusion • Negation
OCLR - <TemporalExp> <TemporalExp> ::= <Scope> <Pattern> 46
OCLR - <Scope> <Scope> ::= ‘globally’ | ‘before’ <Boundary1> | ‘after’ <Boundary1> | ‘between’ <Boundary2> ‘and’ <Boundary2> | ‘after’ <Boundary2> ‘until’ <Boundary2> <Boundary1> ::= [<Int>] <SimpleEvent> [<TimeDistanceExp>] <Boundary2> ::= [<Int>] <simpleEvent> [‘at least’ <Int> tu] 47
OCLR - Globally globally Q P P Q Q P Q P 48
OCLR - Before before isCalled(P) Q P P Q Q P Q P 49
OCLR - Before before 3 isCalled(P) Q P P Q Q P Q P 50
Distance from scope boundaries ‘before’ [<Int>] <SimpleEvent> [<TimeDistanceExp>] <TimeDistanceExp> ::= (‘at least’|‘at most’|’exactly’) <Int> tu 51
OCLR - Before before 3 isCalled(P) at least 2 tu Q P P Q Q P Q P 52 2 time units
OCLR - Before before 3 isCalled(P) at most 2 tu Q P P Q Q P Q P 53 2 time units
OCLR - Before before 3 isCalled(P) exactly 2 tu Q P P Q Q P Q P 54 2 time units
OCLR - After ‘after’ [<Int>] <SimpleEvent> [<TimeDistanceExp>] 55
OCLR - Between-and 56
OCLR - Between-and between isCalled(P) and isCalled(Q) Q P P Q Q P Q P 57
OCLR - Between-and between isCalled(P) at least 1 tu and isCalled(Q) at least 1 tu Q P P Q Q P Q P 1 time unit 1 time unit 58
OCLR - Between-and between 2 isCalled(P) at least 1 tu and 2 isCalled(Q) at least 1 tu Q P P Q Q P Q P 1 time unit 1 time unit 59
OCLR - After-until ‘after’ [<Int>] <SimpleEvent> [‘at least’ <Int> tu] ‘until’ [<Int>] <SimpleEvent> [‘at least’ <Int> tu] 60
OCLR - <Pattern> <Pattern> ::= ‘always’ <Event> | ‘eventually’ <RepeatableEventExp> | ‘never’ [‘exactly’ <Int>] <Event> | <EventChainExp> ‘preceding’ [<TimeDistanceExp>] <EventChainExp> | <EventChainExp> ‘responding’ [<TimeDistanceExp>] <EventChainExp> 61 <RepeatableEventExp> ::= [(‘at least’ | ‘at most’ | ‘exactly’) <Int>] <Event> <EventChainExp> ::= <Event> (‘,’ [‘#’ <TimeDistanceExp>] <Event>)*
OCLR - Universality always isCalled(R) R R R R { } 62
OCLR - Existence eventually exactly 2 R eventually at most 2 R eventually at least 2 R eventually R P R R S { } R 63
OCLR - Absence ‘never’ [‘exactly’ <Int>] <Event> 64
OCLR - Response “If P happens, then Q will happen.” isCalled(Q) responding isCalled(P) P Q S R { } S S 65
OCLR - Response “If P happens, within 2 time units, then Q will happen.” Q responding at most 2 tu P P Q S R { } S 66 S 2 time units
OCLR - Response “If P happens, within 2 time units, then Q will happen followed by R, but the distance between Q and R should be more than 5 time units ” isCalled(Q), # at least 5 tu isCalled(R) responding at most 2 tu isCalled(P) P Q S R { } S 67 S 2 time units 5 time units
OCLR - Precedence <EventChainExp> ‘preceding’ [<TimeDistanceExp>] <EventChainExp> 68
CASE STUDY
Identity Card Management Enrollment CTIE Agent/MFA Ministry of Foreign Affairs Applicant Enroll a new application Refuse application [reject] Request [accept] Apporve Production application Send production request Resolve incident [technique incident] Finish production Send card to MFA Receive card [expired] [incident] Lose card (lost/stolen) Send card to applicant Set card state to "Cancelled" Set card state to "claimed" Send card return letter Send card to applicant Change card state to "In circulation" [withdraw] [expired] [renew] Return card Request residence certificate [renounce] Acknowledge card return Set card state to "Expired" Send card to production Generate residence certificate Destroy card [for diplomats] Request more info. [pend] Renew a card Set card state to "Lost/Stolen" Delivery Expiration Loss 70
47 temporal properties analyzed and translated into OCLR 71
Request “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” (Before + Response) 72
Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 73
Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 74
Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 75
Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 76
Expiration “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” (After-until + Existence) 77
Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 78
Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 79
Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 80
OCLR
NEXT STEPS…
Design time Meta Requirement Specifications Analyst Vision Use Case Process Model Data Model Properties Run time OCLR OCL templates :Process model Instantiator RNL Translate into :OCL constraints Comply Observer OCL Checker + :Conceptual model Conceptual model --------------------------- Process Model Data Model Type of properties Generated by Map to Annotated-with Platforms Data Collector Revisiting model-driven engineering for run-time verification of business processes. In Proceedings of the 8th System Analysis and Modeling Conference (SAM 2014) 83
Off-line trace checking • Trace Model and OCLR meta-model • Translation from OCLR to OCL • OCLR expressions check with Eclipse OCL • Preliminary evaluation
SUMMARY
OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg wei.dou@uni.lu SsoftwareV verificVation & va.lidlaution

Recommended

Scalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingScalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingLionel Briand
 
Keynote SBST 2014 - Search-Based Testing
Keynote SBST 2014 - Search-Based TestingKeynote SBST 2014 - Search-Based Testing
Keynote SBST 2014 - Search-Based TestingLionel Briand
 
Research-Based Innovation with Industry: Project Experience and Lessons Learned
Research-Based Innovation with Industry: Project Experience and Lessons LearnedResearch-Based Innovation with Industry: Project Experience and Lessons Learned
Research-Based Innovation with Industry: Project Experience and Lessons LearnedLionel Briand
 
Testing Machine Learning-enabled Systems: A Personal Perspective
Testing Machine Learning-enabled Systems: A Personal PerspectiveTesting Machine Learning-enabled Systems: A Personal Perspective
Testing Machine Learning-enabled Systems: A Personal PerspectiveLionel Briand
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Lionel Briand
 
Supporting Change in Product Lines within the Context of Use Case-driven Deve...
Supporting Change in Product Lines within the Context of Use Case-driven Deve...Supporting Change in Product Lines within the Context of Use Case-driven Deve...
Supporting Change in Product Lines within the Context of Use Case-driven Deve...Lionel Briand
 
Can we predict the quality of spectrum-based fault localization?
Can we predict the quality of spectrum-based fault localization?Can we predict the quality of spectrum-based fault localization?
Can we predict the quality of spectrum-based fault localization?Lionel Briand
 

Recommended

Scalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingScalable and Cost-Effective Model-Based Software Verification and Testing
Scalable and Cost-Effective Model-Based Software Verification and TestingLionel Briand
 
Keynote SBST 2014 - Search-Based Testing
Keynote SBST 2014 - Search-Based TestingKeynote SBST 2014 - Search-Based Testing
Keynote SBST 2014 - Search-Based TestingLionel Briand
 
Research-Based Innovation with Industry: Project Experience and Lessons Learned
Research-Based Innovation with Industry: Project Experience and Lessons LearnedResearch-Based Innovation with Industry: Project Experience and Lessons Learned
Research-Based Innovation with Industry: Project Experience and Lessons LearnedLionel Briand
 
Testing Machine Learning-enabled Systems: A Personal Perspective
Testing Machine Learning-enabled Systems: A Personal PerspectiveTesting Machine Learning-enabled Systems: A Personal Perspective
Testing Machine Learning-enabled Systems: A Personal PerspectiveLionel Briand
 
Automated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsAutomated Inference of Access Control Policies for Web Applications
Automated Inference of Access Control Policies for Web ApplicationsLionel Briand
 
Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Scalable Software Testing and Verification of Non-Functional Properties throu...
Scalable Software Testing and Verification of Non-Functional Properties throu...Lionel Briand
 
Supporting Change in Product Lines within the Context of Use Case-driven Deve...
Supporting Change in Product Lines within the Context of Use Case-driven Deve...Supporting Change in Product Lines within the Context of Use Case-driven Deve...
Supporting Change in Product Lines within the Context of Use Case-driven Deve...Lionel Briand
 
Can we predict the quality of spectrum-based fault localization?
Can we predict the quality of spectrum-based fault localization?Can we predict the quality of spectrum-based fault localization?
Can we predict the quality of spectrum-based fault localization?Lionel Briand
 
Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsLionel Briand
 
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...Lionel Briand
 
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control PoliciesModel-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control PoliciesLionel Briand
 
Enabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial IntelligenceEnabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial IntelligenceLionel Briand
 
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...Lionel Briand
 
Functional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical SystemsFunctional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical SystemsLionel Briand
 
Testing of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesTesting of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesLionel Briand
 
Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsLionel Briand
 
Artificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software TestingArtificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software TestingLionel Briand
 
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...Lionel Briand
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Lionel Briand
 
A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...Lionel Briand
 
Metamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web SystemsMetamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web SystemsLionel Briand
 
SSBSE 2020 keynote
SSBSE 2020 keynoteSSBSE 2020 keynote
SSBSE 2020 keynoteShiva Nejati
 
AI in SE: A 25-year Journey
AI in SE: A 25-year JourneyAI in SE: A 25-year Journey
AI in SE: A 25-year JourneyLionel Briand
 
Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)SungdoGu
 
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...Lionel Briand
 
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...Lionel Briand
 
Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...Lionel Briand
 
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...Lionel Briand
 
2453
24532453
2453lebarka
 
On the quality of service of crash recovery
On the quality of service of crash recoveryOn the quality of service of crash recovery
On the quality of service of crash recoveryingenioustech
 

More Related Content

What's hot

Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsLionel Briand
 
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...Lionel Briand
 
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control PoliciesModel-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control PoliciesLionel Briand
 
Enabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial IntelligenceEnabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial IntelligenceLionel Briand
 
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...Lionel Briand
 
Functional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical SystemsFunctional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical SystemsLionel Briand
 
Testing of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesTesting of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesLionel Briand
 
Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsLionel Briand
 
Artificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software TestingArtificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software TestingLionel Briand
 
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...Lionel Briand
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Lionel Briand
 
A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...Lionel Briand
 
Metamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web SystemsMetamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web SystemsLionel Briand
 
SSBSE 2020 keynote
SSBSE 2020 keynoteSSBSE 2020 keynote
SSBSE 2020 keynoteShiva Nejati
 
AI in SE: A 25-year Journey
AI in SE: A 25-year JourneyAI in SE: A 25-year Journey
AI in SE: A 25-year JourneyLionel Briand
 
Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)SungdoGu
 
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...Lionel Briand
 
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...Lionel Briand
 
Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...Lionel Briand
 
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...Lionel Briand
 

What's hot (20)

Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance Systems
 
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
Evaluating Model Testing and Model Checking for Finding Requirements Violatio...
 
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control PoliciesModel-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
Model-Driven Run-Time Enforcement of Complex Role-Based Access Control Policies
 
Enabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial IntelligenceEnabling Automated Software Testing with Artificial Intelligence
Enabling Automated Software Testing with Artificial Intelligence
 
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
AN EMPIRICAL STUDY ON THE POTENTIAL USEFULNESS OF DOMAIN MODELS FOR COMPLETEN...
 
Functional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical SystemsFunctional Safety in ML-based Cyber-Physical Systems
Functional Safety in ML-based Cyber-Physical Systems
 
Testing of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven StrategiesTesting of Cyber-Physical Systems: Diversity-driven Strategies
Testing of Cyber-Physical Systems: Diversity-driven Strategies
 
Automated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance SystemsAutomated Testing of Autonomous Driving Assistance Systems
Automated Testing of Autonomous Driving Assistance Systems
 
Artificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software TestingArtificial Intelligence for Automated Software Testing
Artificial Intelligence for Automated Software Testing
 
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
HITECS: A UML Profile and Analysis Framework for Hardware-in-the-Loop Testing...
 
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
Analyzing Natural-Language Requirements: The Not-too-sexy and Yet Curiously D...
 
A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...A practical guide for using Statistical Tests to assess Randomized Algorithms...
A practical guide for using Statistical Tests to assess Randomized Algorithms...
 
Metamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web SystemsMetamorphic Security Testing for Web Systems
Metamorphic Security Testing for Web Systems
 
SSBSE 2020 keynote
SSBSE 2020 keynoteSSBSE 2020 keynote
SSBSE 2020 keynote
 
AI in SE: A 25-year Journey
AI in SE: A 25-year JourneyAI in SE: A 25-year Journey
AI in SE: A 25-year Journey
 
Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)Feature Selection Techniques for Software Fault Prediction (Summary)
Feature Selection Techniques for Software Fault Prediction (Summary)
 
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
Testing Autonomous Cars for Feature Interaction Failures using Many-Objective...
 
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
A Search-based Testing Approach for XML Injection Vulnerabilities in Web Appl...
 
Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...Automating System Test Case Classification and Prioritization for Use Case-Dr...
Automating System Test Case Classification and Prioritization for Use Case-Dr...
 
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
Comparing Offline and Online Testing of Deep Neural Networks: An Autonomous C...
 

Similar to OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL

On the quality of service of crash recovery
On the quality of service of crash recoveryOn the quality of service of crash recovery
On the quality of service of crash recoveryingenioustech
 
Test design techniques
Test design techniquesTest design techniques
Test design techniquesYAObbiIkhsan
 
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Lionel Briand
 
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...Paulo Pinheiro
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationVLSICS Design
 
FACS2017-Presentation.pdf
FACS2017-Presentation.pdfFACS2017-Presentation.pdf
FACS2017-Presentation.pdfallberson
 
An efficient recovery mechanism
An efficient recovery mechanismAn efficient recovery mechanism
An efficient recovery mechanismijcsa
 
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Lionel Briand
 
VL/HCC 2014 - A Longitudinal Study of Programmers' Backtracking
VL/HCC 2014 - A Longitudinal Study of Programmers' BacktrackingVL/HCC 2014 - A Longitudinal Study of Programmers' Backtracking
VL/HCC 2014 - A Longitudinal Study of Programmers' BacktrackingYoungSeok Yoon
 
Making Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportMaking Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportQAware GmbH
 
Verification and validation of knowledge bases using test cases generated by ...
Verification and validation of knowledge bases using test cases generated by ...Verification and validation of knowledge bases using test cases generated by ...
Verification and validation of knowledge bases using test cases generated by ...Waqas Tariq
 
QMRAS Project Presentation
QMRAS Project PresentationQMRAS Project Presentation
QMRAS Project PresentationGary Spencer
 
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...SERENEWorkshop
 
SERENE 2014 School: Gabor karsai serene2014_school
SERENE 2014 School: Gabor karsai serene2014_schoolSERENE 2014 School: Gabor karsai serene2014_school
SERENE 2014 School: Gabor karsai serene2014_schoolHenry Muccini
 
Observability, Distributed Tracing, and Open Source: The Missing Primer
Observability, Distributed Tracing, and Open Source: The Missing PrimerObservability, Distributed Tracing, and Open Source: The Missing Primer
Observability, Distributed Tracing, and Open Source: The Missing PrimerVMware Tanzu
 
A Survey of functional verification techniques
A Survey of functional verification techniquesA Survey of functional verification techniques
A Survey of functional verification techniquesIJSRD
 
Friday 1815 maccia assessing both patient and staff dose at once
Friday 1815 maccia assessing both patient and staff dose at onceFriday 1815 maccia assessing both patient and staff dose at once
Friday 1815 maccia assessing both patient and staff dose at onceEuro CTO Club
 

Similar to OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL (20)

2453
24532453
2453
 
On the quality of service of crash recovery
On the quality of service of crash recoveryOn the quality of service of crash recovery
On the quality of service of crash recovery
 
Test design techniques
Test design techniquesTest design techniques
Test design techniques
 
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
 
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...
Human-Aware Sensor Network Ontology: Semantic Support for Empirical Data Coll...
 
Advanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip VerificationAdvanced Verification Methodology for Complex System on Chip Verification
Advanced Verification Methodology for Complex System on Chip Verification
 
FACS2017-Presentation.pdf
FACS2017-Presentation.pdfFACS2017-Presentation.pdf
FACS2017-Presentation.pdf
 
An efficient recovery mechanism
An efficient recovery mechanismAn efficient recovery mechanism
An efficient recovery mechanism
 
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: ...
 
VL/HCC 2014 - A Longitudinal Study of Programmers' Backtracking
VL/HCC 2014 - A Longitudinal Study of Programmers' BacktrackingVL/HCC 2014 - A Longitudinal Study of Programmers' Backtracking
VL/HCC 2014 - A Longitudinal Study of Programmers' Backtracking
 
Making Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience ReportMaking Runtime Data Useful for Incident Diagnosis: An Experience Report
Making Runtime Data Useful for Incident Diagnosis: An Experience Report
 
Verification and validation of knowledge bases using test cases generated by ...
Verification and validation of knowledge bases using test cases generated by ...Verification and validation of knowledge bases using test cases generated by ...
Verification and validation of knowledge bases using test cases generated by ...
 
QMRAS Project Presentation
QMRAS Project PresentationQMRAS Project Presentation
QMRAS Project Presentation
 
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...
SERENE 2014 School: Resilience in Cyber-Physical Systems: Challenges and Oppo...
 
SERENE 2014 School: Gabor karsai serene2014_school
SERENE 2014 School: Gabor karsai serene2014_schoolSERENE 2014 School: Gabor karsai serene2014_school
SERENE 2014 School: Gabor karsai serene2014_school
 
Observability, Distributed Tracing, and Open Source: The Missing Primer
Observability, Distributed Tracing, and Open Source: The Missing PrimerObservability, Distributed Tracing, and Open Source: The Missing Primer
Observability, Distributed Tracing, and Open Source: The Missing Primer
 
A Survey of functional verification techniques
A Survey of functional verification techniquesA Survey of functional verification techniques
A Survey of functional verification techniques
 
oracle-complex-event-processing-066421
oracle-complex-event-processing-066421oracle-complex-event-processing-066421
oracle-complex-event-processing-066421
 
Friday 1815 maccia assessing both patient and staff dose at once
Friday 1815 maccia assessing both patient and staff dose at onceFriday 1815 maccia assessing both patient and staff dose at once
Friday 1815 maccia assessing both patient and staff dose at once
 
Dill may-2008
Dill may-2008Dill may-2008
Dill may-2008
 

More from Lionel Briand

Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalLionel Briand
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLionel Briand
 
Metamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityMetamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityLionel Briand
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Lionel Briand
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingLionel Briand
 
Data-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical SystemsData-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical SystemsLionel Briand
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsLionel Briand
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...Lionel Briand
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Lionel Briand
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsLionel Briand
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingLionel Briand
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Lionel Briand
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyLionel Briand
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Lionel Briand
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationLionel Briand
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Lionel Briand
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...Lionel Briand
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Lionel Briand
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Lionel Briand
 
A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...Lionel Briand
 

More from Lionel Briand (20)

Precise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive GoalPrecise and Complete Requirements? An Elusive Goal
Precise and Complete Requirements? An Elusive Goal
 
Large Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and RepairLarge Language Models for Test Case Evolution and Repair
Large Language Models for Test Case Evolution and Repair
 
Metamorphic Testing for Web System Security
Metamorphic Testing for Web System SecurityMetamorphic Testing for Web System Security
Metamorphic Testing for Web System Security
 
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
Simulator-based Explanation and Debugging of Hazard-triggering Events in DNN-...
 
Fuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation TestingFuzzing for CPS Mutation Testing
Fuzzing for CPS Mutation Testing
 
Data-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical SystemsData-driven Mutation Analysis for Cyber-Physical Systems
Data-driven Mutation Analysis for Cyber-Physical Systems
 
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled SystemsMany-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
Many-Objective Reinforcement Learning for Online Testing of DNN-Enabled Systems
 
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
ATM: Black-box Test Case Minimization based on Test Code Similarity and Evolu...
 
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
Black-box Safety Analysis and Retraining of DNNs based on Feature Extraction ...
 
PRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System LogsPRINS: Scalable Model Inference for Component-based System Logs
PRINS: Scalable Model Inference for Component-based System Logs
 
Revisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software TestingRevisiting the Notion of Diversity in Software Testing
Revisiting the Notion of Diversity in Software Testing
 
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...Applications of Search-based Software Testing to Trustworthy Artificial Intel...
Applications of Search-based Software Testing to Trustworthy Artificial Intel...
 
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and SafetyAutonomous Systems: How to Address the Dilemma between Autonomy and Safety
Autonomous Systems: How to Address the Dilemma between Autonomy and Safety
 
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
Mathematicians, Social Scientists, or Engineers? The Split Minds of Software ...
 
Reinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case PrioritizationReinforcement Learning for Test Case Prioritization
Reinforcement Learning for Test Case Prioritization
 
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
Mutation Analysis for Cyber-Physical Systems: Scalable Solutions and Results ...
 
On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...On Systematically Building a Controlled Natural Language for Functional Requi...
On Systematically Building a Controlled Natural Language for Functional Requi...
 
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
Efficient Online Testing for DNN-Enabled Systems using Surrogate-Assisted and...
 
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...Guidelines for Assessing the Accuracy of Log Message Template Identification ...
Guidelines for Assessing the Accuracy of Log Message Template Identification ...
 
A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...A Theoretical Framework for Understanding the Relationship between Log Parsin...
A Theoretical Framework for Understanding the Relationship between Log Parsin...
 

Recently uploaded

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作qr0udbr0
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Matt Ray
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWave PLM
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtimeandrehoraa
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityNeo4j
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfLivetecs LLC
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Andreas Granig
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmSujith Sukumaran
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 

Recently uploaded (20)

Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作英国UN学位证,北安普顿大学毕业证书1:1制作
英国UN学位证,北安普顿大学毕业证书1:1制作
 
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
Open Source Summit NA 2024: Open Source Cloud Costs - OpenCost's Impact on En...
 
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
What is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need ItWhat is Fashion PLM and Why Do You Need It
What is Fashion PLM and Why Do You Need It
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
SpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at RuntimeSpotFlow: Tracking Method Calls and States at Runtime
SpotFlow: Tracking Method Calls and States at Runtime
 
EY_Graph Database Powered Sustainability
EY_Graph Database Powered SustainabilityEY_Graph Database Powered Sustainability
EY_Graph Database Powered Sustainability
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdfHow to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
 
Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024Automate your Kamailio Test Calls - Kamailio World 2024
Automate your Kamailio Test Calls - Kamailio World 2024
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalmIntelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 

OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL

  • 1. OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg SsoftwareV verificVation & va.lidlaution
  • 2. OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg SsoftwareV verificVation & va.lidlaution
  • 4. CTIE Centre des Technologies de l'Information de l'Etat
  • 5. Model-driven Run-time Verification of eGovernment Business Processes
  • 8. Temporal Properties “If the registration at the conference is successful, Order then a confirmation email will be sent out.” 8
  • 9. Temporal Properties “The registration reminder will be sent at least twice before the conference registration is closed.” Number of Occurrences 9
  • 11. Temporal Logics LTL CTL MTL ITL MITL … 11
  • 12. Temporal Logics Practitioners Limited Tool Support Background in Formal Methods 12
  • 15. OCL
  • 16. How to support temporal properties with OCL ? 16
  • 18. State Of The Art Features: Timestamped event always, sometime Real-time deadline, timeout 18 FME 2003
  • 19. Features: Past- and future-time Time bounds 19 SEFM 2004 State Of The Art
  • 20. State Of The Art Features: Linear Temporal Logic Dwyer’s Pattern System Timeout 20 ECEASST 2008
  • 21. 21 Features: Linear Temporal Logic Dwyer’s Pattern System Bounded existence SLE 2012 State Of The Art
  • 23. Specific occurrence of an event “A password reset email will be sent to the user after the third incorrect login attempt” 23
  • 24. Time distance from a boundary “A speaker should be ready at most 10 minutes after the second keynote.” 24
  • 27. OCLR An Expressive, Pattern-Based Temporal Extension of OCL 27
  • 28. Dwyer’s Pattern System Patterns in Property Specifications for Finite-State Verification* Matthew B. Dwyer George S. Avrunin James C. Corbett Kansas State University University of Massachusetts University of Hawai'i Department of Computing Department of Mathematics Department of Information and Information Sciences and Statistics and Computer Science Manhattan, KS 66506-2302 Amherst, MA 01003-4515 Honolulu, HI 96822 +1 785 532 6350 +1 808 956 6107 +1 413 545 4251 dwyer@cis.ksu.edu avrunin@mat h. umass. edu corbett @hawaii.edu ABSTRACT Model checkers and other finite-state verification tools allow developers to detect certain kinds of errors au-tomatically. Nevertheless, the transition of this tech-nology from research to practice has been slow. While there are a number of potential causes for reluctance to adopt such formal methods, we believe that a primary cause is that practitioners are unfamiliar with specifi-cation processes, notations, and strategies. In a recent paper, we proposed a pattern-based approach to the presentation, codification and reuse of property specifi-cations for finite-state verification. Since then, we have carried out a survey of available specifications, collect-ing over 500 examples of property specifications. We found that most are instances of our proposed patterns. Furthermore, we have updated our pattern system to accommodate new patterns and variations of existing patterns encountered in this survey. This paper reports the results of the survey and the current status of our pattern system. Keywords Patterns, finitestate verification, formal specification, concurrent systems 1 INTRODUCTION Although formal specification and verification methods offer practitioners some significant advantages over the current state-of-the-practice, they have not been widely adopted. Partly this is due to a lack of definitive ev-idence in support of the cost-saving benefits of formal methods, but a number of more pragmatic barriers to adoption of formal methods have been identified [22], including the lack of such things as good tool support, appropriate expertise, good training materials, and pro- 'This work was partially supported by NSF grants CCR- 9407182, CCR-9633388, CCR-9703094, and CCR-9708184 and by NASA grant NAG-02-1209. Permission to make digilal or hard copies of all or part ol'this work tbr personal or classroom usc is granted without fee provided that copies are ,lot lnade or distributed fflr profit or coinmercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, 10 republish, to post on servers or to redistribule to lists. requires prior specific permission andior a fee. LCSE '99 Los Angeles CA Copyn'ght ACM 1999 1-581 13-074-0/99/05 ... $5.00 cess support for formal methods. We believe that the recent availability of tool support for finite-state verification provides an opportunity to overcome some of these barriers. Finite-state verifica-tion refers to a set of techniques for proving properties of finite-state models of computer systems. Properties are typically specified with temporal logics or regular expressions, while systems are specified as finite-state transition systems of some kind. Tool support is avail-able for a variety of verification techniques including, for example, techniques based on model checking [19], bisimulation [4], language containment [14], flow anal-ysis [lo], and inequality necessary conditions [l]. In contrast to mechanical theorem proving, which often requires guidance by an expert, most finite-state verifi-cation techniques can be fully automated, relieving the user of the need to understand the inner workings of the verification process. Finite-state verification techniques are especially critical in the development of concurrent systems, where non-deterministic behavior makes test-ing especially problematic. Despite the automation, users of finite-state verification tools still must be able to specify the system require-ments in the specification language of the tool. This is more challenging than it might at first appear. For example, consider the following requirement for an ele-vator: Between the time an elevator is called at a poor and the time at opens its doors at that floor, the ele-vator can arrive at that floor at most twice. To verify this property with a linear temporal logic (LTL) model checker, a developer would have to translate this infor-mal requirement into the following LTL formula: D((cal1 A Oopen) + ((Tatfloor A lopen) U (open V ((atfloor A lopen) U (open V ((Tatfloor A Yopen) U (open V ((atfloor A Topen) U (open v (Tatfloor U OPe.)))))))))) Not only is this formula difficult to read and understand, it is even more difficult to write correctly without some expertise in the idioms of the specification language. 41 1 28
  • 29. Dwyer’s Pattern System Pattern 29 Scope
  • 30. 30 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
  • 31. 31 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
  • 32. 32 {Before Dwyer’s Pattern System Globally After Between-and After-until Scope
  • 33. 33 {Globally Dwyer’s Pattern System Before After Between-and After-until Scope
  • 34. Between-and vs. After-until Q P P Q Q P Q P Q P P Q Q Q P 34 P
  • 35. Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 35
  • 36. Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 36
  • 37. Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 37
  • 38. Dwyer’s Pattern System Pattern {Universality Existence Absence Response Precedence 38
  • 39. OCLR
  • 40. grammar [11]. An hOCLR blocki comprises a set of conjuncted hTemporalClausesi beginning with the keyword ‘temporal’. Each temporal clause contains a tempo-ral expression that consists of a hscopei and a hpatterni; the scope specifies the time slot(s) during which the property described by the pattern should hold. OCLR Syntax Excerpt hOCLRBlocki ::= ‘temporal’ hTemporalClausei+ hTemporalClausei ::= [hsimpleNameCSi] ‘:’ [hQuantif i] hTemporalExpi hQuantif i ::= ‘let’ hVariableDeclarationCSi ‘in’ hTemporalExpi ::= hScopei hPatterni hScopei ::= ‘globally’ | ‘before’ hBoundary1 i | ‘after’ hBoundary1 i | ‘between’ hBoundary2 i ‘and’ hBoundary2 i | ‘after’ hBoundary2 i ‘until’ hBoundary2 i hPatterni ::= ‘always’ hEventi | ‘eventually’ hRepeatableEventExpi | ‘never’ [‘exactly’ hIntegerLiteratureExpCSi] hEventi | hEventChainExpi ‘preceding’ [hTimeDistanceExpi] hEventChainExpi | hEventChainExpi ‘responding’ [hTimeDistanceExpi] hEventChainExpi hBoundary1 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [hTimeDistanceExpi] hBoundary2 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [‘at least’ IntegerLiteratureExpCS ‘tu’] hEventChainExpi ::= hEventi (‘,’ [‘#’ hTimeDistanceExpi] hEventi)* hTimeDistanceExpi ::= hComparingOpi hIntegerLiteratureExpCSi ‘tu’ hRepeatableEventExpi ::= [hComparingOpi hIntegerLiteratureExpCSi] hEventi hComparingOpi ::= ‘at least’ | ‘at most’ | ‘exactly’ hEventi ::= (hSimpleEventi | hComplexEventi) [‘|’ Event] hComplexEventi ::= ‘isCalled’ ‘(’ ‘anyOp’ [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] 40 ‘)’ [‘’ hEventi] hSimpleEventi ::= hSimpleCallEventi | hSimpleChangeEventi
  • 41. hEventChainExpi hBoundary1 i ::= [hIntegerLiteratureExpCSi] hSimpleEventi [hTimeDistanceExpi] hBoundary2 i OCLR ::= [hIntegerLiteratureExpCSi] [‘at least’ - <IntegerLiteratureExpCS Event> hSimpleEventi ‘tu’] hEventChainExpi ::= hEventi (‘,’ [‘#’ hTimeDistanceExpi] hEventi)* hTimeDistanceExpi ::= hComparingOpi hIntegerLiteratureExpCSi ‘tu’ hRepeatableEventExpi ::= [hComparingOpi hIntegerLiteratureExpCSi] hEventi hComparingOpi ::= ‘at least’ | ‘at most’ | ‘exactly’ hEventi ::= (hSimpleEventi | hComplexEventi) [‘|’ Event] hComplexEventi ::= ‘isCalled’ ‘(’ ‘anyOp’ [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] ‘)’ [‘’ hEventi] hSimpleEventi ::= hSimpleCallEventi | hSimpleChangeEventi hSimpleChangeEventi ::= ‘becomesTrue’ ‘(’ hOCLExpressionCSi ‘)’ hSimpleCallEventi ::= ‘isCalled’ ‘(’ hOperationCallExpCSi [‘,’ ‘pre:’ hOCLExpressionCSi] [‘,’ ‘post:’ hOCLExpressionCSi] ‘)’ Fig. 1. Grammar of OCLR 41
  • 42. OCLR - <SimpleEvent> <SimpleEvent> ::= <SimpleCallEvent> | <SimpleChangeEvent> 42
  • 43. OCLR - <SimpleCallEvent> isCalled(P) isCalled(P, pre: N=0, post: N=1) 43
  • 44. OCLR - <SimpleChangeEvent> becomesTrue(N=1) equivalent to isCalled(anyOp, N != 1, N = 1) 44
  • 45. OCLR - <Event> Additional support for: • Disjunction • Exclusion • Negation
  • 46. OCLR - <TemporalExp> <TemporalExp> ::= <Scope> <Pattern> 46
  • 47. OCLR - <Scope> <Scope> ::= ‘globally’ | ‘before’ <Boundary1> | ‘after’ <Boundary1> | ‘between’ <Boundary2> ‘and’ <Boundary2> | ‘after’ <Boundary2> ‘until’ <Boundary2> <Boundary1> ::= [<Int>] <SimpleEvent> [<TimeDistanceExp>] <Boundary2> ::= [<Int>] <simpleEvent> [‘at least’ <Int> tu] 47
  • 48. OCLR - Globally globally Q P P Q Q P Q P 48
  • 49. OCLR - Before before isCalled(P) Q P P Q Q P Q P 49
  • 50. OCLR - Before before 3 isCalled(P) Q P P Q Q P Q P 50
  • 51. Distance from scope boundaries ‘before’ [<Int>] <SimpleEvent> [<TimeDistanceExp>] <TimeDistanceExp> ::= (‘at least’|‘at most’|’exactly’) <Int> tu 51
  • 52. OCLR - Before before 3 isCalled(P) at least 2 tu Q P P Q Q P Q P 52 2 time units
  • 53. OCLR - Before before 3 isCalled(P) at most 2 tu Q P P Q Q P Q P 53 2 time units
  • 54. OCLR - Before before 3 isCalled(P) exactly 2 tu Q P P Q Q P Q P 54 2 time units
  • 55. OCLR - After ‘after’ [<Int>] <SimpleEvent> [<TimeDistanceExp>] 55
  • 57. OCLR - Between-and between isCalled(P) and isCalled(Q) Q P P Q Q P Q P 57
  • 58. OCLR - Between-and between isCalled(P) at least 1 tu and isCalled(Q) at least 1 tu Q P P Q Q P Q P 1 time unit 1 time unit 58
  • 59. OCLR - Between-and between 2 isCalled(P) at least 1 tu and 2 isCalled(Q) at least 1 tu Q P P Q Q P Q P 1 time unit 1 time unit 59
  • 60. OCLR - After-until ‘after’ [<Int>] <SimpleEvent> [‘at least’ <Int> tu] ‘until’ [<Int>] <SimpleEvent> [‘at least’ <Int> tu] 60
  • 61. OCLR - <Pattern> <Pattern> ::= ‘always’ <Event> | ‘eventually’ <RepeatableEventExp> | ‘never’ [‘exactly’ <Int>] <Event> | <EventChainExp> ‘preceding’ [<TimeDistanceExp>] <EventChainExp> | <EventChainExp> ‘responding’ [<TimeDistanceExp>] <EventChainExp> 61 <RepeatableEventExp> ::= [(‘at least’ | ‘at most’ | ‘exactly’) <Int>] <Event> <EventChainExp> ::= <Event> (‘,’ [‘#’ <TimeDistanceExp>] <Event>)*
  • 62. OCLR - Universality always isCalled(R) R R R R { } 62
  • 63. OCLR - Existence eventually exactly 2 R eventually at most 2 R eventually at least 2 R eventually R P R R S { } R 63
  • 64. OCLR - Absence ‘never’ [‘exactly’ <Int>] <Event> 64
  • 65. OCLR - Response “If P happens, then Q will happen.” isCalled(Q) responding isCalled(P) P Q S R { } S S 65
  • 66. OCLR - Response “If P happens, within 2 time units, then Q will happen.” Q responding at most 2 tu P P Q S R { } S 66 S 2 time units
  • 67. OCLR - Response “If P happens, within 2 time units, then Q will happen followed by R, but the distance between Q and R should be more than 5 time units ” isCalled(Q), # at least 5 tu isCalled(R) responding at most 2 tu isCalled(P) P Q S R { } S 67 S 2 time units 5 time units
  • 68. OCLR - Precedence <EventChainExp> ‘preceding’ [<TimeDistanceExp>] <EventChainExp> 68
  • 70. Identity Card Management Enrollment CTIE Agent/MFA Ministry of Foreign Affairs Applicant Enroll a new application Refuse application [reject] Request [accept] Apporve Production application Send production request Resolve incident [technique incident] Finish production Send card to MFA Receive card [expired] [incident] Lose card (lost/stolen) Send card to applicant Set card state to "Cancelled" Set card state to "claimed" Send card return letter Send card to applicant Change card state to "In circulation" [withdraw] [expired] [renew] Return card Request residence certificate [renounce] Acknowledge card return Set card state to "Expired" Send card to production Generate residence certificate Destroy card [for diplomats] Request more info. [pend] Renew a card Set card state to "Lost/Stolen" Delivery Expiration Loss 70
  • 71. 47 temporal properties analyzed and translated into OCLR 71
  • 72. Request “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” (Before + Response) 72
  • 73. Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 73
  • 74. Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 74
  • 75. Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 75
  • 76. Request temporal R1: let r : Request in before becomesTrue(r.card.state = CardState::InProduction) isCalled(notifyApproved(r.applicant)) responding at most 3 “days” becomesTrue(r.state = RequestState::Approved) “Once a card request is approved, the applicant is notified within three days; this notification has to occur before the production of the card is started.” 76
  • 77. Expiration “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” (After-until + Existence) 77
  • 78. Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 78
  • 79. Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 79
  • 80. Expiration temporal E1: let c:Card in after becomesTrue(c.state = CardState::Expired) until becomesTrue(c.state = CardState::Returned) eventually at most 2 isCalled(notifyReturnCard(c.cardHolder), pre:c.state <> CardState::Returned) “Once a card expires, until the card is returned, the holder is notified to return the card at most twice.” 80
  • 81. OCLR
  • 83. Design time Meta Requirement Specifications Analyst Vision Use Case Process Model Data Model Properties Run time OCLR OCL templates :Process model Instantiator RNL Translate into :OCL constraints Comply Observer OCL Checker + :Conceptual model Conceptual model --------------------------- Process Model Data Model Type of properties Generated by Map to Annotated-with Platforms Data Collector Revisiting model-driven engineering for run-time verification of business processes. In Proceedings of the 8th System Analysis and Modeling Conference (SAM 2014) 83
  • 84. Off-line trace checking • Trace Model and OCLR meta-model • Translation from OCLR to OCL • OCLR expressions check with Eclipse OCL • Preliminary evaluation
  • 86.
  • 87. OCLR: A More Expressive, Pattern-Based Temporal Extension of OCL Wei Dou, Domenico Bianculli, and Lionel Briand SnT Centre — University of Luxembourg wei.dou@uni.lu SsoftwareV verificVation & va.lidlaution