SlideShare a Scribd company logo

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

IncQuery Labs
IncQuery Labs

Authors: Bence Graics, Ákos Hajdu, Zoltán Micskei, Vince Molnár, István Ráth, Luigi Andolfato, Ivan Gomes, and Robert Karban Read the research here: https://dl.acm.org/doi/10.1145/3417990.3421407

Engineering
1 of 20
Download to read offline
Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
Motivating Example and Scope 5 Battery control Data transfer
Property to check 6 Should never transmit when the battery is below 40%
Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40

Recommended

Software bug prediction
Software bug prediction Software bug prediction
Software bug prediction Muthukumaran Kasinathan
 
ERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskICSM 2011
 
Software Architecture - Quiz Questions
Software Architecture - Quiz QuestionsSoftware Architecture - Quiz Questions
Software Architecture - Quiz QuestionsCodeOps Technologies LLP
 
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...Ali Ouni
 
Qtp (basics to advanced)
Qtp (basics to advanced)Qtp (basics to advanced)
Qtp (basics to advanced)G.C Reddy
 
Mapping and visualization of source code a survey
Mapping and visualization of source code a surveyMapping and visualization of source code a survey
Mapping and visualization of source code a surveyNakul Sharma
 
Scam2010 thomas presentation
Scam2010 thomas presentationScam2010 thomas presentation
Scam2010 thomas presentationSAIL_QU
 
Web Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingWeb Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingAli Ouni
 

Recommended

Software bug prediction
Software bug prediction Software bug prediction
Software bug prediction Muthukumaran Kasinathan
 
ERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskERA - Clustering and Recommending Collections of Code Relevant to Task
ERA - Clustering and Recommending Collections of Code Relevant to TaskICSM 2011
 
Software Architecture - Quiz Questions
Software Architecture - Quiz QuestionsSoftware Architecture - Quiz Questions
Software Architecture - Quiz QuestionsCodeOps Technologies LLP
 
The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...The Use of Development History in Software Refactoring Using a Multi-Objectiv...
The Use of Development History in Software Refactoring Using a Multi-Objectiv...Ali Ouni
 
Qtp (basics to advanced)
Qtp (basics to advanced)Qtp (basics to advanced)
Qtp (basics to advanced)G.C Reddy
 
Mapping and visualization of source code a survey
Mapping and visualization of source code a surveyMapping and visualization of source code a survey
Mapping and visualization of source code a surveyNakul Sharma
 
Scam2010 thomas presentation
Scam2010 thomas presentationScam2010 thomas presentation
Scam2010 thomas presentationSAIL_QU
 
Web Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingWeb Service Antipatterns Detection Using Genetic Programming
Web Service Antipatterns Detection Using Genetic ProgrammingAli Ouni
 
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...IncQuery Labs
 
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsÁkos Horváth
 
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsGábor Szárnyas
 
PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talkRay Buse
 
Model-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesDaniel Lehner
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...Daniel Varro
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesMohamed BOUSSAA
 
Web Macros
Web MacrosWeb Macros
Web Macroscscaffid
 
SICOMORO
SICOMOROSICOMORO
SICOMOROmiso_uam
 
Prasad_CTP
Prasad_CTPPrasad_CTP
Prasad_CTPPrasad Bhat
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringHeiko Koziolek
 
Focap
FocapFocap
FocapAdrian FLOREA
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Luca Berardinelli
 
SERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolHenry Muccini
 
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENEWorkshop
 
Modernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectDevOps.com
 
Paper summary
Paper summaryPaper summary
Paper summaryAdam Feldscher
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareAlessio Bucaioni
 
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...Robert Grossman
 
IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery Labs
 
IncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery Labs
 

More Related Content

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...IncQuery Labs
 
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsÁkos Horváth
 
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsGábor Szárnyas
 
PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talkRay Buse
 
Model-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesDaniel Lehner
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...Daniel Varro
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesMohamed BOUSSAA
 
Web Macros
Web MacrosWeb Macros
Web Macroscscaffid
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringHeiko Koziolek
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Luca Berardinelli
 
SERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolHenry Muccini
 
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENEWorkshop
 
Modernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectDevOps.com
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareAlessio Bucaioni
 
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...Robert Grossman
 

Similar to Model Checking as a Service: Towards Pragmatic Hidden Formal Methods (20)

Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
Towards the Next Generation of Reactive Model Transformations on Low-Code Pla...
 
IncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP TalkIncQuery Labs Models 2020 MIP Talk
IncQuery Labs Models 2020 MIP Talk
 
Incremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical SystemsIncremental Queries and Transformations for Engineering Critical Systems
Incremental Queries and Transformations for Engineering Critical Systems
 
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java ApplicationsTowards a Macrobenchmark Framework for Performance Analysis of Java Applications
Towards a Macrobenchmark Framework for Performance Analysis of Java Applications
 
PhD Proposal talk
PhD Proposal talkPhD Proposal talk
PhD Proposal talk
 
Model-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime InconsistenciesModel-based Detection of Runtime Inconsistencies
Model-based Detection of Runtime Inconsistencies
 
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
IncQuery-D: Distributed Incremental Model Queries over the Cloud: Engineerin...
 
GPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators FamiliesGPCE16: Automatic Non-functional Testing of Code Generators Families
GPCE16: Automatic Non-functional Testing of Code Generators Families
 
Web Macros
Web MacrosWeb Macros
Web Macros
 
SICOMORO
SICOMOROSICOMORO
SICOMORO
 
Prasad_CTP
Prasad_CTPPrasad_CTP
Prasad_CTP
 
Tool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software EngineeringTool-Driven Technology Transfer in Software Engineering
Tool-Driven Technology Transfer in Software Engineering
 
Focap
FocapFocap
Focap
 
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
Towards_Blended_Modeling_and_Simulation_of_DevOps_Processes_The_Keptn_Case_St...
 
SERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_schoolSERENE 2014 School: Daniel varro serene2014_school
SERENE 2014 School: Daniel varro serene2014_school
 
SERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the CloudSERENE 2014 School: Incremental Model Queries over the Cloud
SERENE 2014 School: Incremental Model Queries over the Cloud
 
Modernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-ArchitectModernizing Testing as Apps Re-Architect
Modernizing Testing as Apps Re-Architect
 
Paper summary
Paper summaryPaper summary
Paper summary
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle Software
 
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
AnalyticOps: Lessons Learned Moving Machine-Learning Algorithms to Production...
 

More from IncQuery Labs

IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery Labs
 
IncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery Labs
 
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Labs
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...IncQuery Labs
 
IncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IWIncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IWIncQuery Labs
 
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...IncQuery Labs
 
Towards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps ArtefactsTowards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps ArtefactsIncQuery Labs
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...IncQuery Labs
 
The Genesis of Holistic Systems Design
The Genesis of Holistic Systems DesignThe Genesis of Holistic Systems Design
The Genesis of Holistic Systems DesignIncQuery Labs
 
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery LabsIncquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery LabsIncQuery Labs
 
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...IncQuery Labs
 
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...IncQuery Labs
 

More from IncQuery Labs (12)

IncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptxIncQuery_presentation_Incose_EMEA_WSEC.pptx
IncQuery_presentation_Incose_EMEA_WSEC.pptx
 
IncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdfIncQuery-Integrate22-20220607.pdf
IncQuery-Integrate22-20220607.pdf
 
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
 
IncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IWIncQuery Suite demo for INCOSE 2022IW
IncQuery Suite demo for INCOSE 2022IW
 
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
Towards Scalable Validation of Low-Code System Models: Mapping EVL to VIATRA ...
 
Towards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps ArtefactsTowards Continuous Consistency Checking of DevOps Artefacts
Towards Continuous Consistency Checking of DevOps Artefacts
 
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
The Genesis of Holistic Systems Engineering: Completeness and Consistency Man...
 
The Genesis of Holistic Systems Design
The Genesis of Holistic Systems DesignThe Genesis of Holistic Systems Design
The Genesis of Holistic Systems Design
 
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery LabsIncquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
Incquery Suite Models 2020 Conference by István Ráth, CEO of IncQuery Labs
 
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
Introducing the New MagicDraw Plug-In for RTI Connext DDS: Industrial IoT Mee...
 
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...Lessons learned from building Eclipse-based add-ons for commercial modeling t...
Lessons learned from building Eclipse-based add-ons for commercial modeling t...
 

Recently uploaded

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSRajkumarAkumalla
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝soniya singh
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Call Girls in Nagpur High Profile
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...RajaP95
 

Recently uploaded (20)

(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICSHARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
HARDNESS, FRACTURE TOUGHNESS AND STRENGTH OF CERAMICS
 
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
Model Call Girl in Narela Delhi reach out to us at 🔝8264348440🔝
 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
Booking open Available Pune Call Girls Koregaon Park 6297143586 Call Hot Ind...
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
 
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
IMPLICATIONS OF THE ABOVE HOLISTIC UNDERSTANDING OF HARMONY ON PROFESSIONAL E...
 

Model Checking as a Service: Towards Pragmatic Hidden Formal Methods

  • 1. Model Checking as a Service: Towards Pragmatic Hidden Formal Methods Benedek Horváth12, Bence Graics3, Ákos Hajdu3, Zoltán Micskei3, Vince Molnár3, István Ráth1, Luigi Andolfato4, Ivan Gomes5, and Robert Karban5 1 IncQuery Labs cPlc., Budapest, Hungary 2 Johannes Kepler University Linz, Linz, Austria 3 Budapest University of Technology and Economics, Budapest, Hungary 4 European Southern Observatory, München, Germany 5 Jet Propulsion Laboratory, California Institute of Technology, Pasadena, CA, USA Contact: Benedek.Horvath@incquerylabs.com
  • 2. Motivation • Model-Based Systems Engineering • Commercial tools for design, simulation • Cloud-based, open collaborative modeling environments • IncQuery Server [10]: scalable query evaluation over model repositories 2
  • 3. Correctness of behavioral models • Simulation, testing may not find every error • Formal verification: systematically checks the model • Challenges: C1. High resource demand of formal verification C2. Parallel verification tasks of multiple users C3. Semantic gap between engineering and formal domains 3
  • 4. Objectives • Cloud: elastically scalable computation resources O1. Dynamically allocate more memory and CPU O2. Dynamically start more instances O3. Semantic integrity a) semantic-preserving transformations, b) restricted but meaningful subset of engineering language 4
  • 5. Motivating Example and Scope 5 Battery control Data transfer
  • 6. Property to check 6 Should never transmit when the battery is below 40%
  • 7. Reachability property • State predicate of a faulty behavior • Find a trace where the predicate is true 7
  • 8. Gamma Statechart Composition Framework [17] Hidden Formal Methods: V&V Formal Compositional Semantics Gamma Statechart & Composition Language 8
  • 9. Model Checking as a Service O1-O2. Cloud deployment: containerized components O3. Initial subset of modeling elements, PSSM [21] O3. Intermediate language: model checker integration 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 9
  • 10. MCaaS: Prototype Implementation • MCaaS add-on for IncQuery Server [10] • Modeling and static checks: • Allowed subset of modeling elements • Well-formedness constraints in Viatra Query Language [3] 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 10
  • 11. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 11
  • 12. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 12
  • 13. MCaaS: Prototype Implementation • Back-annotation: 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 13 6 7 Model checker trace Gamma trace SysML sequence diagram
  • 14. Conclusion and Future Work • Cloud-based workflow to verify SysML [20] models • Initial subset of elements for verification • Semantic integrity of the workflow → example trace is simulateable • Future work: • New model checker, e.g., Theta [23] • Adaptive scalabilityand combination of model checkers [22] • Extend the supported elements, e.g., activity, do-behavior • Support SysML v2 14
  • 15. Acknowledgements • This research was carried out at the Jet Propulsion Laboratory (JPL), California Institute of Technology, under a contract with the National Aeronautics and Space Administration (NASA). • This work partially received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 813884. • The authors are grateful for the valuable advice of Péter Bokor, Ákos Horváth, and the anonymous reviewers. 15
  • 16. References [3] Gábor Bergmann, Zoltán Ujhelyi, István Ráth, and Dániel Varró. 2011. A Graph Query Language for EMF Models. In Proc. of the 4th Intl. Conference on Theory and Practice of Model Transformations (LNCS, Vol. 6707). Springer, 167–182. [7] Corrina Gibson, Robert Karban, Luigi Andolfato, and John Day. 2014. Formal Validationof Fault Management Design Solutions. Softw. Eng. Notes 39, 1 (2014), 1-5. [8] Corrina Gibson, Robert Karban, Luigi Andolfato, and John C. Day. 2014. Abstractions for Executable and Checkable Fault Management Models. In Proc. of the Conference on Systems Engineering Research. Elsevier, 146–154. [10] Ábel Hegedüs, Gábor Bergmann, Csaba Debreceni, Ákos Horváth, Péter Lunk, Ákos Menyhért, István Papp, Dániel Varró, Tomas Vileiniskis, and István Ráth. 2018. Incquery Server for Teamwork Cloud: Scalable Query Evaluation over CollaborativeModel Repositories. In Proc. of the 21st International Conference on Model Driven Engineering Languages and Systems. ACM, 27–31. [16] Alvaro Miyazawa, Pedro Ribeiro, Wei Li, Ana Cavalcanti, Jon Timmis, and Jim Woodcock. 2019. RoboChart: modelling and verification of the functional behaviour of robotic applications. Softw. and Sys. Model. 18, 5 (2019), 3097–3149. 16
  • 17. References [17] Vince Molnár, Bence Graics, András Vörös, István Majzik, and Dániel Varró. 2018. The Gamma statechart composition framework: Design, verification and code generation for component-based reactive systems. In Proc. of the 40th International Conference on Software Engineering. ACM, 113–116. [20] OMG. 2019. OMG System Modeling Language (SysML). formal/19-11-01. [21] OMG. 2019. Precise Semantics of UML State Machines (PSSM). formal/19-05- 01. [22] Amir Molzam Sharifloo and Andreas Metzger. 2013. MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems. In Software Engineering for Self- Adaptive Systems III (LNCS, Vol. 9640). Springer, 137–153. [23] Tamás Tóth, Ákos Hajdu, András Vörös, Zoltán Micskei, and István Majzik. 2017. Theta: a Framework for Abstraction Refinement-Based Model Checking. In Proc. of the 17th Conference on Formal Methods in Computer-Aided Design. 176–179. 17
  • 18. Related Work • Gibson et al. Formal Validation of Fault Management Design Solutions [7- 8] • Verification of collaborating SysML state machines, including do-behavior • Model checker: Java Pathfinder • Checkable property: assertion in Java code • No back-annotation • Miyazawa et al. RoboChart modelling and verification of the functional behaviour of robotic applications [16] • Domain-Specific Modeling Language for robotic applications • Minimalist core of UML state machine notation, supporting collaborationand timing • Checkable property: textual DSL with verification-specific keywords • Model checker: CSP (Communicating Sequential Processes) problem checked by FDR • Sharifloo and Metzger MCaaS: Model Checking in the Cloud for Assurances of Adaptive Systems [22] • Cloud resource allocationpredication for model checkers based on model complexity, run-time measures from past executions • Can be adopted in future work 18
  • 19. MCaaS: Prototype Implementation • Transformation to the intermediate language: • Gamma Statechart Language [17] + Gamma Property Language • Traceability model 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 19 EF (state Spacecraft.Operation.Transmitting && var Spacecraft.battery < 40)
  • 20. MCaaS: Prototype Implementation • Translation to model checker: • Gamma statechart → timed automata in UPPAAL • Reachability property → liveness query (EF) in CTL 7 Back-annotation 4 Transformation SysML tool 1 Modeling (user) Jupyter notebook 2 V&V actions (user) IncQuery Server MCaaS add-on 3 Static checksModel repository MC runtime 2 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models Theta model checker MC runtime 1 5 Formal model + query translation 6 Result + trace back-annotation Gamma intermediate models UPPAAL model checker 20EF P_OperationOfMainOfSpacecraft.Transmitting && batteryOfSpacecraft < 40