当前位置:
X-MOL 学术
›
Form. Asp. Comput.
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
A verification-driven framework for iterative design of controllers
Formal Aspects of Computing ( IF 1.4 ) Pub Date : 2019-06-05 , DOI: 10.1007/s00165-019-00484-1 Claudio Menghi 1 , Paola Spoletini 2 , Marsha Chechik 3 , Carlo Ghezzi 4
Formal Aspects of Computing ( IF 1.4 ) Pub Date : 2019-06-05 , DOI: 10.1007/s00165-019-00484-1 Claudio Menghi 1 , Paola Spoletini 2 , Marsha Chechik 3 , Carlo Ghezzi 4
Affiliation
Controllers often are large and complex reactive software systems and thus they typically cannot be developed as monolithic products. Instead, they are usually comprised of multiple components that interact to provide the desired functionality. Components themselves can be complex and in turn be decomposed into multiple sub-components. Designing such systems is complicated and must follow systematic approaches, based on recursive decomposition strategies that yield a modular structure. This paper proposes FIDDle–a comprehensive verification-driven framework which provides support for designers during development. FIDDle supports hierarchical decomposition of components into sub-components through formal specification in terms of pre- and post-conditions as well as independent development, reuse and verification of sub-components. The framework allows the development of an initial, partially specified design of the controller, in which certain components, yet to be defined, are precisely identified. These components can be associated with pre- and post-conditions, i.e., a contract, that can be distributed to third-party developers. The framework ensures that if the components are compliant with their contracts, they can be safely integrated into the initial partial design without additional rework. As a result, FIDDle supports an iterative design process and guarantees correctness of the system at any step of development. We evaluated the effectiveness of FIDDle in supporting an iterative and incremental development of components using the K9 Mars Rover example developed at NASA Ames. This can be considered as an initial, yet substantive, validation of the approach in a realistic setting. We also assessed the scalability of FIDDle by comparing its efficiency with the classical model checkers implemented within the LTSA toolset. Results show that FIDDle scales as well as classical model checking as the number of the states of the components under development and their environments grow.
中文翻译:
用于控制器迭代设计的验证驱动框架
控制器通常是大型且复杂的反应式软件系统,因此它们通常不能作为单一产品开发。相反,它们通常由多个组件组成,这些组件相互作用以提供所需的功能。组件本身可能很复杂,然后又被分解为多个子组件。设计这样的系统很复杂,必须遵循系统化的方法,基于产生模块化结构的递归分解策略。本文提出了 FIDDle——一个全面的验证驱动框架,在开发过程中为设计人员提供支持。FIDDle 支持通过形式化规范在前置条件和后置条件方面将组件分层分解为子组件,并支持子组件的独立开发、重用和验证。该框架允许开发初始的、部分指定的控制器设计,其中精确识别尚未定义的某些组件。这些组件可以与可以分发给第三方开发人员的前置条件和后置条件(即合同)相关联。该框架确保如果组件符合其合同,它们可以安全地集成到初始部分设计中,而无需额外的返工。因此,FIDDle 支持迭代设计过程并保证系统在任何开发步骤中的正确性。我们使用 NASA Ames 开发的 K9 Mars Rover 示例评估了 FIDDle 在支持组件的迭代和增量开发方面的有效性。这可以被认为是一个初步的,但实质性的,在现实环境中验证该方法。我们还通过将 FIDDle 的效率与在 LTSA 工具集中实现的经典模型检查器进行比较来评估 FIDDle 的可扩展性。结果表明,随着正在开发的组件及其环境的状态数量的增长,FIDDle 可以扩展以及经典模型检查。
更新日期:2019-06-05
中文翻译:
用于控制器迭代设计的验证驱动框架
控制器通常是大型且复杂的反应式软件系统,因此它们通常不能作为单一产品开发。相反,它们通常由多个组件组成,这些组件相互作用以提供所需的功能。组件本身可能很复杂,然后又被分解为多个子组件。设计这样的系统很复杂,必须遵循系统化的方法,基于产生模块化结构的递归分解策略。本文提出了 FIDDle——一个全面的验证驱动框架,在开发过程中为设计人员提供支持。FIDDle 支持通过形式化规范在前置条件和后置条件方面将组件分层分解为子组件,并支持子组件的独立开发、重用和验证。该框架允许开发初始的、部分指定的控制器设计,其中精确识别尚未定义的某些组件。这些组件可以与可以分发给第三方开发人员的前置条件和后置条件(即合同)相关联。该框架确保如果组件符合其合同,它们可以安全地集成到初始部分设计中,而无需额外的返工。因此,FIDDle 支持迭代设计过程并保证系统在任何开发步骤中的正确性。我们使用 NASA Ames 开发的 K9 Mars Rover 示例评估了 FIDDle 在支持组件的迭代和增量开发方面的有效性。这可以被认为是一个初步的,但实质性的,在现实环境中验证该方法。我们还通过将 FIDDle 的效率与在 LTSA 工具集中实现的经典模型检查器进行比较来评估 FIDDle 的可扩展性。结果表明,随着正在开发的组件及其环境的状态数量的增长,FIDDle 可以扩展以及经典模型检查。
京公网安备 11010802027423号