As part of a formalspecification exercise, we wanted to pin our interpretation of the blackboard architecture down: we wanted, therefore, to construct a formal model of our interpretation. By adopting a formalspecification approach, we hoped to make our in- terpretation of the architecture clear without having recourse either to implementation language code or to pseudocode, as we had earlier done. In addition, we wanted to prove a number of properties of the architecture in order (i) to show that they are natural properties (i.e., that they follow from our assumptions about the architecture), and (ii) to make them explicitly available in the literature. The properties that we wanted to em- phasise concern the top-levelspecification: in other words, they are not discovered dur- ing the refinement of the formalspecification, but relate to the model itself.
Top-level predicate go states that after start_conveyor succeeds (the conveyor is started), the conveyor continuously performs operation do_conveyor till chk_stop_conveyor succeeds (it needs to stop). Predicate start_conveyor is refined to state that some initial conditions must be fulfilled (chk_startup succeeds) before the actions to actually start the conveyor (do_startup) are done. Similarly, the predicate do_conveyor is refined to say that if the conditions for running the conveyor (chk_running) are OK and if a new part has arrived (chk_part_arrival) then process the part (process_part) and be ready for the next cycle (set_next_cycle). Refinement of chk_stop_conveyor says that if more data for simulation is available (chk_more_data) then fail else stop simulation. In the next refinement, predicates chk_startup, do_startup specify the actual startup conditions as well as actions to start the conveyor. Similarly, all other predicates in the previous level are refined. This clean process of top-down refinement of specifications continues until all aspects of the system's behavior are specified. This Prolog program can now be executed and its properties verified automatically.
Java 2 Micro Edition (J2ME) is a version of the Java platform targeted at resource-constrained devices. J2ME comprises two kinds of components: con- figurations and profiles. A configuration is composed of a virtual machine and a set of APIs that provide the basic functionality for a particular category of devices. Profiles further specify the target technology by defining a set of higher level APIs built on top of an underlying configuration. This two-level architec- ture enhances portability and enables developers to deliver applications that run on a range of devices with similar capabilities.
of quality evaluation [12, 13]. Nematzadeh and Nematzadeh  proposed the mapping rules from eflow and BPEL to colored petri net for reliability and performance measurement. In reference , a simple CDL is introduced to formalize the WS-CDL‟s participant roles, and the collaborations among roles. They used SPIN model-checker to reason about properties that should be satisfied by the specified system automatically. Furthermore, in order to verify WS-CDL protocol mismatches, the transformation rules were proposed to correspond the WS-CDL entities with timed automata , and colored petri-net [10, 11] elements. These formal languages are suitable for choreography verification, but they cannot realize the requirements of an adaptive process. For example, CDL and timed automata do not support all workflow patterns; colored petri-net does not support the separation of business logic and implementation code, nor abstract modeling, nor distinct control model. From the adaptation and verification viewpoints, we consider the below attributes to compare the choreography description languages/models. The comparison results are shown in Table 1.
System Development Life Cycle (SDLC) merupakan satu kaedah piawai yang digunakan untuk membangunkan perisian dalam mana-mana perlaksanaan pembangunan suatu sistem aplikasi. Kebanyakan pembangun perisian tidak menggunakan pendekatan formal spesifikasi semasa merekabentuk sistem. Pendekatan formal spesifikasi boleh membantu mengurangkan kekeliruan semasa fasa menentukan keperluan spesifikasi sistem. Tesis ini menumpukan penggunaan formal spesifikasi dengan memilih bahasa Z dalam membangunkan aplikasi menentukan tahap kualiti kepekatan debu. Formal spesifikasi digunakan semasa fasa spesifikasi keperluan sistem. Kemampuan formal spesifikasi dalam mengurangkan kesamaran lebih dikagumi berbanding tidak menggunakan formal spesifikasi. Langkah-langkah yang terlibat di dalam kajian ini dihuraikan iaitu langkah menentu ukur kualiti udara berdasarkan kepada tahap kepekatan debu, diikuti langkah dalam menentukan metod- metod yang terlibat dalam menentu ukur tahap kepekatan debu dengan memilih bahasa Z sebagai bahasa dalam formal spesifikasi, seterusnya langkah dalam membangunkan aplikasi menggunakan perisian Matlab berdasarkan metod-metod yang dikenalpasti. Di dalam menjayakan kajian ini, lima nod di Universiti Tun Hussien Onn Malaysia (UTHM) telah dipilih. Data yang dikumpul daripada lima nod tersebut dibincangkan di dalam tesis ini, begitu juga justifikasi tentang mengapa memilih lima nod. Aplikasi yang dibangunkan menggunakan perisian Matlab adalah untuk mendapatkan indeks pencemaran. Keputusan daripada aplikasi digambarkan di dalam bentuk graf, ia menunjukkan bahawa pada bulan Jun, tahap pencemaran zarah Particulate Matter (PM 10 ) paling tinggi. Kesimpulannya, kajian tesis ini memberi
Rather than building speciﬁcations in an ad hoc way, some approaches in the literature have explored the derivation of formal speciﬁcations from requirements. ECOLE  is a look-ahead editor for a controlled lan- guage called PENG (Processable English), which deﬁnes a mapping between English and First-Order Logic in or- der to verify requirements consistency. A similar initia- tive is the ACE (Attempto Controlled English) project  also involved with natural language processing for speciﬁcation validation through logic analysis. The work reported in  establishes a mapping between English speciﬁcations and ﬁnite state machine models. In indus- try, companies, such as Boeing , use a controlled nat- ural language to write manuals and system speciﬁcations, improving document quality. There are also approaches that use natural language to specify system requirements and automatically generate formal speciﬁcations in an object-oriented notation .
There are many existing biomedical top-level ontologies, such as the Ontology for General Medical Science (OGMS), BioTop, BioTopLite, the Basic Formal Ontology (BFO), etc. [34, 40, 41]. OGMS extends BFO . Most of the OBO Foundry ontologies are aligned with BFO, which makes BFO the best choice for building the SCT upper-level ontology [31, 41]. One of the main advantages of BFO is its realism-based approach, namely, the view that our thoughts, representations, beliefs, and knowledge are about reality . Thus, an ontology is a representa- tional artifact about the world itself and not concepts . The problem arising from concept-based ontologies is that the term concept is often ambiguous . Taking, for example, SCT itself, we know that concept can refer to 1) the clinical idea (for instance, the concept of kidney disease), 2) the ConceptId (a string, for example, “90,708,001”), and 3) the entity itself in the real world (the instances of kidney disease we actually find in patients’ bodies) . Thus, the ambiguity often neglects the use-mention distinction. Resorting to the ontologically realistic perspective of BFO, the ambiguity is resolved: the terms in ontologies refer to universals, which are not con- cepts or strings, but mind-independent and repeatable features of reality where existence depends on the particu- lars (the concrete entities) by which they are instantiated [1, 16]. So, when we talk about kidney disease, we are sure we are talking about something in reality (namely, all the instances in the world of the kinds of kidney disease). Thus, we avoid use-mention mistakes, and we avoid incor- rect conclusions (for example, that kidney diseases are concepts instead of real things in people’s bodies).
The documentation will consist of all the deliverables. They are vision document, project plan, software quality assurance plan, formal requirements specification, architecture design, test plan, formal technical inspection, prototype, user manual, component design, source code, assessment evaluation, project evaluation, references, and formal technical inspection letters. The committee members will review all documentation for final approval.
Abstract: Altran Praxis has used formal methods within its high integrity develop- ment approach, Correctness by Construction (CbyC), for a number of years. The Tokeneer ID Station (TIS) developed for the US National Security Agency (NSA) is one example of a development using formal methods and the CbyC approach. This project used a number of rigorous techniques including formalisation of the specification using the Z Notation, refinement of the specification to a formal de- sign, software development in SPARK with proof of absence of run-time errors of the software and proof of system properties. The project has stood up well to the intense scrutiny it has been subject to since it became available to the wider commu- nity in 2008, with only five errors being found. Despite the general success of the approach there are challenges to using formal methods in an industrial context. By looking at a number of key properties that affect the success of deployment of tools and techniques in industry we attempt to put the challenges of industrial deployment of formal methods into perspective.
us to be an interesting candidate. It offers, through its rich notation, an interesting way for concurrent systems formalspecification and programming. Furthermore, it also supports the description of multi-agent interactions [21, 16]. In this paper, we present a formal framework supporting the translation of multi-agent interactions, specified using the RCA formalism, in a Maude specification. The main motivations of our approach are essentially: (1) to specify formally the behavior of multi- agent systems, in particular, the interactions between agents, and (2) to provide a solid basis for their verification and validation process. The Maude specifications, generated in the context of the developed framework, have been validated using the platform supporting the Maude language. The remainder of the paper is organized as follows: Section 2 gives a brief survey on the main related works. We present summarily the RCA formalism in section 3. In section 4, we give the basic concepts related to the rewriting logic as well as the Maude language. Section 5 presents the translation process. The proposed approach is illustrated using a concrete case study in section 6. Finally, section 7 gives some conclusions and future work directions.
Temporal logic is applied to provide unambiguous semantics to functions supported by usage models, such as attribute mutability and continuity of decision . Usage control systems are concurrent and characterised by non-determinism due to the potential of a subject to arbitrarily request or terminate using an object during the operation of a system. As discussed in , a number of usage control formal models are limited to the specification of a single use, which is isolated and has no interference with other uses. UseCON  is a usage model that provides enhanced expressiveness compared to existing access/usage control models and applicable in new computing paradigms . This is achieved by introducing a new entity entitled use, which enables the use of historical information in usage control decision. To ensure the correctness of the UseCON model, we used an existing formal language to verify the correctness of its supported use management procedures. For example, ensure out of bound values are not assigned to attribute values, and that authorisation states of the usage model always comply with certain behaviours and follow predefined authorisation transitions (e.g., an authorisation must always be requested before changing into another state). The enhanced version of Temporal Logic of Actions (TLA+)  is selected for the formalspecification of UseCON – TLA+ has been selected also in formal definitions of other usage models (e.g., UCON ). In this paper, we anticipate that the formalspecification and verification of UseCON using an automated and error-free model checking technique will provide a comprehensive and unambiguous understanding of the concepts introduced in UseCON and ensure its correctness for a number of uses, depending on the authorisation model (pre-authorisation and ongoing-authorisation).
Well, Sexuality mode would be living, looking and feeling like sexed person (quality) mode or modes in which everyone lives, assumed power and can grow or cultivate being sexed, so sexuality is not is an instinct, but a human value, a quality, a dimension, because it all and we are all sexed as we all are people (Fernández, 2006). People began to settle as sexual persons in the same moment the egg and sperm that unite proceed. From there be a complicated development in the womb of our mother go about making some internal genitalia and external genitalia are formed and so when we are born we look and get a boy name or a girl's name. This is what we call modes, sexes, male and female, the only two ways we can be people (Fernández, 2002). The development of sexuality is a continuum that spans a lifetime and to be tailored to each developmental stage, which is why the strategies and programs to promote sexual health must lie in the effective and genuine participation of the community, in setting priorities, decision making and implementation of development strategies planned to achieve a new optimal level of sexual health (Castro, 2004).
X. He et al. proposed Software Architecture Model (SAM) to present graphical formal software architecture which is based on Petri Nets and temporal logic to improve understandability and reduce complexity. The Petri Nets are used to define the behavior models of components and connectors while temporal logic is used to specify properties of component and connector . The architecture is illustrated as a set of boxes with port connected by arrows. The boxes called composition. Each composition contains other compositions. The bottom-level compositions are either components or connectors. Various constraints can be specified. This hierarchical model supports compositionality in both software architecture design and analysis. Thus, facilitate scalability. Fig. VII shows a graphical view of an SAM software architecture, in which connectors are not emphasized and are only represented by thick arrows.
In this paper, we propose extending the formal description technique Object-Based Graph Grammars (OBGGs) [11, 23] to specify real-time systems. OBGG is a visual formal speciﬁcation language suitable for the speciﬁcation of asynchronous distributed systems. The basic idea of this formalism is to model the states of a system as graphs and describe the possible state changes as rules (where the left- and right-hand sides are graphs). The behavior of the system is described via applications of these rules to graphs modeling the actual states of a sys- tem. Rules operate locally on the state-graph, and there- fore it is possible that many rules are applied at the same time. OBGGs are appealing as speciﬁcation formalism because they are formal, they are based on simple but powerful concepts to describe behavior, and they have a nice graphical layout that helps non-theoreticians under- stand an object-based graph grammar speciﬁcation. Due to the declarative style (using rules), concurrency arises naturally in a speciﬁcation: if rules do not conﬂict (do not try to update the same portion of the state), they may be applied in parallel (the speciﬁer does not have to say explicitly which rules shall occur concurrently).
This paper describes an implementation of the Task Algebra, a formal model of hierarchical tasks and workflows, in the Haskell programming language. Previously we presented the Task Algebra as a formal, unambiguous notation capturing the kinds of activity and workflow typically seen in business analysis diagrams, similar to UML use case and activity diagrams. Here, we show how the abstract syntax for the Task Algebra may be parsed and then semantically analysed, by a suite of Haskell functions, to compute the execution traces of a system. The approach is illustrated with a case study of a journal management system. The results show how it is possible to automate the semantic analysis of requirements diagrams, as a precursor to developing a logical design.
Techniques are abstract and concretization, proof, refinement and the like. Formal methods in software engineering connote a development that uses formalspecification languages in various phases of development, domain specification, requirements and also in design. Formal Methods help in understanding a comprehensive set of methods, techniques and tools that have a formal background in mathematics. This means each specification language has both mathematical syntax and semantics, and a proof system and at the same time supporting refinement, model checking, proof and test . Pioneers of computer science like C.A.R. Hoare and E.W. Dijkstra had developed the concepts of formal methods many decades ago but advances in the development of software tools recently promoted its popular use . Perspectives on Formal Methods developed in the 60s and 70s had been in the area of hardware design verification . The need for proof of correctness and prevention of persistent system failure gave more attention to the use of formal method in software design. It has been effective, also, in some safety-critical systems such as aircraft control, revenue reconciliation, expert systems and other related systems where there is zero-tolerance for failure . Evolving programming languages and their types can be precisely described by grammar. The importance of formal grammatical representations of languages cannot be over-emphasized in the vast field of computer science, involving programming languages, compiler design, and natural language processing. The motivation behind implementation of formal method is to proof and ascertain correctness. In software or program design, correctness is about what can be proved mathematically. This is where formal methods belong . An example of model-oriented methods is RAISE (Rigorous Approach to Industrial Software Engineering). RAISE was the formal method used at UNU-IIST (United Nations University International Institute for Software Technology) . Formal methods are concerned with specification techniques in system design . Special mathematical skills are required for experts to employ formal methods in standardizing designs. Quite a few researchers have the patience of undergoing the required rigor to acquire the essential knowledge before this could be used. Consequently, many system designers take less tedious approaches to specification and error checking even if the rigor in formal methods could possibly yield reliable solutions .
In this work, we propose a framework for the formalspecification of REST API Services for Modbus Protocol using SDL based system. The purpose of this framework is to provide a formal basis for their performance evaluation and behavioral study. The rest of the paper is organized as follows. Section 4. illustrates specification design of RESTAPI Services for Modbus Protocol using formal SDL language. Section 5 describes of verification and validation of the protocol to rule out design errors. Section 5 illustrates experimental simulations with results and Section 6. provides our conclusion.
REA ontology can be seen upon as a two layer model consisting of the operational level containing instances of REA concept types and their relationships (“what has happened”) and of the policy level layer where the abstract types of the REA concepts including intended and /or planned modeled objects (“what should happen”) together with corresponding relations are placed. Following three basic semantic concepts are used at the operational level.
Abstract. Object-Z is an extension of Z which provides specic constructs to facilitate specication in an object-oriented style. A number of contributions have been made so far to animate Object-Z with various object-oriented programming languages. However, none of the existing animation methods present their mapping rules formally. Also, none of these animation methods prove the correctness of their mapping rules. In our previous work, we informally presented an animation method to map Object-Z specications into C++ code. In this paper, we propose a formal mapping from Object-Z specications to C++ code. We also prove the correctness of the given mapping rules.