Deploy Repository: No conditions. Results ordered -Date. 2018-01-17T12:24:09ZEPrintshttp://deploy-eprints.ecs.soton.ac.uk/images/sitelogo.gifhttp://deploy-eprints.ecs.soton.ac.uk/2012-03-19T15:50:55Z2012-03-19T15:50:55Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/382This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/3822012-03-19T15:50:55ZRodin User & Developer Workshop Proceedings Michael ButlerStefan Hallerstedesth@ecs.soton.ac.ukthierry Lecomtethierry.lecomte@clearsy.comMichael Leuschelleuschel@cs.uni-duesseldorf.deAlexander Romanovskyalexander.romanovsky@ncl.ac.ukLaurent Voisin2012-01-10T11:33:53Z2012-01-16T11:25:30Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/362This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/3622012-01-10T11:33:53ZSome NuSMV Experiments on the Mode Synchronization Protocol in DSAOCSSA non-exhaustive collection of files on NuSMV experiments on the mode synchronization protocol in DSAOCSS. The "input files" are mpbase.smv, split.sh, _split.sh, batch.sh, and inc.txt.The file btc.txt and and all lmp??.txt files have been produced by batch.sh that in turn needs mp??.smv files produced by split.sh.The mp??.smv files are not included in this archive because they are easily reproducible and because every mp??.smv is simply a concatenation of mpbase.smv and a single LTLSPEC line. The file gdbmp22.txt is an output of a debugging session and is included in order to support the conjecture that all segmentation fault messages in btc.txt are due to effective running out of memory in software where use of memory is not properly monitored.Kimmo Varpaaniemi2011-02-16T14:27:09Z2011-02-18T15:29:14Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/285This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/2852011-02-16T14:27:09ZDeveloping a Consensus Algorithm using Stepwise RefinementWe give a formal development and proof of a known consensus algorithm using stepwise refinement. We begin with an abstract specification of the intended result of the algorithm. The algorithm is developed and proved correct over a number of refinement steps. The proof of correctness is performed concurrently with the development. The development and proof make use of key fault and failure assumptions. The stepwise refinement approach allows us to introduce and prove each property at the most appropriate stage in the development, before detail irrelevant to that property has been added to the model.
Finally we introduce an abstract model of a possible network on which
the algorithm could be executed.Jeremy W. Bryansjeremy.bryans@ncl.ac.uk2010-10-29T09:04:41Z2010-10-29T09:04:41Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/252This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/2522010-10-29T09:04:41ZA Basis for Feature-Oriented Modelling in Event-BFeature-oriented modelling is a well-known approach for Software Product
Line (SPL) development. It is a widely used method when developing groups of
related software. With an SPL approach, the development of a software product
is quicker, less expensive and of higher quality than a one-off development since
much effort is re-used. However, this approach is not common in formal methods
development, which is generally high cost and time consuming, yet crucial in
the development of critical systems. With the increase of more complex critical
systems, it becomes more important to apply formal methods to the development
cycle, and we propose a method that allows the application of SPL development
techniques to formal methods. This results in faster and cheaper development of
formal systems.
Our method combines Event-B [1] and feature models [2]. A feature in a
feature model represents a requirement of the product family and is formally
described in Event-B using special feature modelling patterns. A feature repre-
sented in Event-B is referred to as component. We develop composition rules,
which allow components to be composed. Special composition proof obligations
allow the verification of the composition.
The feature model is formed by features which may be associated with Event-
B components. A subset of features from the feature model can be selected to
form a feature model instance, thereby selecting several of these Event-B com-
ponents. These components are composed pair-wise, and composition POs can
be discharged to prove properties and to ensure consistency of the composition.
The final Event-B machine represents the formal specification which is associated
with the feature model instance and is obtained by composing these components.
The motivation of our work is to allow product line development for critical
systems. We use traditional product line methods, i.e. feature modelling, and
link it with the formal method Event-B.
Future work is focussed on amending feature diagrams to reflect Event-B
components more precisely. Refinement patterns will also be addressed.
Jennifer Sorgejhs06r@ecs.soton.ac.ukMichael Poppletonmrp@ecs.soton.ac.ukMichael Butlermjb@ecs.soton.ac.uk2010-01-03T12:42:29Z2010-04-19T15:05:59Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/166This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1662010-01-03T12:42:29ZDEPLOY Satellite (an Attitude and Orbit Control System) Specification, Version 15 without statement numberingAn executable "DEPLOY Satellite" specification in the form of Ada source code without any statement numbering comment. The absence of statement numbering comments is the only difference with respect to http://deploy-eprints.ecs.soton.ac.uk/167/.Pauli VäisänenPauli.Vaisanen@ssf.fiKimmo Varpaaniemi2010-01-03T13:06:18Z2010-04-19T15:05:59Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/167This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1672010-01-03T13:06:18ZDEPLOY Satellite (an Attitude and Orbit Control System) Specification, Version 15An executable "DEPLOY Satellite" specification in the form of Ada source code that has statement numbering comments. The presence of statement numbering comments is the only difference with respect to http://deploy-eprints.ecs.soton.ac.uk/166/.Pauli VäisänenPauli.Vaisanen@ssf.fiKimmo Varpaaniemi2009-08-11T16:17:31Z2010-04-19T15:05:57Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/144This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1442009-08-11T16:17:31ZOn Event-B and Control Flow
Event-B is a general purpose formal development method
suitable for the design and detailed development of safety-critical systems. Being a data-driven formalism, it lacks any control flow constructs. This turns out to be a limitation for systems with rich control flow properties. In Event-B, control flow information has to be embedded into
guards and event actions and this results in an entanglement of control flow and functional specification with the additional downside of extra model variables. This paper proposes a method for extending Event-B models with an new viewpoint portraying control flow properties of a
model. The novelty of the work is in relying solely on theorem proving to demonstrate the consistency of control flow and main Event-B specification. The focus is placed on the practicality of working with such an extension and also on achieving proof economy. A detailed formal
treatment of the method is presented and illustrated with a case study. A proof of concept implementation for the RODIN platform is briefly discussed.
Alexei Iliasov"Alexei Iliasov" <Alexei.Iliasov@newcastle.ac.uk>2008-12-18T14:43:04Z2010-04-19T15:05:51Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/52This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/522008-12-18T14:43:04ZFormal Modelling and Analysis of Business Information
Applications with Fault Tolerant Middleware
Distributed information systems are critical to the functioning of
many businesses; designing them to be dependable is a challenging but
important task. We report our experience in using formal methods to
enhance processes and tools for development of business information
software based on service-oriented architectures. In our work, which
takes place in an industrial setting, we focus on the configuration of
middleware, verifying application-level requirements in the presence
of faults. In pilot studies provided by SAP, we used the Event-B
formalism and the open RODIN tools platform to prove properties of
models of business protocols and expose weaknesses of certain
middleware configurations with respect to particular protocols. We
then extended the approach to use models automatically generated from
diagrammatic design tools, opening the possibility of seamless
integration with current development environments. Increased
automation in the verification process, through domain-specific models
and theories, is a goal for future work. Jeremy W. Bryansjeremy.bryans@ncl.ac.ukJohn S. Fitzgeraldjohn.fitzgerald@ncl.ac.ukRomanovsky Alexanderalexander.romanovsky@ncl.ac.ukRoth Andreasandreas.roth@sap.com2009-01-26T10:45:26Z2010-04-19T15:05:52Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/79This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/792009-01-26T10:45:26ZDeployment in the Space Sector (WP3 Meeting in Newcastle)Timo Latvala2009-01-22T09:52:51Z2010-04-19T15:05:52Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/72This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/722009-01-22T09:52:51ZBepiColombo - Modelling Approach (Issue I)Dubravka IlicTimo LatvalaKimmo Varpaaniemi2009-01-22T10:24:37Z2010-04-19T15:05:52Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/76This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/762009-01-22T10:24:37ZDeployment in the Space Sector (Slides for DEPLOY Newcastle Kick-off Meeting)Timo Latvala2009-01-29T12:25:20Z2010-04-19T15:05:53Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/81This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/812009-01-29T12:25:20ZSYRAMS Requirement Table (STS)Jerome Falampin2009-05-26T08:39:21Z2010-04-19T15:05:54Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/104This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1042009-05-26T08:39:21ZMapping Requirements to B modelsFormal methods in systems engineering are gaining traction, at least in some areas. While the formal specification process from abstraction via refinement to implementation is fairly well understood, the traceability between the initial user requirements and the formal model is still unsatisfying. There are some promising attempts (e.g. KAOS) that inspired some of the work done here.
Our objective is to find a practical way to establish traceability between natural language requirements and B models.
We select a number of existing methods and notations for bringing natural language requirements and B specifications together. Specifically, we use UML-B for building a data model; we use invariants (part of the B method) to model safety requirements; and we use temporal expressions (LTL) to model liveness requirements.
In this paper, we show a pragmatic way that may lead to a method for making traceability between natural language requirements and B models easier to understand, maintain and validate.Michael Jastramjastram@cs.uni-duesseldorf.deMichael Leuschelleuschel@cs.uni-duesseldorf.deJens Bendispostobendisposto@cs.uni-duesseldorf.deAryldo G Russo Jragrj@aes.com.br2009-07-08T15:31:36Z2010-04-19T15:05:56Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/134This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1342009-07-08T15:31:36ZSpecifying Modal Systems using Event-BSeveral safety-critical systems, such as avionic, transportation and space systems, use the notion of operation modes. Operation modes are useful structuring units that facilitate design, specially if used with state-based formal methods. However, modelling abstractions to support the specification, analysis and correct construction of modal systems are still lacking. The contribution of this paper is twofold: (i) modal systems and modal systems refinement are discussed and formalized; (ii) the relation of a modal system specification with an Event-B model is discussed, showing how to demonstrate that the behaviour of an Event-B model can satisfy a modal system.Fernando DottiFernando Luis Dotti <fernando.dotti@pucrs.br>Alexei Iliasov"Alexei Iliasov" <Alexei.Iliasov@newcastle.ac.uk>Alexander Romanovskyalexander.romanovsky@ncl.ac.uk2009-10-14T10:25:46Z2010-04-19T15:05:58Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/159This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/1592009-10-14T10:25:46ZSupporting Reuse in Event B Development: Modularisation ApproachRecently, Space Systems Finland has undertaken formal Event B development of a part of on-board software for the BepiColombo space mission. As a result, lack of modularization mechanisms in Event B has been identified as a serious obstacle to scalability. One of the main benefit of modularization is that it allows us to decompose system models into components that can be independently developed. It also helps to manage complexity of models that in the industrial setting are usually very large and difficult to comprehend. On the other hand, modularization enables reuse of formally developed components in the formal product line development. In this paper we propose a conservative extension of Event B formalism to support modularization. We demonstrate how our approach can support reuse in the formal development in the space domain.
Alexei Iliasov"Alexei Iliasov" <Alexei.Iliasov@newcastle.ac.uk>Elena TroubitsynaElena.Troubitsyna@abo.fiLinas LaibinisLinas.Laibinis@abo.fiAlexander Romanovskyalexander.romanovsky@ncl.ac.ukKimmo VarpaaniemiDubravka IlicTimo Latvala2011-05-06T13:18:02Z2011-05-09T09:43:39Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/304This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/3042011-05-06T13:18:02ZEvent-B Project Archives, for Tasking Event-B TutorialAndrew Edmundsae2@ecs.soton.ac.uk2013-03-26T15:12:41Z2013-03-26T15:13:35Zhttp://deploy-eprints.ecs.soton.ac.uk/id/eprint/463This item is in the repository with the URL: http://deploy-eprints.ecs.soton.ac.uk/id/eprint/4632013-03-26T15:12:41ZFrameworks for developing Event-B modelling extensions in EMFThese Slides are intended for for plugin developers who wish to extend the Event-B notation using EMF modelling facilities. Diagrammatic editors are also supported. (Some of these slides were originally developed in the deploy project and have been extended during the Advance project)Colin SnookVitaly SavicksFabian FritzAlexei Illisaov