DOCSLIB.ORG

Formal Domain Engineering: from Specification to Validation Atif Mashkoor

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Formal Domain Engineering: from Specification to Validation Atif Mashkoor Formal Domain Engineering: From Specification to Validation Atif Mashkoor To cite this version: Atif Mashkoor. Formal Domain Engineering: From Specification to Validation. Software Engineering [cs.SE]. Université Nancy II, 2011. English. tel-00614269v2 HAL Id: tel-00614269 https://tel.archives-ouvertes.fr/tel-00614269v2 Submitted on 25 Oct 2011 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Université Nancy 2 ———————————————————————————————————– DOCTORAL SCHOOL IAEM Department of Doctoral Formation in Informatics Formal Domain Engineering: From Specification to Validation Ph.D. Thesis presented and defended publicly on July 12, 2011 in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Informatics by Atif Mashkoor Prepared at LORIA in team Dedale Jury President : Prof. Patrick Heymans -UniversitédeNamur(Belgium) Examiner : Prof. Maritta Heisel - Universität Duisburg-Essen (Germany) Reviewers : Prof. Marc Frappier - Université de Sherbrooke (Canada) Prof. Marie-Laure Potet -UniversitéJosephFourier(France) Advisors: Prof. Jeanine Souquières -UniversitéNancy2(France) Dr. Jean-Pierre Jacquot -UniversitéHenriPoincaré(France) ——————————————————————————————————— Laboratoire Lorrain de Recherche en Informatique et ses Applications Abstract The main theme of this research is to study and develop techniques for modeling of software-controlled safety-critical systems. The area we focus in this thesis is the specification of a domain, where such systems are supposed to operate, and its validation. The contribution of this thesis is twofold: First, we model the land transport domain, a good candidate for this study because of its safety-critical nature, in the formal framework of Event-B and propose some guidelines for it. Second, we present an approach, based on the technique of animation and low-cost transformations, for stepwise validation of formal specifications. Keywords: Domain engineering, Requirements engineering, Formal methods, Soft- ware testing, Event-B, Brama Le thème principal de cette recherche est d’étudier et développer des techniques pour la modélisation des systèmes où la sécurité est critique. Cette thèse est focalisé sur l’étape de la spécification du domaine où de tels systèmes vont fonctionner, et de sa validation. La contribution de cette thèse est double. D’abord, nous modélisons le domaine des transports terrestres, un bon candidat pour cette étude en raison de sa nature critique vis-à-vis de la sécurité, dans le cadre formel de B événementiel et proposent quelques directives pour cette activité. Ensuite, nous présentons une approche, basée sur les techniques de l’animation et des transformations, pour la validation par étapes des spécifications formelles. Mots-clés: Ingénierie de domaine, Ingénierie des besoins, Méthodes formelles, Testing de logiciel, B événementiel, Brama i In the sweet memories of my loving parents who sacrificed their present for the future of their children. Acknowledgments All praise belongs to ALLAH, the almighty, on whom ultimately we depend for sustenance and guidance. Foremost, I would like to express my sincere gratitude to my co-advisor Dr. Jean- Pierre Jacquot for the continuous support during my Ph.D. study and research. I appreciate his patience, motivation, enthusiasm, and immense knowledge. His guidance helped me to shape my goals, both in my research and life. I would always remember him as the best advisor and the mentor for the lifetime. I would also like to thank Prof. Jeanine Souquières, my main advisor, for supporting me financially, administratively and technically. Besides my advisors, I would like to thank the rest of my thesis committee: Prof. Marc Frappier, Prof. Marie-Laure Potet, Prof. Patrick Heymans and Prof. Maritta Heisel, for their encouragement, insightful comments, and positive criticism. I would also like to extend my gratitude to Prof. Dominique Méry and Dr. John Fitzgerald for their advices and time. I owe my deepest gratitude to my friends, Sarah, Ehtesham, Dawood, Bilal, Us- man and Mumtaz for being there for me physically, spiritually and morally whenever I needed them. Lastly, and most importantly, I wish to thank my family: My eldest brother Kashif, my sister Rabia, my three nieces, Aliza, Mouniza and Arisha, and notably my beloved brother Rashid. They have supported me unconditionally and unprece- dentedly. They gave me the choices I wanted, the time I needed, the strength I required, the support I wished; they gave me everything I demanded. Thank you guys for all of your support! Atif Mashkoor August 8, 2011 Vandœuvre lès Nancy v Contents 1Prologue 1 1.1 Introduction ................................ 1 1.2 Motivation ................................. 2 1.3 Contributions ............................... 2 1.3.1 Specification level ......................... 2 1.3.2 Validation level .......................... 3 1.4 Publications ................................ 3 1.5 Structure of the thesis .......................... 4 I BACKGROUND 7 2Domainengineering,requirementsengineering&formalmethods 9 2.1 Introduction ................................ 9 2.2 Domain engineering ........................... 10 2.2.1 Domain .............................. 10 2.2.2 Domain engineering ....................... 10 2.2.3 Domain engineering methods .................. 11 2.3 Requirements engineering ........................ 14 2.3.1 Requirement ........................... 14 2.3.2 Requirements engineering .................... 14 2.3.3 Classification of requirements .................. 15 2.3.4 Phases of requirements engineering ............... 16 2.3.5 Requirements engineering methods ............... 20 2.4 Formal methods .............................. 21 2.4.1 Advantages of formal methods ................. 22 2.4.2 Disadvantages of formal methods ................ 22 2.4.3 Myths of formal methods .................... 23 2.4.4 Guidelines for formal methods .................. 24 2.5 Summary ................................. 25 3Domainspecification,verification&validation 27 3.1 Introduction ................................ 27 3.2 Domain specification ........................... 28 3.3 Domain verification ............................ 29 3.3.1 Model checking .......................... 30 3.3.2 Theorem proving ......................... 30 3.4 Domain validation ............................ 31 3.4.1 Prototyping ............................ 31 3.4.2 Animation ............................. 32 Contents 3.4.3 Reviews .............................. 33 3.4.4 Structured walkthroughs ..................... 33 3.5 Summary ................................. 34 II SPECIFICATION 35 4Event-B 37 4.1 Introduction ................................ 37 4.2 Structuring mechanism .......................... 38 4.3 Refinement ................................ 39 4.4 Proofs ................................... 39 4.4.1 Proof of invariant preservation ................. 40 4.4.2 Proof of event refinement .................... 40 4.4.3 Proof to introduce new events .................. 40 4.5 Decomposition .............................. 41 4.6 Tool .................................... 42 4.7 Related work ............................... 43 4.7.1 Event-B versus RAISE ...................... 43 4.7.2 Event-B & goal models ...................... 44 4.7.3 Modeling of transportation domain in Event-B ........ 44 4.7.4 Refinement mechanisms in Event-B ............... 45 4.7.5 Specification of timing & temporal properties in Event-B ... 45 4.8 Summary ................................. 46 5Engineeringofadomain 47 5.1 Introduction ................................ 47 5.2 Domain overview ............................. 48 5.2.1 Locations ............................. 49 5.2.2 Nets, hubs & connections .................... 49 5.2.3 Junctions & stations ....................... 49 5.2.4 Paths & routes .......................... 49 5.2.5 Properties ............................. 49 5.3 Stepwise Event-B specification ...................... 50 5.3.1 Initial model ........................... 52 5.3.2 First refinement .......................... 54 5.3.3 Second refinement ........................ 54 5.3.4 Third refinement ......................... 55 5.3.5 Fourth refinement ........................ 56 5.3.6 Fifth refinement ......................... 58 5.3.7 Sixth refinement ......................... 60 5.3.8 Seventh refinement ........................ 61 5.4 Hierarchy of the model .......................... 65 5.5 Verification of the model ......................... 68 viii Contents 5.6 Summary ................................. 69 6GuidelinesfordomainengineeringwithEvent-B 71 6.1 Introduction ................................ 71 6.2 What to specify? ............................. 72 6.2.1 Model assumptions ........................ 72 6.2.2 Define protocols ......................... 73 6.2.3 Specify time ............................ 74 6.2.4 Express temporal properties ................... 75 6.3 How to refine? .............................. 77 6.3.1 Refine slowly ........................... 78 6.3.2 Refine unconventionally ..................... 79 6.4
Load more

Recommended publications
  • Abstract Interpretation
    Colloquium d’informatique de l’UPMC Sorbonne Universités Abstract Interpretation 29 septembre 2016, 18:00, Amphi 15 4 Place Jussieu, 75005 Paris Patrick Cousot [email protected]@yu.e1du cs.nyu.edu/~pcousot Abstract interpretation, Colloquium d’informatique de l’UPMC Sorbonne Universités, 29 Septembre 2016 1 © P. Cousot This is an abstract interpretation Abstract interpretation, Colloquium d’informatique de l’UPMC Sorbonne Universités, 29 Septembre 2016 2 © P. Cousot Scientific research Abstract interpretation, Colloquium d’informatique de l’UPMC Sorbonne Universités, 29 Septembre 2016 3 © P. Cousot Scientific research • In Mathematics/Physics: trend towards unification and synthesis through universal principles • In Computer science: trend towards dispersion and parcellation through a ever-growing collection of local ad-hoc techniques for specific applications An exponential process, will stop! Abstract interpretation, Colloquium d’informatique de l’UPMC Sorbonne Universités, 29 Septembre 2016 4 © P. Cousot Example: reasoning on computational structures WCET Operational Security protocole Systems biology Axiomatic verification semantics semantics analysis Abstraction Dataflow Model Database refinement Confidentiality checking analysis analysis query Type Partial Obfuscation Dependence Program evaluation inference synthesis Denotational analysis Separation Effect logic Grammar systems semantics CEGAR analysis Theories Program Termination Statistical Trace combination transformation proof semantics model-checking Interpolants Abstract Shape Code analysis
    [Show full text]
  • Precise and Scalable Static Program Analysis of NASA Flight Software
    Precise and Scalable Static Program Analysis of NASA Flight Software G. Brat and A. Venet Kestrel Technology NASA Ames Research Center, MS 26912 Moffett Field, CA 94035-1000 650-604-1 105 650-604-0775 brat @email.arc.nasa.gov [email protected] Abstract-Recent NASA mission failures (e.g., Mars Polar Unfortunately, traditional verification methods (such as Lander and Mars Orbiter) illustrate the importance of having testing) cannot guarantee the absence of errors in software an efficient verification and validation process for such systems. Therefore, it is important to build verification tools systems. One software error, as simple as it may be, can that exhaustively check for as many classes of errors as cause the loss of an expensive mission, or lead to budget possible. Static program analysis is a verification technique overruns and crunched schedules. Unfortunately, traditional that identifies faults, or certifies the absence of faults, in verification methods cannot guarantee the absence of errors software without having to execute the program. Using the in software systems. Therefore, we have developed the CGS formal semantic of the programming language (C in our static program analysis tool, which can exhaustively analyze case), this technique analyses the source code of a program large C programs. CGS analyzes the source code and looking for faults of a certain type. We have developed a identifies statements in which arrays are accessed out Of static program analysis tool, called C Global Surveyor bounds, or, pointers are used outside the memory region (CGS), which can analyze large C programs for embedded they should address.
    [Show full text]
  • Lecture Notes in Computer Science 1145 Edited by G
    Lecture Notes in Computer Science 1145 Edited by G. Goos, J. Hartmanis and J. van Leeuwen Advisory Board: W. Brauer D. Gries J. Stoer Radhia Cousot David A. Schmidt (Eds.) Static Analysis Third International Symposium, SAS '96 Aachen, Germany, September 24-26, 1996 Proceedings ~ Springer Series Editors Gerhard Goos, Karlsruhe University, Germany Juris Hartmanis, Cornell University, NY, USA Jan van Leeuwen, Utrecht University, The Netherlands Volume Editors Radhia Cousot l~cole Polytechnique, Laboratoire d'Inforrnatique F-91128 Palaiseau Cedex, France E-mail: radhia.cousot @lix.polytechnique.fr David A. Schmidt Kansas State University, Department of Computing and Information Sciences Manhattan, KS 66506, USA E-maih [email protected] Cataloging-in-Publication data applied for Die Deutsche Bibliothek - CIP-Einheitsaufnahme Static analysis : third international symposium ; proceedings / SAS '96, Aachen, Germany, September 24 - 26, 1996. Radhia Cousot ; David A. Schmidt (ed.). - Berlin ; Heidelberg ; New York ; Barcelona ; Budapest ; Hong Kong ; London ; Milan ; Paris ; Santa Clara ; Singapore ; Tokyo : Springer, 1996 (Lecture notes in computer science ; Vol. 1145) ISBN 3-540-61739-6 NE: Cousot, Radhia [Hrsg.]; SAS <3, 1996, Aachen>; GT CR Subject Classification (1991): D.1, D.2.8, D.3.2-3,F.3.1-2, F.4.2 ISSN 0302-9743 ISBN 3-540-61739-6 Springer-Verlag Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer -Verlag.
    [Show full text]
  • On Abstraction in Software Verification ‹
    On Abstraction in Software Verification ‹ Patrick Cousot1 and Radhia Cousot2 1 École normale supérieure, Département d'informatique, 45 rue d'Ulm, 75230 Paris cedex 05, France [email protected] www.di.ens.fr/~cousot/ 2 CNRS & École polytechnique, Laboratoire d'informatique, 91128 Palaiseau cedex, France [email protected] lix.polytechnique.fr/~rcousot Abstract. We show that the precision of static abstract software check- ing algorithms can be enhanced by taking explicitly into account the ab- stractions that are involved in the design of the program model/abstract semantics. This is illustrated on reachability analysis and abstract test- ing. 1 Introduction Most formal methods for reasoning about programs (such as deductive meth- ods, software model checking, dataflow analysis) do not reason directly on the trace-based operational program semantics but on an approximate model of this semantics. The abstraction involved in building the model of the program seman- tics is usually left implicit and not discussed. The importance of this abstraction appears when it is made explicit for example in order to discuss the soundness and (in)completeness of temporal-logic based verification methods [1, 2]. The purpose of this paper is to discuss the practical importance of this ab- straction when designing static software checking algorithms. This is illustrated on reachability analysis and abstract testing. 2 Transition Systems We follow [3, 4] in formalizing a hardware or software computer system by a transition system xS; t; I; F; Ey with set of states S, transition relation t Ď pS ˆ Sq, initial states I Ď S, erroneous states E Ď S, and final states F Ď S.
    [Show full text]
  • The Domain-Specific Software Architecture Program
    Special Report CMU/SEI-92-SR-009 The Domain-Specific Software Architecture Program LTC Erik Mettala and Marc H. Graham, eds. June 1992 Special Report CMU/SEI-92-SR-009 June 1992 The Domain Specific Software Architecture Program LTC Erik Mettala DARPA SISTO Marc H. Graham Technology Division, Special Projects Unlimited distribution subject to the copyright. Software Engineering Institute Carnegie Mellon University Pittsburgh, Pennsylvania 15213 This report was prepared for the SEI Joint Program Office HQ ESC/AXS 5 Eglin Street Hanscom AFB, MA 01731-2116 The ideas and findings in this report should not be construed as an official DoD position. It is published in the interest of scientific and technical information exchange. FOR THE COMMANDER (signature on file) Thomas R. Miller, Lt Col, USAF SEI Joint Program Office This work is sponsored by the U.S. Department of Defense. Copyright © 1993 by Carnegie Mellon University. Permission to reproduce this document and to prepare derivative works from this document for internal use is granted, provided the copyright and “No Warranty” statements are included with all reproductions and derivative works. Requests for permission to reproduce this document or to prepare derivative works of this document for external and commercial use should be addressed to the SEI Licensing Agent. NO WARRANTY THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRAN- TIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTIBILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL.
    [Show full text]
  • Chapter 3 Domain Engineering
    33 15 Chapter 3 Domain Engineering 3.1 What Is Domain Engineering? Domain Engineering 15 This is a chapter from K. Czarnecki. Generative Programming: Principles and Techniques of Software Engineering Based on Automated Configuration and Fragment-Based Component Models. Ph.D. thesis, Technische Universität Ilmenau, Germany, 1998. This material will be also published in the upcoming book K. Czarnecki and U. Eisenecker. Generative Programming: Methods, Techniques, and Applications. Addison-Wesley, to appear in 1999. 34 Generative Programming, K. Czarnecki Most software systems can be classified according to the business area and the kind of tasks they support, e.g. airline reservation systems, medical record systems, portfolio management systems, order processing systems, inventory management systems, etc. Similarly, we can also classify parts of software systems according to their functionality, e.g. database systems, synchronization packages, workflow systems, GUI libraries, numerical code libraries, etc. We refer to areas organized around classes of systems or parts of systems as domains.16 Obviously, specific systems or components within a domain share many characteristics since they also share many requirements. Therefore, an organization which has built a number of systems or components in a particular domain can take advantage of the acquired knowledge when building subsequent systems or components in the same domain. By capturing the acquired domain knowledge in the form of reusable assets and by reusing these assets in the development of new products, the organization will be able to deliver the new products in a shorter time and at a lower cost. Domain Engineering is a systematic approach to achieving this goal.
    [Show full text]
  • An Overview of Feature-Oriented Software Development
    Vol. 8, No. 4, July{August 2009 An Overview of Feature-Oriented Software Development Sven Apel, Department of Informatics and Mathematics, University of Passau, Germany Christian K¨astner, School of Computer Science, University of Magdeburg, Germany Feature-oriented software development (FOSD) is a paradigm for the construction, customization, and synthesis of large-scale software systems. In this survey, we give an overview and a personal perspective on the roots of FOSD, connections to other software development paradigms, and recent developments in this field. Our aim is to point to connections between different lines of research and to identify open issues. 1 INTRODUCTION Feature-oriented software development (FOSD) is a paradigm for the construction, customization, and synthesis of large-scale software systems. The concept of a fea- ture is at the heart of FOSD. A feature is a unit of functionality of a software system that satisfies a requirement, represents a design decision, and provides a potential configuration option. The basic idea of FOSD is to decompose a software system in terms of the features it provides. The goal of the decomposition is to construct well-structured software that can be tailored to the needs of the user and the appli- cation scenario. Typically, from a set of features, many different software systems can be generated that share common features and differ in other features. The set of software systems generated from a set of features is also called a software product line [45,101]. FOSD aims essentially at three properties: structure, reuse, and variation. De- velopers use the concept of a feature to structure design and code of a software system, features are the primary units of reuse in FOSD, and the variants of a software system vary in the features they provide.
    [Show full text]
  • Caterina Urban
    CATERINA URBAN DATE AND PLACE OF BIRTH March 9th, 1987, Udine, Italy NATIONALITY Italian ADDRESS École Normale Supérieure, 45 rue d’Ulm, 75005 Paris, France EMAIL [email protected] WEBPAGE https://caterinaurban.github.io DBLP http://dblp.org/pers/hd/u/Urban:Caterina GOOGLE SCHOLAR http://scholar.google.it/citations?user=4-u1_HIAAAAJ CURRENT POSITION • INRIA, Paris, France — Research Scientist (Chargé de Recherche), Feb 2019 - Now EDUCATION • École Normale Supérieure, Paris, France — Ph.D. in Computer Science, Dec 2011 - July 2015 Subject: Static Analysis by Abstract Interpretation of Functional Temporal Properties of Programs Advisors: Radhia Cousot (Emeritus Research Director, CNRS, Paris, France) and Antoine Miné (Research Scientist, CRNS, Paris, France) Final mark: summa cum laude • Menlo College, Atherton, USA — Fifth Summer School on Formal Techniques, May 2015 • Università degli Studi di Udine, Italy — Master’s degree in Computer Science, Fall 2009 - Fall 2011 Final mark: summa cum laude • Università degli Studi di Udine, Italy — Bachelor’s degree in Computer Science, Fall 2006 - Fall 2009 Final mark: summa cum laude GRANTS • Industrial Grant, Fujitsu: “Formal Verification Techniques for Machine Learning Systems”, Oct 2021 - Sep 2022 • Industrial Grant, Airbus: “State of the Art in Formal Methods for Artificial Intelligence”, 2020 • Principal Investigator, ETH Career Seed Grant, ETH Zurich: “Static Analysis for Data Science Applications”, 30kCHF, Jan 2017 - Dec 2017 AWARDS AND HONORS • Invited Paper at IJCAI 2016 - Sister Conference
    [Show full text]
  • Patrick Cousot
    Abstract Interpretation: From Theory to Tools Patrick Cousot cims.nyu.edu/~pcousot/ pc12ou)(sot@cims$*.nyu.edu ICSME 2014, Victoria, BC, Canada, 2014-10-02 1 © P. Cousot Bugs everywhere! Ariane 5.01 failure Patriot failure Mars orbiter loss Russian Proton-M/DM-03 rocket (overflow error) (float rounding error) (unit error) carrying 3 Glonass-M satellites (unknown programming error :) unsigned int payload = 18; /* Sequence number + random bytes */ unsigned int padding = 16; /* Use minimum padding */ /* Check if padding is too long, payload and padding * must not exceed 2^14 - 3 = 16381 bytes in total. */ OPENSSL_assert(payload + padding <= 16381); /* Create HeartBeat message, we just use a sequence number * as payload to distuingish different messages and add * some random stuff. * - Message Type, 1 byte * - Payload Length, 2 bytes (unsigned int) * - Payload, the sequence number (2 bytes uint) * - Payload, random bytes (16 bytes uint) * - Padding */ buf = OPENSSL_malloc(1 + 2 + payload + padding); p = buf; /* Message Type */ *p++ = TLS1_HB_REQUEST; /* Payload length (18 bytes here) */ s2n(payload, p); /* Sequence number */ s2n(s->tlsext_hb_seq, p); /* 16 random bytes */ RAND_pseudo_bytes(p, 16); p += 16; /* Random padding */ RAND_pseudo_bytes(p, padding); ret = dtls1_write_bytes(s, TLS1_RT_HEARTBEAT, buf, 3 + payload + padding); Heartbleed (buffer overrun) ICSME 2014, Victoria, BC, Canada, 2014-10-02 2 © P. Cousot Bugs everywhere! Ariane 5.01 failure Patriot failure Mars orbiter loss Russian Proton-M/DM-03 rocket (overflow error) (float rounding error) (unit error) carrying 3 Glonass-M satellites (unknown programming error :) unsigned int payload = 18; /* Sequence number + random bytes */ unsigned int padding = 16; /* Use minimum padding */ /* Check if padding is too long, payload and padding * must not exceed 2^14 - 3 = 16381 bytes in total.
    [Show full text]
  • Abstract Interpretation and Application to Logic Programs ∗
    Abstract Interpretation and Application to Logic Programs ∗ Patrick Cousot Radhia Cousot LIENS, École Normale Supérieure LIX, École Polytechnique 45, rue d’Ulm 91128 Palaiseau cedex (France) 75230 Paris cedex 05 (France) [email protected] [email protected] Abstract. Abstract interpretation is a theory of semantics approximation which is usedfor the con­ struction of semantics-basedprogram analysis algorithms (sometimes called“data flow analysis”), the comparison of formal semantics (e.g., construction of a denotational semantics from an operational one), the design of proof methods, etc. Automatic program analysers are used for determining statically conservative approximations of dy­ namic properties of programs. Such properties of the run-time behavior of programs are useful for debug­ ging (e.g., type inference), code optimization (e.g., compile-time garbage collection, useless occur-check elimination), program transformation (e.g., partial evaluation, parallelization), andeven program cor­ rectness proofs (e.g., termination proof). After a few simple introductory examples, we recall the classical framework for abstract interpretation of programs. Starting from a standardoperational semantics formalizedas a transition system, classes of program properties are first encapsulatedin collecting semantics expressedas fixpoints on partial orders representing concrete program properties. We consider invariance properties characterizing the descendant states of the initial states (corresponding to top/down or forward analyses), the ascendant states of the final states (corresponding to bottom/up or backward analyses) as well as a combination of the two. Then we choose specific approximate abstract properties to be gatheredabout program behaviors andexpress them as elements of a poset of abstract properties. The correspondencebetween concrete andabstract properties is establishedby a concretization andabstraction function that is a Galois connection formalizing the loss of information.
    [Show full text]
  • Athabasca University Feature-Oriented Domain Analysis
    ATHABASCA UNIVERSITY FEATURE-ORIENTED DOMAIN ANALYSIS FOR SEMANTIC WEB SERVICES BY LISA JULIETTE COX An essay submitted in partial fulfillment Of the requirements for the degree of MASTER OF SCIENCE in INFORMATION SYSTEMS Athabasca, Alberta December, 2010 © Lisa Juliette Cox, 2010 ATHABASCA UNIVERSITY The undersigned certify that they have read and recommend for acceptance the integrated project “FEATURE-ORIENTED DOMAIN ANALYSIS FOR SEMANTIC WEB SERVICES” submitted by LISA JULIETTE COX in partial fulfillment of the requirements for the degree of MASTER OF SCIENCE in INFORMATION SYSTEMS. ___________________________ Dragan Gaševi, Ph.D. Supervisor ___________________________ Ebrahim Bagheri, Ph.D. Supervisor Date: _______________________ DEDICATION To Dominique and Zachary i ABSTRACT Interoperability continues to be an open research challenge in the healthcare domain. The lack of interoperability means that information is fragmented across healthcare information silos, hindering integration and effective collaboration between e-health systems, timely access to complete patient medical data and efficiency in healthcare delivery, which are associated with ongoing concerns for patient safety and the cost and quality of healthcare. Information technology needs to be exploited in healthcare to facilitate collaboration between e-health entities’ business processes, enabling access to complete patient medical information, up-to-date drug information and other relevant decision-support systems, thereby enhancing patient safety and reducing or preventing incidences of adverse drug events (ADEs). The main objective of this research is to define a methodology that can be applied to the e-health domain to achieve improvements in interoperability, integration and communication between distributed e- health entities towards reducing incidences of preventable ADEs, which is within the scope of an e-prescription sub-domain.
    [Show full text]
  • 1 Employment 2 Education 3 Grants
    STEPHEN F. SIEGEL Curriculum Vitæ Department of Computer and Information Sciences email: [email protected] 101 Smith Hall web: http://vsl.cis.udel.edu/siegel.html University of Delaware tel: (302) 831{0083, fax: (302) 831{8458 Newark, DE 19716 citizenship: U.S.A. 1 Employment Associate Professor, Department of Computer and Information Sciences and Department of Math- ematical Sciences, University of Delaware, September 2012 to present Assistant Professor, Department of Computer and Information Sciences and Department of Math- ematical Sciences, University of Delaware, September 2006 to August 2012 Senior Research Scientist, Laboratory for Advanced Software Engineering Research, Department of Computer Science, University of Massachusetts Amherst, August 2001 to August 2006 Senior Software Engineer, Laboratory for Advanced Software Engineering Research, Department of Computer Science, University of Massachusetts Amherst, August 1998 to July 2001 Visiting Assistant Professor, Department of Mathematics, University of Massachusetts Amherst, September 1996 to August 1998 Visiting Assistant Professor, Department of Mathematics, Northwestern University, September 1993 to June 1996 2 Education Ph.D., Mathematics, University of Chicago, August 1993 (Advisor: Prof. Jonathan L. Alperin) M.Sc., Mathematics, Oxford University, June 1989 B.A., Mathematics, University of Chicago, June 1988 3 Grants • Principal Investigator, National Science Foundation Award CCF-0953210 Supplement 001, Extension of TASS to Chapel, June 1, 2011 { May 31, 2012. Award amount: $99,333. • Principal Investigator, National Science Foundation Award CNS-0958512, Computing Research Infras- tructure program, II-New: System Acquisition for the Development of Scalable Parallel Algorithms for Scientific Computing, May 1, 2010 { April 30, 2013. Co-PIs: Peter B. Monk, Douglas M. Swany, and Krzysztof Szalewicz.
    [Show full text]