From basic research to industrial deployment Kaisa Sere ... · Development of correct software and systems – Methods, techniques and tools ... application of these formal methods

From basic research to industrial deployment

Kaisa Sere Åbo Akademi University Dept. of Information Technologies [email protected]

A personal view on 15 years perspective

11/15/10 Åbo Akademi - Domkyrkotorget 3 - 20500 Åbo 1

  Formal methods research   System approach   FP5 Matisse 2000-03   Results   FP6 STREP Rodin 2004-07   Results   FP7 IP Deploy 2008-12   Results until now   Conclusions


  Development of correct software and systems – Methods, techniques and tools

  Based on mathematics and logic   Various degree of rigour


  Formal modeling of systems and software –  Focus on distributed systems

•  Challenging to design •  Novel applications

  Development via stepwise refinement   Correct-by-construction methods


  Action systems – Back & Kurki-Suonio 1983 – Back & Sere late 80’s –  Sere, Waldén, Butler 90’s

  B – Abrial 90’s – Waldén, Butler 90’s

  CSP – Butler & Morgan early 90’s


  Action systems and B –  State based formalisms – Global view

  CSP –  Event based formalism –  Process view

  Formalisms integrated in the works of – Butler –  Sere, Waldén


  Steam boiler challenge – Dagstuhl seminar 1995

•  Abrial et al

– An Action System Approach to the Steam Boiler Problem •  Butler, Sekerinski, Sere

–  LNCS 1165, 1996

  Novel design approach for control systems


  Design of a control system is carried out hand in hand with the specification of the controlled plant –  Indistinguishable in early development

stages – Distributed into a parallel composition of

models of the plant, controller, sensors, actuators, valves, pumps, …


  System approach helps industry in designing safe and reliable control systems – Abrial, Butler, Sere 1998

  Requires an investment in future research of the approach


  System approach

  MATISSE : Methodologies and technologies for industrial strength systems engineering


  guidelines that allow formal methods to be integrated into existing systems engineering lifecycles so that higher degrees of safety and reliability can be achieved

  methodologies that expand the range of application of these formal methods

  enhancements to technologies associated with these formal methods.


  Based on three major industrial case studies : – An embedded verifier for a smartcard

system (Gemplus) – A railway signalling and control system

(Siemens Transportation Systems) – A diagnostic system for healthcare clinicians

and researchers (Perkin Elmer)


  MATISSE handbook

  Main academic results –  Event B language

•  Based on action systems

–  First version of UML B •  Combines B and UML •  Gives a graphical interface to B


  Gathers the recommendations based on analysis and experiences of the three industrial case studies developed as part of of the MATISSE project.

  Consists of three storyboards – practitioner's storyboard, – project manager's storyboard, – board level storyboard


  Tool support helps in acceptance of formal methods

  Integrating fault tolerance techniques in the design flow is crucial for system approach

  Requires investments in methods and tool research


  Method development (Jones, Sere)   Fault tolerance (Romanovsky, Troubitsyna)   Tool support (Abrial, Butler)

  RODIN: Rigorous Open Development Environment for Complex Systems

  http://rodin.cs.ncl.ac.uk/


  Creation of a methodology and supporting open tool platform for the cost effective rigorous development of dependable complex software systems and services.

  We focus on tackling complexity –  caused by the environment in which the

software is to operate – which comes from poorly conceived

architectural structure.


  Praxis – Graphical information system –  Previously specified with Z

  Nokia –  Service architecture and orchestration – UML based design process

  AT Engine Controls –  Fault tolerant engine control

  Only one control system!


  Academic –  Publications –  PhD Theses

  Rodin platform –  Interplay between modelling and proving

  Plug ins


  Rigorous Development of Complex Fault-Tolerant Systems – Butler, M., Jones, C., Romanovsky, A. and

Troubitsyna, E. (eds.) –  Lecture Notes in Computer Science, 4157,

2006.

  http://www.event-b.org/platform.html


  Methods need to scale to get industry acceptance

  Automatic tool support is a must   Need metrics to convince managers

  Requires investments in methods and tools research


  Current project from the same group…   Industrial deployment

  Deploy: Industrial deployment of system engineering methods providing high dependability and productivity

  http://www.deploy-project.eu/


  Major advances in engineering methods for dependable systems through the deployment of formal engineering methods. –  Formal engineering methods enable greater

mastery of complexity than found in traditional software engineering processes.

– Mechanically-analysed formal models throughout the system development flow enables mastery of complexity.


  DEPLOY's industrial partners: – BOSCH –  Siemens Transportation Systems –  Space Systems Finland

•  Sponsoring NWPT2010

–  SAP

  DEPLOY associates –  Four industrial case studies




  Advances in methods •  Reuse for productivity and scalability

–  Decomposition and composition –  Patterns

•  Requirements engineering –  Tools and methods

»  Problem frames, DOORS

•  Dependability –  Fault tolerance –  Security –  Timing –  Probabilistic models


  Tool improvement – Rodin platform redone –  Plug ins

•  ProB •  UML B

– Code generation •  Ada


  Industrial deployment –  Pilot case studies

•  Partner training programme

–  Full deployment •  Integration with different design flows

  Gather evidence – Deployment partners have their own quality standards


  Formal Methods are being used in industry

  Within Deploy we attempt to further deploy them and improve tool support

  Already some success stories: –  1 man month → 5 minutes (Siemens) –  Interest from companies not using FM

•  Deploy associates among others



  Formal modeling applies equally well to –  software, –  services, –  systems and –  hardware

  Formal modeling helps in –  degreasing errors, –  structuring the modeling task, –  increasing the understanding of the system

to be built 11/15/10 Åbo Akademi - Domkyrkotorget 3 - 20500 Åbo 32

  Automatic tool support helps modeling –  Pointing out errors –  Suggesting ways to continue

•  Invariants

  Engineering approaches are required   Design for proving

– More efficient use of proof tools

  Top down design seldom reality


  The core partners have had a common view on modeling –  Formal modeling of systems and software – Development via stepwise refinement – Correct-by-construction methods

  Makes co-operation smooth   Preparing a successful application takes

time –  Important to have a good consortium


  Several ongoing related industrially driven B projects –  Finland (multi-cores, separate slide) –  France (separate slide) –  England (railway interlocking, UML B) – Germany (ProB)



  RECOMP: Reduced Certification Costs Using Trusted Multi-core Platforms –  ARTEMIS JOINT UNDERTAKING (JU) 2010-13 –  The consortium is composed by 41 partners

•  30 Companies (9 small, 4 medium and 17 non-SME) •  11 Universities and research organisations.

– B in component modeling – The role of B certification process –  http://atc.ugr.es/recomp/


Deploy team (Butler, Leuchel, Lecomte) helped with the slides


Documents

From basic research to industrial deployment Kaisa Sere ... · Development of correct software and systems – Methods, techniques and tools ... application of these formal methods