SlideShare une entreprise Scribd logo

Research Questions for Validation and Verification in the Context of Model-Based Engineering

Télécharger en tant que PPTX, PDF
Michalis Famelis
Michalis Famelis

This document summarizes the key discussion points and research questions identified by a working group on model-based engineering and verification and validation. The group identified 8 thematic categories for focusing research: 1) bridging the gap between models and formal verification techniques, 2) refining existing V&V methodologies for model-based development, 3) relating design-time models to runtime behavior, 4) determining appropriate properties to verify, 5) verifying model transformations, 6) handling informal, formal and incomplete modeling, 7) benchmarking and comparing V&V tools, and 8) leveraging domain-specific languages. For each category, the document outlines the current status and poses open research questions to guide future work at the intersection of

TechnologieDesign
1  sur  25
Research Questions for Validation and Verification in the Context of Model-Based Engineering Catherine Dubois Michalis Famelis Martin Gogolla Leonel Nobrega Ileana Ober Martina Seidl Markus Voelter ENSIIE, Evry, France University of Toronto, University of Bremen, University of Madeira, Funchal, University of Toulouse, Johannes Kepler University Linz, Austria Voelter Ingenieurburo, Heidenheim, Germany October 1st , 2013 MoDeVVa 2013, Miami, USA
Introduction Abstraction techniques are one of the promising paths for the future advances in the field of verification. – Clarke, Emerson, Sifakis: Turing Lecture 2008 V&V crucial for MBE – Uncover hidden properties and errors – Verify transformations – Ensure quality, etc. 2
About • This paper is the result of the working group on V & V at Dagstuhl-Seminar 13182 held in May 2013. • Dagstuhl: scientific retreat in western Germany • Seminar topic: Meta-Modeling Model- Based Engineering Tools • Three break-outs: Informal Modeling, Compositionality, Modeling and V&V 3
4 Our goal: Identify main areas in the synergy between MBE and V&V where we need to focus research. What is the status, what are the research questions? • Two-day collaborative brainstorming workshop. • Culminated in a plenary presentation …and this report
Disclaimer • No claim of completeness or exhaustiveness • Represents the informed opinions of the authors • May have missed existing answers to some questions • Is this the right level of granularity / level of detail? 5
Thematic Categories 1. Gap between Models and V&V Formalisms 2. Need to Refine Existing Methodologies 3. Design-time vs. Runtime 4. Properties 5. Model Transformations 6. Informal vs. Formal vs. Incomplete Modeling 7. Comparison and Benchmarking 8. Domain-Specific Languages 6
Models and V&V Formalisms (context) Model Property Model' Property' Designer Level (can be Domain- Specific) Verification formalism level Verification engine Verification feed-back 7 Transformations and traceability mechanisms But behavioral semantics often leads to non-bijective correspondences between design time and runtime artifacts. V&V tool configuration
Models and V&V Formalisms (questions) • How to express properties at the level of models in a way understandable to clients? • How to formulate models and properties in a single language transparent to clients? • How to report the V&V results and diagnostics in an appropriate form to clients? • How to bridge the gap between formally expressed and verified properties on one side and client attention on the other side? • Can modeling language extensions help in making explicit the “needs” of V&V machines?
Refining Existing Methodologies (context) • Integrating V&V in development can support early V&V similar to how debugging is offered by IDEs. • Generic methodologies identify points where V&V can be used. • A Model-based development methodology would need to allow variations based on application domain, nature of project, etc. • Goal: better identify which V&V activities are meaningful at the various phases of design; take full advantage of V&V engines. 9
Refining Existing Methodologies (questions) • How do we integrate V&V in the overall development and modeling process? – On the technical level of tool exchange? – On the methodological level of using the right technique at the right time for the right task? • When are techniques like animation, execution, symbolic evaluation, testing, simulation, proving or test case generation used most efficiently during development? – For which model and model transformation properties can they be employed? 10
Design-time vs. Runtime (context) • Models are specified at design time • During execution these models are instantiated • The dynamic nature of structure during execution makes it difficult to understand and represent runtime information • Existing modeling environments offer limited support for precisely specifying instantiation and snapshots 11
Design-time vs. Runtime (questions)  During the V&V phase, how do we obtain an initial model instantiation?  How do we obtain large and meaningful instantiations?  How do we connect design time and runtime artifacts?  How do we deal with the issue of scalability in the context of V&V ?  How do we handle time and space concerns w.r.t. design time and runtime artifacts?  How do we automatically or semi-automatically manage the V&V machine configuration? 12
Properties (context) • Model and model transformation properties relevant in V&V: – consistency, reachability, dependence, minimality, conformance, safety, liveness, deadlock freeness, termination, confluence, correctness • Confusion caused by: – Different kinds according to the nature of the model (static/ dynamic), its level of abstraction, etc. – Many tools and techniques (potentially complementary) Main challenge: What kind of property to verify on which model at what stage with what kind of technique? 13
Properties (questions) • What are the benefits and trade-offs between expressing properties on more abstract modeling levels in contrast to expressing them on more concrete levels? • How do we find the right techniques for uncovering static and dynamic model properties? • Which techniques are appropriate for uncovering static modeling language inherent properties, which for static model-specific properties? • Which techniques are appropriate for uncovering dynamic generic properties, which for dynamic model-specific properties? 14
Model Transformations (context) • Core component of MBE • Many applications: – Maintaining inter-model consistency – Semantics definition of (domain-specific) modelling languages – … • Challenge: Verification of model transformations – Proving correctness, termination, confluence – What are the differences to “normal” code? – Is the higher abstraction level beneficial to V&V? 15
Model Transformations (questions) • What verification techniques are meaningful for verifying model transformations? • How do we analyse properties like confluence and termination? • How do we analyse correctness of model transformations w.r.t. a transformation contract? • How do we infer a transformation contract from a model transformation? 16
Informal vs. Formal vs. Incomplete Modeling (context) • During V&V: switch on or off particular model elements (in class diagrams, e.g., multiplicities); configure constraints by negating, deactivating or activating them (in class diagrams, e.g., class invariants) • Different types of granularity (a) all model elements may be relaxed (b) only a manual model element selection can be considered for relaxation (c) a semi- automatic element selection for relaxation may be offered • Ultimate vision: sliders on the user interface to gradually go from a strict, formal model through various intermediate levels to a totally relaxed and informal model; fewer formal model parts activated means more informality in the model • Minimal formal frame for test case construction must be preserved: e.g., for class diagrams of central classes and associations and for state charts of central states and transitions • For a completely informal model no formal scenario (no test cases) can be formulated 17
Informal vs. Formal vs. Incomplete Modeling (questions) • How do we leverage informal assumptions found in sketches for exploratory V&V? • Are informal sketches close enough to V&V at all? • What are appropriate relaxation mechanisms for different degrees of formality? • How do we handle incomplete or partial models w.r.t. V&V? • How do we deactivate and activate model units? • How do we handle the exploration of model properties and alternatives? 18
Comparison and Benchmarking (context) • Benchmarking can boost research: – Fair comparison of tools – Impartial benchmark selection which covers the spectrum of interesting test cases – Clear documentation of outcomes; reproducibility – Publicity makes it easy to identify progress, problems • However, in MBE: – No common standards – No community platform for benchmarks – Not clear what metrics are relevant for measuring “improvement” 19
Comparison and Benchmarking (questions) • How to compare existing V&V tools w.r.t. functionality, coverage, scalability, expressiveness, executing system (i.e., for models at runtime)? • Which criteria are appropriate for comparison? • Can we globally compare fairly at all? – Broad and diverse spectrum of V&V machines: B, Coq, HOL/Isabelle, SAT, SMT, CSP solvers, Relational logic, enumerative techniques 20
Domain-Specific Languages (Context) • Most verification tools have hard to use input languages, alien to normal developers. – Hence, verification tools are often not used. • MBE approaches become more and more mainstream. • Models can simplify analysis and verification, because of the higher degree of domain semantics they express. • Potential to exploit the two approaches synergistically – From the high-level models, we can automate the generation of the input to the verification tools. 21
Domain-Specific Languages (Questions) • How to define DSLs close to domain concepts but still allow generation of meaningful input for V&V tools? • V&V tools need the specification of properties. – How to express them at the domain level in a user-friendly way? – Can the property specifications be integrated with the same DSL and/or model used for describing the to-be-verified system without creating self-fulfilling prophecies? • How to bring V&V feedback back to the domain level and express it in terms of the DSL-level input? • Can incremental languages extensions help with making programs expressed in general-purpose languages more checkable? For example, the semantics of a specific extension construct may enable the generation of very rich inputs to the verification tool. 22
Thematic Categories 1. Gap between Models and V&V Formalisms 2. Need to Refine Existing Methodologies 3. Design-time vs. Runtime 4. Properties 5. Model Transformations 6. Informal vs. Formal vs. Incomplete Modeling 7. Comparison and Benchmarking 8. Domain-Specific Languages 23
Conclusion • Report-back from working group on MBE and V&V at Dagstuhl in May 2013. • Main areas in the synergy of MBE and V&V. • For each: described status and identified research questions. • Our hope: Spark discussions and debate, help focus research in MBE and V&V. 24
Questions? 25

Recommandé

Requirements Engineering Techniques for Eliciting Requirements (lecture slides)
Requirements Engineering Techniques for Eliciting Requirements (lecture slides)Requirements Engineering Techniques for Eliciting Requirements (lecture slides)
Requirements Engineering Techniques for Eliciting Requirements (lecture slides)Dagmar Monett
 
[2016/2017] Modern development paradigms
[2016/2017] Modern development paradigms [2016/2017] Modern development paradigms
[2016/2017] Modern development paradigms Ivano Malavolta
 
Methods for Validating and Testing Software Requirements (lecture slides)
Methods for Validating and Testing Software Requirements (lecture slides)Methods for Validating and Testing Software Requirements (lecture slides)
Methods for Validating and Testing Software Requirements (lecture slides)Dagmar Monett
 
A Structured Approach to Requirements Analysis (lecture slides)
A Structured Approach to Requirements Analysis (lecture slides)A Structured Approach to Requirements Analysis (lecture slides)
A Structured Approach to Requirements Analysis (lecture slides)Dagmar Monett
 
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...Marco Torchiano
 
Q1a mark scheme
Q1a mark schemeQ1a mark scheme
Q1a mark schemeLiz Davies
 
[2015/2016] Introduction to software architecture
[2015/2016] Introduction to software architecture[2015/2016] Introduction to software architecture
[2015/2016] Introduction to software architectureIvano Malavolta
 
Requirements Engineering Methods for Documenting Requirements (lecture slides)
Requirements Engineering Methods for Documenting Requirements (lecture slides)Requirements Engineering Methods for Documenting Requirements (lecture slides)
Requirements Engineering Methods for Documenting Requirements (lecture slides)Dagmar Monett
 

Recommandé

Requirements Engineering Techniques for Eliciting Requirements (lecture slides)
Requirements Engineering Techniques for Eliciting Requirements (lecture slides)Requirements Engineering Techniques for Eliciting Requirements (lecture slides)
Requirements Engineering Techniques for Eliciting Requirements (lecture slides)Dagmar Monett
 
[2016/2017] Modern development paradigms
[2016/2017] Modern development paradigms [2016/2017] Modern development paradigms
[2016/2017] Modern development paradigms Ivano Malavolta
 
Methods for Validating and Testing Software Requirements (lecture slides)
Methods for Validating and Testing Software Requirements (lecture slides)Methods for Validating and Testing Software Requirements (lecture slides)
Methods for Validating and Testing Software Requirements (lecture slides)Dagmar Monett
 
A Structured Approach to Requirements Analysis (lecture slides)
A Structured Approach to Requirements Analysis (lecture slides)A Structured Approach to Requirements Analysis (lecture slides)
A Structured Approach to Requirements Analysis (lecture slides)Dagmar Monett
 
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...
Relevance, Benefits, and Barriers of Software Modelling and Model Driven Tech...Marco Torchiano
 
Q1a mark scheme
Q1a mark schemeQ1a mark scheme
Q1a mark schemeLiz Davies
 
[2015/2016] Introduction to software architecture
[2015/2016] Introduction to software architecture[2015/2016] Introduction to software architecture
[2015/2016] Introduction to software architectureIvano Malavolta
 
Requirements Engineering Methods for Documenting Requirements (lecture slides)
Requirements Engineering Methods for Documenting Requirements (lecture slides)Requirements Engineering Methods for Documenting Requirements (lecture slides)
Requirements Engineering Methods for Documenting Requirements (lecture slides)Dagmar Monett
 
24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)
24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)
24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)University of Rennes, INSA Rennes, Inria/IRISA, CNRS
 
Unit 2
Unit 2Unit 2
Unit 2GunasundariSelvaraj
 
Model Based Testing
Model Based TestingModel Based Testing
Model Based TestingRachid Kherrazi
 
Software developer occupational brief
Software developer occupational briefSoftware developer occupational brief
Software developer occupational briefEnda Crossan
 
OOSD_UNIT1 (1).pptx
OOSD_UNIT1 (1).pptxOOSD_UNIT1 (1).pptx
OOSD_UNIT1 (1).pptxDebabrataPain1
 
CSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).pptCSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).pptDHIRENDRAHUDDA
 
W4 ucl@md day2011
W4 ucl@md day2011W4 ucl@md day2011
W4 ucl@md day2011MDDAY11
 
Modeling should be an independent scientific discipline
Modeling should be an independent scientific disciplineModeling should be an independent scientific discipline
Modeling should be an independent scientific disciplineJordi Cabot
 
[2015/2016] Software development process
[2015/2016] Software development process[2015/2016] Software development process
[2015/2016] Software development processIvano Malavolta
 
Simulation Powerpoint- Lecture Notes
Simulation Powerpoint- Lecture NotesSimulation Powerpoint- Lecture Notes
Simulation Powerpoint- Lecture NotesKesavartinii Bala Krisnain
 
20121121101127simulation azmi
20121121101127simulation azmi20121121101127simulation azmi
20121121101127simulation azmiAhmad Nur Faiz
 
Discussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docxDiscussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docxmadlynplamondon
 
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...Hironori Washizaki
 
010821+presentation+oti.ppt
010821+presentation+oti.ppt010821+presentation+oti.ppt
010821+presentation+oti.pptYann-Gaël Guéhéneuc
 
Software Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptxSoftware Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptxaryanchauhan040301
 
Sanjay
SanjaySanjay
Sanjayrehana00
 
ppt2.pptx
ppt2.pptxppt2.pptx
ppt2.pptxJOHNNYGALLA2
 
GSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINTGSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINTAlex Himmelberg
 
1 sdlc model
1 sdlc model1 sdlc model
1 sdlc modelShah Ishtiyaq Mehfooze
 
MDA
MDAMDA
MDAPreetam Palwe
 
Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...Michalis Famelis
 
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...Michalis Famelis
 

Contenu connexe

Similaire à Research Questions for Validation and Verification in the Context of Model-Based Engineering

Software developer occupational brief
Software developer occupational briefSoftware developer occupational brief
Software developer occupational briefEnda Crossan
 
CSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).pptCSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).pptDHIRENDRAHUDDA
 
W4 ucl@md day2011
W4 ucl@md day2011W4 ucl@md day2011
W4 ucl@md day2011MDDAY11
 
Modeling should be an independent scientific discipline
Modeling should be an independent scientific disciplineModeling should be an independent scientific discipline
Modeling should be an independent scientific disciplineJordi Cabot
 
[2015/2016] Software development process
[2015/2016] Software development process[2015/2016] Software development process
[2015/2016] Software development processIvano Malavolta
 
20121121101127simulation azmi
20121121101127simulation azmi20121121101127simulation azmi
20121121101127simulation azmiAhmad Nur Faiz
 
Discussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docxDiscussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docxmadlynplamondon
 
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...Hironori Washizaki
 
Software Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptxSoftware Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptxaryanchauhan040301
 
GSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINTGSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINTAlex Himmelberg
 

Similaire à Research Questions for Validation and Verification in the Context of Model-Based Engineering (20)

24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)
24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)
24 Reasons Why Variability Models Are Not Yet Universal (24RWVMANYU)
 
Unit 2
Unit 2Unit 2
Unit 2
 
Model Based Testing
Model Based TestingModel Based Testing
Model Based Testing
 
Software developer occupational brief
Software developer occupational briefSoftware developer occupational brief
Software developer occupational brief
 
OOSD_UNIT1 (1).pptx
OOSD_UNIT1 (1).pptxOOSD_UNIT1 (1).pptx
OOSD_UNIT1 (1).pptx
 
CSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).pptCSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
CSE320 SOFTWARE ENGINEERING Lecture01 (1).ppt
 
W4 ucl@md day2011
W4 ucl@md day2011W4 ucl@md day2011
W4 ucl@md day2011
 
Modeling should be an independent scientific discipline
Modeling should be an independent scientific disciplineModeling should be an independent scientific discipline
Modeling should be an independent scientific discipline
 
[2015/2016] Software development process
[2015/2016] Software development process[2015/2016] Software development process
[2015/2016] Software development process
 
Simulation Powerpoint- Lecture Notes
Simulation Powerpoint- Lecture NotesSimulation Powerpoint- Lecture Notes
Simulation Powerpoint- Lecture Notes
 
20121121101127simulation azmi
20121121101127simulation azmi20121121101127simulation azmi
20121121101127simulation azmi
 
Discussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docxDiscussion Post 1A software process model is a streamlined port.docx
Discussion Post 1A software process model is a streamlined port.docx
 
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
SWEBOK Guide Evolution and Its Emerging Areas including Machine Learning Patt...
 
010821+presentation+oti.ppt
010821+presentation+oti.ppt010821+presentation+oti.ppt
010821+presentation+oti.ppt
 
Software Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptxSoftware Life Cycle Modelsrerfgrgreg.pptx
Software Life Cycle Modelsrerfgrgreg.pptx
 
Sanjay
SanjaySanjay
Sanjay
 
ppt2.pptx
ppt2.pptxppt2.pptx
ppt2.pptx
 
GSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINTGSEP - PROCESS AND CHECKPOINT
GSEP - PROCESS AND CHECKPOINT
 
1 sdlc model
1 sdlc model1 sdlc model
1 sdlc model
 
MDA
MDAMDA
MDA
 

Plus de Michalis Famelis

Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...Michalis Famelis
 
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...Michalis Famelis
 
Transformations of Models Containing Uncertainty
Transformations of Models Containing UncertaintyTransformations of Models Containing Uncertainty
Transformations of Models Containing UncertaintyMichalis Famelis
 
MAV-Vis: A Notation for Model Uncertainty
MAV-Vis: A Notation for Model UncertaintyMAV-Vis: A Notation for Model Uncertainty
MAV-Vis: A Notation for Model UncertaintyMichalis Famelis
 
Greece Solidarity Initialive : October 28 antifascist event
Greece Solidarity Initialive : October 28 antifascist eventGreece Solidarity Initialive : October 28 antifascist event
Greece Solidarity Initialive : October 28 antifascist eventMichalis Famelis
 
Uncertainty Management With Partial Models
Uncertainty Management With Partial ModelsUncertainty Management With Partial Models
Uncertainty Management With Partial ModelsMichalis Famelis
 
Comparing the Effectiveness of Reasoning Formalisms for Partial Models
Comparing the Effectiveness of Reasoning Formalisms for Partial Models Comparing the Effectiveness of Reasoning Formalisms for Partial Models
Comparing the Effectiveness of Reasoning Formalisms for Partial Models Michalis Famelis
 
Partial Models: Towards Modeling and Reasoning with Uncertainty
Partial Models: Towards Modeling and Reasoning with UncertaintyPartial Models: Towards Modeling and Reasoning with Uncertainty
Partial Models: Towards Modeling and Reasoning with UncertaintyMichalis Famelis
 
The Semantics of Partial Model Transformations
The Semantics of Partial Model TransformationsThe Semantics of Partial Model Transformations
The Semantics of Partial Model TransformationsMichalis Famelis
 

Plus de Michalis Famelis (9)

Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...Using Developer Conversations to Resolve Uncertainty in Software Development:...
Using Developer Conversations to Resolve Uncertainty in Software Development:...
 
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
Photo Exhibition for the Commemoration of the 40th Anniversary of the Polytec...
 
Transformations of Models Containing Uncertainty
Transformations of Models Containing UncertaintyTransformations of Models Containing Uncertainty
Transformations of Models Containing Uncertainty
 
MAV-Vis: A Notation for Model Uncertainty
MAV-Vis: A Notation for Model UncertaintyMAV-Vis: A Notation for Model Uncertainty
MAV-Vis: A Notation for Model Uncertainty
 
Greece Solidarity Initialive : October 28 antifascist event
Greece Solidarity Initialive : October 28 antifascist eventGreece Solidarity Initialive : October 28 antifascist event
Greece Solidarity Initialive : October 28 antifascist event
 
Uncertainty Management With Partial Models
Uncertainty Management With Partial ModelsUncertainty Management With Partial Models
Uncertainty Management With Partial Models
 
Comparing the Effectiveness of Reasoning Formalisms for Partial Models
Comparing the Effectiveness of Reasoning Formalisms for Partial Models Comparing the Effectiveness of Reasoning Formalisms for Partial Models
Comparing the Effectiveness of Reasoning Formalisms for Partial Models
 
Partial Models: Towards Modeling and Reasoning with Uncertainty
Partial Models: Towards Modeling and Reasoning with UncertaintyPartial Models: Towards Modeling and Reasoning with Uncertainty
Partial Models: Towards Modeling and Reasoning with Uncertainty
 
The Semantics of Partial Model Transformations
The Semantics of Partial Model TransformationsThe Semantics of Partial Model Transformations
The Semantics of Partial Model Transformations
 

Dernier

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

Research Questions for Validation and Verification in the Context of Model-Based Engineering

  • 1. Research Questions for Validation and Verification in the Context of Model-Based Engineering Catherine Dubois Michalis Famelis Martin Gogolla Leonel Nobrega Ileana Ober Martina Seidl Markus Voelter ENSIIE, Evry, France University of Toronto, University of Bremen, University of Madeira, Funchal, University of Toulouse, Johannes Kepler University Linz, Austria Voelter Ingenieurburo, Heidenheim, Germany October 1st , 2013 MoDeVVa 2013, Miami, USA
  • 2. Introduction Abstraction techniques are one of the promising paths for the future advances in the field of verification. – Clarke, Emerson, Sifakis: Turing Lecture 2008 V&V crucial for MBE – Uncover hidden properties and errors – Verify transformations – Ensure quality, etc. 2
  • 3. About • This paper is the result of the working group on V & V at Dagstuhl-Seminar 13182 held in May 2013. • Dagstuhl: scientific retreat in western Germany • Seminar topic: Meta-Modeling Model- Based Engineering Tools • Three break-outs: Informal Modeling, Compositionality, Modeling and V&V 3
  • 4. 4 Our goal: Identify main areas in the synergy between MBE and V&V where we need to focus research. What is the status, what are the research questions? • Two-day collaborative brainstorming workshop. • Culminated in a plenary presentation …and this report
  • 5. Disclaimer • No claim of completeness or exhaustiveness • Represents the informed opinions of the authors • May have missed existing answers to some questions • Is this the right level of granularity / level of detail? 5
  • 6. Thematic Categories 1. Gap between Models and V&V Formalisms 2. Need to Refine Existing Methodologies 3. Design-time vs. Runtime 4. Properties 5. Model Transformations 6. Informal vs. Formal vs. Incomplete Modeling 7. Comparison and Benchmarking 8. Domain-Specific Languages 6
  • 7. Models and V&V Formalisms (context) Model Property Model' Property' Designer Level (can be Domain- Specific) Verification formalism level Verification engine Verification feed-back 7 Transformations and traceability mechanisms But behavioral semantics often leads to non-bijective correspondences between design time and runtime artifacts. V&V tool configuration
  • 8. Models and V&V Formalisms (questions) • How to express properties at the level of models in a way understandable to clients? • How to formulate models and properties in a single language transparent to clients? • How to report the V&V results and diagnostics in an appropriate form to clients? • How to bridge the gap between formally expressed and verified properties on one side and client attention on the other side? • Can modeling language extensions help in making explicit the “needs” of V&V machines?
  • 9. Refining Existing Methodologies (context) • Integrating V&V in development can support early V&V similar to how debugging is offered by IDEs. • Generic methodologies identify points where V&V can be used. • A Model-based development methodology would need to allow variations based on application domain, nature of project, etc. • Goal: better identify which V&V activities are meaningful at the various phases of design; take full advantage of V&V engines. 9
  • 10. Refining Existing Methodologies (questions) • How do we integrate V&V in the overall development and modeling process? – On the technical level of tool exchange? – On the methodological level of using the right technique at the right time for the right task? • When are techniques like animation, execution, symbolic evaluation, testing, simulation, proving or test case generation used most efficiently during development? – For which model and model transformation properties can they be employed? 10
  • 11. Design-time vs. Runtime (context) • Models are specified at design time • During execution these models are instantiated • The dynamic nature of structure during execution makes it difficult to understand and represent runtime information • Existing modeling environments offer limited support for precisely specifying instantiation and snapshots 11
  • 12. Design-time vs. Runtime (questions)  During the V&V phase, how do we obtain an initial model instantiation?  How do we obtain large and meaningful instantiations?  How do we connect design time and runtime artifacts?  How do we deal with the issue of scalability in the context of V&V ?  How do we handle time and space concerns w.r.t. design time and runtime artifacts?  How do we automatically or semi-automatically manage the V&V machine configuration? 12
  • 13. Properties (context) • Model and model transformation properties relevant in V&V: – consistency, reachability, dependence, minimality, conformance, safety, liveness, deadlock freeness, termination, confluence, correctness • Confusion caused by: – Different kinds according to the nature of the model (static/ dynamic), its level of abstraction, etc. – Many tools and techniques (potentially complementary) Main challenge: What kind of property to verify on which model at what stage with what kind of technique? 13
  • 14. Properties (questions) • What are the benefits and trade-offs between expressing properties on more abstract modeling levels in contrast to expressing them on more concrete levels? • How do we find the right techniques for uncovering static and dynamic model properties? • Which techniques are appropriate for uncovering static modeling language inherent properties, which for static model-specific properties? • Which techniques are appropriate for uncovering dynamic generic properties, which for dynamic model-specific properties? 14
  • 15. Model Transformations (context) • Core component of MBE • Many applications: – Maintaining inter-model consistency – Semantics definition of (domain-specific) modelling languages – … • Challenge: Verification of model transformations – Proving correctness, termination, confluence – What are the differences to “normal” code? – Is the higher abstraction level beneficial to V&V? 15
  • 16. Model Transformations (questions) • What verification techniques are meaningful for verifying model transformations? • How do we analyse properties like confluence and termination? • How do we analyse correctness of model transformations w.r.t. a transformation contract? • How do we infer a transformation contract from a model transformation? 16
  • 17. Informal vs. Formal vs. Incomplete Modeling (context) • During V&V: switch on or off particular model elements (in class diagrams, e.g., multiplicities); configure constraints by negating, deactivating or activating them (in class diagrams, e.g., class invariants) • Different types of granularity (a) all model elements may be relaxed (b) only a manual model element selection can be considered for relaxation (c) a semi- automatic element selection for relaxation may be offered • Ultimate vision: sliders on the user interface to gradually go from a strict, formal model through various intermediate levels to a totally relaxed and informal model; fewer formal model parts activated means more informality in the model • Minimal formal frame for test case construction must be preserved: e.g., for class diagrams of central classes and associations and for state charts of central states and transitions • For a completely informal model no formal scenario (no test cases) can be formulated 17
  • 18. Informal vs. Formal vs. Incomplete Modeling (questions) • How do we leverage informal assumptions found in sketches for exploratory V&V? • Are informal sketches close enough to V&V at all? • What are appropriate relaxation mechanisms for different degrees of formality? • How do we handle incomplete or partial models w.r.t. V&V? • How do we deactivate and activate model units? • How do we handle the exploration of model properties and alternatives? 18
  • 19. Comparison and Benchmarking (context) • Benchmarking can boost research: – Fair comparison of tools – Impartial benchmark selection which covers the spectrum of interesting test cases – Clear documentation of outcomes; reproducibility – Publicity makes it easy to identify progress, problems • However, in MBE: – No common standards – No community platform for benchmarks – Not clear what metrics are relevant for measuring “improvement” 19
  • 20. Comparison and Benchmarking (questions) • How to compare existing V&V tools w.r.t. functionality, coverage, scalability, expressiveness, executing system (i.e., for models at runtime)? • Which criteria are appropriate for comparison? • Can we globally compare fairly at all? – Broad and diverse spectrum of V&V machines: B, Coq, HOL/Isabelle, SAT, SMT, CSP solvers, Relational logic, enumerative techniques 20
  • 21. Domain-Specific Languages (Context) • Most verification tools have hard to use input languages, alien to normal developers. – Hence, verification tools are often not used. • MBE approaches become more and more mainstream. • Models can simplify analysis and verification, because of the higher degree of domain semantics they express. • Potential to exploit the two approaches synergistically – From the high-level models, we can automate the generation of the input to the verification tools. 21
  • 22. Domain-Specific Languages (Questions) • How to define DSLs close to domain concepts but still allow generation of meaningful input for V&V tools? • V&V tools need the specification of properties. – How to express them at the domain level in a user-friendly way? – Can the property specifications be integrated with the same DSL and/or model used for describing the to-be-verified system without creating self-fulfilling prophecies? • How to bring V&V feedback back to the domain level and express it in terms of the DSL-level input? • Can incremental languages extensions help with making programs expressed in general-purpose languages more checkable? For example, the semantics of a specific extension construct may enable the generation of very rich inputs to the verification tool. 22
  • 23. Thematic Categories 1. Gap between Models and V&V Formalisms 2. Need to Refine Existing Methodologies 3. Design-time vs. Runtime 4. Properties 5. Model Transformations 6. Informal vs. Formal vs. Incomplete Modeling 7. Comparison and Benchmarking 8. Domain-Specific Languages 23
  • 24. Conclusion • Report-back from working group on MBE and V&V at Dagstuhl in May 2013. • Main areas in the synergy of MBE and V&V. • For each: described status and identified research questions. • Our hope: Spark discussions and debate, help focus research in MBE and V&V. 24