Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dagstuhl Intro Mike Whalen. 2 Mike Whalen My main goal is to reduce software verification and validation (V&V) cost and increasing.

Published byCalvin Little Modified over 9 years ago

Similar presentations

Presentation on theme: "Dagstuhl Intro Mike Whalen. 2 Mike Whalen My main goal is to reduce software verification and validation (V&V) cost and increasing."— Presentation transcript:

1 Dagstuhl Intro Mike Whalen

2 http://www.umsec.umn.edu 2 Mike Whalen My main goal is to reduce software verification and validation (V&V) cost and increasing rigor  Applied automated V&V techniques on industrial systems  Proofs, bounded analyses, static analysis, automated testing  Combining several kinds of assurance artifacts PhD in proofs of translation for synchronous languages [UMN 2005] Worked at Rockwell Collins for 6 ½ years on formal analysis of avionics systems Came back to UMN in December 2009 as Program Director for UM Software Engineering Center Work very closely with Mats Heimdahl, Rockwell Collins folks, and several other collaborators August, 20112RE 2011: Mike Whalen

3 http://www.umsec.umn.edu 3 RequirementsDesign / CodeTestField Automated completeness and consistency checking of requirements Compositional analysis Static analysis Automated proof that design/code satisfies requirements Requirements- based test oracles for unit and integration test runtime monitors to recover from failures at runtime Automated test generation from requirements Subsystem System System of Systems Level of Scale Uses of Formal Requirements

4 http://www.umsec.umn.edu 4 Rockwell Collins Inc. Gryphon Tool Family UMN: simulator, fault seeder, coverage measurement tool, TCG RCI: Information Flow Modeling S. Miller, M. Whalen, D. Cofer, Software Model Checking Takes Off, Communications of the ACM, February 2010 M. Whalen, D. Greve, L. Wagner, Model Checking Information Flow, In: Design and Verification of Microprocessor Systems for High-Assurance Applications, D. Hardin, Ed., Springer, March 2010. D. Hardin, D.R. Johnson, L. Wagner, and M. Whalen. Development of Security Software: A High-Assurance Methodology, ICFEM 2009, Rio de Janeiro, Brazil, December, 2009.

5 http://www.umsec.umn.edu 5 ADGS-2100 Adaptive Display & Guidance System Example Requirement: Drive the Maximum Number of Display Units Given the Available Graphics Processors Counterexample Found in 5 Seconds Checked 573 Properties - Found and Corrected 98 Errors in Early Design Models Modeled in Simulink Translated to NuSMV 4,295 Subsystems 16,117 Simulink Blocks Over 10 37 Reachable States

6 http://www.umsec.umn.edu 6 Use of formally verified Active/Standby design pattern cut development time by 1/3 and saved hundreds of hours of on-aircraft test time Flight Control System (FCS) FGS_LFGS_R 6 Architectural design patterns attack system complexity through automated model transformations with guaranteed behaviors State Space Size Fault-tolerance Configuration SYNCHRONOUS NETWORK ASYNCHRONOUS BOUNDED DELAY NETWORK WITH PALS NODE 1 NODE 2 NODE 3 NODE 1 NODE 2 NODE 3 T CLOCK JITTER ii + 1i PALS: Physically Asynchronous Logically Synchronous Rework cost is up to 60% of total development cost for large, complex systems. Verification reuse through design patterns supports correct-by- construction system development Avionics System (AADL model) FCS Flight Guidance System (FGS) MODE LOGIC CONTROL LOGIC LEADER SELECT PALS pattern for virtual synchrony achieves >3 orders of magnitude reduction in state space and verification complexity ASSUMPTIONS GUARANTEES Compositional verification exploits natural system hierarchy through formal assume-guarantee reasoning Leader Select PALSRep Platform synchronous communication one node operational timing constraints not co-located Avionics System leader transition bounded Active-Standby pattern for fault-tolerant control allows system developers to work at a higher level of abstraction Steven P. Miller, Michael W. Whalen, and Darren D. Cofer. Software Model Checking Takes Off. Communications of the ACM, February, 2010.

7 http://www.umsec.umn.edu 7 Contracts between patterns and components Avionics system requirement Relies upon  Guarantees provided by patterns and components  Structural properties of model  Resource allocation feasibility  Probabilistic system-level failure characteristics LS PALSRep Platform synchronous communication one node operational timing constraints not co-located Avionics System leader transition bounded ASSUMPTIONS GUARANTEES Under single-fault assumption, GC output transient response is bounded in time and magnitude RT sched & latency Error model Behavior StructureResourceProbabilistic © Copyright 2011 Rockwell Collins, Inc. All rights reserved. ?

8 http://www.umsec.umn.edu 8 And other stuff… Test metrics and oracles [ICSE 2008, ICSE 2011, FASE 2012] Semantics and analysis of Statecharts [ISSTA 11, NFM 2012] DSL and Analysis for Guard Languages [TACAS 2012] Invariant generation techniques for K-Induction model checkers [NFM 2012] Requirements-based testing [ICFEM 2008, ISSTA 2006]

Download ppt "Dagstuhl Intro Mike Whalen. 2 Mike Whalen My main goal is to reduce software verification and validation (V&V) cost and increasing."

Similar presentations

Integration of MBSE and Virtual Engineering for Detailed Design

Integration of MBSE and Virtual Engineering for Detailed Design
Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.
MOdel-based GENeration of Tests for Embedded Systems #216679 FP7-ICT-2007-1-3.3 Embedded Systems Design WP3: Qualitative Fault Modelling András Pataricza,

MOdel-based GENeration of Tests for Embedded Systems # FP7-ICT Embedded Systems Design WP3: Qualitative Fault Modelling András Pataricza,
1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.

1 Translation Validation: From Simulink to C Michael RyabtsevOfer Strichman Technion, Haifa, Israel Acknowledgement: sponsored by a grant from General.
February 28 – March 3, 2011 Stepwise Refinement and Reuse: The Key to ESL Ashok B. Mehta Senior Manager (DTP/SJDMP) TSMC Technology, Inc. Mark Glasser.

February 28 – March 3, 2011 Stepwise Refinement and Reuse: The Key to ESL Ashok B. Mehta Senior Manager (DTP/SJDMP) TSMC Technology, Inc. Mark Glasser.
Dagstuhl Intro Mike Whalen Program Director University of Minnesota Software Engineering Center.

Dagstuhl Intro Mike Whalen Program Director University of Minnesota Software Engineering Center.
Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.

Efficient Reachability Analysis for Verification of Asynchronous Systems Nishant Sinha.
© Copyright 2009 Rockwell Collins, Inc. All rights reserved. Formal Methods for Critical Systems Dr. Steven P. Miller Midwest Verification Day September.

© Copyright 2009 Rockwell Collins, Inc. All rights reserved. Formal Methods for Critical Systems Dr. Steven P. Miller Midwest Verification Day September.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Verification/Simulati on –GUI for simulation and formal verification –Simulator: Exploration of dynamic behavior Checking.

Verification/Simulati on –GUI for simulation and formal verification –Simulator: Exploration of dynamic behavior Checking.
CLEANROOM SOFTWARE ENGINEERING

CLEANROOM SOFTWARE ENGINEERING
Advanced Technology Center Slide 1 Formal Verification of Flight Critical Software Dr. Steven P. Miller Advanced Computing Systems Elise A. Anderson Commercial.

Advanced Technology Center Slide 1 Formal Verification of Flight Critical Software Dr. Steven P. Miller Advanced Computing Systems Elise A. Anderson Commercial.
Advanced Technology Center Slide 1 Formal Methods in Safety-Critical Systems Dr. Steven P. Miller Advanced Computing Systems Rockwell Collins 400 Collins.

Advanced Technology Center Slide 1 Formal Methods in Safety-Critical Systems Dr. Steven P. Miller Advanced Computing Systems Rockwell Collins 400 Collins.
Formal Model-Based Development in Aerospace Systems: Challenges to Adoption Mats P. E. Heimdahl University of Minnesota Software Engineering Center Critical.

Formal Model-Based Development in Aerospace Systems: Challenges to Adoption Mats P. E. Heimdahl University of Minnesota Software Engineering Center Critical.
Systems Engineering for Automating V&V of Dependable Systems John S. Baras Institute for Systems Research University of Maryland College Park 301-405-6606.

Systems Engineering for Automating V&V of Dependable Systems John S. Baras Institute for Systems Research University of Maryland College Park
Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.
L4-1-S1 UML Overview © M.E. Fayad 2000 -- 2005 SJSU -- CmpE Software Architectures Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I.

L4-1-S1 UML Overview © M.E. Fayad SJSU -- CmpE Software Architectures Dr. M.E. Fayad, Professor Computer Engineering Department, Room #283I.
CS599 Software Engineering for Embedded Systems1 Software Engineering for Real-Time: A Roadmap Presentation by: Mandar Samant Raghbir Singh Banwait.

CS599 Software Engineering for Embedded Systems1 Software Engineering for Real-Time: A Roadmap Presentation by: Mandar Samant Raghbir Singh Banwait.
Automated V&V for High Integrity Systems A Targeted Formal Methods Approach Simon Burton Research Associate Rolls-Royce University Technology Centre University.

Automated V&V for High Integrity Systems A Targeted Formal Methods Approach Simon Burton Research Associate Rolls-Royce University Technology Centre University.
Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

Software Engineering for Safety : A Roadmap Presentation by: Manu D Vij CS 599 Software Engineering for Embedded Systems.

Similar presentations

Ads by Google