Presentation is loading. Please wait.

Presentation is loading. Please wait.

Industrial usage of VDM Dr Peter Gorm Larsen Associate Professor University College of Aarhus + PGL Consult.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Industrial usage of VDM Dr Peter Gorm Larsen Associate Professor University College of Aarhus + PGL Consult."— Presentation transcript:

1 Industrial usage of VDM Dr Peter Gorm Larsen Associate Professor University College of Aarhus + PGL Consult

2 Ingeniørhøjskolen i Århus Slide 2 Personal Background Theoretical Work –VDM-SL Semantics (ISO standard) –VDM-SL Proof Rules (PhD work) More Practical Work –VDM and SA in combination –IFAD VDMTools –Transfer VDM to Industry –Intensive use Industrially Employed by –For 13 years: IFAD –For 3,5 years: Systematic –Now: University College of Aarhus and PGL Consult

3 Ingeniørhøjskolen i Århus Slide 3 VDM Technology in Industry  Overview of VDM Concepts Overview of VDM-SL Semantics Industrial usage of VDM

4 Ingeniørhøjskolen i Århus Slide 4 Vienna Development Method VDM-SL and VDM++ –ISO Standardisation of VDM-SL –VDM++ is an object-oriented extension Model-oriented specification: –Simple, abstract data types –Invariants to restrict membership –Functional specification: Referentially transparent functions Operations with side effects on state variables Implicit specification (pre/post) Explicit specification (functional or imperative) Underdeterminedness and non-determinism

5 Ingeniørhøjskolen i Århus Slide 5 VDM++ Class Outline class class end end instance variables...... typesvaluesfunctionsoperations thread sync Internal object state Definitions Dynamic behaviour Synchronization control

6 Ingeniørhøjskolen i Århus Slide 6 What is VDMTools? The VDM-SL Toolbox The VDM++ Toolbox Different experimental extensions: –Reverse engineering from Java to VDM++ –PROSPER for proof support on top of VDM-SL –VICE for support for real-time systems

7 Ingeniørhøjskolen i Århus Slide 7 VDMTools ® Overview The Rose-VDM++ Link Document Generator Code Generators - C++, Java Syntax & Type Checker API (Corba), DL Facility Interpreter (Debugger)Integrity Checker

8 Ingeniørhøjskolen i Århus Slide 8 References, World-wide France Aerospatiale Espace et Defense Dassault Aviation Dasssault Electronique CISI CEA et Defense CEA Leti Cap Gemini LAAS Matra Bae Dynamics U.K. British Aerospace Systems & Equipment British Aerospace Defense Adelard ICL Enterprise Engineering Rolls Royce Transitive Technologies ItalyENEAAnsaldo The Netherlands Dutch Dept. of Defence OriginChessPortugalSidereusDenmark Baan Nordic Odense Steel Shipyard DDC International North America Boeing Rockwell Collins Lockheed Martin DDC-I, Inc. Rational Software Corp. Formal Systems Inc. Concordia University Japan RTRI (Japan Railways) JFITSGermany GAO mbH More than 150 clients world-wide in 2001

9 Ingeniørhøjskolen i Århus Slide 9 VDM Technology in Industry Overview of VDM Concepts  Overview of VDM-SL Semantics Industrial usage of VDM

10 Ingeniørhøjskolen i Århus Slide 10 VDM-SL Semantics Presentations VDM-SL Static Semantics (7 slides) VDM-SL Domain Universe (12 slides) VDM-SL Dynamic Semantics (32 slides) Unfortunately using old legacy technology

11 Ingeniørhøjskolen i Århus Slide 11 VDM Technology in Industry Overview of VDM Concepts Overview of VDM-SL Semantics  Industrial usage of VDM

12 Ingeniørhøjskolen i Århus Slide 12 ConForm (1994) Organisation: British Aerospace (UK) Domain: Security (gateway) Tools: The IFAD VDM-SL Toolbox Experience: –Prevented propagation of error –Successful technology transfer –At least 4 more applications without support Statements: –“Engineers can learn the technique in one week” –“VDMTools  can be integrated gradually into a traditional existing development process”

13 Ingeniørhøjskolen i Århus Slide 13 DustExpert (1995-7) Organisation: Adelard (UK) Domain: Safety (dust explosives) Tools: The IFAD VDM-SL Toolbox Experience: –Delivered on time at expected cost –Large VDM-SL specification –Testing support valuable Statement: –“Using VDMTools  we have achieved a productivity and fault density far better than industry norms for safety related systems”

14 Ingeniørhøjskolen i Århus Slide 14 Adelard Metrics 31 faults in Prolog and C++ (< 1/kloc) Most minor, only 1 safety-related 1 (small) design error, rest in coding

15 Ingeniørhøjskolen i Århus Slide 15 CAVA (1998-2000) Organisation: Baan (Denmark) Domain: Constraint solver (Sales Configuration) Tools: The IFAD VDM-SL Toolbox Experience: –Common understanding –Faster route to prototype –Earlier testing Statement: –“VDMTools  has been used in order to increase quality and reduce development risks on high complexity products”

16 Ingeniørhøjskolen i Århus Slide 16 Dutch DoD (1997-8) Organisation: Origin, The Netherlands Domain: Military Tools: The IFAD VDM-SL Toolbox Experience: –Higher level of assurance –Mastering of complexity –Delivered at expected cost and on schedule –No errors detected in code after delivery Statement: –“We chose VDMTools  because of high demands on maintainability, adaptability and reliability”

17 Ingeniørhøjskolen i Århus Slide 17 DoD, NL Metrics (1) Estimated 12 C++ loc/h with manual coding!

18 Ingeniørhøjskolen i Århus Slide 18 DoD - Comparative Metrics CODINGTESTING CODINGTESTING ANALYSIS & DESIGNTraditional: VDMTools ® : Cost ANALYSIS & DESIGN 9002000700 1200500600 0% 64% 100%

19 Ingeniørhøjskolen i Århus Slide 19 BPS 1000 (1997-) Organisation: GAO, Germany Domain: Bank note processing Tools: The IFAD VDM-SL Toolbox Experience: –Better understanding of sensor data –Errors identified in other code – Savings on maintenance Statement: –VDMTools provides unparalleled support for design abstraction ensuring quality and control throughout the development life cycle.

20 Ingeniørhøjskolen i Århus Slide 20 Flower Auction (1998) Organisation: Chess, The Netherlands Domain: Financial transactions Tools: The IFAD VDM++ Toolbox Experience: –Successful combination of UML and VDM++ –Use iterative process to gain client commitment –Implementers did not even have a VDM course Statement: –“The link between VDMTools and Rational Rose is essential for understanding the UML diagrams”

21 Ingeniørhøjskolen i Århus Slide 21 SPOT 4 (1999) Organisation: CS-CI, France Domain: Space (payload for SPOT4 satellite) Tools: The IFAD VDM-SL Toolbox Experience: –38 % less lines of source code –36 % less overall effort –Use of automatic C++ code generation Statement: The cost of applying Formal methods is significantly lower than without them.

22 Ingeniørhøjskolen i Århus Slide 22 Japanese Railways (2000-2001) Domain: Railways (database and interlocking) Experience: –Prototyping important –Now also using it for ATC system Engineer working at IFAD for two years with PROSPER proof support

23 Ingeniørhøjskolen i Århus Slide 23 Stock-options (2000- ) Organisation: JFITS (CSK group company), Japan Domain: Financial Tools: The IFAD VDM++ Toolbox Reason for CSK to purchase VDMTools Tax exemptionCOCOMORealized Effort38,5 person months14 person months Schedule9 months3,5 months OptionsCOCOMORealized Effort147,2 person months60,1 person months Schedule14,3 months7 months

24 Ingeniørhøjskolen i Århus Slide 24 Reverse Engineering (2001) Organisation: Boeing Domain: Avionics Tools: The IFAD VDM++ Toolbox Included development of Java to VDM++ reverse engineering feature

25 Ingeniørhøjskolen i Århus Slide 25 Optimisation (2001) Transitive Technologies, UKOrganisation: Transitive Technologies, UK Domain:EmbeddedDomain:Embedded Tools: The IFAD VDM-SL ToolboxTools: The IFAD VDM-SL Toolbox Making software independent of hardware platformMaking software independent of hardware platform

26 Ingeniørhøjskolen i Århus Slide 26 Further Information Applying Formal Specification in Industry. P.G. Larsen, J. Fitzgerald and T. Brookes. Published in "IEEE Software" vol. 13, no. 3, May 1996 A Lightweight Approach to Formal Methods S.Agerholm and P.G. Larsen. In Proceedings of the International Workshop on Current Trends in Applied Formal Methods, Boppard, Germany, Springer-Verlag, October 1998. Applications of VDM in Banknote Processing P. Smith and P.G. Larsen. + Application of VDM-SL to the Development of the SPOT4 Programming Messages Generator, A. Puccetti and J.Y. Tixadou + Formal Specification of an Auctioning System Using VDM++ and UML, M.Verhoef et. al. Published at the First VDM Workshop: VDM in Practice with the FM'99 Symposium, Toulouse, France, September 1999.

Download ppt "Industrial usage of VDM Dr Peter Gorm Larsen Associate Professor University College of Aarhus + PGL Consult."

Similar presentations

October 2007Potential thesis projects1 Peter Gorm Larsen Professor (ingeniørdocent) at Engineering College of Aarhus.

October 2007Potential thesis projects1 Peter Gorm Larsen Professor (ingeniørdocent) at Engineering College of Aarhus.
The System and Software Development Process Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.

The System and Software Development Process Instructor: Dr. Hany H. Ammar Dept. of Computer Science and Electrical Engineering, WVU.
Principles of Project Management Case Study - Programme Management: Developing a Blueprint Graham Collins University College London (UCL)

Principles of Project Management Case Study - Programme Management: Developing a Blueprint Graham Collins University College London (UCL)
IFAD www.ifad.dk Dr Peter Gorm Larsen IFAD A/S Forskerparken 10A DK-5230 Odense M Denmark Ten Years of Historical Development “Bootstrapping” VDMTools.

IFAD Dr Peter Gorm Larsen IFAD A/S Forskerparken 10A DK-5230 Odense M Denmark Ten Years of Historical Development “Bootstrapping” VDMTools.
Sequence Diagram Generation & Validation MSE First Presentation Samer Saleh Advisor: Bill Hankley.

Sequence Diagram Generation & Validation MSE First Presentation Samer Saleh Advisor: Bill Hankley.
JML and ESC/Java2: An Introduction Karl Meinke School of Computer Science and Communication, KTH.

JML and ESC/Java2: An Introduction Karl Meinke School of Computer Science and Communication, KTH.
© 2004 by Carnegie Mellon University The Society of Automotive Engineers (SAE) Architecture Analysis & Design Language (AADL) Standard An International.

© 2004 by Carnegie Mellon University The Society of Automotive Engineers (SAE) Architecture Analysis & Design Language (AADL) Standard An International.
Job No/ 1 © British Crown Copyright 2008/MOD Developing a High Integrity Code Generator Using iUML/iCCG Sam Moody AWE plc, Aldermaston, Berkshire, United.

Job No/ 1 © British Crown Copyright 2008/MOD Developing a High Integrity Code Generator Using iUML/iCCG Sam Moody AWE plc, Aldermaston, Berkshire, United.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Shaoying Liu Department of Computer Science

Shaoying Liu Department of Computer Science
Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Network Management Overview IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
What is Software Engineering? And why is it so hard?

What is Software Engineering? And why is it so hard?
Software engineering for real-time systems

Software engineering for real-time systems
March 2006VDM Technology in Industry1 Peter Gorm Larsen.

March 2006VDM Technology in Industry1 Peter Gorm Larsen.
March 2009Tools for VDM in Industry1 Professor Peter Gorm Larsen Engineering College of Aarhus Also adjunct professor at Aarhus.

March 2009Tools for VDM in Industry1 Professor Peter Gorm Larsen Engineering College of Aarhus Also adjunct professor at Aarhus.
Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.
August 2006 1 Two courses on VDM++ for Embedded Systems: Learning by Doing Professor Peter Gorm Larsen Engineering College of Aarhus Computer Technology.

August Two courses on VDM++ for Embedded Systems: Learning by Doing Professor Peter Gorm Larsen Engineering College of Aarhus Computer Technology.
February 2008Potential thesis projects1 Peter Gorm Larsen Professor (ingeniørdocent) at Engineering College of Aarhus.

February 2008Potential thesis projects1 Peter Gorm Larsen Professor (ingeniørdocent) at Engineering College of Aarhus.
Slide 1.1 © The McGraw-Hill Companies, 2002 Object-Oriented and Classical Software Engineering Fifth Edition, WCB/McGraw-Hill, 2002 Stephen R. Schach

Slide 1.1 © The McGraw-Hill Companies, 2002 Object-Oriented and Classical Software Engineering Fifth Edition, WCB/McGraw-Hill, 2002 Stephen R. Schach
March 2008Tools for VDM in Industry1 Professor Peter Gorm Larsen Engineering College of Aarhus

March 2008Tools for VDM in Industry1 Professor Peter Gorm Larsen Engineering College of Aarhus

Similar presentations

Ads by Google