Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 A Context Analysis Method for Constructing Reliable Embedded Systems Naoyasu Ubayashi, Toshiki Seto, Hirotoshi Kanagawa, Susumu Taniguchi, and Jun Yoshida.

Published byColeen Barrett Modified over 8 years ago

Similar presentations

Presentation on theme: "1 A Context Analysis Method for Constructing Reliable Embedded Systems Naoyasu Ubayashi, Toshiki Seto, Hirotoshi Kanagawa, Susumu Taniguchi, and Jun Yoshida."— Presentation transcript:

1 1 A Context Analysis Method for Constructing Reliable Embedded Systems Naoyasu Ubayashi, Toshiki Seto, Hirotoshi Kanagawa, Susumu Taniguchi, and Jun Yoshida (Kyushu Institute of Technology) Takeshi Sumi and Masayuki Hirayama (Toshiba) May 11, 2007 MISE 200 8

2 Contexts in embedded systems  Many embedded systems not only affect their contexts through actuators but also are affected by their contexts through sensors.  However, requirements analysis is mainly conducted from the viewpoint of system functions, and contexts are only roughly analyzed. 2 Unexpected behavior might emerge in a system if a developer does not recognize any possible conflicting combinations between the system and contexts. It is difficult to decide the boundary of contexts that should be taken into account: which contexts should be included as the targets of requirements analysis. Embedded System Actuator Sensor Contexts Boundary ? Association ? Frame Problem !

3 Today’s my talk  We propose a context-dependent requirements analysis method called CAMEmb (Context Analysis Method for Embedded systems). 3 UML Profile for Context Analysis Formal Methods ( VDM++ ) Formal Methods ( VDM++ ) CAMEmb is a systematic approach to exploring context boundary avoiding the frame problem, verifying whether requirements can be satisfied under the expected contexts, changing requirements or context boundary if not satisfied.

4 4 Outline 1. Motivation 2. CAMEmb 3. MDD based on CAMEmb 4. Conclusions and Future work

5 5 1. Motivation

6 6 Example: an electric pot water level sensor heater thermostat liquid context system pot The pot controls the water temperature by turning on or off the heater. The pot changes its mode to the heat-retaining mode when the temperature becomes 100 Celsius. The pot observes the volume from the water level. Boil: () ==> () Boil() == while thermostat.GetTemperature() < 100.0 do heater.On(); However, faults may occur if the expected contexts are changed. ---for example, the circumstance of the low air pressure

7 Should air pressure be taken into account ? 7 water level sensor heater thermostat Liquid context system pot Non trivial ! Air Pressure Boundary ?? This depends on user requirements. However, it is important to check the consistency if we decide that air pressure must be taken into account. It is also important to check the impact when air pressure is included in the expected contexts.

8 Problems to be tackled  The boundary of contexts should be determined from user requirements.  We must take into account the influence that occurs in the cooperation among a target system and contexts within the boundary.  We must also detect defects by recognizing any possible conflicting combinations among the system and contexts. 8 Systematic way for context analysis

9 2. CAMEmb Context Analysis Method for Embedded systems 9

10 CAMEmb Overview 10 Formal Methods ( VDM++ ) Formal Methods ( VDM++ ) UML Profile for Context Analysis

11 Context modeling 11 UML profile for context analysis Steps for exploring boundary 1.Context elements (value object) observed or controlled directly by a sensor or an actuator are extracted. 2.Impact factors that affect the states (values) of these context elements are extracted using guide words. Initial Boundary Sensor cannot observe original data Factor related to a specific value Contexts that do not change the values are ignored ! The frame problem is avoided ! Contexts that do not change the values are ignored ! The frame problem is avoided ! Final Boundary Factor that determines the upper limit

12 Translation to VDM++ 12

13 13 VDM++ Specification class Software instance variables heater : Heater; thermostat : Thermostat; liquid_level_sensor : LiquidLevelSensor; operations public Setup: RealWorld ==> () Setup(realworld) == (heater := new Heater(); heater.Setup(realworld); thermostat := new Thermostat(); thermostat.Setup(realworld); liquid_level_sensor := new LiquidLevelSensor(); liquid_level_sensor.Setup(realworld); ); public Boil: () ==> () Boil() == while thermostat.GetTemperature() <= 100.0 and liquid_level_sensor.IsOn() = true do heater.On() pre liquid_level_sensor.IsOn() = true post liquid_level_sensor.IsOn() = true; end Software Constraints From user requirements (water should not be empty) From user requirements (water should not be empty)

14 Context Validation 14 Formal Methods ( VDM++ ) Formal Methods ( VDM++ ) Lightweight Formal Methods

15 15 VDM++ test execution Specification can be validated by VDM++ test execution System Specification Context A Context B Normal Air pressure CONTEXT-atmospheric-air-pressureplace- normal CONTEXT-liquid-water Low Air Pressure CONTEXT-atmospheric-air-pressureplace- low CONTEXT-liquid-water

16 Results of test execution 16 Error ! We must reconsider whether air pressure should be included in the expected contexts.

17 Requirements refinement 17 water level sensor heater thermistor Liquid context system pot Air Pressure Boundary Out of ScopeReconsider Hardware Requirements Fixed to 1.0 ATM Model-based testing based on lightweight formal methods is effective for exploring context boundary and refining requirements.

18 3. MDD based on CAMEmb 18

19 DSL construction using AspectM 19 AspectM metamodel AspectM model introduce a new kind of domain-specific model element modify the AspectM metamodel reflect reify MMAP extension point new model element protocols Base level Meta level Editing-time structural reflection [Ubayashi 2007]

20 Model editor for CAMEmb 20 Context model of a line trace car

21 Model transformation 21 Total code size: 223 LOC Automatic generated code size: 174 LOC 78 % Context Model System Model Java Analysis ModelDesign ModelCode

22 4. Conclusions and Future work 22

23 Conclusions  A context-dependent requirements analysis method is proposed.  Our approach is a new kind of MDD that explicitly takes into account the existence of contexts. 23

24 Future work --- CAMEmb and Problem Frame  In problem frames, relations between a machine (a system to be developed) and the real-world are explicitly described.  We are now exploring the possibility of integrating CAMEmb with problem frames.  We found that there was the similarity between our UML profile and frame patterns. 24

25 Context analysis with problem frames 25 Trace Controller ( TC ) AA Body ( BD ) Line Trace C a: TC! { Right, Left} BD! { Line detected, Linemissed} b: LP! { On, Off} c: LC! { Ground Color} d: LS! { Reflected Light} r: BD! { Run, Return to Course} r b Control Machine Controlled Domain Required Behavior AA Light Sensor ( LS ) X Line recognition Controller (LC) AA Line Position ( LP ) X Transformation Machine Output Input Required Behavior Frame Transformation Frame c a d On if ground color is black

Download ppt "1 A Context Analysis Method for Constructing Reliable Embedded Systems Naoyasu Ubayashi, Toshiki Seto, Hirotoshi Kanagawa, Susumu Taniguchi, and Jun Yoshida."

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Introducing Formal Methods, Module 1, Version 1.1, Oct., 1998 1 Formal Specification and Analytical Verification L 5.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.
Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.
Mahadevan Subramaniam and Bo Guo University of Nebraska at Omaha An Approach for Selecting Tests with Provable Guarantees.

Mahadevan Subramaniam and Bo Guo University of Nebraska at Omaha An Approach for Selecting Tests with Provable Guarantees.
A Context Analysis Method for Embedded Systems --- Exploring a Requirement Boundary between a System and Its Context Naoyasu Ubayashi(Kyushu University,

A Context Analysis Method for Embedded Systems --- Exploring a Requirement Boundary between a System and Its Context Naoyasu Ubayashi(Kyushu University,
Expert System Human expert level performance Limited application area Large component of task specific knowledge Knowledge based system Task specific knowledge.

Expert System Human expert level performance Limited application area Large component of task specific knowledge Knowledge based system Task specific knowledge.
Presenter : Shih-Tung Huang Tsung-Cheng Lin Kuan-Fu Kuo 2015/6/15 EICE team Model-Level Debugging of Embedded Real-Time Systems Wolfgang Haberl, Markus.

Presenter : Shih-Tung Huang Tsung-Cheng Lin Kuan-Fu Kuo 2015/6/15 EICE team Model-Level Debugging of Embedded Real-Time Systems Wolfgang Haberl, Markus.
UML CASE Tool. ABSTRACT Domain analysis enables identifying families of applications and capturing their terminology in order to assist and guide system.

UML CASE Tool. ABSTRACT Domain analysis enables identifying families of applications and capturing their terminology in order to assist and guide system.
(c) 2007 Mauro Pezzè & Michal Young Ch 1, slide 1 Software Test and Analysis in a Nutshell.

(c) 2007 Mauro Pezzè & Michal Young Ch 1, slide 1 Software Test and Analysis in a Nutshell.
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
1 SWE 205 - Introduction to Software Engineering Lecture 11 - Requirements Engineering Processes.

1 SWE Introduction to Software Engineering Lecture 11 - Requirements Engineering Processes.
1 Scenario-based Analysis of UML Design Class Models Lijun Yu October 4th, 2010 Oslo, Norway.

1 Scenario-based Analysis of UML Design Class Models Lijun Yu October 4th, 2010 Oslo, Norway.
PJSISSTA '001 Black-Box Test Reduction Using Input-Output Analysis ISSTA ‘00 Patrick J. Schroeder, Bogdan Korel Department of Computer Science Illinois.

PJSISSTA '001 Black-Box Test Reduction Using Input-Output Analysis ISSTA ‘00 Patrick J. Schroeder, Bogdan Korel Department of Computer Science Illinois.
TEST CASE DESIGN Prepared by: Fatih Kızkun. OUTLINE Introduction –Importance of Test –Essential Test Case Development A Variety of Test Methods –Risk.

TEST CASE DESIGN Prepared by: Fatih Kızkun. OUTLINE Introduction –Importance of Test –Essential Test Case Development A Variety of Test Methods –Risk.
Testing. What is Testing? Definition: exercising a program under controlled conditions and verifying the results Purpose is to detect program defects.

Testing. What is Testing? Definition: exercising a program under controlled conditions and verifying the results Purpose is to detect program defects.
Chapter 6 System Engineering - Computer-based system - System engineering process - “Business process” engineering - Product engineering (Source: Pressman,

Chapter 6 System Engineering - Computer-based system - System engineering process - “Business process” engineering - Product engineering (Source: Pressman,
March 13, 2001CSci 250 - Clark University1 CSci 250 Software Design & Development Lecture #15 Tuesday, March 13, 2001.

March 13, 2001CSci Clark University1 CSci 250 Software Design & Development Lecture #15 Tuesday, March 13, 2001.
1 Archface: Architectural Interface -- Bridging a Gap between Design Modeling and Implementation Naoyasu Ubayashi, Hidenori Akatoki, Jun Nomura Kyushu.

1 Archface: Architectural Interface -- Bridging a Gap between Design Modeling and Implementation Naoyasu Ubayashi, Hidenori Akatoki, Jun Nomura Kyushu.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Chapter 6 Requirements Engineering Process.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Chapter 6 Requirements Engineering Process.
1 The Architectural Design of FRUIT: A Family of Retargetable User Interface Tools Yi Liu, H. Conrad Cunningham and Hui Xiong Computer & Information Science.

1 The Architectural Design of FRUIT: A Family of Retargetable User Interface Tools Yi Liu, H. Conrad Cunningham and Hui Xiong Computer & Information Science.

Similar presentations

Ads by Google