Software Engineering Center Software Engineering Center
Requirements, Models, and Properties: Their Relationship and Validation
Mats P. E. Heimdahl
University of Minnesota Software Engineering Center Department of Computer Science and Engineering
University of Minnesota 4-192 EE/CS; 200 Union Street SE
Minneapolis, MN 55455
S5, 2014 1
Software Engineering Center
Over Many Years, Experience
S5, 2014 2
Software Engineering Center
Requirements 3 Ways
• Natural Language
• Formalized Requirements
• Requirements Models
S5, 2014 3
The Mode Annunciations shall be turned on when the Flight Director is turned on
Wrong!
Software Engineering Center
The 3 are Related
S5, 2014 4
Implements Verify Test
Architecture/ Constructive Model
Derived from
Inspect Test Verify Determinism Deadlock Etc.
Natural Language Requirements
Inspect
The Mode Annunciations shall be turned on when the Flight Director is turned on
Declarative Properties/ Synchronous Observers
Inspect Analyze Realizability
Derived from
Software Engineering Center
Pitfall #1—Modeling Frenzy
S5, 2014 5
Implements Architecture/
Constructive Model
Derived from
Natural Language Requirements
Declarative Properties/ Synchronous Observers
Derived from
Modeling is so much fun
How do we know the model is “right”?
Software Engineering Center
Property and Model Relationship
S5, 2014 6
Notional Requirements
Formal Requirements
Model
Erroneous Requirements
Faulty Model
Software Engineering Center
Verification and Testing
S5, 2014 7
Notional Requirements
Formal Requirements
Model
Requirements and Model are correct and pass verification and testing
Requirements and Model are incorrect but pass verification and testing
Requirements and Model are incorrect and fail verification and testing
Requirements and Model are correct but fail verification and testing
Software Engineering Center
Verification
S5, 2014 8
Notional Requirements
Formal Requirements
Model
Software Engineering Center
Iterative Verification
S5, 2014 9
Notional Requirements
Formal Requirements
Model
Software Engineering Center
Iterative V&V
S5, 2014 10
Notional Requirements
Formal Requirements
Model
Software Engineering Center
Property or Model: Which is Right?
AG(Onside_FD_On -> Mode_Annunciations_On)
The Mode Annunciations shall be turned on when the Flight Director is turned on
AG( (Is_This_Side_Active & Onside_FD_On) -> Mode_Annunciations_On)
If this side is active, the Mode Annunciations shall be turned on when the Flight Director is turned on
If this side is active and the Mode Annunciations are off, the Mode Annunciations shall be turned on when the Flight Director is turned on
AG( ! Mode_Annunciations_On -> AX ((Is_This_Side_Active & Onside_FD_On) -> Mode_Annunciations_On)))
S5, 2014 11
Software Engineering Center
Saying What We Want is Hard
• This is not new • Writing down properties in a
formal notation is can be challenging – But not harder than writing
correct code!
• Hard part is actually figuring out exactly what you want.
• Does not have to be done all at once
S5, 2014 12
Software Engineering Center
Requirements Collective
S5, 2014 13
Requirements Collective
Formal Analysis Model
MBD Model
Shall Statements
Properties
Corrections Corrections
CorrectionsCorrections
Create Model(Manual)
Formalize Properties (Manual)
Merge(Automated)
Translate(Automated)
Simulation / Corrections
Formal Verification
Much Methodological Work to be Done
Software Engineering Center
Additional Research Needs
S5, 2014 14
Usable Requirements Notations Enhanced Analysis Capabilities Property/Contact Test Coverage Test Generation
Compositional Verification Verification of Timing and Control Verification Validation Guidance Assumptions and Abstractions
Usable Modeling Notations Modeling Guidelines Enhanced Well-Formedness Checks Model Test Coverage Criteria Test Generation
Software Engineering Center S5, 2014
Summary and Questions
Thank You
15