Software Engineering Center Software Engineering Center

Requirements, Models, and Properties: Their Relationship and Validation

Mats P. E. Heimdahl

University of Minnesota Software Engineering Center Department of Computer Science and Engineering

University of Minnesota 4-192 EE/CS; 200 Union Street SE

Minneapolis, MN 55455

S5, 2014 1

Software Engineering Center

Over Many Years, Experience

S5, 2014 2

Software Engineering Center

Requirements 3 Ways

• Natural Language

• Formalized Requirements

• Requirements Models

S5, 2014 3

The Mode Annunciations shall be turned on when the Flight Director is turned on

Wrong!

Software Engineering Center

The 3 are Related

S5, 2014 4

Implements Verify Test

Architecture/ Constructive Model

Derived from

Inspect Test Verify Determinism Deadlock Etc.

Natural Language Requirements

Inspect

The Mode Annunciations shall be turned on when the Flight Director is turned on

Declarative Properties/ Synchronous Observers

Inspect Analyze Realizability

Derived from

Software Engineering Center

Pitfall #1—Modeling Frenzy

S5, 2014 5

Implements Architecture/

Constructive Model

Derived from

Natural Language Requirements

Declarative Properties/ Synchronous Observers

Derived from

Modeling is so much fun

How do we know the model is “right”?

Software Engineering Center

Property and Model Relationship

S5, 2014 6

Notional Requirements

Formal Requirements

Model

Erroneous Requirements

Faulty Model

Software Engineering Center

Verification and Testing

S5, 2014 7

Notional Requirements

Formal Requirements

Model

Requirements and Model are correct and pass verification and testing

Requirements and Model are incorrect but pass verification and testing

Requirements and Model are incorrect and fail verification and testing

Requirements and Model are correct but fail verification and testing

Software Engineering Center

Verification

S5, 2014 8

Notional Requirements

Formal Requirements

Model

Software Engineering Center

Iterative Verification

S5, 2014 9

Notional Requirements

Formal Requirements

Model

Software Engineering Center

Iterative V&V

S5, 2014 10

Notional Requirements

Formal Requirements

Model

Software Engineering Center

Property or Model: Which is Right?

AG(Onside_FD_On -> Mode_Annunciations_On)

The Mode Annunciations shall be turned on when the Flight Director is turned on

AG( (Is_This_Side_Active & Onside_FD_On) -> Mode_Annunciations_On)

If this side is active, the Mode Annunciations shall be turned on when the Flight Director is turned on

If this side is active and the Mode Annunciations are off, the Mode Annunciations shall be turned on when the Flight Director is turned on

AG( ! Mode_Annunciations_On -> AX ((Is_This_Side_Active & Onside_FD_On) -> Mode_Annunciations_On)))

S5, 2014 11

Software Engineering Center

Saying What We Want is Hard

• This is not new • Writing down properties in a

formal notation is can be challenging – But not harder than writing

correct code!

• Hard part is actually figuring out exactly what you want.

• Does not have to be done all at once

S5, 2014 12

Software Engineering Center

Requirements Collective

S5, 2014 13

Requirements Collective

Formal Analysis Model

MBD Model

Shall Statements

Properties

Corrections Corrections

CorrectionsCorrections

Create Model(Manual)

Formalize Properties (Manual)

Merge(Automated)

Translate(Automated)

Simulation / Corrections

Formal Verification

Much Methodological Work to be Done

Software Engineering Center

Additional Research Needs

S5, 2014 14

Usable Requirements Notations Enhanced Analysis Capabilities Property/Contact Test Coverage Test Generation

Compositional Verification Verification of Timing and Control Verification Validation Guidance Assumptions and Abstractions

Usable Modeling Notations Modeling Guidelines Enhanced Well-Formedness Checks Model Test Coverage Criteria Test Generation

Software Engineering Center S5, 2014

Summary and Questions

Thank You

15