![Page 1: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/1.jpg)
So#ware Engineering for Embedded Systems
Prof. Dr. Sabine Glesner Joachim Fellmuth, Nils Jähnig, Verena Klös,
Lydia Ma<ck, Marcus Mikulcak, Sebas@an Schlesinger
Summer term 2015
Seminar: So#ware Engineering of Embedded Systems
-‐ Quality Assurance of Embedded Systems -‐
![Page 2: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/2.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 2
Research Areas
n Projects n Verifica@on and Transforma@on of Embedded Systems (VaTES)
n Security in Cyber-‐Physical Systems n Correct Model transformations (CorMorant) n Reliable Embedded System design based on Co-‐verifica@on in a Unified Environment (RESCUE)
n Abstrac@on-‐Based Modular Verifica@on of Self-‐Adap@ve Systems
n Change Impact-‐Analyses of SoUware Models (CISMo) We are looking for student assistants for all projects!
![Page 3: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/3.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 3
Formal Verifica@on of Concurrent (Low-‐Level) Code
nils.jaehnig@tu-‐berlin.de
![Page 4: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/4.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 4
n Verifica@on of embedded real-‐@me systems
n Start with abstract specifica@on (CSP-‐based) n Via high-‐level programming languages n Un@l low-‐level compiler representa@on (LLVM)
n Me: consider communica(ng low-‐level code
abstract
concrete
![Page 5: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/5.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 5
Hoare Logics
n {P} code {Q} n If precondi@on P holds, and the execu@on of code terminates, than postcond@on Q holds.
n What if the execu@on does not terminate? n What about communica@ng programs?
![Page 6: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/6.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 6
Topics
n L. Lamport – The Hoare Logic of CSP, and all that
n Xu, de Roever, He – The Rely-‐Guarantee Method for Verifying Shared Variable Concurrent Programs
n Sergey, Nanevski, Banerjee – Specifying and Verifying Concurrent Algorithms with Histories and Subjec@vity
![Page 7: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/7.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 7
Security in Cyber-‐Physical Systems
joachim.fellmuth@tu-‐berlin.de
![Page 8: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/8.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 8
Security in CPS
n Cyber-‐physical systems (CPS) have a number of specific proper@es which are relevant in terms of security
n Examples are complexity, @ming, limited resources, higher availability requirements
n Modeling of security has to be adjusted for CPS n Defense techniques such as Intrusion Detec@on have to be specialized for new types of amacks
![Page 9: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/9.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 9
Topics
n Burmester, Magkos, Chrissikopoulos -‐ Modeling security in cyber-‐physical systems
n X – Zimmer, Bhat, Mueller, Mohan -‐ Time-‐based Intrusion Detec@on in Cyber-‐physical Systems
![Page 10: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/10.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 10
CorMoranT
[email protected]@tu-‐berlin.de
![Page 11: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/11.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 11
CorMoranT Overview
Goal Automated verifica@on of refactorings of hybrid Simulink models
𝑑/𝑑𝑡 𝑦(𝑡)=−𝑦(𝑡) 𝑦(𝑡)=exp(−𝑡) Mo@va@on n Simulink de facto standard for
Model Driven Engineering in Automo@ve, Aerospace etc.
n Verifica@on esp. in safety-‐cri@cal environments n Refactorings improve structure, preserve behaviour
Example
![Page 12: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/12.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 12
Topics
n Rajeev Alur, Thomas Henzinger, Gerardo Lafferriere, George Pappas, Discrete Abstrac,ons of Hybrid Systems, Proceedings of the IEEE, 2000
n X – Frank Cassez, Thomas Henzinger, Jean-‐Francois Raskin, A Comparison of Control Problems for Timed and Hybrid Systems, 2002
n X – Antoine Girard, A. Agung Julius, George Pappas, Approximate Simula,on Rela,ons for Hybrid Systems, Discrete Event Dynamic Systems, 2008
![Page 13: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/13.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 13
Reliable Embedded System design based on Co-‐verifica@on in a Unified
Environment (RESCUE)
lydia.ma<ck@tu-‐berlin.de
![Page 14: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/14.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 14
HW/SW Co-Verification
§ HW/SW co-‐design § Integrated design of hardware and soUware components
of embedded systems § Enables co-‐verifica@on
§ HW/SW co-‐verificaQon § Combines verifica@on techniques from the hardware and
soUware world § Has to cope with various models of computa@on
[ Goal: Comprehensive and systema@c verifica@on of
hardware, soUware and their interplay
![Page 15: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/15.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 15
Compositional Verification
§ Major problem in embedded systems verifica@on: Scalability
§ Combine verificaQon tools § Exploit strengths and weaknesses § Specialized for specific areas
§ QuesQons: § How to decompose the system? § How to decompose proper@es?
![Page 16: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/16.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 16
HW/SW Co-Design
• SystemC: HW/SW co-‐design language • Intermediate representaQon for SystemC
designs (SysCIR) • Transforma@on into input language of
verificaQon tools (UPAAL, BLAST, UCLID)
Ø Problem: Scalability Ø Each tool cannot cope with en@re system
Ø Solu@on: ParQQoning/abstracQon
![Page 17: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/17.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 17
Slicing/Abstraction
• Decompose the design by slicing • Create sub-‐models on various levels of abstrac@on • Use specialized verifica@on tool to check properies
![Page 18: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/18.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 18
Topics
• X – Deian Tabakov, Moshe Y. Vardi, Gila Kamhi, Eli Singerman, A Temporal Language for SystemC, FMCAD 2007
• Cynthia Sturton, Rohit Sinha, Thurston H.Y. Dang, Sakshi Jain, Michael McCoyd, Symbolic So#ware Model ValidaQon, MEMOCODE 2013
• X – Dirk Beyer, Thomas A. Henzinger, M. Erkan Keremoglu, Philipp Wendler, CondiQonal Model Checking: A Technique to Pass InformaQon between Verifiers, FSE 2012
![Page 19: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/19.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 19
Abstrac@on-‐Based Modular Verifica@on of Self-‐adap@ve Systems
verena.kloes@tu-‐berlin.de
![Page 20: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/20.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 20
AbstracQon-‐Based Modular VerificaQon of Self-‐AdapQve Systems
n self-‐adap@ve HW/SW co-‐designs (SystemC) n Adapta@on based on rules and learning techniques n verifica@on with model checking n scalability: use abstrac@ons, modular verifica@on
![Page 21: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/21.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 21
Framework
![Page 22: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/22.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 22
AbstracQon-‐Based Modular VerificaQon of Self-‐AdapQve Systems
n learning on abstract models n generate new rules
n scalability Ø split verifica@on tasks Ø slicing/ abstrac@on
![Page 23: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/23.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 23
Topics
n Learning n Op@mal Planning for Architecture-‐Based Self-‐Adapta@on Via Model Checking of Stochas@c Games
n Incremental Quan@ta@ve Verifica@on for Markov Decision Processes
n Scalability n Refinement Checking for Timed Automata
![Page 24: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/24.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 24
CISMo
marcus.mikulcak@tu-‐berlin.de
![Page 25: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/25.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 25
Projekt CISMo
Change Impact Analyses for So#ware Models n model-‐based development of soUware components in the automo@ve sector
n Transfer of classic soUware development methods to model-‐based domain (MATLAB/Simulink) n Change detec@on and impact calcula@on n Iden@fica@on of security leaks
n Goal: Development of formal analysis methods for MATLAB/Simulink
![Page 26: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/26.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 26
Change Impact Analyses
Change Impact Analyses in Model-‐Based Development n Impact analysis is concerned with the iden@fica@on of
consequences of changes in soUware to ensure quality and maintainability
n Studied extensively for text-‐based programming languages, but model-‐based development poses different, as of yet unsolved challenges n Iden@fica@on of changes between models and model revisions n impact due to higher abstrac@on level of models
![Page 27: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/27.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 27
InformaQon Flow in Java
Topic 1: Handling Clone Muta(ons in MATLAB/Simulink
n automo@ve soUware models can contain up to 60.000 blocks
n possibility to reuse model parts through libraries n however, oUen slight changes in reusable code required
n in maintenance and analysis, necessary to manage clones and their changes (muta@ons)
![Page 28: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/28.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 28
InformaQon Flow in Java
X – Topic 2: MATLAB/Simulink Test Case Genera(on Using Extended Finite Automata
n For tests of safety-‐cri@cal soUware, extensive test cases are most important
n Guessing is not an op@on -‐> formal technique to find test cases to cover paths
n Transla@on into finite automaton, then model checking to find necessary input combina@ons and sequences
![Page 29: Seminar:SowareEngineeringof EmbeddedSystems( · 2015-04-23 · SowareEngineering forEmbeddedSystems (Seminar(PES(SS2015( 2 Research Areas! Projects(! Verificaon(and Transformaon(of(Embedded(Systems(](https://reader033.vdocuments.mx/reader033/viewer/2022050115/5f4bfa059b8368273a7192b3/html5/thumbnails/29.jpg)
So#ware Engineering for Embedded Systems
Seminar PES SS2015 29
Available subjects n Handling Clone Muta@ons in MATLAB/Simulink n X – MATLAB/Simulink Test Case Genera@on Using Extended
Finite Automata
Contact
Marcus Mikulcak, marcus.mikulcak@tu-‐berlin.de