Comparing Formal Tools for System Design: a Judgment StudyTechnical
Formal methods and tools have a long history of successful applications in the design of safety-critical railway products. However, most of the experiences focused on the application of a single method at once, and little work has been performed to compare the applicability of the different available frameworks to the railway context. As a result, companies willing to introduce formal methods in their development process have little guidance on the selection of tools that could fit their needs. To address this goal, this paper presents a comparison between 9 different formal tools, namely Atelier B, CADP, FDR4, NuSMV, ProB, Simulink, SPIN, UMC, and UPPAAL SMC. We performed a judgment study, involving 17 experts with experience in formal methods applied to railways. In the study, part of the experts were required to model a railway signalling problem (the moving-block train distancing system) with the different tools, and to provide feedback on their experience. The information produced was then synthesised, and the results were validated by the remaining experts. Based on the outcome of this process, we provide a synthesis that describes when to use a certain tool, and what are the problems that may be faced by modellers. Our experience shows that the different tools serve different purposes, and multiple formal methods are required to fully cover the needs of the railway system design process.
Tue 7 JulDisplayed time zone: (UTC) Coordinated Universal Time change
16:05 - 17:05 | A4-Cyber-Physical SystemsSoftware Engineering in Practice / Technical Papers / Demonstrations at Baekje Chair(s): Joanne M. Atlee University of Waterloo | ||
16:05 12mTalk | Adapting Requirements Models to Varying EnvironmentsTechnical Technical Papers Dalal Alrajeh Imperial College London, Antoine Cailliau ICTEAM, UCLouvain, Axel van Lamsweerde Université catholique de Louvain | ||
16:17 12mTalk | Comparing Formal Tools for System Design: a Judgment StudyTechnical Technical Papers Alessio Ferrari CNR-ISTI, Franco Mazzanti ISTI-CNR, Davide Basile University of Florence, Maurice H. ter Beek ISTI-CNR, Alessandro Fantechi University of Florence DOI Pre-print | ||
16:29 3mTalk | Demo: SLEMI: Finding Simulink Compiler Bugs through Equivalence Modulo Input (EMI)Demo Demonstrations Shafiul Azam Chowdhury University of Texas at Arlington, Sohil Lal Shrestha The University of Texas at Arlington, Taylor T Johnson Vanderbilt University, Christoph Csallner University of Texas at Arlington Link to publication DOI Media Attached | ||
16:32 12mTalk | The Forgotten Case of the Dependency Bugs: On the Example of the Robot Operating SystemSEIP Software Engineering in Practice Anders Fischer-Nielsen IT University of Copenhagen, Zhoulai Fu IT University of Copenhagen, Denmark, Ting Su ETH Zurich, Switzerland, Andrzej Wąsowski IT University of Copenhagen, Denmark Pre-print | ||
16:44 3mTalk | PROMISE: High-Level Mission Specification for Multiple RobotsDemo Demonstrations Sergio Garcia Chalmers | University of Gothenburg, Patrizio Pelliccione University of L'Aquila and Chalmers | University of Gothenburg, Claudio Menghi University of Luxembourg, Thorsten Berger Chalmers | University of Gothenburg, Tomas Bures Charles University, Czech Republic | ||
16:47 12mTalk | How do you Architect your Robots? State of the Practice and Guidelines for ROS-based Systems Software Engineering in Practice Ivano Malavolta Vrije Universiteit Amsterdam, Grace Lewis Carnegie Mellon Software Engineering Institute, Bradley Schmerl Carnegie Mellon University, USA, Patricia Lago Vrije Universiteit Amsterdam, David Garlan Carnegie Mellon University | ||