What Top-Level Software Engineers Tackle after Learning Formal - - PowerPoint PPT Presentation

what top level software engineers tackle after learning
SMART_READER_LITE
LIVE PREVIEW

What Top-Level Software Engineers Tackle after Learning Formal - - PowerPoint PPT Presentation

Feb 21, 2024 177 likes •428 views

Fuyuki Ishikawa, Kenji Taguchi, Nobukazu Yoshioka, Shinichi Honiden GRACE Center/TopSE Project National Institute of Informatics, Japan What Top-Level Software Engineers Tackle after Learning Formal Methods: Experiences from the Top SE Project

slide-1
SLIDE 1

Fuyuki Ishikawa, Kenji Taguchi, Nobukazu Yoshioka, Shinichi Honiden GRACE Center/TopSE Project National Institute of Informatics, Japan

What Top-Level Software Engineers Tackle after Learning Formal Methods: Experiences from the Top SE Project

slide-2
SLIDE 2

Report educational activities on FM for engineers in the industry

Overview of the Top SE Project Lecture Courses Graduation Studies Statistics and Discussion

TOC

2009/11/06 2 Fuyuki Ishikawa @ TFM 2009

slide-3
SLIDE 3

Background

Gaps between academia and industry regarding efficient and reliable approaches for SE (e.g., FM)

Objective & Approach

Produce top-level software engineers by introducing scientific approaches (in academia) into industry Let academic/industrial experts jointly develop and provide an educational program

Top SE Project: Background/Motivation

2009/11/06 3 Fuyuki Ishikawa @ TFM 2009

State-of-the-art Practicality Industry Top SE Project Academia

slide-4
SLIDE 4

Top SE Project: History and Present Status

2005 2006 2007 2008 2009 4th Students (Present) 3rd Students 2nd Students 1st Students

Government-Funded Set-up

(Free program for 1.5 year)

2009/11/06 4 Fuyuki Ishikawa @ TFM 2009

Renewal and Sustainable Operation

(Fee-paying program for 1 year, about $5,000/student) 2010 5th Students (under call) Gradual Development 30 students per year 20 lecture courses 25 lecturers (15 from academia, 10 from industry) (on average)

slide-5
SLIDE 5

Series Lecture Courses

Foundations (2) Foundations in mathematical theory, Foundations in practical SE Architecture (3) Component-based development,Software patterns, Aspect-orientation Formal Specification (3) Foundations, Applications, and Security aspects Model Checking (4) Foundations, Applications, Concurrency aspects, Real-time aspects Requirements Analysis (4) Goal-oriented analysis, Elicitation and Identification, Security aspects, Early analysis Implementation Techniques (3) Testing, Program analysis, Verification of implementation models Management (2) Metrics, Development management

2009/11/06 5 Fuyuki Ishikawa @ TFM 2009

Top SE Project: Lecture Courses

slide-6
SLIDE 6

Lecture courses (1.5h * 15 per course)

Learn different methods/tools in each area to see common principles and different strategies Have group exercises to discuss how to apply the methods/tools using real application examples

Graduation study (3 month - )

Tackle problems identified by themselves Problems in their projects Problems in applying learnt methods/tools (with lecturers as supervisors)

Successive PhD work at a graduate univ.

2009/11/06 6 Fuyuki Ishikawa @ TFM 2009

Features in the Program

slide-7
SLIDE 7

Report educational activities for engineers from the industry

Overview of the Top SE Project Lecture Courses Graduation Studies Statistics and Discussion

TOC

2009/11/06 7 Fuyuki Ishikawa @ TFM 2009

slide-8
SLIDE 8

Discussing Application to Security Issues while Comparing Different Approaches Discussing Application Processes while Contrasting Two Extreme Approaches Obtaining Fundamental Knowledge and Techniques while Contrasting Two Extreme Approaches

2009/11/06 8 Fuyuki Ishikawa @ TFM 2009

Formal Specification Series

Applications Security Foundations

VDM/VDM-SL Toolbox B Method/Atelier B VDM/VDM++ Toolbox B Method/Atelier B Event-B/RODIN Z/EVES Promela/SPIN

slide-9
SLIDE 9

2009/11/06 9 Fuyuki Ishikawa @ TFM 2009

Model Checking Series

Obtaining Fundamental Knowledge and Techniques

Foundations

SPIN Discussing Application Processes with Comparing Different Tools

Applications

SPIN SMV LTSA Discussing Difficulties in Verification and Implementation with Concurrency

Concurrency

CSP (FDR, JCSP) Obtaining Fundamental Knowledge and Techniques and Discussing Application Processes with Timed Models

Performance

UPPAAL

slide-10
SLIDE 10

Complements by introducing methods/tools on source codes

Program Analysis Course JML Verification of Implementation Models Java PathFinder

2009/11/06 10 Fuyuki Ishikawa @ TFM 2009

Implementation Techniques Series

slide-11
SLIDE 11

Group exercises for VDM and B

Formalize and validate a real, complex standard specification written in natural languages Use small parts of OLSR, a standard protocol for routing management in ad-hoc networks Discuss modeling/validation strategies What to model? (or what to abstract away?) What properties to check? What ambiguities need to be resolved?

Group Exercise: Example of VDM and B

2009/11/06 11 Fuyuki Ishikawa @ TFM 2009

  • Share information on the topology
  • Choose nodes that forward messages

for complete but more efficient multicasting

slide-12
SLIDE 12

Report educational activities for engineers from the industry

Overview of the Top SE Project Lecture Courses Graduation Studies Statistics and Discussion

TOC

2009/11/06 12 Fuyuki Ishikawa @ TFM 2009

slide-13
SLIDE 13

Case study

Tackle problems in a certain project by choosing and applying learnt methods/tools

Domain-specific finer-grained support

Tackle problems in applying learnt methods/tools by developing domain-specific methods/tools

Bridging gaps between methods/tools

Tackle problems in connecting different methods/tools by developing methods/tools

Extension of methods/tools

Tackle problems in learnt methods/tools by extending them

Types of Graduation Studies

2009/11/06 13 Fuyuki Ishikawa @ TFM 2009

slide-14
SLIDE 14

Case-study type: Run an experimental project and evaluate effects of introducing formal specifications

2009/11/06 14 Fuyuki Ishikawa @ TFM 2009

Examples of Graduation Studies (1)

UML Components Review OCL Modeling and Testing (VDM++)

hours Added/modified items in specification

slide-15
SLIDE 15

Domain-specific support type: Develop a tool to verify business processes with real-time properties considering resource constraints

2009/11/06 15 Fuyuki Ishikawa @ TFM 2009

Examples of Graduation Studies (2)

Business Process Specification in BPMN Annotation on time aspects and resource aspects (e.g., number of human workers, process instances) UPPAAL Models Check

slide-16
SLIDE 16

Bridging-gaps type: Develop a method and tool to derive VDM++ skeleton from requirements

  • btained by KAOS [Nakagawa, ASE07]

2009/11/06 16 Fuyuki Ishikawa @ TFM 2009

Examples of Graduation Studies (3)

slide-17
SLIDE 17

Extension type: Define a VDM++ extension to specify Event-B-type refinement relationships as well as a translator from the extended VDM++ to Event-B [Kawamata, SEFM09]

2009/11/06 17 Fuyuki Ishikawa @ TFM 2009

Examples of Graduation Studies (4)

Abstract VDM++ Model Refined VDM++ Model Refinement (e.g., component partition) Annotation syntax for “Link Invariants” (i.e., relationship between variables in abstract/refined models) Proof-of-Concept tool by translation to Event-B (only target non-procedural syntax of VDM++) Link Invariants Abstract Event-B Model Refined Event-B Model Proof-obligation generation and automated proof by RODIN

slide-18
SLIDE 18

Report educational activities for engineers from the industry

Overview of the Top SE Project Lecture Courses Graduation Studies Statistics and Discussion

TOC

2009/11/06 18 Fuyuki Ishikawa @ TFM 2009

slide-19
SLIDE 19

Series Course Students completed (attended) Model Checking Foundations (SPIN) 17 (21)

  • Apps. (SPIN, SMV, LTSA)

12 (15) Performance (UPPAAL) 5 (10) Concurrency (CSP) 8 (10) Formal Specs. Foundations (VDM, B) 20 (27) Applications (VDM, B) 14 (20) Security (Event-B, Z, SPIN) 4 (5) Impl. Techniques Analysis (JML) 6(14) Verification (JPF) 5 (6)

2009/11/06 19 Fuyuki Ishikawa @ TFM 2009

Statistics on Lecture Courses

For the 3rd students (30)

slide-20
SLIDE 20

2009/11/06 20 Fuyuki Ishikawa @ TFM 2009

Statistics on Graduation Studies: Methods

Series Method/Tool

  • Num. of Studies

Model Checking SPIN 8 UPPAAL 2 CSP (FDR/JCSP) 3 Tool-independent 1 Formal Specs. VDM 5 Event-B 3 Impl. Techniques JML (ESC/Java2) 1 Java PathFinder 1 Combination SPIN + SMV, SPIN + JPF, VDM + SPIN, VDM + Event-B 4 28 in total on FM, among the 1st-3rd students (61)

slide-21
SLIDE 21

Classification

  • Num. of Studies

Case Study 6 Domain-Specific, Finer-Grained Support 11 Bridging Gaps between Different Methods/Tools 7 Extension of Methods/Tols 4

2009/11/06 21 Fuyuki Ishikawa @ TFM 2009

Statistics on Graduation Studies: Types

28 in total on FM, among the 1st-3rd students (61)

slide-22
SLIDE 22

VDM is so popular (next to SPIN), which could be surprising?

Because of the Japanese companies: CSK (VDM Toolbox) and Sony/Felica (application to chips on so large number of mobile phones)

Many students chose Domain-Specific support

Their comments were like “I like the method/tool and found it useful, but cannot make our all colleagues learn, think over and use the general one directly”

While innovation in methods/tools is too difficult for them

As non-experts in semantics and formalisms

2009/11/06 22 Fuyuki Ishikawa @ TFM 2009

Some Note

slide-23
SLIDE 23

Reported educational activities in the Top SE project

Target engineers from Japanese industry Teach different methods/tools to recognize common principles and different approaches Involve group exercises to work on real examples, which make students consider and discuss application strategies Involve graduation studies, where students tackle problems they identify by themselves

Should be a good source of useful suggestions

Summary

2009/11/06 23 Fuyuki Ishikawa @ TFM 2009

slide-24
SLIDE 24

Thank you!

2009/11/06 24 Fuyuki Ishikawa @ TFM 2009